What are adverse human rights impacts costing your company?
Increasingly, executives and boards need to understand these costs and ensure they have adequate systems in place to identify and address such impacts. Management of human rights risks should be part of a firm’s overall approach to risk management.
From 2005 to 2011, I served as the UN Special Representative on Business and Human Rights. My mandate involved extensive consultations with business leaders and other stakeholders around the world. I encountered many companies that had experienced significant legal, reputational and operational costs as a result of stakeholder concerns regarding the adverse impacts of their operations.
Legal risks include exposure to claims under the Alien Tort Statute, a federal statute that allows foreign plaintiffs to bring claims against companies for involvement in the violation of certain international human rights norms. Even when these plaintiffs’ claims are ultimately dismissed, these cases are costly to litigate and may involve long-term reputational damage to the defendant. Companies may also be exposed to high-profile international advocacy campaigns, shareholder resolutions and local community protests if they fail to manage the adverse human rights impacts of their operations.
Managing risks related to social impacts may formerly have been considered purely a matter of philanthropic or public relations concern. Companies have come to realize, however, that failure to develop cross-functional strategic responses to these impacts can have devastating results. In my April 2010 report to the UN Human Rights Council (UNHRC), I referred to one company that found it had experienced a $6.5 billion ‘value erosion’ over a two-year period due to non-technical risks, including community opposition and delays in regulatory approvals. Indeed, in some industries such stakeholder-related risks constitute the single largest category of non-technical risk companies face, yet many companies do not adequately measure or manage them.
A convergence of expectations
Earlier this year, at the conclusion of my mandate, I released the UN Guiding Principles on Business and Human Rights. They provide a standard of expected conduct for companies, and the means to help firms manage human rights-related risk by adopting adequate human rights due-diligence processes.
Human rights due diligence requires companies to develop effective policies and procedures for assessing the actual and potential human rights impacts associated with their activities and business relationships, and to act upon the findings. In practice, some human rights will be more relevant than others in particular industries and operating contexts, and will therefore be the focus of heightened company attention.
Broader periodic assessments are also necessary to ensure no significant issue is overlooked. The UNHRC formally endorsed the Guiding Principles in June 2011. These principles are not just another set of voluntary standards vying for attention in an increasingly crowded space: they are authoritative UN standards around which the articulated expectations of many public and private institutions have already converged.
Broad-based support
Major business groups, including the United States Council for International Business, the International Organization of Employers and the International Chamber of Commerce, support the principles. The Organization for Economic Cooperation and Development has updated its Guidelines for Multinational Enterprises, adhered to by 42 countries, adding a chapter on human rights that explicitly draws on and is virtually identical to the UN Guiding Principles.
The International Finance Corporation (IFC) has revised its sustainability policy and the corresponding performance standards it
requires clients to meet. For the first time, these now explicitly reference businesses’ responsibility to respect human rights.
In turn, the IFC performance standards get tracked by more than 70 private sector lending institutions and by several national export credit agencies. Finally, the guidance contained in the Guiding Principles is embedded in a new social responsibility standard adopted by the International Organization for Standardization, ISO 26000.
Human rights due diligence
The Guiding Principles are intended to provide concrete and practical recommendations on how best to operationalize the ‘Protect, Respect and Remedy’ framework I first introduced in 2008. The framework is built around three pillars:
States have a duty to protect against human rights abuses by third parties, including companies
Companies have a responsibility to respect human rights
Victims of human rights abuses must have access to effective remedies.
In order to implement the ‘responsibility to respect’, the Guiding Principles propose that companies:
Develop a policy commitment to respect human rights
Assess actual and potential human rights impacts
Integrate and act upon the findings of such assessments
Track or audit how impacts are addressed
Communicate regarding how impacts are addressed.
Establishing a human rights policy: A company’s human rights policy should be endorsed by company executives and
should be available to the public. It should state the firm’s expectations of its employees, business partners and other
parties linked to its activities, and should be reflected in operational procedures throughout the organization.
Assessing human rights impacts: Companies should assess the actual and potential human rights impacts of their operations. This should include meaningful consultation with potentially affected groups and other stakeholders. External human rights experts can provide valuable assistance here.
Integration of assessment findings: Integration of human rights assessment findings is a key step in risk mitigation. Companies should ensure specific individuals have responsibility for addressing adverse impacts, and that corporate policies and standards are integrated into oversight mechanisms and decision-making processes.
The steps a company should take to address adverse impacts depend on whether the company causes the impacts,
contributes to them or is involved through its business relationships. Appropriate responses will also depend on how much leverage the company has to address the impacts. When a firm does not have leverage to prevent or mitigate adverse impacts caused by a business partner, it should consider ending the relationship, taking into account credible assessments of the potential human rights impacts of doing so.
Tracking how impacts are addressed: Human rights issues can be integrated into audits, performance reviews and on-the-ground grievance mechanisms. Tracking should use both qualitative and quantitative indicators, and should draw on the feedback of both internal and external stakeholders. Companies should take particular care to track their impacts on marginalized or vulnerable populations.
Communicating with stakeholders: Implementing proper human rights due diligence requires policies and processes by which companies can both know and show that they respect human rights. ‘Showing’ may involve communication through direct consultations, published reports and other mechanisms. More formal reporting should be used when there are risks of severe human rights impacts.
In the area of business and human rights, legal norms are evolving and a more focused set of social norms has taken hold at the international level, with consequences for non-compliance. Boards should ensure their companies are meeting these heightened expectations and requirements. Human rights due diligence is a critical tool for companies seeking to manage the risks of adverse human rights impacts to their businesses and to affected communities.