The Foundations of Human Rights Due Diligence

Definition of Human Rights Due Diligence

The origins and types of due diligence

Due diligence is a term applied in various legal and business contexts. For example, during mergers, acquisitions or other large securities transactions, companies normally choose to undertake due diligence as a risk management process, in order to avoid or correctly price business risks such as fines, legal claims, and operational complications.1  In the US, due diligence also describes the process whereby public statements are checked before a company is publicly listed or a public statement is made, with the aim of protecting the company from legal liability in the case of material misstatements. 2

Where due diligence is either required by law or conducted to meet a legal requirement, the company will not be able to protect itself from liability by showing that it has gone through a ‘tick-box exercise’. The courts will ask whether the process was adequate under the circumstances and properly implemented in practice, and whether the implementation had shortcomings.3

In anti-bribery and corruption cases, courts and regulatory bodies have made it clear that liability may be based not only on what a company knew but on what it ought to have known,4 even regarding a subsidiary’s operations. The scope of the due diligence required of each company is expected to be proportionate5 and commensurate with its relevant anti-corruption risks, including ‘the extent of its international operations’.6 Even where compliance processes, procedures and training have been put in place, there are examples where regulatory bodies have found these to be ‘inadequate’ for the particular risks and circumstances.7

It is interesting to note that key components of due diligence which have been considered by courts and regulatory bodies – including training and management systems, auditing and advice from external experts - also surfaced in our survey responses and interviews as steps which companies are taking to discharge their responsibility to respect human rights, as set out in the Guiding Principles. Some companies fully appreciate that human rights due diligence is a substantive and complex management process aimed at preventing adverse impacts.

The meaning and scope of human rights due diligence

Despite the use of the term ‘human rights due diligence’ in the Guiding Principles and its wide-spread further adoption, the term has not been clearly defined. However, the Guiding Principles’ description of human rights due diligence as a context-dependent process aimed at the prevention of adverse human rights impacts, corresponds with the traditional understanding of due diligence as a process aimed at the discharge of a certain standard of care. The general legal approach across most jurisdictions is to see due diligence within the tort law standard of care of a reasonable or prudent person.8 Through undertaking human rights due diligence, the standard of care which a company would aim to meet is the respect for human rights, which requires businesses to avoid causing or contributing to adverse human rights impacts, and to seek to prevent or mitigate adverse human rights impacts that they are directly linked to.9

The Guiding Principles emphasise that simply undertaking a human rights due diligence process does not necessarily absolve a company from its potential legal liability for causing or contributing to human rights abuses.10 In that sense, human rights due diligence can be regarded as effect-based: its principal purpose is to avoid actual or potential human rights impacts, and its effectiveness can only properly be judged with reference to the degree to which that outcome is achieved. The occurrence of an adverse human rights impact may be attributable to internal governance issues; specifically a failure by the business to design or implement effective human rights due diligence. The standard of due diligence required to be performed by companies needs to be sufficient to enable a company to identify and address its human rights impacts. Whilst the process will commence with an impact assessment, it needs to be modified in light of its findings.

Current knowledge about the application of due diligence in other contexts is informative and relevant. Due diligence, as developed through tort law and statutory requirements, is a process which would be taken into consideration when deciding whether a legal duty of care has been discharged. Any judicial or regulatory enquiry into whether a company’s human rights due diligence is adequate is likely to look at the entirety of the steps taken by the company, measured against the requirements of the Guiding Principles. Where a company has identified its human rights impacts and put in place sophisticated human rights due diligence systems and processes to address them which are demonstrably capable of working, but an adverse impact nonetheless occurs, that company will be more likely to be able to show any external regulator or court that it has done everything that it could have done.

As with other applications of due diligence, the scope of the human rights due diligence expected of a company will always be context-specific. It will depend on various factors, including, as listed in the Guiding Principles, the company’s size, the risk of severe11 human rights impacts, and the nature and operating context.12 The scope required may change over time as the circumstances in which the business operates evolve.13

Human rights due diligence differs from business management due diligence in a few prominent ways:

