The Challenges for Businesses

The landscape of corporate responsibility is shifting from a voluntary approach, often labelled corporate social responsibility (CSR), to a new era of mandatory human rights due diligence (mHRDD). This change is driven by an increase in global regulations and a heightened demand for corporate accountability.

This presents several significant challenges:

  1. Financial and Legal Risks:Non-compliance with emerging regulations can have severe financial consequences. Fines can run into millions of pounds, and companies can face civil liability for damages caused by their operations or supply chains. For example, the EU Corporate Sustainability Due Diligence Directive (CSDDD) proposes penalties of at least 5% of a company’s net worldwide turnover, alongside civil liability for damages to victims. This directly impacts a company’s financial stability and operational freedom.
  2. Complex and Opaque Supply Chains: In today’s globalised economy, supply chains are often multi-layered and fragmented. Businesses frequently lack visibility beyond their first-tier suppliers, making it extremely difficult to detect and prevent human rights abuses deep within their chain. This opacity is a critical weakness that can hide issues such as forced labour, child labour, and unsafe working conditions, leaving a company exposed to unforeseen risks.
  3. Reputational Damage: Negative human rights incidents, such as a report of child labour in a supplier’s factory or a major environmental incident, can severely damage a company’s brand reputation. This can lead to a loss of consumer trust, and in an age of social media, such incidents can spread rapidly. Furthermore, institutional investors increasingly prioritise ESG (Environmental, Social, and Governance) factors, and negative human rights events can lead to a direct impact on long-term shareholder value and market share.
  4. Lack of Integrated Strategy: Many businesses have fragmented, siloed compliance efforts, with different departments (e.g., Procurement, Legal, HR) working in isolation. This prevents the adoption of a unified, harm-based framework that assesses risks across all operations, from physical supply chains to digital platforms and internal business functions.

Key Risks Across Industries

While human rights risks are universal, their nature and severity vary significantly by industry.

1. Consumer: This sector faces high risks related to labour rights and product sourcing.

Textile and Apparel: Risks are prevalent at every stage of the supply chain. This includes forced labour in the harvesting of raw materials like cotton, child labour in spinning mills, and unsafe working environments in garment factories, where workers may be subject to excessive overtime, fire hazards, and a lack of freedom of association. These abuses are often concentrated in countries with weak labour protections.

Electronics: This industry is highly exposed to risks from the sourcing of raw materials. The use of conflict minerals (tin, tantalum, tungsten, and gold) can fuel armed conflict and human rights abuses in war-torn regions, perpetuating violence and instability. Furthermore, manufacturing facilities may be linked to risks of forced labour, unsafe conditions due to exposure to hazardous chemicals, and an absence of adequate health and safety protocols.

2. Energy Resources and Industrials: Companies in this sector are exposed to risks related to land rights, community impacts, and labour exploitation.

Resource Extraction: Large-scale projects, such as mining or oil and gas extraction, can lead to the displacement of indigenous peoples and local communities from their ancestral land without proper consultation or fair compensation. Security forces, whether private or state-provided, may use violence and harassment to suppress community dissent.

Manufacturing: The use of migrant workers is common, who are often vulnerable to debt bondage (where workers are trapped by recruitment fees) and the confiscation of personal documents. Freedom of association is often restricted, and health and safety standards may be poor due to a focus on productivity over worker wellbeing.

3. Life Sciences: Human rights risks in this industry are multifaceted and can have profound impacts.

Clinical Trials: Ethical issues can arise in the design and execution of clinical trials, particularly when they involve vulnerable populations in developing countries. This includes a lack of fully informed consent, inadequate access to the final medical product, and exploitation of participants who may be desperate for treatment.

Supply Chain: The sourcing of biological materials, such as medicinal plants or animal products, can involve exploitative labour practices or negatively impact the land rights and livelihoods of small-scale farmers.

Product Access: Broader human rights concerns exist around ensuring equitable access to life-saving medicines. Intellectual property rights, high pricing, and restrictive distribution models can impact the right to health, especially in low-income nations where diseases are most prevalent.

4. Financial Sector: Financial institutions, including banks, asset managers, and private equity firms, face significant human rights risks by virtue of their investments and financing.

Vetting Portfolio Companies: A primary risk is financing or investing in companies that are directly or indirectly involved in human rights abuses. This can expose the financial institution to reputational damage, legal action from affected communities, and financial loss if the portfolio company’s business model is deemed non-compliant or unsustainable.

