As companies seek to demonstrate the steps they’re taking to tackle abuses, such as modern slavery and discrimination, a standalone human right policy may have advantages. In-House Perspective explores what companies must consider and the role of in-house lawyers in such policies.

Companies are facing growing pressure from investors, regulators and stakeholders to clearly demonstrate their commitment to human rights. This includes by disclosing the active steps they’re taking to address a range of abuses, from child labour and slavery to racial and gender-based discrimination.

For many companies, human rights issues are packaged up as part of their environmental, societal and governance (ESG) policies. And while appropriate for some organisations, commentators point to a growing trend towards businesses having their own standalone human rights policies as a way of underlining corporate responsibility, transparency and accountability, while also ensuring compliance with legislation across multiple jurisdictions, which demands closer attention to corporates and their supply chains.

In the US, the Tariff Act, the Dodd-Frank Act and California’s Transparency in Supply Chains Act all contain stipulations as to what companies are required to do with regards to protecting human rights and preventing abuses. Several European countries also have their own national legislation in place, imposing duties on corporates to report on and/or manage human rights-related risks. Such legislation includes the UK’s Modern Slavery Act, France’s Duty of Vigilance Law and Germany’s Supply Chain Act.

But beginning in 2025 and becoming fully implemented in 2027, the EU’s Corporate Sustainability Reporting Directive (CSRD) will come into effect, forcing nearly 12,000 large companies to publish information related to the environment, societal risks, the treatment of employees, anti-corruption and bribery, and human rights.

The EU’s incoming Corporate Sustainability Due Diligence Directive (CSDDD), meanwhile, due to take effect from 2027, will put further pressure on those companies with over 1,000 employees and a worldwide turnover higher than €450m that do business in Europe to prioritise ESG reporting. This is particularly since the planned regulation will place a direct onus on boards to ensure compliance and will enable regulators to impose monetary sanctions of up to five per cent of global turnover for potential violations.

The basic obligation of the CSDDD on companies is for them to be ‘vigilant’ regarding all possible risks of negative impacts that their activities – and those of their business relationships, such as subsidiaries, subcontractors and suppliers – may have on human rights and the environment. They will also need to draw up a risk map and evaluate these risks in terms of severity.

Outside the ESG policy

Martijn Scheltema, Member of the IBA Business Human Rights Committee Advisory Board and a partner at law firm Pels Rijcken in The Hague, says a standalone human rights policy can give a company more assurance that the necessary legal and compliance requirements are being met because it’ll be easier for the organisation to demonstrate what controls and procedures are in place to identify potential abuses, as well as trace where such abuses have occurred or where any ‘red flag’ areas will probably be.

‘ESG policies can work for a lot of companies,’ says Scheltema. ‘The problem is that not many companies get the “S” part right […] instead, ESG policies tend to focus on environmental reporting and climate change risks, and human rights issues often get lost in the detail or are ignored.’

However, Scheltema says human rights policies are not always drawn up by in-house legal functions. Instead, they are created by those with responsibility for sustainability programmes and/or key operational areas within the business that have direct exposure to human rights risks and focus more on aspirational aims than legal requirements. And because they don’t have any input from in-house lawyers from the start, they often fall short in terms of compliance.

Another common problem, he says, is that many policies rely on putting the onus on suppliers to guarantee that human rights are protected throughout the supply chain, with little effort or oversight conducted by the company itself. ‘Putting all the risk for human rights abuses on suppliers rather than collaborating with them to root out and remedy problems has shown itself to be deficient,’ he says. ‘However, many companies still use such measures as a way of trying to protect themselves.’

Another major concern, he says, is that many policies are geared towards preventing human rights abuses going forward. ‘There is no detail about what steps the company might take to remedy the impact of past behaviour or take responsibility for it. This will need to change.’

Crafting a human rights policy

Nate Lankford, a Member of the IBA Business Human Rights Committee Advisory Board and leader of law firm Miller & Chevalier’s Business & Human Rights Practice Group in Washington, DC, also believes a standalone policy provides several key benefits. For a start, it shows regulators and other stakeholders that the company has a strong commitment to respecting human rights, and it can facilitate engagement with stakeholders about how the company identifies, prioritises and mitigates such risks, as well as how it approaches remedy for abuses. It can also help to clarify accountability among senior managers and board members for effectively overseeing and managing the company’s human rights due diligence initiatives.