  • Firstly, whereas business incentives to respect human rights may be driven by perceived risks to the business, human rights due diligence processes must be aimed at identifying and mitigating or preventing the human rights impacts faced by rights-holders. GP 13 and 15 reinforce this by consistently referring to business enterprises’ impacts. Merely considering risks to the company without its broader rights impacts would not be within the definition of human rights due diligence (although human rights risks also translate into business risks).
  • Secondly, human rights due diligence is not company or group specific. GP 13 requires every business to consider the human rights impacts not only of its own operations but also of third parties with which it has business relationships. These may include suppliers and entities in its value chain such as consumers and distributors, and other third parties including state entities.14 A company with a large number of business relationships15 may choose to focus on those areas where it deems the risk to be most significant. As with other forms of due diligence, the rigour of the process must be commensurate to the severity of the risk.16 This wide responsibility for the impacts of all business relationships requires companies to consider carefully the scope of their human rights due diligence. A determinative factor is whether the company is aware, or should be aware, of certain human rights issues or high risk areas or contexts within its operations or value chain. An additional relevant aspect to assessing risk may include whether a company is aware that industry peers are causing or contributing to adverse human rights impacts. 17
  • Thirdly, human rights due diligence is required to be an on-going process. Other forms of due diligence frequently consist of a once-off exercise which takes place in relation to a specific transaction. Instead, the Guiding Principles state that human rights due diligence ‘should be on-going, recognizing that the human rights risks may change over time as the business enterprise’s operations and operating context evolve’.18

By being context-dependent, human rights due diligence lends itself towards being used to discharge a legal standard of care in the same way as other due diligence processes. Accordingly, legal advisers are well-placed to advise companies on the scope and implementation of their human rights due diligence and related processes. As case law and business practice develops, the content of what kind of human rights due diligence is required under different circumstances will continue to be clarified.

The incentives for human rights due diligence

As noted above, the purpose of human rights due diligence is to avoid actual or potential human rights impacts. There are multiple incentives why a business would wish to avoid such adverse human rights impacts. The main incentives stated by survey respondents (each being selected by 66.67% of respondents) for undertaking human rights due diligence now or in the future are the avoidance of reputational risk and legal risk. Compliance with reporting requirements, and compliance with applicable laws, excluding reporting requirements, also featured strongly (60.61%)  as important incentives.19

These results demonstrate an understanding on the part of the majority of the respondents that adverse human rights impacts can give rise to legal and reputational risks for businesses, and that conducting human rights due diligence to avoid such impacts can be an effective way of managing these risks.

Legal framework


The behaviour of a corporate, from its establishment to winding up, is heavily regulated and subject to multiple legal requirements. As noted above, the majority of our survey participants emphasised the importance of legal risk (alongside reputational risk) as a primary incentive for conducting human rights due diligence. This represents an acknowledgement that there is an emerging legal dimension which is driving businesses to conduct human rights due diligence, despite lack of statutory obligations in this regard.

The emerging legal dimension of an area is worth considering, as the steps companies take in response to them may inform how they approach human rights due diligence under the Guiding Principles. Moreover, the direct influence of the Guiding Principles in the emergence of regional and national legislation is evident from, for example, the EU’s directive on non-financial reporting (discussed below)20 and legislation proposed in France21 and Switzerland22 which would impose certain mandatory human rights due diligence obligations on companies.

Regulation of corporate impacts on human rights

Laws which already require some form of due diligence for impacts that relate to human rights can be found in the areas of health and safety, labour, non-discrimination, and environmental protection. Some, though not phrased in human rights language, serve as particularly good examples of the emerging regulatory environment. A select few appear below.

Corporate Law and Directors’ Duties

There are a few instances of corporate laws which require directors to take into account human rights considerations as a component of their duty of care.  Most notably, Section 172(1) of the UK Companies Act 2006 requires a director to act in the way which he considers, in good faith, would be most likely to promote the success of the company for the benefit of its members as a whole, and in doing so have regard to, amongst other things, employees and the impact of the company's operations on the community and the environment.23

To help shareholders assess how well directors have performed this duty, companies are required to prepare an annual strategic report.24 Under Section 414C(7) directors of quoted companies25 are required to consider and report on human rights issues which are necessary for an understanding of the development, performance or position of the company’s business. 26  Information should also be provided regarding any policies of the company in relation to the matters reported on, and the effectiveness of those policies. Although there is no requirement to report on due diligence steps per se, a proper consideration of policy effectiveness would necessarily require due diligence.

