On August 22, 2012, the SEC adopted final conflict minerals rules (see Legal Update, SEC Adopts Conflict Minerals Disclosure Requirements (www.practicallaw.com/7-521-0508)). This resource has been updated to reflect the final rules.
This Practice Note discusses corporate social responsibility (CSR) trends affecting the supply chain. This Note defines CSR, describes why CSR should be important to companies, identifies relevant CSR legislation and outlines the different approaches that companies can take to address CSR in their supply chains.
A company risks legal, reputational and economic damage if its suppliers:
Engage in illegal or inhumane employment practices.
Violate human rights.
Cause environmental harm.
Engage in bribery or corruption.
Empowered by new technology and encouraged by recent successes, now more than ever, consumers are holding companies accountable for unethical behavior within the companies' supply chains.
In addition, governments, legislators and regulators are now starting to act to require companies to disclose more information regarding their own practices and those of their suppliers. For example:
On August 22, 2012, the Securities and Exchange Commission (www.practicallaw.com/9-382-3806) (SEC) adopted the final rules regarding disclosure by reporting companies (www.practicallaw.com/2-382-3758) of their use of certain minerals, known as conflict minerals as part of the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 (www.practicallaw.com/4-502-8619) (Dodd-Frank Act).
On January 1, 2012, the California Transparency in Supply Chains Act of 2010 (Supply Chains Act) became effective.
In August 2011, the Business Transparency on Trafficking and Slavery Act (BTTSA) was introduced into the US House of Representatives and then referred to the House Committee on Financial Services.
Consequently, companies doing business in the US face increasing pressure to:
Develop and maintain effective, comprehensive and legally compliant corporate social responsibility (CSR) policies and mandates.
Integrate CSR considerations and objectives into their business operations, including their sales, human resources, compliance, legal, marketing, communications and investor relations functions.
This Note:
Defines corporate social responsibility in the supply chain.
Explains why companies should treat CSR as a priority and imperative.
Identifies and summarizes enacted, pending and proposed CSR laws and regulations.
Highlights the main practical steps involved in creating an effective CSR policy or program.
Often referred to as corporate responsibility, corporate philanthropy, sustainability, business ethics, stakeholder theory or corporate citizenship, CSR is defined differently by various international organizations and industry groups (see Box, Widely Recognized Definitions of CSR).
In essence, when a company adopts CSR policies and practices, its planning and decision-making reflect the potential impact of its corporate actions on various stakeholders and constituencies.
There are several reasons to take CSR seriously, including:
Consumer sentiment (see Consumer Sentiment).
Legislative and regulatory requirements (see Legislative Initiatives).
Exposure to legal risk (see Legal Risk).
Reputational capital and competitive advantages (see Reputational Capital and Competitive Advantages).
The recent experiences of Apple, Inc. serve as examples of how consumers and industry and activist groups can generate adverse publicity regarding a company's supply chain practices and ultimately force a company to incur significant costs to drastically change its behavior.
During the first half of 2012, Apple was the focus of public outcry when news reports revealed that one of its main suppliers, Foxconn Technology Group, subjected its workers to inhumane working conditions. Apple's investigations later revealed a wide variety of violations and frequent non-compliance at Foxconn and across its supply chain. Apple has since gone to great lengths and incurred great expense to improve the working conditions at Foxconn and address its pervasive supply chain problems to preserve the company's consumer popularity.
Similarly, in July 2012, Apple announced that its products were no longer registered with the Electronic Product Environmental Assessment Tool (EPEAT), an environmentally friendly electronics registry. After complaints from customers and environmentalists, Apple placed its products back on the registry, a decision that may require the redesign of certain products.
Certain existing and pending legal requirements impose disclosure obligations intended to encourage companies to address CSR-related issues in their operations.
These requirements do not mandate that companies take affirmative steps to adopt particular policies regarding their own supply chain practices or their suppliers' practices. Rather, affected companies are required to disclose their policies regarding certain activities that have been deemed offensive to human dignity. These disclosures include:
Supply chain verifications.
