How Best to Leverage Your Compliance Program
The risk of encountering forced labor practices is compounded as companies engage with third, fourth and fifth parties, yet many fail to investigate the full scope of their supply chain’s practices. The best solution is to put boots on the ground, but that’s quite expensive, and there are a lot of companies that would rather put their money elsewhere for immediate issues. So how far should your company really go in its third-party due diligence?
The International Labour Organization estimates that, in 2016, 40.3 million men, women and children were victims of modern slavery[1]. Women and children are reported to represent 71 percent of those enslaved.
In the face of these statistics, boards of corporations large and small are increasingly asking themselves whether their organizations are vulnerable or exposed to the risk of modern slavery. In addition to corporate best practices and basic human decency, motivation for this scrutiny is a result of:
- Increasingly complex global supply chains (often driven by economic efficiency), which have stretched the ability of many organizations to appropriately vet and monitor their suppliers;
- Greater awareness of modern slavery through media coverage, NGO pressure and public indignation at the fact that human rights abuse is still very much present in the modern world of business; and
- A raft of legislation targeting unethical or illegal labour practices. In the last year alone we’ve seen the arrival of the U.K. Criminal Finances Act (September), the Dutch Child Labour Due Diligence Bill (August) and the French Corporate Duty of Vigilance Law (February). These laws follow the 2015 U.K. Modern Slavery Act, the 2014 EU Non-Financial Reporting Directive and the 2010 California Transparency in Supply Chains Act. All place additional responsibility on companies to do more to tackle modern slavery.
It is in this context that, earlier this year, the United Nations reaffirmed its goal to eradicate modern slavery by 2030 and that Theresa May issued a call to action to world leaders on the same topic. Now more than ever before, executives the world over are aware of the risks and are renewing their efforts to protect their brands and reputation.
The first step toward preventing modern slavery and complying with increasingly stringent Know Your Customer (KYC) requirements is to have a good awareness of your business’ potential exposure. This starts with:
- A risk assessment of your third-party universe,
- An appropriate level of due diligence when onboarding new suppliers and
- Ongoing monitoring of your supply chain to detect and react to potential problems.
In this regard, detecting and preventing modern slavery is very similar to the compliance processes many companies already have in place to deal with a range of other third-party risks, such as bribery and corruption, money laundering or terrorist financing. In fact, modern slavery will often occur hand in hand with a range of other offences. Companies with strong existing anti-bribery and corruption (ABC) and anti-money laundering (AML) compliance programs will find that integrating a modern slavery risk element to their existing compliance programs is the simplest and most practical way to address this.
However, even for organizations with robust compliance programs already in place, identifying modern slavery can be easier said than done. For large organizations, accurately mapping exposure to third parties can be a daunting exercise.
While some specific goods and services are already widely viewed as being higher risk in terms of exposure to labour rights issues, many others should be on the firm’s compliance radar. For example, the clothing industry in South Asia, construction in GCC countries and seasonal agricultural jobs such as fruit-picking in Western Europe are, and historically have been, areas of particular focus for compliance officers for a number of years. Likewise, exposure to conflict minerals has long been under specific scrutiny.
By contrast, in late 2016, when some car manufacturers and some cosmetics producers woke up to headlines reporting that their metallic-effect paints or their make-up products contained mica mined by children, they were caught completely off-guard. Serious issues with supply chains for cocoa, seafood, poultry and cobalt, among others, have come to light this year. Similarly, in early 2017, some professional services firms and airlines which had made efforts to be compliant with the Modern Slavery Act found themselves named by NGOs as having some of their staff uniforms sourced from wholesalers linked to factories using bonded labour.
A compliance program is only as strong as its weakest link, and applying a consistent set of compliance processes across sprawling global behemoths often proves to be a serious hurdle. Many a program relies heavily on third parties to self-attest compliance with the program’s code of conduct. While this type of paper-based due diligence is an integral part of a compliance program, it is less likely to be effective when completed by suppliers who, in the worst case scenario, are willing to exploit human beings in the most appalling manner for profit. While due diligence questionnaires and contractual protections will typically be considered adequate on lower-risk suppliers from an ABC perspective, in-person audits are a much more effective tool to detect labour abuses. To do this effectively, you need to have full visibility of every link in of your supply chain and sourcing processes.
When things go wrong, failure to control or understand the full product journey and overreliance on desktop due diligence are two of the most common problems found. “How far do we need to go?” is a question that comes up regularly. Practically, if your primary suppliers have an adequate vetting process for their own suppliers and subcontractors, you may not need to handle the vetting of their supply chain. Before you rely on this, you must be confident that they are aligned with your ethical commitments and that their process is as robust as it needs to be. However, if you depend too much on another organization’s due diligence processes, you could end up liable for one of their oversights, so it is prudent to do a full assessment of their process before relying on it.
The reviews triggered by the U.K. Modern Slavery Act have increased company awareness of potential vulnerabilities. Listed companies and those operating in sectors that have been rocked by scandals have reacted and have made good progress. Ultimately, public pressure and reputational damage, more than legislation, are the main drivers encouraging companies to up their game and enhance their compliance programs. Progress in eradicating modern slavery remains slow, and putting an end to it by 2030 remains a very ambitious target.
[1] ILO – Global Estimates of Modern Slavery: Forced Labour and Forced Marriage , Geneva, September 2017.
Kevin Braine is Managing Director and Head of Kroll’s Compliance practice in EMEA, based in the London office. Kevin has extensive experience assisting clients in areas such as pre-transaction due diligence, hostile M&A support activities, third-party agent screening and market and competitor intelligence gathering. He has managed numerous outsourced anti-bribery and anti-corruption programs for a wide range of financial and corporate clients.
