The Corporate Responsibility to Respect Human Rights

Late last month, the latest report under my mandate as Special Representative of the U.N. Secretary General on business and human rights was released in advance of the June session of the U.N. Human Rights Council (Council). This is my last interim report before I submit my final recommendations next year. In this posting I share the report’s discussion on the corporate responsibility to respect, the second pillar in a policy framework I proposed, and which the Council unanimously welcomed, for better managing business and human rights challenges. In particular, I focus on the links between human rights due diligence – a key process for companies to know and show that they respect human rights – and legal compliance, including with corporate governance and securities laws.

Background on the UN Protect, Respect and Remedy Framework

In 2008, the Council extended my mandate until 2011, tasking me: to “operationalize” the U.N. “Protect, Respect, Remedy” framework (U.N. Framework) for business and human rights through concrete guidance and recommendations to states, businesses and other actors; and to “promote” the U.N. Framework, coordinating with relevant international organizations and other stakeholders.

The U.N. Framework rests on three distinct yet complementary pillars: the state duty to protect against human rights abuses by third parties, including business, through appropriate policies, regulation, and adjudication; the corporate responsibility to respect human rights, which means to act with due diligence to avoid infringing on the rights of others; and greater access by victims to effective remedy, judicial and non-judicial.

My new report describes how the U.N. Framework has already enjoyed considerable uptake, interacting with a range of processes well beyond the United Nations itself. These include the ISO26000 standard on social responsibility, the updating of the OECD guidelines for multinational enterprises, the International Finance Corporation revision of their Performance Standards, work with 19 leading law firms from around the world on how human rights considerations are addressed in corporate law across 40 jurisdictions, as well as road-testing of company-based grievance mechanisms by leading companies in China, Colombia, Russia, South Africa and Vietnam.

Corporate responsibility to respect, human rights due diligence and legal compliance

The report explains that the term “responsibility” to respect rather than “duty” is meant to indicate that respecting rights is not an obligation current international human rights law generally imposes directly on companies, although elements may be reflected in domestic laws. At the international level it is a standard of expected conduct acknowledged in virtually every voluntary and soft-law instrument related to corporate responsibility, and now affirmed by the Council itself when it endorsed the U.N. Framework.

The corporate responsibility to respect human rights means to avoid infringing on the rights of others, and addressing adverse impacts that may occur. It applies to all companies in all situations. As a joint statement by leading business associations including the International Chamber of Commerce made very clear, it exists even if national laws are poorly enforced, or not at all.

My 2008 and 2009 reports to the Council elaborate on the scope and content of the corporate responsibility to respect, including where companies should look for an authoritative “list” of internationally recognized rights. The 2010 report provides further guidance on these elements, but what it also does, and what I trust will be of interest to you as corporate governance experts, is further unpack the human rights due diligence process and highlight its interplay with legal compliance.

Human rights due diligence is a potential game changer for companies: from “naming and shaming” to “knowing and showing.”  Naming and shaming is a response by external stakeholders to the failure of companies to respect human rights. Knowing and showing is the internalization of that respect by companies themselves through human rights due diligence.

As you know, companies routinely conduct due diligence to satisfy themselves that a contemplated transaction has no hidden risks. Starting in the 1990s, companies added internal controls for the ongoing management of risks to both the company and stakeholders who could be harmed by its conduct — for example, to prevent employment discrimination, environmental damage, or criminal misconduct.

Drawing on the features of well-established practices and combining them with what is unique to human rights, I have laid out the basic parameters of a human rights due diligence process. Because this process is a means for companies to address their responsibility to respect human rights, it has to go beyond simply identifying and managing material risks to the company itself, to include the risks a company’s activities and associated relationships may pose to the rights of affected individuals and communities.

But one size does not fit all in a world of 80,000 multinational corporations, ten times as many subsidiaries and countless national firms, many of which are small-and-medium-sized enterprises. My aim is to provide companies with universally applicable guiding principles for meeting their responsibility to respect human rights and conducting due diligence, recognizing that the complexity of tools and the magnitude of processes they employ necessarily will vary with circumstances.

