March 15, 2022, By Akshay Sinha
On Thursday, February 25, with all eyes focused on the crisis in Ukraine and the corresponding impact of new sanctions on the global economy, another event was taking place in Brussels with a significant impact on how companies do business around the world. European Commissioners for Justice Didier Reynders and the Internal Market Thierry Breton addressed a press conference to release the European Commission’s new proposal on sustainable corporate governance. This proposal, long demanded by the European Parliament as well civil society, seeks to set rules for companies to “foster sustainable and responsible corporate behavior through global value chains.” It mandates a certain set of behaviors and transparency requirements for both EU companies and non-EU companies operating in the EU with the stated goal of protecting human rights and the environment in supply chains across the world. Context
With the EU being world’s largest markets, the new sustainable corporate governance proposal will considerably move the needle towards requiring greater due diligence from companies to avoid any negative impacts associated with their activities. While a number of EU member-states have already put in place such obligations, the national laws are largely piecemeal and require varied obligations and thematic focuses by companies. Moreover, not all national EU legislations require companies to conduct actual due diligence. Some just require companies to report whether they have conducted due diligence or not. Consequently, there would be penalties for not issuing a report, but not actually conducting due diligence. The idea was that if a company reported that it had not conducted any due diligence there would a resulting public backlash that would force it to change course. Thus such reporting requirements would essentially function as a due diligence requirement. In fact, the EU had been one of the first adopters of a reporting requirement for companies. In 2014, the EU enacted a Non-Financial Reporting (“NFR”) Directive, required covered companies (essentially large “public interest entities”) to prepare an annual non-financial statement containing information on “environmental matters, social, and employee-related matters, respect for human rights, anti-corruption, and bribery matters.” Subsequently, over time key stakeholders such as labor rights groups and civil society organizations, started demanding due diligence obligations (with penalties for non-compliance) as opposed to mere reporting. This took place because most companies were accused of using the reporting requirement to essentially burnish their sustainability credentials in the marketplace without having to make significant efforts to weed out human rights and environmental violations in their supply chains. As calls for mandatory due diligence obligations began to gather steam, key EU governments such as France and Germany started putting in place national laws requiring mandatory corporate due diligence and it was only a matter of time before the EU as a whole followed suit. Development
When a new Commission, headed by President Ursula von der Leyen Commission, entered office in mid-2019, incoming Commissioner for Justice Didier Reynders identified corporate sustainability and due diligence as priorities for the new Commission in his confirmation hearing; at the same time, the Dutch government began circulating a document among the other EU member-states calling on the Commission to bring forward an “action plan” to start harmonizing due diligence rules across the EU and mandate that companies meet supply chain due diligence requirements. In February 2020, the Commission released the results of two surveys on options for due diligence legislation, which showed that both businesses and civil society considered existing laws on due diligence requirements to be ineffective. A majority of respondents supported mandatory due diligence requirements. Soon after, Reynders announced that an initiative on mandatory human rights and environmental due diligence for EU-based companies and their supply chains would be forthcoming in 2021. Nevertheless, despite the level of public support for the initiative, the sustainable governance proposal was only unveiled in February 2022, almost a year after the original deadline and almost eighteen months after the Commission concluded a public feedback process on the proposal. The delay was due to disagreements on the scope of the due diligence initiative. Civil society advocates wanted due diligence obligations to apply to all businesses, irrespective of size or sector, and also civil liability and penalties for human rights abuses and environmental harm in the supply chain. This was backed up by other multiple other MEPs groups, including as the Parliament’s Responsible Business Conduct (“RBC”) Working Group. The civil society recommendations were also echoed by Parliament’s external policies secretariat in a briefing requested by the Parliament’s Committee on Human Rights (“DROI”). On the other hand, industry associations and business advocates wanted the legislation to be more specific, focusing on a subset of organizations and with proportional levels of due diligence requirements based upon the organization’s size and industry risk profile. The primary reason that businesses were in support for an EU-wide legislation was because it would ideally subsume the requirements of individual member state due diligence laws. The end result would mean a reduction in bureaucratic and compliance costs for companies as well as more certainty in terms of regulatory requirements. The Parliament, meanwhile, agreed upon recommendations that were crystallized in a resolution in March 2021, which advocated due diligence obligations for large companies and only those small and medium enterprises in high risk sectors. There would be liability for adverse human rights or environmental impacts in global supply chains, but not if the concerned company could demonstrate that it had undertaken all due care possible to prevent or remediate the negative impact. Additional problems appeared when the Commission’s in-house quality control unit, the Regulatory Scrutiny Board rejected the Commission’s impact assessment in June 2021; the reasons were not made public, but both the CSO and business communities expressed concerns about delays. Then the Commissioner for the Internal Market Thierry Breton was brought in to work on the proposal, prompting additional concerns that due diligence requirements would be diluted. A reworked proposal was again rejected by the Board in late 2021 before the proposal was finalized in early 2022. The Proposal
So what did the Commission finally come out with in its proposal? The Commission loosely followed recommendations made by the Parliament in its March 2021 resolution, trying to craft a balance between civil society and business demands. The proposal only targets large organizations, and SMEs in high-impact sectors, as well as certain non-EU companies; it reportedly will cover only around 1 percent of organizations operating in the EU. The proposal also includes a liability mechanism for adverse impacts but with an exception.
