Mandatory supply chain due diligence was high on the EU’s agenda throughout the course of 2020. This included the European Commission launching a public consultation to gather data on the matter and the European Parliament Committee on Legal Affairs (“JURI”) developing a recommendation for a new EU Directive on “Corporate Due Diligence and Corporate Accountability”.
Following this trend, on 27 January 2021, JURI voted overwhelmingly in favour to adopt a legislative report on corporate due diligence. As part of this, the European Commission has been asked to formulate an EU due diligence directive that both obliges companies, including financial institutions, to assess and address human rights, environmental and governance risks and impacts throughout their global value and investment chains, and holds them liable for failing to do so if their actions cause or contribute to harm.
Whilst the European Commission has delayed discussions for months, meaning that it is not set to adopt proposals until later in 2022, if enacted, this would go significantly further than current soft law instruments, such as the now decade-old UN Guiding Principles on Business and Human Rights (“UNGPs”). Reliance on voluntary implementation by businesses is clearly insufficient, given that a European Commission study published in February 2020 found that just a third of companies in the EU undertake due diligence measures in their supply chain – and far fewer across their entire value chain.
Despite this, there does appear to be business appetite for further measures, with the study published by the European Commission finding that approximately 70% of European businesses supporting EU-wide due diligence rules. Altruism aside, reasons for such support include desires for a level playing field among peers, to address the ever increasing fragmentation of the existing framework and to create legal certainty.
Regardless of the fact that the UK has now left the EU internal market, such a directive would still have wide ranging implications for businesses operating in the UK as it is highly likely that pursuant to the directive they would nonetheless need to prove compliance with such obligations in order to access the EU market. Moreover, the global trend is headed on a similar trajectory. Led by Ecuador, work and negotiations are ongoing by an intergovernmental working group, on what is intended to be a legally binding UN treaty on business and human rights. The second revised draft of this treaty was published in October 2020, and it similarly contains obligations on states to impose mandatory due diligence requirements on businesses operating within their jurisdictions.
Due diligence requirements should not be completely unfamiliar to businesses incorporated or operating in the UK. Under section 7 of the Bribery Act 2010, businesses are guilty of an offence of bribery if a person associated with them bribes another person, intending to obtain or retain a business or business advantage for them. However, such businesses are provided with a defence if they can show, on the balance of probabilities, that they had adequate procedures in place designed to prevent bribery. The Serious Fraud Office issued its first fine for a breach of section 7 against Sweett Group PLC in 2016, issuing the company with a fine of £2.25 million. The Serious Fraud Office followed this, in late 2021, by imposing a £77 million penalty against Petrofac Limited, again, for its failure to prevent bribery pursuant to section 7. Therefore, while it is not mandatory for businesses to put in place anti-bribery measures, including due diligence, it is clearly within their self-interest to do so for both financial and reputational reasons.
The UK was also the first state to implement a National Action Plan required under the UNGPs, which led to the adoption of the Modern Slavery Act 2015. Section 54 of the Modern Slavery Act requires businesses operating with a global turnover of over £36 million to publish an annual slavery and human trafficking statement which discloses any steps taken to ensure that its supply chain is free of such issues. Notably however, businesses are not required to actually undertake any due diligence in this regard and are considered compliant if they publish a statement stating that they have taken no action.
Despite such familiarity, the mandatory due diligence requirements being proposed and negotiated are extremely broad in comparison to existing legislation. For example, pursuant to article 4 of the current draft directive proposed by JURI, EU Member States would need to legislate to require that undertakings carry out ongoing due diligence with respect to human rights, environmental and governance “risks” in their operations and business relationships. Article 3 defines “risk” as any “potential or actual adverse impact on individuals, groups of individuals and other organisations in relation to human rights, including social and labour rights, the environment, and good governance”. The complexity of value chains and range of matters to review will no doubt pose challenges for businesses, especially those starting from scratch. In light of this, and the global trends discussed, diligent businesses would be wise to begin thinking about diligence early so as not to be caught off guard.