A private members bill has been placed before the UK House of Lords that sets out an ambitious regime for mandatory environmental and human rights due diligence for businesses. The Bill also seeks to introduce an overarching duty on companies to prevent environmental and human rights harms, reporting obligations and new avenues for civil liability and regulatory enforcement. In this article, we analyse the proposals in comparison to other existing and proposed due diligence regimes and consider the likelihood of further law reform in this area.
On 28 November 2023, Baroness Young of Hornsey introduced the Commercial Organisations and Public Authorities Duty (Human Rights and Environment) Bill (the "Bill") into the UK House of Lords. A "private member's bill" introduced in this way often has a long and complicated road to becoming a law (which we discuss below). While it is unclear at this stage if the Bill will be supported by the Government or opposition, it is nevertheless interesting to consider the nature of the proposed obligations.
Businesses in scope
The Bill defines the commercial organisations that would be within scope of the proposed regime by reference to section 7(5) of the Bribery Act 2010 (assuming a reasonable interpretation of what looks like a typographical error in the Bill). This would include:
- Companies incorporated, or partnerships formed, in the UK; and
- Companies or partnerships carrying on a business, or part of a business, in the UK.
The Bill therefore contemplates obligations with extra-territorial effect, both in terms of potentially applying to certain non-UK companies and also (as discussed further below) to acts or omissions that take place overseas.
A duty to prevent human rights and environmental harms
Clause 2 of the Bill seeks to introduce a duty on commercial organisations and public authorities to prevent human rights and environmental harms "so far as is reasonably practicable".
As we have previously reported, a duty to prevent human rights harms has long been mooted in the UK, but it has yet to receive significant legislative traction. The latest iteration of this potential duty is framed in very broad terms, extending also to environmental harms and to potential harms that take place in a company's "own operations, products, and services, those of their subsidiaries, and throughout their value chains".
Notably, the Bill does not refer in this clause to the UN Guiding Principles on Business and Human Rights (the "UNGPs"). In particular, the proposed duty does not distinguish between potential harms that are "caused" by an organisation, to which an organisation "contributes" or which are merely "linked" to the activities of an organisation. Whilst those concepts might provide guidance as to what is "reasonably practicable", on the face of the Bill, the proposed duty appears exceptionally wide.
Further, the inclusion of the terms "products", "services" and "value chain" (as opposed to "supply chain") indicate that the duty might extend beyond an organisations own operations to impose a duty on companies in relation the use to of their goods and services by customers. In some sectors, including certain manufacturing, technology, telecoms and media businesses, the imposition of such a duty would be exceptionally challenging.
In addition, the imposition of such a duty on a parent company in relation to the operation of its subsidiaries could introduce the type of group-wide responsibility that was contemplated, but ultimately rejected in Switzerland. The Bill therefore goes further than any current national law does in terms of parent company responsibility.
The duty to prevent human rights and environmental harms would apply to all businesses in scope of the Bill, irrespective of their size. This may be contrasted with laws introduced in France and German, and the proposed EU Corporate Sustainability Due Diligence Directive ("CSDDD"), where due diligence obligations have, for now, only been imposed on larger companies.
Human rights and environmental due diligence
Clause 3 of the Bill sets out the scope of the proposed duty of due diligence. Here, "reasonable" due diligence includes "as a minimum":
- integrating human rights and environmental due diligence into policies and management systems;
- identifying, assessing and addressing actual or potential human rights and environmental harms, through prevention, mitigation and remediation;
- establishing or participating in and maintaining effective grievance mechanisms;
- tracking, verifying, monitoring and assessing the effectiveness of measures taken and their outcomes; and
- communicating with stakeholders and reporting publicly.
The Bill therefore takes an holistic view of due diligence, similar to the UNGPs, encompassing not just the identification of risks, but also requiring companies (as part of the due diligence obligation) to respond to those risks by mitigating and remediating harm, tracking the effectiveness of the steps being taken and reporting publicly on those steps.
However, there are a couple of immediate issues with the way in which this proposed duty is defined:
- Whilst expressed in similar terms, the due diligence duty in the Bill is potentially different in scope to the due diligence duty set out in the proposed CSDDD. Considering that the Bill seeks to apply to any business that carries on business within the UK and CSDDD seeks to apply to any business accessing the single market, there could be many companies that are potentially in scope of both regimes. It may be hoped that any obligations imposed in the UK will be consistent and compatible with the proposed EU regime.
- The proposed duty to address and remediate harms is very broadly drafted in the Bill. The UNGPs set out a responsibility to cease and remediate human rights harms that a business is causing; a business should also cease and contribute to the remediation of any harms to which they are contributing (in such circumstances, the business should also use any leverage it has over its business partners who are also contributing to a harm to encourage them also to cease contributing to the harm). However, there is no expectation under the UNGPs that a business should remediate harms that are merely linked to its operations. In such a context, the expectation is only that the business should use any leverage that it has over the entity (typically a third party) causing the harm. Whilst the Bill states that an assessment of the reasonableness of the due diligence undertaken will consider the extent to which an organisation has sought to increase or use its leverage over third parties, in terms of the duty to remediate, it does not appear to adopt the trichotomy from the UNGPs and so the proposed duty risks placing an obligation on companies to remediate harms over which they have no, or at least very little, control.
The Bill also refers to the need for informed engagement with stakeholders. It also states that certifications, audit reports and membership of industry or multistakeholder initiatives are not sufficient, on their own, to fulfil the due diligence requirement.
Like the duty to prevent human rights and environmental harms, these due diligence requirements are proposed to apply to all businesses in scope of the Bill, irrespective of their size.
In clause 4, the Bill seeks to set out a framework by which a business might terminate a relationship in a responsible manner in order to discharge its due diligence obligations.