Information on supply chain audit activities.
Supplier and third-party certifications.
Training provided to affected employees and contractors.
Information on compliance with local laws and the company's CSR policies.
For more details on these requirements, see Relevant Legislation.
With an effective CSR policy that is carefully drafted and properly enforced, a company can better:
Comply with emerging CSR-related laws and regulations.
Preempt costly lawsuits and non-compliance actions.
Address the source of non-compliance by installing cultural mechanisms and fostering corporate alignment around the relevant issues.
(See Relevant Legislation.)
In addition, an effective CSR policy has a positive effect on relations between the company and regulators and government authorities.
A company that defines its corporate culture with reference to CSR imperatives can leverage that commitment to forge powerful and lasting relationships with important stakeholders. CSR policies can differentiate a company's brand, culture, and corporate identity and positively influence the decision making of consumers, partners, investors and talent. With reputational capital, a company can:
Earn consumer loyalty. Consumers increasingly rationalize buying decisions with reference to the corporate values of the manufacturer and its supply chain practices.
Attract top talent. A company's commitment to CSR can be a selling point to executives and other job candidates who increasingly demand a committed and coherent culture of concern for CSR-related issues.
Strengthen employee morale and commitment. Staff can be rallied to common causes to improve morale, efficiency and loyalty in the midst of a highly mobile talent market.
Aid its business development. Investors and partners are increasingly including environmental, social and governance criteria in their investment and screening processes.
The SEC recently adopted final rules regarding the disclosure of a company's use of conflict minerals in the company's products. California and Maryland passed laws prohibiting companies that fail to comply with the new SEC conflict minerals rules from contracting with those states. California also passed legislation regarding human trafficking and slavery in the supply chain, and similar legislation is currently pending at the federal level. In addition, other recent SEC measures, while not specifically impacting the supply chain, underscore the increasing legislative trend favoring the advent of CSR-related legal requirements.
On August 22, 2012, the SEC adopted final rules implementing the conflict minerals disclosure requirements set out in Section 1502 of the Dodd-Frank Act. The new rules are intended to reduce trade and exploitation of conflict minerals that is believed to be financing violent conflict in the Democratic Republic of the Congo (DRC) and adjoining countries.
Section 1502 added new Section 13(p) to the Securities and Exchange Act of 1934 (Exchange Act), which directs the SEC to adopt rules requiring reporting companies to disclose information regarding the use of conflict minerals that originate from the DRC or an adjoining country in the products they manufacture or contract to manufacture. The final rules require all affected companies to conduct due diligence and make annual disclosures on new SEC Form SD by May 31 of each year, starting May 31, 2014 for the 2013 calendar year.
The minerals covered by the rules, which are included in many common products but are particularly common in electronics components, include:
Cassiterite.
Columbite-tantalite (coltan).
Gold.
Wolframite.
Derivatives of these minerals (including tin, tantalum and tungsten).
Other minerals the US Secretary of State may designate in the future.
For more information on the final rules and related disclosure requirements, see PLC Corporate & Securities, Practice Note, Conflict Minerals Diligence (www.practicallaw.com/0-510-6930) and PLC Corporate & Securities, Conflict Minerals Disclosure Requirements Checklist (www.practicallaw.com/3-504-6973).
Under the final rules, if conflict minerals are necessary to the functionality or production of a product that a company manufactures or contracts to manufacture, the company (Affected Company) must conduct a reasonable country of origin inquiry to determine whether the conflict minerals both:
Originated in the DRC or an adjoining country.
Did not come from recycled or scrap sources.
If so, the Affected Company must perform heightened due diligence on the source and chain of custody of the conflict minerals that conforms to a nationally or internationally recognized due diligence framework. If the Affected Company determines otherwise, it must describe its reasonable country of origin inquiry and results thereof on Form SD.
