Guidance supports the 2015 UN Guiding Principles Reporting Framework, since implemented into EU law

Accountancy firm Mazars and UN-backed NGO Shift today launched auditing guidance for meeting human rights corporate governance standards.

The guidance is designed to offer businesses a clear direction on how to assess their human rights credentials in line with international standards for corporate governance and financial reporting.

Mazars said the guidance would help internal auditors to assure their companies’ human rights performance, and support external auditors as they oversee the assurance of companies’ human rights reporting.

Developed over several years, the guidance supports the 2015 UN Guiding Principles Reporting Framework. The disclosure focus followed the 2011 UN Guiding Principles on Human Rights, which provided the first set of corporate governance principles on the topic for multinationals to follow.

In the two years since the reporting framework’s launch, Mazars said it has been embraced by companies, governments, investors and other organisations as a tool to help firms improve human rights risk management, and show greater transparency and accountability.

Professor John Ruggie, author of the UN Guiding Principles, said: “Today, any company that wishes to demonstrate either its own sustainability or its contribution to sustainable development, must show how it is driving respect for human rights across its operations and value chains.

“Independent assurance has a vital role to play in enhancing the credibility of what the company’s board is told - and tells others - about its risks and performance,” Ruggie added.

Richard Karmel, head of human rights services at Mazars, said: “The EU now requires company boards of all EU public companies with over 500 employees to know how their organisations are identifying and addressing risks to human rights.

“Their investors, their customers and their employees have a right to know about the progress they are making: it is no longer enough to say, ‘I wasn’t aware’,” said Karmel.

“Such demands make internal audit and external audit assurance functions more important than ever. Importantly, the Global and Chartered Institutes of Internal Auditors have given full backing to this guidance,” he continued.

The EU’s Non-Financial Reporting Directive has been implemented from 2017, requiring firms to disclose annually on how their policies and processes encourage a positive human rights culture.

Speaking to StrategicRISK, Karmel stressed that the focus of the rules is not just on companies’ own internal corporate governance, but also includes broader due diligence responsibilities focused on the supply chain.

“High risk suppliers tend to be smaller companies, not among the first tier of suppliers, and often based in countries with a track record of shady human rights abuses,” he said. “The regulators want to know that you’re taking steps to avoid being linked with such entities,” he added.

In the UK, companies’ human rights record is regulated by the Financial Reporting Council, and its Financial Reporting Review Panel.

In France, since 2017 a “Duty of Care” law has required the top 150 French multinationals to report on their human rights efforts.

“A draft of that Act included a maximum fine of €30m,” Karmel told StrategicRISK. “However, in the final version that was replaced by the Civil Code, which includes limitless fines.”

From experience working with extractive industry firms on their human rights conduct since 2012, Karmel noted a positive correlation between mining firms making efforts to improve relationships with local populations and the financial performance of such companies.

Political risks such as the seizure of assets were reduced as a consequence, Karmel suggested.

Risk managers should treat human rights risk as a salient risk within their business, Karmel suggested. “You need to start by looking at the risk to people, not to the business itself,” he said.

“What’s really driving this is social media,” he said. “Companies can no longer simply hide their negative social impact,” he continued.

The recent fall of London-based public relations firm Bell Pottinger, stemming from the activities of its South African office, is a reputational risk case in point, Karmel noted.

Historical human rights reputational crises involving multinationals have included sportswear company Nike, over use of sweatshop workers, and Swiss foods firm Nestlé, about its marketing of powdered milk products in developing countries.

Karmel suggested international-level human rights corporate governance should take precedence over individual territories when certain countries’ laws are in breach of the guidance.

“You have to find work-arounds, which is part of the skill in this area,” he said. “As professional advisers, we can no longer skirt around the issue of human rights, but must instead integrate it effectively within our professional skill-sets: this guidance will help make that possible,” Karmel added.