Considered in that spirit, human rights due diligence comprises four components: a statement of policy articulating the company’s commitment to respect human rights; periodic assessments of actual and potential human rights impacts of company activities and relationships; integrating these commitments and assessments into internal control and oversight systems; and tracking as well as reporting performance. Company-level grievance mechanisms can contribute in two ways: under the tracking and reporting component of due diligence they provide the company with ongoing feedback that helps it identify risks and avoid escalation of disputes; they can also provide remedy, a means of alternative dispute resolution.

Should companies bother? And is any of this relevant to you as corporate governance specialists? My report suggests a resounding “yes” to both questions, for three reasons.

I’ve already noted the first: due diligence can be a game changer for companies. Knowing and showing is necessary for companies to demonstrate they respect human rights. If they don’t know, and can’t show, their claim is just that — a claim, not a fact.

Second, human rights due diligence can help companies lower their risks, including the risk of legal non-compliance. As my report explains, there are situations in which companies currently harm human rights and, at the same time, may be non-compliant with existing securities and corporate governance regulations. Why? Because they are not adequately monetizing and aggregating stakeholder-related risks, and therefore are not disclosing and addressing them.

Such risks stem from community challenges and resistance to company operations, typically on environmental and human rights grounds. The evidence to date comes largely from the extractive and infrastructure sectors, especially where companies operate in conflict-affected or otherwise seriously contested contexts. But such internal control and oversight gaps likely exist in other sectors as well.

Stakeholder-related risks to companies include delays in design, siting, permitting, construction, operation and expected revenues; problematic relations with local labor markets; higher costs for financing, insurance and security; reduced output; collateral impacts such as staff distraction and reputational hits; and possible cancellation, forcing a company to write off its entire investment and forgo the value of its lost reserves, revenues and profits — the last of which can run into the billions of dollars.

A Goldman Sachs study of 190 projects operated by the international oil majors indicates that the time for new projects to come on-stream has nearly doubled in the past decade, causing significant cost inflation. It attributes delays to projects’ “technical and political complexity.” An independent and confidential follow-up analysis of a subset of those projects indicates that non-technical risks accounted for nearly half of all risk factors faced by these companies, with stakeholder-related risks constituting the single largest category. It further estimated that one company may have experienced a $6.5-billion “value erosion” over a two year period from such sources, amounting to a double-digit fraction of its annual profits. These are big numbers.

What seems to be happening is that these costs are atomized within companies, spread across different internal functions and budgets, and not aggregated into a single category that would trigger the attention of senior management and boards. But when added up, some of these risks undoubtedly would count as being “material” on even the narrowest definitions, and thus also would be of interest to shareholders and could involve compliance issues under securities regulations and corporate law.  This point is supported by my work on corporate and securities law, which is discussed in Part III.C of the report under the state duty to protect.

This is a lose-lose-lose proposition: human rights are adversely impacted, serious corporate value erosion occurs, and disclosure requirements as well as directors’ duties may be implicated. Human rights due diligence can avoid all three.

Third, conducting human rights due diligence also should provide corporate boards with strong protection against mismanagement claims by shareholders. And in the context of Alien Tort Statute and similar suits, proof that the company took every reasonable step to avoid involvement in the alleged violation can only count in its favor.

Next steps

My final recommendations in June 2011 will include a set of guiding principles for the operationalization of the U.N. Framework’s distinct yet complementary and interactive elements and processes. And they will also include options for what might follow the mandate.

I continue to be grateful for the wide array of stakeholders who have engaged with and contributed to my mandate, and look forward to our continued collaboration in its last year. If you have any feedback about the report, I encourage you to send it to [email protected] for inclusion on my website. Alternatively, you may also wish to participate in an online consultation I am hosting on the corporate responsibility to respect:  http://www.srsgconsultation.org/.