The EU Directive 2014/95,27 which amends Directive 2013/34/EU as regards disclosure of non-financial and diversity information by certain large undertakings and groups (the Non-Financial Reporting Directive) will require relevant companies28 to produce an annual non-financial statement as part of their management reports containing information to the extent necessary for an understanding of their development, performance, position and impact of their activities relating to, amongst other things, social and employee matters and respect for human rights. The statement should include a description of the policies pursued by the company (or corporate group, where a consolidated statement is being prepared) in relation to those matters, including due diligence processes implemented; the outcome of those policies and the principal risks related to those matters.29

As the non-financial statement forms part of a management report, the management of each company will need to follow EU member state domestic law corporate governance requirements when signing the statement. In England and Wales, strategic reports must be approved by the board and be signed on behalf of the board by a director or the company secretary.30 Directors should take steps to verify the contents of any statement before signing, given their continual duty to act with care, skill and diligence under Section 174(1) of the Companies Act. This will necessarily entail a degree of due diligence. The same principle applies to the publication of slavery and human trafficking statements under the UK Modern Slavery Act 2015, discussed further below.31

As discussed in further detail below in the section on legal claims, companies and directors can be held to account through various avenues for the public statements they make, and on the basis of public codes of conduct, which represent the company as being compliant with certain human rights standards. Similarly, incorrect statements made during the process of listing a company regarding the manner in which human rights risks are addressed may give rise to legal claims.32 Some jurisdictions also have provisions which make it possible, under certain circumstances, to hold individual company directors liable for misleading information contained in public reports.33 Proof of a robust human rights due diligence system should assist towards a defence in these instances.

Corporate Social Responsibility

A further category of laws worth mentioning is statutory corporate social responsibility (CSR) requirements:

  • In Brazil every financial institution has to adopt a CSR policy, and incorporate a social management system.34
  • In Denmark35 and Norway,36 CSR reporting is statutorily required, including about the steps the company is taking to integrate human rights into their operations, procedures used and an assessment of the achievements.
  • In Argentina, certain companies are required to report annually on sustainability.37
  • In India, the 2013 Company Act not only requires CSR reporting,38 companies with a certain profit level are obliged to spend at least two percent of their profits on community development projects.39

These and other such laws highlight an increased level of state regulation of corporate conduct in the area of human rights. Yet there is an important distinction between CSR, which can include selected community contributions which are unconnected to the company’s core operations, and human rights due diligence, which looks at all the human rights impacts of the companies’ activities. The Indian law, for example, has been criticised for allowing companies to be ‘running village schools even as they pollute local water sources.’40

Slavery and Human Trafficking

Another area where there has been a great deal of legislative activity, particularly on the reporting front, is slavery and trafficking:

  • The UK Modern Slavery Act requires companies to report on the steps they are taking to eradicate slavery and human trafficking in their own operations and in their supply chains.41 It applies to all companies supplying goods or services with an annual turnover of £36 million and which carry on business, or a part of their business, in the UK.42 In May 2016, the Modern Slavery (Transparency in Supply Chains) Bill43 was introduced to the House of Lords proposing amendments to the Modern Slavery Act. The Bill includes a proposal for a company’s slavery and human trafficking statement to be included in its annual report, and would oblige contracting authorities to exclude an economic operator from participation in a procurement procedure where that operator has not produced a slavery and human trafficking statement when it was required to do so.
  • This UK law shares similarities with the California Supply Chain Transparency Act, which was adopted in 2010 and requires certain retailers and manufacturers doing business in California to disclose their efforts to eradicate slavery and human trafficking from their supply chains.44
  • The US Federal Acquisition Regulations (following Executive Order 13627, which came into effect in March 2015) now require companies which sell goods and services to the US government to have a compliance plan in place to show how they will adhere to a list of detailed requirements.45 Requirements include provisions regarding employees’ access to identification documents, return travel arrangements, housing, and the prohibition of recruitment fees.46 The regulation is given additional enforcement procedures by the False Claims Act,47 a pre-existing law, which criminalises false statements or certifications made in the context of government procurement.

GP 6 recognises procurement as a key area where States can promote respect for human rights by business enterprises, and the revisions to the US Federal Acquisition Regulations and the UK Modern Slavery (Transparency in Supply Chains) Bill discussed above may be seen as evidence that governments are beginning to incorporate human rights considerations into their procurement processes; a significant development given their overall annual expenditure. Certainly, evidence of an increased focus on procurement  as a means of promoting respect for human rights by businesses more generally (i.e. beyond the issue of slavery and human trafficking) can be found in the majority of Nationals Action Plans (NAPs) published by governments on the implementation of the Guiding Principles – the Danish48 and Dutch49 NAPs serve as good examples.

