Last year was the 10th anniversary of the United Nations Guiding Principles on Business and Human Rights (UNGPs) The UNGPs are a leading framework for understanding the duties of states to protect those within their jurisdiction from corporations’ negative human rights impacts, the responsibility of corporations to respect human rights, and the role of states and businesses in providing remedies to the victims of human rights abuses.
At the heart of the UNGPs is the concept of human rights due diligence (HRDD). This is the process whereby corporations assess the actual and potential human rights impacts of their business operations and relationships, try to prevent and mitigate any negative human rights impacts, and communicate their actions to the relevant stakeholders. The UNGPs are “soft law,” which means that compliance with the principles of HRDD are voluntary. Unfortunately, compliance has also been limited. For example, an organization that ranks large multinational corporations’ performance on human rights matters recently found that approximately half of the 229 companies analyzed scored a zero for every indicator on the HRDD.
In response to this lackluster performance, states are starting to mandate HRDD. The rise of mandatory HRDD (sometimes referred to as mHRDD) began with the French Duty of Vigilance Act in 2017, and was followed by the Netherlands Child Labour Due Diligence Act, the German Corporate Due Diligence in Supply Chains Act, and Norway’s Transparency Act. In addition, the European Parliament has recommended that the European Commission adopt mHRDD, and Article 6 of the current draft of a United Nations treaty on business and human rights requires states to mandate HRDD.
As HRDD becomes more widespread – whether due to soft law pressures or hard law requirements – human rights advocates are increasingly concerned that adhering to it might become a mere “tick-box” exercise. These concerns reflect long-standing ones about compliance and ethics programs generally, which have been labeled “paper programs” or “cosmetic compliance.” It is well known that corporations may adopt all the trappings of an effective compliance program but fail to meaningfully implement it and instead use it to shift the blame for any misconduct from the company to “rogue” employees.
In a recent paper, The Management and Oversight of Human Rights Due Diligence, I consider the lessons from the research on compliance programs for the internal governance of HRDD. An initial question is who in a company will have responsibility for the day-to-day management of HRDD. If HRDD becomes mandatory or at least strongly encouraged, many believe that lawyers will take responsibility. If that happens, though, critics are concerned that the focus will be on form over substance and on protecting the company rather than the rights holders (as required by HRDD). In the article, I consider whether independent compliance officers would manage HRDD more effectively, and this discussion mirrors the long-running debate on whether compliance responsibilities should be independent from legal ones.
Unlike those in the legal department, compliance officers focus primarily on preventing and detecting violations and ensuring that an infrastructure exists to encourage ethical behavior. In addition, whereas lawyers tend to interpret the law to benefit the client, compliance officers take the perspective of regulators. Thus, to be effective, day-to-day control of the HRDD process fits best with a company’s compliance department, although everyone in a company – whether in legal, compliance, or other relevant departments – should work together on HRDD.
To be successful in this role, compliance officers need independence, expertise, and high status within an organization. These factors strengthen the legitimacy of the officers and their ability to capture management’s attention, which ensures that time and resources are devoted to HRDD and that other departments meaningfully, as opposed to cosmetically, implement the officers HRDD directives.
The research supporting these conclusions shows that that cosmetically implemented programs can lead a company to perform worse on environmental and social matters. For example, one study found that companies with a poor record on sustainability issues performed even worse after hiring a chief sustainability officer with no recognized expertise in the area. Apparently, these companies believed that the appearance of a commitment to sustainability protected them from criticism and allowed them to exercise less care. Additionally, this approach likely caused the program to lose legitimacy in the eyes of employees, who then responded cynically to it. Boards of directors must also play an important role in ensuring compliance, but, as studies have shown, they need to be pushed., Recent Delaware decisions that have revitalized breach of fiduciary duty claims under Caremark will encourage greater board oversight if legislation makes HRDD mandatory or other government actions, such as Withhold Release Orders by Customs and Boarder Protection, encourage some form of HRDD. Additional considerations include adding HRDD to an appropriate board committee’s charter and requiring that the board document its review of the implementation of HRDD, including reviews of appropriately designed metrics on implementation.
After 10 years of the UNGPs, policymakers are increasingly recognizing the need to mandate HRDD and not rely on market pressures. As we move in that direction, greater attention must be placed on the internal governance of HRDD to ensure effective compliance.
This post comes to us from Professor David Hess at the University of Michigan’s Stephen M. Ross School of Business. It is based on his recent article, “The Management and Oversight of Human Rights Due Diligence,” available here.