ESG Risks for Listed Companies: For publicly traded companies, ESG (Environmental, Social, and Governance) factors are now central to investment decisions. Poor human rights performance—whether in a company’s own operations or its supply chain—can lead to a downgrade in its ESG rating, making it less attractive to investors. This can result in stock price volatility, reduced access to capital, and a loss of confidence from major institutional investors who integrate ESG criteria into their portfolios.

A Practical HRDD Toolkit

To navigate these challenges, businesses must strengthen their governance and reporting. A proactive approach involves a continuous cycle of assessment, monitoring, and remediation.

1. Strengthen Internal Governance

This step is about embedding human rights principles into the core of your business.

  1. Develop a Clear Policy: Create a standalone Human Rights Due Diligence policy, or integrate human rights principles into existing policies, such as your supplier code of conduct and procurement guidelines.
  2. Assign Ownership: Establish a cross-functional human rights committee with representatives from procurement, legal, HR, and sustainability. This ensures that responsibilities are clearly defined and that human rights considerations are integrated across all business units.
  3. Provide Targeted Training: Implement regular training for all employees, especially those in high-risk areas like procurement, sourcing, and operations, to raise awareness of human rights risks and how to identify and report them.

2. Adopt a Unified Framework

Move beyond regional or product-specific compliance and adopt a single, harm-based HRDD framework.

  1. Holistic Risk Assessment: Conduct a comprehensive risk assessment that identifies potential harms not just in your direct supply chain, but also in your internal operations and digital platforms.
  2. Prioritise Risks: Use a harms-based approach to prioritise risks based on their potential severity, scale, scope, and the possibility of remediation. This allows you to focus resources on the most critical issues.

3. Implement Continuous Monitoring

Shift from periodic, static assessments to dynamic, real-time monitoring of your global supply chain.

  1. Due Diligence Vetting: This goes beyond simple questionnaires. It involves a combination of desktop reviews (screening for media reports, NGO alerts), integrating third-party data on country and industry risks, and conducting on-site audits to verify working conditions.
  2. Supplier Code of Conduct: A strong supplier code of conduct is essential, outlining a company’s expectations on labour rights, environmental standards, and ethical business practices. These standards must be contractually enforced through clear terms of business.
  3. On-the-Ground Verification: For high-risk areas, consider engaging third-party auditors or on-the-ground monitors to verify compliance and provide independent assessments.

4. Enhance Stakeholder Engagement

This is about building trust and creating a two-way dialogue with those who may be affected by your operations.

  1. Transparent Grievance Mechanism: Establish a transparent and accessible grievance mechanism for workers, suppliers, and affected communities to report concerns. This should include multiple channels (e.g., hotlines, online forms, on-site representatives) and a clear, non-retaliatory process for handling complaints.
  2. Regular Consultations: Proactively consult with local communities, civil society organisations, and worker representatives to gather feedback on your operations and human rights performance.

5. Reporting and Transparency

Businesses must formalise their HRDD process through robust reporting to meet regulatory and stakeholder expectations.

European Union:

EU Corporate Sustainability Due Diligence Directive (CSDDD): This upcoming directive will require large EU companies (1,000+ employees and >€450m net worldwide turnover) and some non-EU companies to conduct comprehensive human rights and environmental due diligence across their value chains.

  • Requirements: Identify, prevent, mitigate, and account for how they address actual and potential adverse impacts.
  • Risks: Fines of up to 5% of net worldwide turnover and civil liability for damages.

The final text of the EU Corporate Sustainability Due Diligence Directive (CSDDD) entered into force in July 2024, but the application timelines and the ultimate thresholds for companies in scope have been impacted by the subsequent Omnibus simplification package negotiations.

CSDDD Application Timelines (Post "Stop-the-Clock")

The Omnibus package successfully delayed the CSDDD's implementation date for Member States and the first wave of companies by one year (the "Stop-the-Clock" Directive)

Article content

Non-EU companies are subject to corresponding thresholds based on net turnover generated within the EU.

Pending Changes to Scope and Thresholds (The Omnibus Negotiations)

While the Directive's current legal text is based on the ≥1,000 employees and > €450million the final scope remains uncertain due to the ongoing Omnibus negotiations. As of October 2025:

Article content

Pending Trilogue Negotiations. The European Parliament and Council are aligning on dramatically higher thresholds, which would exclude approximately 70% of the companies originally intended to be covered by the Directive.