If the Affected Company's heightened due diligence reveals either that its conflict minerals did not originate in the DRC or an adjoining country or that the conflict minerals came from recycled or scrap sources, it must still describe its reasonable country of origin inquiry, its due diligence efforts and the results of both on Form SD. If the Affected Company's heightened due diligence reveals otherwise, the Affected Company must file a Conflict Minerals Report as an exhibit to Form SD.
The Conflict Minerals Report must:
Include an independent private sector audit.
Include a company certification.
Describe the measures the company has taken to exercise due diligence on the source and chain of custody of the conflict minerals.
For more information on the diligence and disclosure required by rules, and a checklist of suggested action items for companies preparing to comply, see PLC Corporate & Securities, Practice Note, Conflict Minerals Due Diligence (www.practicallaw.com/0-510-6930) and PLC Corporate & Securities, Preparing for Conflict Minerals Compliance: Company Action Items Checklist (www.practicallaw.com/0-510-7468).
California has enacted two pieces of CSR legislation:
Supply Chains Act (see Supply Chains Act).
California Senate Bill 861 (SB 861) (see SB 861).
The Supply Chains Act applies to a company if it is all of the following:
A retail seller or manufacturer as indicated on its California tax return (see Article, California Transparency in Supply Chains Act of 2010: Definition of Retail Seller and Manufacturer (www.practicallaw.com/3-506-8314)).
A company that does business in California (see Article, California Transparency in Supply Chains Act of 2010: Definition of "Doing Business in California" (www.practicallaw.com/3-506-8314)).
A company that has worldwide gross receipts in excess of $100,000,000 (see Article, California Transparency in Supply Chains Act of 2010: Definition of Gross Receipts (www.practicallaw.com/3-506-8314)).
A business covered under the Supply Chains Act must disclose to what extent, if any, that it:
Verifies product supply chains to evaluate and address risks of human trafficking and slavery, and specifies if the verification was not conducted by a third party.
Audits suppliers to evaluate compliance with the company's standards for trafficking and slavery in supply chains, and specifies if the verification was not an independent, unannounced audit.
Requires direct suppliers to certify that materials incorporated into the product comply with laws regarding slavery and human trafficking of the country or countries in which they are doing business.
Maintains internal accountability standards and procedures for employees or contractors failing to meet company standards regarding slavery and trafficking.
Provides training to company employees and management (those who direct responsibility for supply chain management) on:
human trafficking and slavery; and
mitigating risks within the supply chains of products.
(Cal. Civ. Code § 1714.43(c)(1)-(5) (2011).)
The information has to be disclosed either:
On the homepage of the covered firm's website. On its face, the statute does not permit the information to be placed on a CSR-related landing page.
In written copies to a requesting customer within 30 days of receiving the written request, if the covered business does not have a website.
A California Attorney General's action for injunctive relief is the exclusive remedy for a violation of the Supply Chains Act. While private plaintiffs have no right of action under the Supply Chains Act, they may be able to bring claims under other statutes, such as the California Unfair Competition Law or the Consumer Legal Remedies Act.
For more information about the Supply Chains Act, including liability for violations of the Supply Chains Act, see Article, California Transparency in Supply Chains Act of 2010 (www.practicallaw.com/3-506-8314).
California's SB 861, which became effective on August 22, 2012, requires any public company contracting with the State of California to comply with Section 1502 (see Section 1502 of the Dodd-Frank Act).
Maryland's House Bill 425 prohibits state agencies from obtaining supplies from companies that violate Section 1502, effective October 1, 2012 (see Section 1502 of the Dodd-Frank Act).
