The changing tide: understanding human rights for business

Globally, we are seeing a wave of regulation shifting the corporate responsibility to respect human rights from ‘soft’ to ‘hard’ law.

Today’s complex global supply chains are being stressed as governments push businesses to restructure supply chains, shifting production away from geopolitical rivals to friendly powers or ‘friendshoring’. At the same time human rights are increasingly seen as critical risks to supply chain resilience and businesses’ bottom line.

Below, we discuss recent regulatory trends requiring businesses to manage and disclose their impacts on human rights and consider how evolving business and human rights regulation globally will impact on Australian businesses.

What does business have to do with human rights?

Human rights are basic entitlements that range from fundamental rights (like the right to be free from slavery) to rights that ensure an appropriate standard of life (like rights at work). The responsibility of businesses to respect human rights (alongside the duty of States to protect human rights) is set out in the United Nations Guiding Principles on Business and Human Rights (UNGPs).

For Australian businesses, requirements to report on human rights risks are not a new phenomenon. Following the introduction of the Modern Slavery Act 2018 (Cth), many Australian businesses have developed systems to identify and manage modern slavery risks both in their operations and across their supply chain.

In the first half of this year, the Federal Government is expected to respond to the recommendations of the statutory review of the Modern Slavery Act which were published last year. This is likely to include imposing an obligation on reporting entities to establish a due diligence system to identify and assess modern slavery risks.

In other jurisdictions, we are seeing regulators impose extensive requirements on businesses to manage human rights risks arising in their operations and supply chain, currently given effect through a range of domestic legislation. In Europe, the EU’s landmark proposal for a Corporate Sustainability Due Diligence Directive (CSDDD) – which would introduce EU-wide human rights due diligence obligations for certain EU and non-EU companies – has been delayed again following objections from Germany, Italy and other member states.

This setback came despite considerable lobbying in support of the CSDDD by major businesses operating in the EU. Earlier this month, a coalition of 26 companies published a joint statement urging Germany to vote in favour of the CSDDD text agreed late last year. Italian companies have similarly lobbied the Italian government in support of the draft Directive. For those organisations already reporting on their human rights risks under a patchwork of domestic legislation, EU-wide regulation is an attractive measure to level the playing field and to create consistency.

Whether or not the CSDDD is ultimately passed, the EU’s Corporate Sustainability Reporting Directive (CSRD), which came into effect on 1 January 2024 and is being implemented progressively over the next few years, will require regulated entities (including some Australian businesses) to identify and report on their material human rights impacts. Impact materiality assessments in accordance with the CSRD reflect the first step of human rights due diligence as set out in the UNGPs – to identify and assess actual and potential human rights impacts that the business may cause, contribute to, or be directly linked to through its operations, value chain and downstream business relationships. Given this, impacted businesses that have in place effective human rights due diligence processes aligned with the UNGPs will be well positioned to report on social impacts in line with the CSRD.

These developments reflect a tide of emerging human rights regulation globally, centred around mandatory human rights due diligence obligations for business. While the EU debates the merits of uniform human rights due diligence regulation in the form of the CSDDD, business will have to continue to manage the patchwork of national human rights due diligence regulation. 

For more information on the range of regulation see our table below.

What does this mean for Australian businesses?

Australian businesses are already feeling the trickle-down impacts of business and human rights regulation in other jurisdictions. Many are being asked to design and implement sophisticated human rights due diligence systems to enable overseas customers, shareholders and parent-companies to meet regulatory requirements in Germany, the US and elsewhere. Human rights due diligence differs from traditional due diligence since it requires businesses to identify, assess and address risks to people in their operations and supply chain, rather than risks to the business.

In the coming years these issues will become increasingly material for Australian businesses with global value chains and operations across numerous jurisdictions, as they are likely to be caught by a combination of ‘soft’ and ‘hard’ law addressing businesses’ impact on human rights.

Some of the key impacts for Australian businesses include:

• Access to global markets will increasingly be dependent on businesses’ ability to meet the standards of the UNGPs, which underpin existing and emerging business and human rights regulation. This is particularly relevant for Australian businesses whose supply chains include products and commodities considered high risk for adverse human rights impacts such as batteries, solar panels, timber, critical minerals like cobalt, nickel and copper, and some textiles and agricultural products. These businesses are likely to be exposed to significant compliance requirements if they are trading or operating in the EU or US.
  
  
• Increased compliance burdens for large Australian businesses that are subject to business and human rights regulation in jurisdictions where they have operations. Regulated entities are also increasingly asking Australian businesses operating within their value chain to implement human rights due diligence in order to support the regulated entity's compliance with applicable business and human rights regulation. Australian businesses may be required to expand existing modern slavery risk management systems to include a broader range of human rights to meet the requirements passed on by business partners. Others will be required to adapt existing risk management frameworks designed to manage ‘risk to business’ to encompass ‘risks to people’, including human rights risks. Developing a risk management framework supported by an appropriate due diligence system that encompasses risk to people and risk to business will often also require investing in internal capacity-building.
  
  
• Exposure to legal liability increases as businesses expand their disclosures on human rights risks. We have seen a growing number of enforcement actions in Australia and abroad brought against companies accused of ‘greenwashing’ by misrepresenting the company’s environmental impacts in its public statements. Increasing human rights due diligence and disclosure requirements may heighten the risk of ‘bluewashing’, which refers to companies making misleading disclosures regarding their human rights risks or impacts. It is critical that businesses have in place robust processes to meet their public human rights commitments and reporting requirements.