However, Lankford says standalone policies may fall flat if boards and senior management don’t understand what ‘human rights’ and ‘due diligence’ actually mean in the context of their industries and operations. ‘If human rights policies are simply drafted by subject matter experts and are put before senior management or a board committee to sign off, they may lack crucial input,’ says Lankford. ‘What should happen is for executives and boards to first be equipped with information on the company’s human rights risks, common industry practices and regulator expectations for structuring human rights policies, practical implications of human rights commitments, and the range of stakeholders who should be consulted in developing a human rights policy, so they can effectively oversee the policy’s development and implementation.’

He adds that, with such information, executives and boards can help ensure that a human rights policy serves its primary purpose – to manage risks of harm to people – in addition to mitigating risks to the business.

Daisuke Takahashi, Co-Chair of the IBA Business Human Rights Committee and a partner at law firm Shinwa Law in Tokyo, also believes ‘in-house lawyers can make an enormous contribution in making sure the company’s human rights policy is not just aspirational, but that it actually identifies, mitigates and remedies human rights abuses’.

But he says one of the ‘traps’ many companies fall into is that they look at existing templates of human rights policies that other companies of similar size or industry use and try to follow suit by copying them. ‘What would be better,’ says Takahashi, ‘is if senior management looked at their business models, assessed how their operations impacted human rights, and tailored the human rights policy to their bespoke risks and unique situation instead of trying to make a ready-made policy fit their circumstances.’

Elise Groulx Diggs is a Member of the IBA Business Human Rights Committee Advisory Board, an international barrister and mediator affiliated with Georgetown Law in Washington, DC and Chair of the Business and Human Rights Initiative of the American Bar Association Center for Human Rights. She says that, to ensure success, a company has to live up to the standards of its own human rights policy in the same way a country would honour its own constitution. ‘It has to be that important,’ she says. ‘The policy will be meaningless if the company that put it together can’t live up to it.’

Groulx Diggs says in-house lawyers have a strong role to play in devising and creating innovative mechanisms for enforcing the policy. ‘In-house counsel needs to be involved from the start when the policy is being drafted to ensure that accountability is at the forefront of the document,’ she says. ‘This policy has to be part of the key governance instruments of a company’ and its board needs to buy into it, ‘confirming their commitment to be held responsible and accountable for its actions.’

She adds that in-house lawyers should ensure that the company uses external legal expertise to help draft the document so that ‘it lives up the spirit of best practice documents and complies with key legislative and reporting requirements around the world, particularly in the US, UK and Europe’.

Kevin O’Callaghan, Member of the IBA Business Human Rights Committee Advisory Board and a partner at law firm Fasken Martineau DuMoulin in Vancouver, says in-house lawyers play two important roles when it comes to establishing and implementing a human rights policy. Firstly, in-house legal helps co-ordinate the various functions and groups within a company – such as procurement, compliance, health and safety, and operations – who need to be involved at both the policy development and implementation phases. Secondly, in-house counsel establish an ongoing ‘culture of compliance’ around the policy. ‘Unlike many corporate functions, in-house legal usually touches every area of the business,’ says O’Callaghan. ‘This gives in-house lawyers the opportunity to bring the policy to bear in their work, on a daily basis, to ensure that the aims and commitments in the policy are achieved.’

For Rae Lindsay, Member of the IBA Business Human Rights Committee Advisory Board and a partner at Clifford Chance in London, there are several ways in-house counsel can add to the process of promoting the need for a standalone human rights policy within an organisation. Firstly, in-house lawyers can look at the business opportunities that a standalone policy can provide for the organisation. ‘Be solutions-orientated,’ she says. ‘Explain to the board how a standalone policy can win over investors, customers, regulators and other stakeholders. Demonstrate how it could give the organisation an edge over its competitors and explain the business case.’ Such advantages include there being less likelihood of breaking the law; less likelihood of being fined; and more chance of retaining customers by protecting the brand and corporate image, ‘demonstrating real efforts to ensure the business is aware of and addresses adverse human rights impacts it may be involved in,’ she says.

Secondly, in-house lawyers can show where human rights risks and legal risks intersect, which means the legal function can not only identify emerging problems more readily, but can provide more assurance that procedures, controls and policies are in place – or ought to be established – to manage these risks appropriately. ‘The key is for in-house lawyers to show that a standalone human rights policy is not only the right thing to do but also makes commercial sense rather than being viewed as a compliance cost. Highlighting risks without highlighting opportunities isn’t what executives are looking for,’ she says.

The character of a policy

Chris Pigott, a partner at law firm Fasken Martineau DuMoulin in Toronto, says a key challenge when setting up a standalone corporate human rights policy is balancing the understandable business desire to set broad, aspirational human rights-related goals with practical considerations related to the company’s particular operations and circumstances, as well as implementation challenges. 