Sector and Region Specific Regulations

Within various sectors, specific regulation often requires due diligence for activities which may implicitly have human rights impacts, without such regulation necessarily being phrased in human rights language:

  • The EU Transparency Directive applies to large extractive and logging companies, and requires country by country reporting on material payments made to governments.50
  • Section 1502 of the US Dodd-Frank Wall Street Reform and Consumer Protection Act,51 requires companies to disclose annually whether certain minerals are sourced from the Democratic Republic of Congo or adjoining countries, and describe the measures of supply chain due diligence that were taken.
  • In Australia, the Illegal Logging Prohibition Act52 requires importers and processers of timber to have verification processes in place to ensure that no illegal logging took place in its supply chains.
  • The European Commission has proposed draft regulation towards self-certification for minerals which may be linked to conflict zones.53

The exploration and mining licencing requirements of many national jurisdictions also contain provisions on environmental impact assessments, and land acquisition consent procedures:

  • The DRC has issued a regulatory notice requiring mining companies to conduct human rights due diligence at various levels in the mineral supply chain,54 which has already resulted in fines for companies failing to undertake due diligence.55
  • Senegal has proposed a new Draft Mining Code,56 which requires mining companies to respect, protect and implement human rights in the areas affected by their operations.57
  • Legislation pertaining to certain regions may also require due diligence for human rights issues. Examples include the Economic Community of West African States (ECOWAS) Directive on the Harmonization of Guiding Principles and Policies in the Mining Sector,58 and the US Burma Responsible Investment Reporting Requirements.59

Whilst compliance with these types of regulation will not require a business to identify and address any other human rights impacts outside those occurring within the relevant context, sector or geographical region, they are indicative of an increasing propensity by governments to regulate business conduct in order to bring about positive social outcomes. 

Industry Standards and Law

As seen above, industry standards and guidance are becoming an increasing factor in companies’ responses to undertaking human rights due diligence. The legal effect of these documents is unclear, including the extent to which non-compliance with them could potentially form part of a factual matrix which leads to potential legal liability. However, in addition to the Guiding Principles, the standards and practices of industry peers can inform the level of human rights due diligence required of each individual company as a form of best industry practices.60 In this way, industry standards have the ability to become norm-forming and turn from soft law into hard law through the prism of what would be expected of a reasonable company in the circumstances.

Voluntary industry standards could also have a norm-forming nature. For example, a court has taken into account a company’s adoption of the Voluntary Principles on Security and Human Rights as part of the standard to which the company should be held, as ‘something more than lip-service to those Principles is demanded’.61 Accordingly, it ordered the company to disclose many of the documents requested by the claimants, including searches of the company’s annual reviews of its implementation of the Voluntary Principles.62

Legal claims for human rights impacts

Human rights due diligence requirements are beginning to surface in legal claims. For example, the Canadian case of Choc v Hudbay is based on claims that the Canadian parent company failed to prevent abuses by the subsidiary over which it had ‘on-the-ground management and control’,63 and in relation to which it had made public statements committing to detailed standards of conduct.64 The earlier UK case of Chandler v Cape PLC65 (part of a line of cases in the English courts addressing the issue of parent company liability) demonstrated that, depending on the level of knowledge and control, a parent company may owe a duty of care to employees of a subsidiary for health and safety standards.66 As with due diligence enquiries in other contexts discussed above, the Court based the company’s liability on its knowledge, equated with attributed knowledge: the parent company ‘knew, or ought to have known, that the subsidiary’s system of work was unsafe’ and similarly, it ‘knew, or ought to have foreseen, that the subsidiary or its employees would rely on [the parent company’s] superior knowledge for the employees’ protection.'67

As under the Guiding Principles, this duty extends beyond the corporate group into value and supply chains. Two cases recently brought in California concern allegations that companies failed to take adequate steps to address human rights abuses in their supply chains.68 These actions were brought in terms of consumer protection laws, the California Transparency and Supply Chains Act69 and unfair competition laws respectively. 70 These cases demonstrate that claims may be brought on the basis of other legal requirements, including those protecting consumers’ expectations not to be misled, in this case as regards the extent of due diligence performed.

