As the fifth anniversary of the entry into force of the UK Modern Slavery Act 2015 approaches, there are early indications that the UK business and human rights framework could be further bolstered by the creation of a new offence of failing to prevent human rights breaches. This Alert discusses what this type of legislation might look like, as reflected in a recent proposal.
The Current UK Corporate Human Rights Legal Framework
Thousands of companies doing business in the United Kingdom already are required to comply with the UK Modern Slavery Act. The UK MSA requires companies doing business in the UK with annual revenues of at least £36 million to publish on their website a statement indicating the steps they took during their most recently completed fiscal year to ensure slavery and human trafficking are not occurring in their business or supply chains. The UK MSA is a disclosure-only regulation, meaning that it does not require companies to adopt particular policies, procedures or other compliance measures to address modern slavery. Rather, it only requires companies to describe what they are (or in some cases are not) doing to address modern slavery. As articulated in the Home Office’s guidance, “The provision seeks to create a race to the top by encouraging businesses to be transparent about what they are doing, thus increasing competition to drive up standards.” The UK MSA is discussed in more detail in our earlier Alerts, including, among others, those here, here and here.
Of course, there are various other UK legal instruments that address human rights issues, including criminal statutes relating to modern slavery and other prohibited conduct. However, these statutes generally are not specific to corporate conduct and/or limited to human rights and are therefore not typically thought of as corporate human rights legislation. In addition, these instruments are typically not of direct legal concern to most corporates, since violations usually involve conduct of unaffiliated persons, such as direct or indirect suppliers, for which the corporate typically does not have liability.
What Is Proposed?
In a report published on 11 February, the British Institute of International and Comparative Law (BIICL) has taken forward a suggestion made in 2017 by the UK Parliament’s Joint Committee on Human Rights that “failure to prevent” offences already in place in respect of bribery and the facilitation of tax evasion could be replicated in respect of human rights. The report advocates the introduction of new legislation modelled on the corporate offence under section 7 of the UK Bribery Act 2010 (UKBA). The provision proposed in the report includes the following elements:
- Subject companies would be required to take reasonable steps to prevent human rights harms in their own activities and those of their business relationships. The standard of care would be dependent on the facts and circumstances, including the degree of leverage that the company has.
- The duty would require subject companies to prevent human rights harms by their foreign subsidiaries.
- The duty would extend to harms in the entire value chain, regardless of where they occur.
- “Human rights” would be widely defined to include all internationally recognized human rights, with the definition to be set forth on a Schedule.
- The duty would apply to companies of all sizes, including SMEs. It also would apply regardless of sector. However, the due diligence processes required would be proportionate to the company’s size and the complexity of its operations.
- A company could at a minimum be held liable for monetary damages to affected persons for failure to exercise its duty under the provision. A company would not have liability if it exercises reasonable due diligence in the context of the circumstances.
How Would the New Legislation Differ from Other Failure to Prevent Offences?
The crucial difference between the failure to prevent offences already on the statute book and the one proposed in the report is that the latter would not have criminal sanctions attached to it. In this respect, it is also materially different from the proposals for the widening of the failure to prevent offences already in place in respect of bribery and facilitation of tax evasion to cover economic crime more generally that have periodically been mooted in the UK (but that have not as yet crystallised into any concrete legislative proposals).
Acknowledging the practical difficulties enforcement authorities would be likely to face in allocating responsibility for investigating and prosecuting a criminal offence, the report concludes that a more useful remedy for those affected by human rights would be to provide them with a civil right of action (thereby strengthening and consolidating various current fragmentary remediation arrangements into one state-based system). It proposes that this could be buttressed by a specific power for courts to order companies to take preventative steps, or to stop doing or to do certain activities (including conducting additional due diligence).
(How) Will the Proposals Progress in the UK?
The UK government has not yet issued a formal response to the BIICL proposals and there are currently no plans for legislation to be brought forward in the UK. Any legislation introduced in Parliament will undoubtedly differ in at least some respects from the proposals set out in the report. However, there is significant potential for the proposals to gain momentum in an environment where there is movement towards corporate human rights legislation across many jurisdictions. In addition, large companies are publicly committing to stakeholder capitalism and investors are becoming more focused on human rights risks as part of their integration of Environmental, Social and Governance factors into investment decisions and ongoing engagement.
Which Action May UK Enforcement Authorities Take Under Existing Legal Frameworks in Relation to Corporate Failures to Prevent Human Rights Breaches?