‘From the moment the company decides to establish a corporate human rights policy, it must constantly ask itself a few important questions,’ says Pigott. ‘Do the human rights standards and goals we are adopting make sense in light of our business’ operations and footprint? Do we have the internal processes and people in place to implement the commitments we are making, or are internal changes necessary? How will adopting a human rights policy impact our business relationships with customers, suppliers, and the other third parties we do business with?’

Pigott believes a strong human rights policy typically includes several key features. Foremost, the policy needs to be based on widely accepted, well-established standards that provide a clearly defined framework to guide corporate action. The policy also needs to identify concrete and specific goals, principles and actions that the company commits to adopt and take. Another key aspect is that the policy clearly defines the scope of its application to the company’s activities, operations and supply and value chains, while also ensuring that it’s integrated with other relevant company policies and processes, for example, a code of ethics, a corporate code of conduct, and/or a corporate social responsibility (CSR) standard. And crucially, says Pigott, the policy must be endorsed at the most senior level of the company and it’s key that it establishes who’s accountable for implementation and monitoring.

He adds that it makes sense for companies that operate within industries with higher human rights sensitivities to have a standalone human rights policy. ‘Among other reasons, having a standalone policy often allows the company to more effectively assign accountability and implementation responsibilities to designated functions or leaders within the company. This way, you are not just “tacking on” human rights responsibilities to a function that may not be best positioned to implement the policy,’ he says. 

The impact of ‘soft’ law Some commentators query whether standalone human rights policies that seek to comply with ‘hard’ laws produce the desired results, as opposed to trying to follow ‘soft laws’ such as the UN’s Guiding Principles on Business and Human Rights (the ‘UNGPs), the OECD’s Guidelines for Multinational Enterprises on Responsible Business Conduct and the International Labor Organisation’s (ILO) Tripartite Declaration of Principles concerning Multinational Enterprises and Social Policy (the ‘ILO MNE Declaration’), which endorse best practices and encourage companies to consider how they can and should live up to their principles, rather than simply complying to avoid prosecution. Stéphane Brabant, a Member of the IBA Business Human Rights Committee Advisory Board and Senior Partner of Trinity International in Paris, believes ‘soft law’ solutions, as reflected in authoritative international instruments such as the UNGPs and the OECD Guidelines for Multinational Enterprises, are a very effective way forward because they’re international standards that apply to all companies globally, regardless of their activities, size or places of business. ‘There is an increasing amount of legislation and court decisions that refer to such soft law, including in litigation between companies and victims, and in international investment arbitration. One should also note the hardening of these soft laws, as well as their widening application to environmental and climate change,’ he says. “There is an increasing amount of legislation and court decisions that refer to soft law, including in litigation between companies and victims Stéphane Brabant Member, IBA Business Human Rights Committee Advisory Board Conversely, Brabant believes ‘hard law’ that incorporates only duties on reporting, but without a requirement for mandatory due diligence, ‘can lead to “tick-box” compliance, with the result that companies have the tendency to ‘just do the bare minimum to avoid breaking the law’. Hard law with due diligence requirements, as well as soft law equivalents, meanwhile, ‘have proved to help companies to change their mindset and have a better respect for human rights in their activities and all through their value chain,’ he says. As an example, Brabant says legislation that aims to stop child labour must be considered with care. In some instances, it needs to consider context on a case-by-case basis and assess the best interests of the child. ‘Child labour may often be a necessity for families to survive. A simple zero-tolerance policy – firing employed children and terminating suppliers – can harm the very children that legislation seeks to protect,’ he says. ‘A transition that aims for gradual improvement that takes into account both livelihood and access to education is important to avoid harm, ideally via remediation programs that finance access to schools.’ A key point, explains Brabant, is that children should at least never be employed full-time at the expense of their education, and they shouldn’t be made to work where they may suffer harm, such as working with dangerous materials or in hazardous premises. ‘Some companies may have actually contributed to child prostitution and trafficking by reacting too quickly in complying with superficial, zero-tolerance attitudes to child labour in the supply chain, which means they might have caused a bigger problem than the one they’ve tried to solve’, he says. ‘Businesses should partner with NGOs [non-governmental organisations] and states and consider a “cut and run” approach only as a last resort [and additionally] always ensure a responsible exit.’ Lindsay at Clifford Chance believes that reporting requirements can drive change – but in two very different ways. ‘At worse, corporate reporting can push some companies to focus on what is necessary as a bare minimum and take a “tick-box” compliance approach focusing on what needs to be reported rather than whether their efforts to identify and address human rights risks are effective,’ she says. ‘At best, corporate reporting incentivises companies to change behaviours, to implement processes and systems that support human rights-respecting outcomes and to be transparent about what they are doing and the results that are being achieved.’