In some areas of law, due diligence is often provided for as a statutory defence. The company or corporate official is able to defend itself against a civil claim or a criminal charge if it can show that it took all reasonable steps or exercised the necessary due diligence. Examples of offences that have given rise to a due diligence defence include misrepresentation or failure to disclosure financial matters,71 bribery and corruption,72 environmental offences,73 safety offences74 and other corporate criminal activities.75 Human rights due diligence might be legally required or necessary in the form of a direct mandatory requirement, a statutory or common law defence to a claim, or as part of a reporting requirement.

Our interviews indicated that companies which are undertaking sophisticated human rights due diligence processes feel significantly more confident about dealing with possible legal claims. There is a move away from concerns that more reporting leads to more liabilities. In other words, if a company has internal initiatives in place, sets up and implements policies, activates multifunctional teams, and discloses those activities publically, the perception of the interviewees was that such a company would be less likely to face public criticism for failure to act, as the company would be better placed to demonstrate publicly that appropriate steps had been taken to address matters within their control.

OECD National Contact Points 

All thirty-five member countries of the OECD, as well as twelve non-member countries, have signed up to the OECD Guidelines for Multinational Enterprises (the OECD Guidelines),76 which set out principles and standards for multinational companies in areas such as bribery and corruption, labour rights, indigenous rights and the environmental impact of business operations on communities. The OECD Guidelines were updated in 2011 with a new human rights chapter (Chapter IV) which expressly “draws upon the United Nations Framework for Business and Human Rights ‘Protect, Respect and Remedy’ and is in line with the Guiding Principles”. 77

The OECD Guidelines require each signatory state to establish a National Contact Point (NCP) to “contribute to the resolution of issues that arise relating to implementation” of the OECD Guidelines. NCPs hear complaints about businesses alleged to have contravened the OECD Guidelines through what is known as the “specific instance” procedure. The findings by various NCPs are gradually contributing to an understanding of what human rights due diligence requires in legal terms.78

Treaty Proposals

On an international law level, the UN Human Rights Council on 23 June 2014 adopted a resolution appointing an inter-governmental working group to explore the possibilities around a legally binding treaty on business and human rights.79 It will likely be some time before a binding treaty is adopted, if one is adopted, and any such treaty may follow the concepts set out in the Guiding Principles, and could accordingly contain human rights due diligence requirements.80


Companies, particularly multinationals, are subject to an array of regulations which directly or indirectly regulate their human rights impacts. In the current legislative environment, laws which require substantive compliance may not necessarily use human rights terminology. Indeed, human rights language in legislation is more commonly found in emerging “reporting requirement” style laws, which tend to give discretion to companies in terms of the actions they choose to take and report on, using transparency to incentivise businesses to take a proactive approach to human rights.

This regulatory dynamic might lead a company's management to conclude ‎that their attentions and the company’s resources ought to be directed towards compliance with those known laws which do require substantive compliance (e.g. privacy, environmental or health and safety laws). However, this approach would be misguided. As explained further below, our Study suggests that a comprehensive human rights due diligence process is effective in better enabling companies to comply with the diverse range of regulations applicable to their operations, and in assisting them to address other actual and potential human rights impacts which are not (yet) addressed by any regulation.


1 See Olga Martin-Ortega ‘Human rights due diligence for corporations: From voluntary standards to hard law at last?’ Netherlands Quarterly of Human Rights (2013) Vol 31/4: 44-74, 51.

2 For example, seeWilliam K. Sjostrom, ‘The Due Diligence Defense Under Section 11 of the Securities Act of 1933’ (2005) 44 Brandeis Law Journal 549;  In re WorldCom, Inc. Securities Litigation 346 F. Supp. 2d 628 (S.D.N.Y. 2004).  

3 See London Borough of Croydon v Pinch A Pound UK Ltd [2010] EWHC 3283 (Admin), para 19; R. (on the application of Tesco Stores Ltd) v City of London Corp [2010] EWHC 2920 (Admin); and Tesco Supermarkets Ltd v Nattrass, UK House of Lords, [1972] AC 153.

