It has been about a year since the UK Modern Slavery Act 2015 became law, requiring all commercial organisations with turnover greater than £36 million, and with a presence in the UK, to publish an annual statement on slavery and human trafficking on their websites.
The statement must either describe steps taken to ensure that slavery and human trafficking are not taking place in their businesses and supply chains, or state that no steps have been taken.
The good news is that a number of companies, both UK-based and multinational, have gotten a head start on publishing their statement before the statutory duty kicks in for companies with financial years ending on or after 31st March 2016.
However, early indications suggest that companies may initially struggle to meet stakeholder expectations of transparency and rigour in due diligence. It’s still early days, but it’s important to note that the public nature of this Act – with companies not just being asked to report to government but to EVERYBODY – means that scrutiny will be that much more intense. The court of public opinion is notoriously swift and unforgiving.
I recently attended the Sedex Simplifying Supply Chain Sustainability conference in London, where a panel including Kevin Hyland, the UK’s first Independent Anti-Slavery Commissioner; Colleen Theron, founder of CLT Environmental Law; James Swenson, Head of Reputational Risk Management Services at Thomson Reuters; and Sedex Stakeholder Relations Executive Marianne Voss shared insights on how businesses can respond to the Modern Slavery Act.
The key takeaway is that companies don’t need to respond out of fear. This is an opportunity to not only tackle a very real risk, but to also build resilience in supply chains, which is ultimately good for business.
“
Audits have been the go-to monitoring mechanisms for supply chain issues for almost two decades. However, addressing modern slavery risks should not just be a tick-box exercise.
Audits are not enough
Analysis by Ergon Associates of nearly 240 modern slavery statements released so far found that “while companies are comfortable to state their policies and describe existing audit processes, they are being tentative in revealing much about non-audit based due diligence processes and also the actual risks of modern slavery that might exist in their own businesses or supply chains.”
Audits have been the go-to monitoring mechanisms for supply chain issues for almost two decades, according to Ergon, so it’s not surprising that they are the monitoring method of choice for modern slavery. However, addressing modern slavery risks should not just be a tick-box exercise, for several reasons:
- Audits, which are often led by third parties, can have limited effectiveness in revealing modern slavery crimes due to their hidden nature. Issues such as retention of identity documents or debt bondage are unlikely to be discovered by a cursory audit visit. This is compounded by the fact that those looking for signs of abuses are often far removed from the operations.
- Secondly, modern supply chains are complex and extensive, which means obtaining reliable and comprehensive information – both from direct suppliers and those further down the chain – can be a mammoth task. Audits are most effective when they are focused on areas of high risk.
- Thirdly, audits are retrospective by nature. Relying on audits as a primary means of risk mitigation means that a company is going to be on the backfoot in catching problems – if they catch them at all.
- And lastly, audit processes, whilst they provide data, generally do not facilitate change. For companies to demonstrate a proactive, impact-focused approach to modern slavery, it will become necessary to think about the wider role they can play in communities where breaches are common.
Audits alone are not going to be sufficient as an approach to monitoring and mitigating modern slavery risks. Below are a few practical steps which companies can take to enhance due diligence around modern slavery.
How to get your modern slavery act together
- Understand the issues and challenges and how they relate to your business. Modern slavery takes different forms, and it shouldn’t be assumed that it will be obvious to the casual observer. It can range from commonly highlighted abuses such as forced labour, human trafficking and sexual exploitation to less well-recognised forms such as withholding of passports, debt bondage and excessive charges around housing.
Although time, resource, and expertise are a common challenge for many organisations, it is worth developing in-house capacity and appointing a subject matter expert or getting external help if needed – to understand what the issues are, both explicit and covert, and the implications for due diligence processes.
- Map risk areas along your supply chain. Sprawling global supply chains with multiple levels of supplier relationships mean that risks can be anywhere in the world, and seem far removed from the core business. However, complexity is not an excuse for inaction in the court of public opinion.
Understand what your supply chain looks like, the levels of supplier relationships associated with your business, and map where vulnerabilities exist, informed by internal expertise as well as external news, research and risk-analysis tools such as Maplecroft’s.
This will provide some direction as to where effort and resources should be directed to mitigate risks. Given the changing nature of supply chains – particularly in the event of acquisitions and expansion to new markets – this step should be revisited periodically.
- Build on what you already have. It’s not always feasible or desirable to build a due diligence process from scratch. Many companies will already have polices, systems and measures in place to monitor recruitment, procurement and other business relationships.
Review existing processes and expand them as appropriate to reflect insights gained from the previous two steps. The rigour of a company’s due diligence process should be commensurate to the levels of risk across the business.
- Appoint a Board-level champion. Breaches can have an impact on reputation, social (and legal) license to operate, supply chain resilience and consequently financial performance. As such, modern slavery and human rights risks should be recognised at the Board level – requiring more than a rubber stamp for the published statement.
An active Board-level champion helps to ensure modern slavery risks are considered as a part of business strategy discussions, and it sends a message to the rest of the business about the importance of the issue.
- Collaborate and communicate. Collaborative initiatives are a great way to source and enhance understanding of data, risk assessment and mitigation, as well as good practice. Sector-focused collaborations or geography-based coalitions can provide relevant insights and data and spread the costs of doing so.
Established organisations such as Sedex encourage joint data-sharing and capacity-building. Groups such as the Bangladesh Accord, formed by brands and unions in response to the Rana Plaza building collapse, point the way to a more collective approach.
- Educate and raise awareness. Education will be critical to raising awareness and vigilance – both with staff and suppliers. This can be achieved through training modules, workshops, or building the knowledge into existing training programmes.
Equally as important is ensuring that appropriate feedback and reporting mechanisms are in place so that breaches can be escalated through the right channels and addressed in a timely manner.
As with any other form of responsible business communications, companies’ Modern Slavery Act statements will need to be backed up by genuine action and transparency. And while on the surface they introduce another potential exposure to the business, they provide an opportunity for companies to enhance their risk registers, improve risk mitigation, and build resilience into their supply chains.
Nana Guar is a Senior Consultant at Corporate Citizenship. This post is republished from the Corporate Citizenship blog with permission.