UK criminal and regulatory enforcement authorities may not necessarily need to wait for new legislation in order to take action based on failures by corporate organisations to prevent human rights breaches. As the report notes, in some circumstances, conduct that would fall within the ambit of the proposed new offence may amount to the commission of an offence under the UKBA (whether by the corporate organisation concerned or individuals within it).
There are also already alternatives to the use of the criminal law to tackle corporate failures to prevent human rights breaches. For example, with effect from April 2017, the Criminal Finances Act 2017 amended the civil recovery provisions of the Proceeds of Crime Act 2002 to give enforcement authorities the power to seek to recover the proceeds of certain companies’ involvement in “gross human rights abuses or violations.” This potentially powerful tool, which would only require relevant facts to be proved to the civil standard (i.e., more likely than not) rather than the criminal standard (i.e., beyond reasonable doubt) has not yet been used in any reported cases.
Finally, specialist regulators, in particular the Financial Conduct Authority in respect of financial services firms and the Financial Reporting Council in respect of auditors and others responsible for companies’ reporting and corporate governance arrangements, have considerable discretion about when to take enforcement action using their flexible principles-based frameworks. Their assessments of organisations’ cultures and values are increasingly determinative of whether they take enforcement action and the magnitude of any penalties imposed.
How Have the UK Courts Approached These Issues?
Although any new legislation that would impose liability on UK-based companies for failure to prevent human rights breaches is still some way off and other existing criminal and regulatory frameworks have not yet been used for this purpose, the UK courts have recently considered questions about companies’ responsibilities to uphold human rights standards.
In 2019, in Vedanta Resources PLC and another (“Defendants”) v Lungowe and others (“Claimants”)  UKSC 20, the UK Supreme Court found that in some circumstances a UK incorporated parent company may owe a duty of care in respect of the activities of its overseas subsidiaries where groupwide policies are implemented and administered by the parent. In doing so, it indicated that the Court’s task when assessing companies’ liability is to determine the degree of management and control of the parent company over the subsidiaries’ activities.
How Would Corporates Take Reasonable Steps to Prevent Human Rights Breaches?
If the proposals currently mooted pass into law, a key task for the UK government would be to issue guidance akin to that produced under the failure to prevent offences currently in force in the UK. That guidance would need to provide further detail on the degree of involvement companies should have in the affairs of companies within their groups and supply chains. The principles-based “adequate procedures” guidance published in relation to the UKBA received a mixed reaction when it was released. Whilst it would clearly not be possible to provide prescriptive indications of what would amount to compliance, there would likely be significant pressure for more granular detail than is currently provided in relation to the existing failure to prevent offences.
What About Other Legislation and Jurisdictions?
The BIICL proposals are but one development in UK corporate human rights legislation that bears watching. In 2018, the UK Government commissioned an independent review of the UK MSA. That review was completed last year. In response to the review, the UK Government has indicated that it will consider possible amendments to the UK MSA, including whether (1) the currently suggested disclosure topics should be mandatory, (2) a single statement deadline is appropriate and (3) additional enforcement mechanisms, such as monetary penalties, should be added. In addition, in 2019, civil society organizations in the UK launched a campaign calling for mandatory human rights due diligence.
Beyond the UK, additional legislation requiring human rights due diligence is likely to be adopted in the next few years. The French corporate duty of vigilance law, which requires human rights due diligence by a small number of large French companies, took effect in 2017. Since that time, there have been calls across several additional jurisdictions, including at the EU level, for legislation that would make human rights due diligence mandatory for a much larger number of companies. Some of these initiatives are discussed in our earlier Alerts here, here and here. There also are various proposals around the world relating to disclosure-only corporate human rights legislation.
It is difficult to speculate what the specifics of new corporate human rights legislation will look like in the next few years. However, although the specifics may be cloudy, there is absolute clarity that requirements and expectations will increase and corporates will have more legal accountability for human rights issues.
About Our Practice
Ropes & Gray has a leading ESG, CSR, business and human rights and supply chain compliance practice. We offer clients a comprehensive approach in this subject area through a global team with members in the United States, Europe and Asia. In addition, senior members of the practice have advised on these matters for almost 30 years, enabling us to provide a long-term perspective that few firms can match.
For further information on the practice, click here.
Please click here to visit our CSR and Supply Chain Compliance website.
Stay Up To Date with Ropes & Gray
Ropes & Gray attorneys provide timely analysis on legal developments, court decisions and changes in legislation and regulations.
Stay in the loop with all things Ropes & Gray, and find our more about our people, culture, initiatives and everything that’s happening.
We regularly notify our clients and contacts of significant legal developments, news, webinars and teleconferences that affect their industries.