Coverage The proposal covers EU companies with more than 500 employees on average (over the course of a year) and with a net worldwide turnover of more than €150 million. In addition, it also covers EU companies with more than 250 employees on average (over the course of a year) and with a net worldwide turnover of more than €40 million, provided that at least €20 million should be in the following high-impact sectors: textiles, clothing, leather, footwear, agriculture, forestry, fisheries, food and beverages, live animals, wood, minerals, metals and mining. With regard to covered non-EU companies, in order to be covered, they must have a net turnover in the EU of more than €150 million in the financial year preceding the last financial year, or they must have a net turnover between €40 and €150 million in the EU in the last financial year, provided that at least 50 percent of the net turnover was in the high-impact sector listed in the previous paragraph.
Due Diligence Obligations Covered companies must integrate due diligence into all their corporate policies and have in place a policy that describes the company’s long term approach to due diligence, a code of conduct, and implementation processes, including measures to verify compliance with the code of conduct. They must identify actual and potential adverse human rights and environmental impacts, and then take adequate preventive or mitigation measures. Specifically relating to climate change, they must also adopt a plan to ensure that the business model is compatible with the goal of limiting global warming to 1.5 °C in line with the Paris Agreement. Company directors are responsible for ensuring these obligations are set in place. They must also ensure companies report on these efforts annually. Further, if a company’s variable remuneration policy for directors is based upon contribution to business strategy, this must now take into account fulfilment of the climate change obligations under the proposal.
Business Relationships A critical aspect of the due diligence obligations extends to companies’ external business relationships. This is generally the main area of concern as companies may not be able leverage their business relationships with suppliers and other stakeholders to incentivize positive behaviour or prevent or mitigate negative impacts. This aspect is in response to civil society accusations that most large companies, when confronted with the existence of adverse impacts on their supply chains, generally deflect the responsibility to upstream stakeholders in the supply chain. The sustainable corporate governance proposal lists specific requirements for covered companies with regard to their business relationships. The code of conduct must be extended to all business relationships. When trying to mitigate or end adverse impacts due to a business relationship, the company must seek contractual assurances (on fair, reasonable, and non-discriminatory terms) from a business partner that it will ensure compliance with the code of conduct and establish a prevention action plan. Any such contract must include measures to verify compliance, which can be done through suitable industry initiatives or independent third-party verification. Cost of third-party verification must be borne by the covered company itself. In addition, it must also provide targeted and proportionate support for an SME with which it has a relationship if compliance with the code of conduct or the action plan would “jeopardise the viability of the SME.” However, despite taking such actions, if the adverse impacts could not be prevented, mitigated, or ended, the company shall be required to “refrain from entering into new or extending existing relations” with the business partner or in the “value chain [where] the impact has arisen.” The company shall either temporarily suspend commercial relations with the partner (if it believes that will be effective), or “terminate the business relationship with respect to the activities concerned” if the impact is severe.
Complaints Mechanism Companies shall establish a mechanism for dealing with complaints from three categories of stakeholders: a) persons who are or may be affected by an adverse impact, (b) trade unions and other workers’ representatives, and (c) civil society organisations active in the areas related to the value chain concerned. If the complaint is “well-founded,” the companies must conduct follow-up. Complainants must also be able to meet with the company’s representatives at an appropriate level.
Disclosure For all matters not covered under the EU’s NFR Directive, companies must publish an annual report covering their due diligence efforts every year by April 30. This report must be available on the company’s website.
Supervisory Authorities Each EU member state is required to designate one or more supervisory authorities to supervise compliance with the obligations laid out in the proposal. This authority will have the power to initiate an investigation on its own if it has sufficient information that a company has breached its due diligence obligations. While conducting investigations, the authority can order the cessation of violations, from any repetition of the relevant conduct and, where appropriate, order remedial action proportionate to the infringement.
Sanctions and Penalties The sustainable corporate governance proposal requires EU member states to put in place “effective, proportionate and dissuasive” sanctions for non-compliance. Pecuniary sanctions shall be based on the company’s turnover. Any decision to impose sanctions must also take into consideration if the company has undertaken any remediation actions, investments and targeted support, or collaboration with other entities.
Civil Liability Companies will be liable for damages if they did not take adequate steps (including suspending or terminating business relationships), as described in the proposal, to prevent, mitigate, or end adverse impacts. Member states must establish a mechanism whereby companies can be held liable for such damages. However, the company may escape any liability if it has contractual assurances from a business partner with whom it has a direct business relationship for compliance with the code of conduct and a prevention action plan, along with measures to verify compliance. The company must have borne the costs of verification and provided required support to the business partner (if it is an SME). Next Steps Now that the proposal has been published, the Commission is beginning deep consultations with the European Parliament as well as EU member states (through the Council). Most MEPs have welcomed the proposal, but some have expressed concerns it does not go far enough to address supply chain issues. Reynders discussed the proposal with the Parliament’s Legal Affairs Committee in March 8 meeting where some MEPs proposed that variable remuneration of directors and managers be linked to compliance with the sustainable corporate governance proposal. Consequently, it will take a number of months before tripartite talks (Commission, Parliament, Council) come to a conclusion. Once the proposal has been approved at the EU level, the next stage will implementation of the proposal by member states. With this long legislative process still only at a nascent stage, the new due diligence obligations would likely come into force not before 2023 or even 2024.
Comments