By Joseph Wilde-Ramsing

Blog symposium co-organised by OECD Watch and NOVA School of Law

Deadlock on several key issues appears to be on the horizon in the tripartite negotiations, known as ‘trialogues’, currently being undertaken by the European Commission, Council, and Parliament to come to an agreement on a Corporate Sustainability Due Diligence Directive (CSDDD). A priority of many EU policymakers, businesses, and civil society has been to achieve impactful and workable due diligence while avoiding a proliferation of conflicting expectations for enterprises. The key to unlocking the potential of due diligence legislation in Europe, and avoiding that due diligence becomes a tick-the-box exercise, is ensuring coherence between existing authoritative international norms on due diligence and the proposed CSDDD.

The OECD Guidelines for Multinational Enterprises on Responsible Business Conduct (‘the Guidelines’), which are, along with the UN Guiding Principles on Business and Human Rights (UNGPs), the leading international norm on due diligence, have recently been updated following a year-long, multi-stakeholder process. The process that was followed and the fact that the updated Guidelines were unanimously endorsed by the OECD Council on 8 June 2023, give the updated Guidelines a high degree of legitimacy and authoritativeness. As OECD Watch, and more recently Shift, have stated, it is crucial that the proposed CSDDD be aligned with the updated OECD Guidelines in order to avoid creating a double standard and sending mixed messages to business and stakeholders.

If the CSDDD is to be effective at achieving its objective of addressing the harmful social and environmental impacts of business, European lawmakers would be wise to follow the updated OECD Guidelines, especially when it comes to the dynamic and multi-directional nature of due diligence, in which the obligation to seek to prevent harm flows both upstream as well as downstream from the enterprise. The updated OECD Guidelines expect companies to carry out due diligence to seek to prevent harm throughout the full value chain of the goods and services they provide. This includes harms found “upstream” from the company, such as at a mine or factory supplying the company, as well as “downstream” harms committed by “entities that receive, license, buy or use products or services [including financial services] from the company”. Adverse impacts from foreseeable misuse are included in this definition. In addition to these business to business relationships, the Guidelines also make clear that companies can contribute to, and should thus seek to prevent, adverse impacts caused by natural persons such as individual users and consumers.

In this regard, the updated OECD Guidelines provide three keys that EU lawmakers and negotiations can and should use to unlock the potential of the CSDDD:

  1. Companies must be obligated to address impacts that are downstream in their value chains, and a little downstream due diligence goes a long way to prevent harm.
  2. Companies must be obligated to avoid contributing to (sometimes structural) harms in their supply chains through irresponsible purchasing practices.
  3. Multi-stakeholder initiatives (MSIs) and industry auditing/certification schemes cannot be taken as substitute or a proxy for a company’s own actions to address risks and impacts.

Each of these three keys is elaborated on below.

A little downstream due diligence goes a long way (and is not hard to do)

As SOMO, OECD Watch, and others recently highlighted in our paper Setting the record straight, the updated OECD Guidelines expect companies to take a risk-based approach to identifying and addressing risks throughout their business operations. This means that companies should focus where the risks are greatest, regardless of whether this is “upstream” (i.e. with suppliers) or “downstream” (i.e. with buyers) in their value chain. As explained by SOMO, OECD Watch and others in our recent paper A little downstream goes a long way, obligating companies to take account of downstream impacts makes enormous sense because of how severe downstream harms can be and how easy they are to prevent with a little downstream due diligence. OECD Watch’s case database contains a plethora of examples of business practices causing severe, yet easily preventable, downstream harm include the financing and provision of surveillance technology to authoritative regimes that use it to identify and detain political opponents, and the manufacture and supply of dangerous chemicals used in agriculture that poison the land, water, and people.

The Guidelines (Commentary on Chapter II, para 17) explicitly refer to downstream business relationships such as sub-contractors, franchisees, investee companies, clients, and joint venture partners as being types of relationships companies are expected to review prior to a sale, loan, or commencement of a business venture, in order to ascertain what the prospective business partner intends to do with the company’s product or service. Companies providing these products or services have a high degree of leverage and influence at this stage, as they can simply refuse to provide the product or service if there is a risk it may be used to commit harm. The same concepts that make due diligence feasible in an upstream context – including focusing on the most severe risks and on how a company’s own activities can heighten or reduce risks across value chains – also make it feasible in a downstream context. Companies across a diverse range of sectors, including the financial sector, have already been putting this risk-based approach into practice. Downstream due diligence is thus both immensely impactful and extremely practicable, making it a must if European due diligence legislation is to be effective.

Irresponsible purchasing practices can contribute to structural harms upstream in value chains

Some companies, and sometimes entire industries, employ a business model that relies on aggressive and irresponsible purchasing practices that fuel structural human rights abuses at factories upstream in the value chain. Through practices such as insisting on unrealistic delivery times, placing late order confirmations, demanding low prices and post-hoc discounts, and insisting unfair payment terms, companies can contribute to pushing suppliers into a range of human rights and labour abuses, such as paying poverty wages, wage withholding and theft, overtime, unsafe factories, precarious contracts, and anti-union activity. As SOMO and many others have highlighted, the fast fashion industry has been notoriously characterised by these practices and impacts.