Technical compliance in one jurisdiction will not necessarily protect against legal, reputational and operational risks that may arise in another. Navigating the complex web of voluntary and mandatory business and human rights regulation requires a deep understanding of stakeholder expectations, the international human rights landscape, the direction and pace of change of national and regional business and human rights regulation, and the gaps that exist between all three.

Business and human rights regulation: the current state of play

Jurisdictions implementing human rights regulation are typically adopting one of the following regulatory models:

• Transparency regimes. These require companies to make mandatory disclosures on human rights issues (e.g. modern slavery) against prescribed reporting criteria. Compliance with transparency regimes will often require businesses to establish processes for data collection and to integrate human rights risks into their existing risk management frameworks.
  
  
• Customs and import bans. These prohibit the importation or sale of specific products or commodities, typically where those products or commodities are deemed to be high risk for human rights impacts (e.g. products likely to have been made with forced labour). These measures typically place the onus on businesses to establish that products or commodities with potentially severe human rights impacts were procured or produced in a responsible manner. This in effect requires the business to undertake due diligence to demonstrate that human rights risks were identified, assessed and managed appropriately to ensure compliance with the relevant regulations.
  
  
• Mandatory Human Rights Due Diligence (mHRDD) obligations. These impose obligations on businesses to implement systems and processes to identify, assess and manage actual and potential human rights risks and impacts. These due diligence obligations have flow on effects for the value chain as entities caught by mHRDD regulation are increasingly incorporating human rights due diligence in their investment decisions and traditional corporate due diligence, as well as imposing due diligence requirements on their suppliers and business partners.

The table below illustrates the jurisdictions that have adopted each of the three models:

Transparency regimes Currently in place: UK – Modern Slavery Act 2015 Canada – Fighting Against Forced Labour and Child Labour in Supply Chains Act EU –Corporate Sustainability Reporting Directive (CSRD) Proposed regulations: New Zealand - Modern Slavery Act

Customs / imports bans Currently in place: U.S. – Tariff Act of 1930 and Uyghur Forced Labor Prevention Act Canada – Customs Tariff Act and Fighting Against Forced Labour and Child Labour in Supply Chains Act EU – Deforestation Regulation (coming into effect 30 June 2024) Proposed regulations: EU - Forced Labour Ban

Mandatory Human Rights Due Diligence Currently in place: France – Duty of Vigilance Law Germany – Supply Chain Due Diligence Act Norway – Transparency Act Proposed regulations: EU – Corporate Sustainability Due Diligence Directive (CSDDD) (currently stalled) South Korea: Act on Human Rights and Environmental Protection

For businesses operating in or trading into any of these jurisdictions, it is important to understand how these regimes may impact your operations, supply chain and business relationships.

There are also several areas of overlap between these three models of regulation. For example, although some customs and imports bans have a limited application to specific products or commodities, some also create mandatory due diligence obligations. The EU Deforestation Regulation (Regulation) establishes due diligence and reporting obligations for businesses of any size that import into or export from the EU (operators) or make available on the EU market (traders) goods that contain, are made using, or fed with cattle, cocoa, coffee, palm oil, rubber, soya and wood. Operators and traders caught by the Regulation are required to establish a due diligence system which assesses the goods for deforestation risk using 14 prescribed criteria.

In the context of human rights, the Regulation requires that operators and traders collect substantial data, conduct due diligence and risk assessments, and adopt risk mitigation measures to ensure regulated goods are not produced in breach of applicable domestic laws implementing internationally recognised human rights and labour standards before they are exported from, imported to, or traded on, the EU market. These standards include the principle of free, prior and informed consent (FPIC) as set out in the UN Declaration on the Rights of Indigenous Peoples (UNDRIP).

It is notable that the Regulation, which is directed at curbing degradation and destruction of the world’s forests for industrial and agricultural production, has essentially embedded a human rights due diligence requirement. This inclination for regulators to combine environmental and human rights due diligence is reflected in a range of other environmental, social and governance (ESG) frameworks focused on environmental issues including climate change, biodiversity risk and nature-related loss, as well as in sustainable finance taxonomies. For example:

• in order to be classified as environmentally sustainable under the EU Taxonomy Regulation, activities or assets must (among other things) comply with minimum social safeguards, which reference the international standards of responsible business conduct set out in the UNGPs and the OECD Guidelines for Multinational Enterprises (OECD Guidelines);
  
  
• the UK's Transition Plan Taskforce’s Disclosure Framework requires entities using carbon credits to disclose whether and how they identify and manage impacts on society, their stakeholders and value chain, which may include human rights risks identified through human rights impact assessments; and
  
  
• the Australian Sustainable Finance Institute (ASFI) has recommended that minimum social safeguards in an Australian taxonomy should align with internationally recognised responsible business conduct standards in the UNGPs and OECD Guidelines.

The intersection between environmental and human rights harms caused by business activity, and increasing requirements to meet international human rights standards and implement human rights due diligence, require businesses to ensure effective integration of their risk management and compliance frameworks.

What steps should businesses take now?

Looking beyond regulatory trends, the best way to position your business for success in a market where human rights risks are increasingly material to the bottom line is to ensure the business is adhering to the standard of conduct set out in the UNGPs.

The costs of failing to meet the high-water mark of business and human rights risk management and disclosure can be significant, and include loss of investment opportunities, reduced access to capital, increased operational costs and delays and exposure to shareholder activism and litigation.

The benefits derived from demonstrating a strong commitment to respecting human rights, however, are equally significant. Proactive engagement with rightsholders, understanding and managing human rights risks and impacts can position businesses for long-term success.

Operationalising a commitment to respect human rights in accordance with the UNGPs and navigating regulatory requirements is a challenging task for businesses of any size, and seeking specialist legal advice is imperative.