Due Diligence Model

Comprehensive across the entire "chain of activities."

Shifting towards an entirely risk-based model, narrowly focused only on direct business partners (Tier 1)where specific adverse impacts are likely or have been identified.

Pending Trilogue Negotiations.

EU Corporate Sustainability Reporting Directive (CSRD) & ESRS: The CSRD modernises the EU’s non-financial reporting rules, requiring large companies to publish detailed sustainability reports. These reports must be prepared according to the European Sustainability Reporting Standards (ESRS), which include specific human rights disclosures on issues like forced labour, child labour, and working conditions.

EU Conflict Minerals Regulation: This regulation applies to EU importers of tin, tantalum, tungsten, and gold. It requires them to perform due diligence on their supply chains to ensure they are sourcing responsibly and not contributing to conflict or human rights abuses.

A significant new development is the EU AI Act, the world’s first comprehensive law on Artificial Intelligence, which fundamentally builds its framework on the protection of fundamental rights and democratic values. The Act adopts a risk-based approach:

  • Unacceptable Risk Systems (e.g., social scoring, harmful manipulation) are banned outright due to their clear threat to human rights.
  • High-Risk AI Systems (used in areas like employment, education, law enforcement, and critical infrastructure) face strict compliance obligations. These include mandatory Risk Management Systems that must identify and mitigate foreseeable risks to fundamental rights, and a requirement for certain public and private "deployers" of high-risk AI to conduct Fundamental Rights Impact Assessments (FRIAs) prior to use. This explicitly translates human rights due diligence principles into the realm of digital technology, ensuring that corporate responsibility extends to the design and deployment of AI systems.

Germany: The Supply Chain Due Diligence Act (LkSG) applies to companies with more than 1,000 employees in Germany.

  • Requirements: Implement a risk management system and conduct HRDD and environmental DD in their own operations and with direct suppliers.
  • Risks: Fines of up to 2% of average annual global turnover and exclusion from public tenders for up to 3 years.

France: The Duty of Vigilance Law (2017)applies to large companies (5,000+ employees in France or 10,000+ globally).

  • Requirements: Develop and publish a vigilance plan to identify and prevent human rights and environmental risks in their supply chain.
  • Risks: Fines of up to €10 million.

Norway: The Transparency Act (2021) applies to large enterprises (>50 employees and >€7 million turnover).

  • Requirements: Conduct due diligence, publish an annual statement on due diligence efforts, and respond to information requests from the public.
  • Risks: Fines and legal liability.

2. United Kingdom: The Modern Slavery Act (MSA) 2015 requires commercial organisations with a turnover >£36m to publish an annual transparency statement detailing steps taken to prevent modern slavery.

  • Requirements: Publish an annual statement detailing efforts to combat modern slavery in their operations and supply chains.
  • Proposed new legislation may introduce civil penalties and fines of up to 5% of a company’s turnover for non-compliance, significantly increasing the stakes.

3. North America:

USA:

Uyghur Forced Labor Prevention Act (UFLPA): This law creates a rebuttable presumption that goods made in the Xinjiang region of China are produced with forced labour, placing the onus on importers to prove otherwise.

California Transparency in Supply Chains Act (TISCA): This applies to retailers and manufacturers with worldwide gross receipts of over $100 million. It requires them to disclose on their website their efforts to eradicate slavery and human trafficking from their direct supply chains.

Canada:

The Fighting Against Forced Labour and Child Labour in Supply Chains Act 2024mandates that government institutions and large entities submit an annual report outlining the steps taken to prevent and reduce the risk of forced labour and child labour.

Canada's Fighting Against Forced Labour and Child Labour in Supply Chains Act establishes clear mandatory reporting requirements for both government institutions and specific private entities. A private entity must file an annual report if it is listed on a Canadian stock exchange OR if it has a presence in Canada and meets at least two of the following three financial and employee thresholds in at least one of its two most recent financial years: CAD $20 million or more in total assets, CAD $40 million or more in total revenue (turnover), or an average of 250 or more employees. Crucially, meeting these thresholds is only the first step; the entity must also be involved in the production or importation of goods or control an entity that does so, making the law a targeted transparency mechanism for the supply chains of medium-to-large businesses.