Best practice in circumstances where a human rights harm is found or suspected within a business partner is ordinarily to work with the business partner to help the victim(s) and to assist the business partner in improving their own practices. Indeed, this is the recommendation of the UK Government's Guidance related to the Modern Slavery Act 2015. Assessing the appropriate response to a finding of a human rights harm caused by a business partner is complex and should be fact specific. It does not immediately seem to be an area that is suitable for rigid legislative regulation.
Reporting and transparency requirements
Clause 5 sets out a reporting requirement according to which organisations in scope would be obliged to publish on a government registry a report setting out the plan for the human rights and environmental due diligence to be conducted over the next 12 months, as well as an assessment as the effectiveness of the actions taken in the previous year. The Bill sets out the points that the report must contain. In this respect, the Bill proposes obligations similar to those set out in the French Corporate Duty of Vigilance Act.
Clause 5 also sets out an information request mechanism, a proposed civil penalty for failing to publish the report, as well as a duty on the Secretary of State to create a regulatory offence for knowingly or recklessly including false or misleading information in either the report or in response to any information request.
The Bill proposes that the reporting requirements should be subject to a turnover threshold, to be set by the Secretary of State.
Exclusion from public procurement
Clause 6 sets limitations on public procurement, based on compliance with the Bill. In particular, a public authority must set out human rights and environmental due diligence requirements at the tender stage and a contract should not be awarded to a supplier who is not conducting (or does not have a plan for conducting) human rights and environmental due diligence. The Bill also states that every public authority must also publish a blacklist of excluded suppliers.
Clause 7 seeks to compel the Secretary of State to establish a regulatory authority to oversee compliance with the Bill.
Clause 8 seeks to create a new form of civil liability for any business that "fails to prevent human rights or environmental harms in its own operations, products, and services, those of its subsidiaries, and throughout its value chains". Liability under this provision is proposed to be subject to a defence that the business took "all reasonable steps" to prevent the harm from occurring.
This defence is drafted in materially different terms to the defence to a charge of a company failing to prevent bribery under the Bribery Act 2010, where it is a defence for a company to show that it had in place "adequate procedures" designed to prevent persons associated with them from committing bribery. It is not clear whether the different drafting is intended to mean that different steps – and in particular something more than "adequate procedures" - would be expected under the Bill.
Personal liability for directors
Clause 9 seeks to make the board collectively responsible for compliance with the Bill. It would be an offence if the business conducts no human rights and environmental due diligence, or if a person knowingly or recklessly includes false or materially incomplete information in the company's public reporting. It would be a defence if that person took all reasonable steps to comply with the Bill and informed the regulator as soon as practicable after becoming aware of the error in the reporting.
Clause 10 sets out the proposed regulatory enforcement steps available, including fines of up to 10% of the organisation's global turnover. It is worth noting that 10% of global turnover is the same level of maximum fine as Ofcom has recently been empower to impose under Schedule 13 of the recently enacted UK Online Safety Act.
Clause 11 would make a commercial organisation guilty of an offence where a person "associated with the organisation" commits one of one of a series of offences listed in the Bill in order to retain business or a business advantage for the commercial organisation.
What to expect next
The bill was introduced into the House of Lords as a Private Members' bill by Baroness Young. Private Members' bills are those proposed by MPs and Members of the House of Lords who are not government ministers.
It is too early to determine the bill's fate. It has been formally introduced without debate during its first reading in the House of Lords. Before it is passed into law it must proceed through the usual readings, committee and report stages in both Houses – first through the House of Lords, and subsequently through the House of Commons, if it attracts the support of an MP. Typically the progress of Private Members' bills – especially those raised in the House of Lords – is slow and rarely succesful. A minority of Private Members' bills become law. Since 1983, only 60 Private Members' bills raised in the House of Lords have been successful, with only one of those bills being passed in the last five years.
Despite this, even if they are not passed, Private Members' bills can be successful in raising the profile of a particular issue, garnering the support of MPs and indirectly influencing the Government's legislative agenda. In this regard, Baroness Young has a strong record of introducing private members bills relating to human rights and modern slavery issues, particularly as they pertain to business. For example, in 2017 she introduced the Modern Slavery (Transparency in Supply Chains) Bill into the House of Lords as a private members bill. Whilst her proposed bill itself never came into force, the proposals in that bill received broad endorsement, including by the business community, such that the government initiated its own process of reforms that included the proposals contained in her private member's bill.
This latest bill signifies the growing momentum for environmental and human rights mandatory due diligence in the UK, which has received support from MPs and businesses alike:
- Earlier this year, 46 MPs and Peers from across seven parliamentary parties (and led by Baroness Young) signed a pledge to create a new law on business human rights and environmental due diligence.
- As of July 2023, 50 large businesses had signed a statement calling for the UK to adopt mandatory human rights and environmental due diligence legislation
- As previously reported, cross-party parliamentary committees have also emphasised the need for such legislation, including in the 2017 conclusions and recommendations of the Human Rights Joint Committee.
This Bill has a long way to go to become law. But it is another sign of the times. Expectations on businesses in relation to human rights and environmental due diligence continue to increase and there is growing support from a range of stakeholders for the introduction of mandatory due diligence obligations.
However, these new regimes continue to grow in a frustratingly ad hoc fashion. Businesses should continue to monitor this global patchwork of mandatory ESG due diligence laws as it develops. These emerging regimes will continue to impact the nature and scope of the due diligence undertaken by businesses in relation to their international operations and value chains. It is an increasing challenge for a business to ensure that it is responding robustly and constructively to human rights and environmental risks, whilst also ensuring that it complies efficiently and appropriately with the evolving range of legal obligations in this area.