4 For example, see the Trace Compendium summaries of the UK Financial Services Authority (FSA) enforcement action against Aon corporation and others, available at; and the US Securities and Exchange Commission (SEC) enforcement action against Watts Water Technologies Inc and various others, available at

5 The UK Ministry of Justice guidance on anti-bribery states that its ‘core principle’ is proportionality: UK Ministry of Justice ‘The UK Bribery Act 2010:Guidance about procedures which relevant commercial organisations can put into place to prevent persons associated with them from bribing (section 9 of the Bribery Act 2010), 2.

6 For example, see Trace Compendium summary of the US SEC action against Watts Water, n 6.

7 For example, see Trace Compendium summary of the UK FSA action against Aon Corporation, n6.

8 Cees Van Dam ‘Tort Law and Human Rights: Brothers in Arms – On the Role of Tort Law in the Area of Business and Human Rights’ (2011) Journal of European Tort Law 221, 237 and 244. The term originally arises from Roman law: see Reinhard Zimmerman, The Law of Obligations: Roman Foundations of the Civilian Tradition (Oxford University Press, 1996), 1008-9.

9 Human Rights Council, 'Guiding Principles on Business and Human Rights; Implementing the United Nations "Protect, Respect and Remedy" Framework' (Guiding Principles), A/HRC/17/31 (21 March 2011) (“Ruggie”);  GP 13.

10 Commentary to GP 17 states that ‘business enterprises conducting such due diligence should not assume that, by itself, this will automatically and fully absolve them from liability for causing or contributing to human rights abuses.’

11 Commentary to GP 14 states that the‘[s]everity of impacts will be judged by their scale, scope and irremediable character.’

12 GP 17(b).

13 GP 17(c).

14 Commentary to GP 13.

15 Office of the UN High Commissioner for Human Rights, 'The Corporate Responsibility to Respect Human Rights: An Interpretive Guide”(OHCHR, 2012), states at 5 that: “Business relationships refer to those relationships a business enterprise has with business partners, entities in its value chain and any other non-State or State entity directly linked to its business operations, products or services. They include indirect business relationships in its value chain, beyond the first tier, and minority as well as majority shareholding positions in joint ventures.'

16 Lord Denning explained that ‘[a]s the danger increases, so must the precautions increase.’ Lloyds Bank Ltd v Railway Executive (1952) 1 All ER 1248, 1253. See also Van Dam, n8

17 See OHCHR Response to the Request from the Chair of the OECD Working Party on Responsible Business Conduct, 27 November 2013, available at, paras 13-14.

18 GP 17(c).

19 Also chosen frequently were, in order, ‘the right thing to do’ (54.5 5%),good corporate governance (53.03%) and avoidance of operational risk (46.97%).

20 Directive 2014/95/EU of the European Parliament and of the Council of 22 October 2014, amending Directive 2013/34/EU as regards disclosure of non-financial and diversity information by certain large undertakings and groups.

21 Texte adopté no. 501, Proposition de Loi, relative au devoir de vigilance des sociétés mères et des entreprises donneuses d’ordre. The French National Assembly adopted the draft bill in March 2014, but on 18 November 2015 the bill was rejected by the French Senate. The National Assembly could still overrule the Senate in this case. See Maxime ‘Refus du devoir de vigilance ou le déséquilibre entre Droits de l’Homme et compétitivité’ Le blog Nicomak, 24 November 2015, available at; Roel Nieuwenkamp ‘Legislation on responsible business conduct must reinforce the wheel, not reinvent it’ OECD Insights, 15 April 2015, available at

22 Swiss Coalition for Corporate Justice (SCCJ), ‘The initiative text with explanations’, Factsheet V, available at

23 Section 172(1), UK Companies Act 2006

24 Section 414C(3), UK Companies Act 2006. The strategic report must provide a balanced and comprehensive analysis of the development and performance of the company's business during the financial year and the position of its business at the end of that financial year that is consistent with the size and complexity of the company's business.

25 “Quoted companies” includes those listed on the official list of the London Stock Exchange; officially listed in another EEA state; or admitted to dealing on the NYSE or Nasdaq.

26 Section 414C(7)(b), UK Companies Act 2006

27 See n 22 above. Pursuant to Article 4(1), EU member states are obliged to transpose EU Directive 2014/95 into domestic legislation by 6 December 2016, so the requirements will apply to relevant undertakings for the financial year starting on 1 January 2017 or during the calendar year 2017.

28 Large undertakings which are “public-interest entities” with an average of over 500 employees, during the financial year, including: listed companies, credit institutions and insurance undertakings.