As is made clear in the OECD Due Diligence Guidance for Responsible Business Conduct, which provides detail on how to interpret and implement due diligence as conceived in the updated OECD Guidelines, companies are expected to identify and proactively address adverse impacts, including structural and root causes of impacts. The OECD Guidance explicitly identifies brands’ purchasing practices such as short lead times, precarious contracts, and aggressively low pricing as the driver of some risks and adverse impacts in supply chains. The OECD Guidance flags purchasing practices as a “risk factor” that companies are expected to identify and prevent. In some instances, this may actually require the rethinking of an entire value chain or a whole business model, such as that of fast fashion, that is incompatible with due diligence.

Fortunately, the Guidelines provide European businesses and lawmakers with practical suggestions for avoiding upstream harm related to irresponsible purchasing practices. Companies should explore ways to simplify supply chains and strengthen a limited number of small supply chain relationships to minimize risk and to cease harmful purchasing practices. As part of legislating effective upstream due diligence, European lawmakers should prohibit unfair trading practices, notably on issues such as payment terms, unilateral discounts, and creating economic dependency.

MSIs and industry schemes: A piece, not a proxy

Many companies rely heavily on the auditing and certification industry to identify and address their social and environmental risks. Yet, the standards and processes of auditor and certification companies frequently fail to live up to international standards. In particular, adverse impacts related to power relations (e.g., gender-based violence, the right to join or form a union, forced labour) are rarely detected, as these are impacts where remedial action is complex and expensive. Most problematically, social audits frequently neglect the role of the company that hired it in contributing to such risks and impacts. While certain industry schemes, MSIs, and third-party auditing can help companies to implement aspects of due diligence, SOMO has shown that these measures are insufficient when it comes to discharging an adequate and comprehensive due diligence process that is capable of consistently and effectively identifying risks and preventing harm. Given the notorious under-reporting, under-detecting and under-remediating of human rights risks and impacts, social audits and certification regimes are not suited to be the exclusive basis of (parts of) the due diligence strategy.

Indeed, the updated Guidelines suggest that while participation in industry schemes and MSIs can be one of the many tools companies can use in their due diligence, they should not be used as proxies for due diligence nor should they play a dominant role in the due diligence process. The Guidelines (Commentary on Chapter II, para 12) also clearly state that, “[a]lthough enterprises can collaborate at an industry or multistakeholder level, they remain individually responsible for ensuring that their due diligence is carried out effectively.” The Guidelines do not require companies to use audits, certification, or schemes, and companies remain responsible for addressing risks and impacts regardless of whether or not they use such tools. When companies do choose to use these tools, they should be complemented with the company’s own risk identification actions, such as interviews, workshops, grievance mechanisms, and engagement with civil society organizations and other stakeholders, including affected communities. Audit and certification information should be seen merely as one source of information, and should be integrated and triangulated with other assessments to ensure that companies grasp the actual and most salient impacts through their due diligence processes. Audits and certification, even if carried out through multi-stakeholder initiatives, should not be considered sufficient proof of human rights due diligence.

Three golden keys to unlock the potential of due diligence legislation

Due diligence legislation such as the European CSDDD has enormous potential to improve the lives of workers and communities and prevent companies from harming the environment and human rights. However, there is also a serious risk that the legislation will become a paper tiger that results in ticking boxes rather than respecting rights. The updated OECD Guidelines provide EU policymakers with three golden keys to unlock the potential of the CSDDD: mandate downstream due diligence, obligate companies to avoid harm through irresponsible purchasing practices, and ensure that MSIs and industry schemes involving certification and auditing do not become a proxy for due diligence.

About the author

Joseph Wilde-Ramsing is SOMO’s Advocacy Director and has a broad experience and expertise in corporate accountability across a wide range of sectors, including energy, extractives, manufacturing and finance. After leading the OECD Watch network between 2005-2020, he now serves as a Senior Advisor to the network. He frequently assists communities and workers in documenting human rights and environmental violations, asserting their rights and seeking remedy for corporate abuse. Joseph serves as an Independent Advisor to the Social and Economic Council (SER) of the Netherlands and is on the Advisory Board of the Dutch National Contact Point for the OECD Guidelines.

About the blog symposium 

2023 is a momentous year in the corporate accountability world. In June, not only did the OECD adopt key revisions to the newly renamed OECD Guidelines for Multinational Enterprises on Responsible Business Conduct, but the European Parliament also agreed on its position on the proposed directive on corporate sustainability due diligence. In recognition of these important events, NOVA BHRE and OECD Watch are co-hosting a blog symposium in October and November 2023 focused on the updated OECD Guidelines in the context of the current corporate accountability landscape.

The views and opinions expressed in this blog represent the views of the author and does not necessarily represent those of OECD Watch or NOVA School of Law.