4. Asia Pacific (APAC):

Australia: The Australian Modern Slavery Act 2018 requires entities with consolidated revenue of over AUD100 million to publish an annual statement detailing their efforts to combat modern slavery.

India: The Business Responsibility and Sustainability Report (BRSR) is mandatory for the top 1000 listed companies by market capitalisation, requiring them to report on their human rights policies, due diligence processes, and performance indicators related to their value chain.

Status of BHR NAPs in APAC Countries

A number of APAC countries have adopted NAPs or have equivalent policy documents:

  • Thailand : Was the first country in Asia to adopt a NAP in 2019 and launched its second edition in September 2023.
  • Japan : Adopted its first NAP in October 2020. An updated version (NAP 2.0) was released in 2024, which emphasizes supply chains and human rights due diligence, and identifies implementation of HRDD and support for SMEs as priority areas. While no mandatory HRDD legislation exists, the NAP and the 2022 Guidelines on Respecting Human Rights in Responsible Supply Chains strongly encourage voluntary compliance.
  • Pakistan : Adopted its first NAP (2021-2026) in September 2021, focusing on the state duty, access to remedy, and gender responsiveness.
  • China : Has not developed a standalone NAP but has incorporated BHR principles into its National Human Rights Action Plan (2021-2025).
  • South Korea : Adopted a Human Rights National Action Plan (2018-2022) with a BHR chapter. In February 2023, it published Guidelines on Business and Human Rights.
  • Mongolia : Adopted its first NAP, Action Plan for the Protection of Human Rights in Business Activities, in June 2023.
  • Vietnam : Published its NAP, National Action Plan for Law and Policy Improvement to Promote Responsible Business Practices, in July 2023.
  • Indonesia : Released its National Strategy on Business and Human Rights (2023-2026) in September 2023, captured in a presidential regulation.
  • Nepal : Launched its NAP in December 2023, following a National Baseline Assessment.
  • Malaysia : Launched its National Action Plan on BHR (2025-2030) in August 2025, following a National Baseline Assessment.

Countries with NAP Development in Progress

Several other APAC nations are actively working towards adopting a NAP:

  • Lao PDR : The government committed to a structured consultation process toward developing a NAP following a preliminary assessment in 2024.
  • The Philippines : The Presidential Human Rights Committee Secretariat is reportedly leading the development of a NAP.
  • India : A zero draft NAP was prepared in 2019, but progress toward its adoption has been slow.

Key Observations and Progress

Country/Region

NAP Status & Progress

Singapore

No specific NAP or mandatory HRDD legislation. The initial observation remains accurate; the country continues to navigate the BHR landscape without a formal NAP, relying on a growing push for alignment with international standards, though this is being influenced by global trends toward mandatory due diligence (mHRDD).

Japan

Updated NAP (NAP 2.0 in 2024). Has a voluntary approach, but the revised NAP prioritizes implementing Human Rights Due Diligence (HRDD) and supporting SMEs in this process. This signals a strengthening of its voluntary framework in light of global regulatory trends (like the EU's CSDDD).

Southeast Asia

Shows strong momentum, with Thailand, Viet Nam, Indonesia, and Malaysia all adopting NAPs in recent years (2019–2025).

South Asia

Pakistan and Nepal have adopted NAPs (2021 and 2023, respectively).

HRDD Focus

There is an increased regional focus on Human Rights Due Diligence and supply chains, partly driven by external pressures from binding legislation in jurisdictions like the EU and US, which have extraterritorial effects on APAC businesses.

Conclusion: A Proactive Approach

As the regulatory landscape becomes more demanding, a reactive, compliance-only approach is no longer sufficient. Businesses must proactively embed human rights due diligence into their core strategy to protect both people and the business.

Supply Unchained offers a comprehensive, expert-led approach to human rights due diligence. Our methodology is based on a harm-based framework, supported by a technology platform that streamlines compliance, visualises risks, and provides real-time monitoring.

We can help you:

  1. Navigate Complex Regulations and ensure compliance with the evolving global landscape.
  2. Conduct Holistic Risk Assessments across your entire value chain.
  3. Streamline Supplier Vetting and monitoring at scale with our AI-powered platform.
  4. Generate Comprehensive Reports and compliance statements verified through legal reviews.

If you would like to discuss how we can tailor our services to your specific business needs and help you build a more ethical and resilient supply chain, we would be delighted to arrange astrategy call.

Contact us today to schedule your call and begin your journey towards a more responsible business.