29 Article 19a, Directive 2013/34/EU (as amended by Article 1 of Directive 2014/95/EU. The full list of items to report on under Article19a(1) are as follows: 'a brief description of the group’s business model; a description of the policies pursued by the group in relation to those matters [i.e. those being reported on], including due diligence processes implemented; the outcome of those policies; the principal risks related to those matters linked to its operations including, where relevant and proportionate, its business relationships, products or services which are likely to cause adverse impacts in those areas and how it manages those risks and on-financial key performance indicators relevant to the particular business.'  Note: Where the undertaking does not pursue policies in relation to one or more of the above matters, the non-financial statement shall provide a clear and reasoned explanation for not doing so.

30 Section 414D(1), UK Companies Act 2006.

31 Section 54(6) of the UK Modern Slavery Act 2015 states that slavery and human-trafficking statements must be approved by the board of directors and signed by a director (or equivalent).

32 For example, the EU Prospectus Directive 2003/71/EC as updated by Directive 2010/73/EU requires a prospectus to be published when securities are publically offered.

33 For example, s 463 UK Companies Act 2006 and s90A UK Financial Services and Markets Act 2000. Both permit investors who have suffered loss to take action against the company in the event of some form of misleading statement or omission of material facts. This might arise in the context of the directors’ liability to report human rights issues in the strategic report section of the annual report (as required by s414C(7)(b) Companies Act). See also the arguments made on the fiduciary duties of directors who had the benefit of books, records and due diligence in the case of Sharp and Others v Blank and Others [2015] EWHC 3220 (Ch).

34 CMN Resolution No. 4327, of April 25, 2014.

35 Årsregnskabsloven [Financial Statements Act], Act no. 1403, 27 December 2008, para 99a.

36 Lov om endringer i regnskapsloven og enkelte andre lover [Law on the amendments in the Accounting Act and several other laws], LOV-2013-04-19-15, I 2013 hefte 6 s 992, 2013-0288 (19 April 2013), § 3-3c.

37 Law 2594 (2008).

38 Section 134 of the India Companies Act 2013.

39 Ibid,section 135.

40 Rama Lakshmi, ‘India mandates increase in charitable giving by corporations; critics fear government control’ Washington Post (11 September 2013).

41 Section 54 of the UK Modern Slavery Act 2015.

42 Section 54(2)(b) read with Regulation 2 of the Modern Slavery Act (Transparency in Supply Chains) Regulations 2015.

43 HL Bill 6, available here: 

44 Senate Bill No. 657, Chapter 556, 30 September 2010.

45 Section 2(2)(A) of Executive Order 13627.

46 Sections 2(1) (A) and 2(2)(A).

47 31 U.S.C. §§ 3729–3733.

48 Available here:

49 Available here:

50 EU Directive 2013/50/EU.

51 US Dodd–Frank Wall Street Reform and Consumer Protection Act (2010) 12 USC 5301.

52 Illegal Logging Prohibition Act 2012 (Australia).

53 European Commission, ‘Proposal for a Regulation of the European Parliament and of the Council setting up a Union system for supply chain due diligence self-certification of responsible importers of tin, tantalum and tungsten, their ores, and gold originating in conflict-affected and high-risk areas’, COM(2014) 111 final, 2014/0059 (COD), 5 March 2014; and European Parliament, ‘Amendments adopted by the European Parliament on 20 May 2015 on the proposal for a regulation of the European Parliament and of the Council setting up a Union system for supply chain due diligence self-certification of responsible importers of tin, tantalum and tungsten, their ores, and gold originating in conflict-affected and high-risk areas’, COM(2014)0111 – C7-0092/2014 – 2014/0059(COD), first reading (ordinary legislative procedure), 20 May 2015.

54 Note Circulaire No. 002/CAB.MIN/MINES/01/2011 du 06 Septembre relative a l’application obligatoire des directives de recommandations du Guide de Devoir de Diligence de l’OCDE et de la résolution 1952 (2010) du Conseil de Sécurité de l’ONU dans le secteur minier Congolais), [Circular Note No. 002/CAB.MIN/MINES/01/2011 of 06 September on the mandatory application of the OECD Due Diligence Guidelines and UN resolution 1952 in the Congolese mining sector].

55 In May 2012 Congo Minerals and Metals (trading as TTT Mining) and Huaying Trading Company were suspended for failing to undertake due diligence:; UN Security Council ‘Letter dated 29 November 2011 from the Chair of the Security Council Committee established pursuant to resolution 1533 (2004) concerning the Democratic Republic of the Congo addressed to the President of the Security Council’ S/2011/738, available at

56 Avant Projet de Loi Portant Code Minier [Draft Mining Code] (20 January 2015 version).

57 Article L. 95.

58 ECOWAS Directive on the Harmonisation of Guiding Principles and Policies in the Mining Sector, available at It binds member states and does not create any direct rights and obligations at the corporate or individual level.

59 US Department of State, Reporting Requirements on Responsible Investment in Burma, February 2013 available at See also

60 Van Dam, n8, 238.

61 Vilca and 21 Others v Xstrata Limited and Compania Minera Antapaccay S.A [2016] EWHC 389 (UK), para 25.

62 Ibid, paras 90-91.

63 Choc v Hudbay Inc, 2013 ONSC 1414,para 27.

64 Ibid, para 26.

65 Chandler v Cape PLC [2012] EWCA (Civ) 525.

66 Norton Rose Fulbright ‘Recent Trends Related to Human Rights Statements’ (10 February 2016) available at

67 Ibid.

68 Sud v Costco Wholesale Corp 15-cv-03783, US District Court, Northern District of California (San Francisco); Barber v Nestle USA Inc, 15-cv-01364, US District Court, Central District of California (Los Angeles).

69 California Transparency Supply Chains Act of 2010.

70 Similarly, cases are being brought in Canada and France against multinational garment companies for losses suffered in the collapse of the Rana Plaza factory in 2013: see Norton Rose Fulbright ‘Recent Trends Related to Human Rights Statements’, n 6 and Business and Human Rights Resource Centre ‘Auchan lawsuit (re garment factories in Bangladesh)’ available at

71 Corporations Act 2001 (Australia) s 731; Federal Securities Act of 1933 s 11(b)(3)(A); Financial Markets Conduct Act 2013 (NZ) s 499; Consolidated Financial Services Act (Italy) art 94(8).

72 UK Bribery Act 2010 (UK) s 7(2); Clean Companies Act (Brazil) Ch III art 7.

73 Environment Protection Act 1970 (Vic) s 66B(1A)(b) and (c); Forest and Range Practices Act 2014 (Canada) s 72.

74 Work Health and Safety Act 2011 (NSW) s 27; Food Safety Act 1993 (UK) s 21;Aviation Act (Wet Luchtvaart, NL), art 1.3.

75 Spanish Criminal Code, art 33; Law no. 190 (2012) Italian Criminal Corporate Law (Legislative Decree No. 231 of 2001, ‘Law 231’) art 6. Canada and the Netherlands both have a common law due diligence defence available for strict liability crimes (R v. Sault Ste. Marie, [1978] 2 S.C.R. 1299; see alsoBram Meyer, Tessa van Roomen, Eelke Sikkema, ‘Corporate Criminal Liability for Corruption Offences and the Due Diligence Defence: A Comparison of the Dutch and English Legal Frameworks’ (2014) Utrecht Law Review 10(3) 47.

76 Available here:

77 Ibid. para 36

78 For example, the Norwegian National Contact Point for the OECD Guidelines for Multinational Enterprises, Complaint from Lok Shakti Abhiyan, Korean Transnational Corporations Watch, Fair Green and Global Alliance and Forum For Environment And Development vs. Posco (South Korea), Abp/Apg (Netherlands) And Nbim (Norway), Final Statement, 27 May 2013; and UK OECD National Contact Point Review Committee ‘Separate Policy Note on Due Diligence’ in Specific Instance under the OECD Guidelines for Multi-national Enterprises: Application for Review of the Initial Assessment – Recommendation of the Review Committee, January 2014, against the Initial Assessment entitled Complaint from a UK NGO against a UK Telecommunications Company available at, 6-7.

79 UN Human Rights Council, ‘Elaboration of an international legally binding instrument on transnational corporations and other business enterprises with respect to human rights,’ UN Doc. A/HRC/26/L.22/Rev.1 (24 June 2014).

80 See Robert McCorquodale and Lise Smit, ‘Human Rights Due Diligence: A Responsibility, A Defence or A Mirage?’ in Surya Deva and David Bilchitz (eds) A Treaty on Business and Human Rights? Exploring its Contours (forthcoming, 2016).