The BTTSA is the federal version of the Supply Chains Act. If passed, the BTTSA would amend Section 13 of the Securities and Exchange of 1934 to mandate reporting companies to disclose their efforts to address human trafficking and slavery in the supply chain. The BTTSA, as proposed, would be significantly more burdensome than the Supply Chains Act because in addition to:
The five disclosure pillars of the Supply Chains Act, a business covered under the BTTSA must disclose to what extent, if any, that it:
maintains a policy aimed at identifying and eliminating supply chain risks concerning human trafficking and slavery;
assesses its suppliers' management and procurement systems to verify whether each suppliers has in place appropriate systems to identify human trafficking and slavery risks within that supplier's supply chain;
requires its suppliers to have recruiting practices that comply with the company's standards for eliminating exploitative labor practices; and
prohibits the use of its corporate products, facilities, or services to obtain or maintain persons under exploitative conditions.
Disclosure of the required information on the company's website, reporting companies would have to include the information in their SEC annual reports.
Significantly, all reporting companies are covered by the BTTSA, and therefore, its reach is not limited to manufacturers and retail sellers.
While not specifically impacting the supply chain, other recent SEC measures underscore the increasing legislative trend towards CSR-related legal requirements, including the:
January 2012 SEC interpretative guidance regarding the applicability of existing disclosure requirements to risks associated with climate change.
December 2011 SEC final rules requiring issuers that operate mines in the US to disclose particular information regarding compliance with health and safety standards.
October 2011 SEC disclosure guidance regarding the applicability of existing disclosure requirements to cybersecurity risk and cyber incidents in the wake of several large-scale cyberattacks.
The shift in societal sentiment regarding the CSR-related activities of companies is relatively recent, so existing laws are new and enforcement actions have not yet been brought. Enforcement will, however, likely increase in the near future. For example:
Under the Supply Chains Act, the California Attorney General must deliver to the California Secretary of State a list of companies that are subject to the Act by November 30, 2012. The provision of this list to the California Secretary of State could prompt enforcement actions.
Given their complexity, the rules issued under Section 1502 will likely give rise to SEC enforcement actions.
At a high level, when establishing a new CSR policy or reviewing an existing policy, a company should:
Identify the appropriate legal and operational leaders within the company (see Team).
Articulate its objectives (see Objectives).
Recognize the potential challenges (see Challenges).
Commit to decisions made (see Commitment).
Any company that wishes to establish a new CSR policy or to review its existing policy should first assemble a working group composed of the appropriate legal and operational leaders. Members may include board directors, key operations executives, communications executives and in-house counsel. In time, and depending on the size of the company, it may also establish committees and sub-groups at various levels of the company.
A company's CSR program should be shaped by legal requirements, corporate values, market, industry and societal norms, and the commercial context in which the company operates. The CSR team should have a clear understanding of existing mandatory and voluntary CSR regimes.
Companies design CSR programs that are responsive to mandatory regimes to ensure compliance with the law. The number of CSR issues that are governed by mandatory regimes will likely increase dramatically in the coming years (see Relevant Legislation).
Voluntary CSR regimes are non-binding programs of corporate action or disclosure that companies choose to pursue primarily for reasons other than statutory or regulatory compliance. Historically, voluntary regimes played a much greater role in driving the adoption of CSR programs and are still used frequently today as frameworks and benchmarks for CSR programs. Voluntary regimes can often serve as useful starting places for companies that have little experience with CSR initiatives (see Model Voluntary CSR Policies).
The CSR team should also consider existing and current:
Governance policies, corporate values, mission statements and goals. It is particularly important that a CSR policy adhere to other related corporate governance policies (for example, codes of conduct, Foreign Corrupt Practices Act policies and data security policies).
Budget, resources, management and accountability structures.
Prevailing thoughts, opinions, activities, and commitments of employees and other stakeholders.
CSR-related operational goals set by the company.
Synergies can be obtained from coupling the development of a CSR program with marketing, branding, communications and investor-relations efforts. The team should regularly analyze the CSR areas that pose the most risk and present the greatest opportunity to the business. The team should be particularly alert to identifying and prioritizing activities that could potentially:
Help retain or win clients and contracts.
Expose the company to unacceptable levels of risk if not addressed.
Improve relations with major stakeholders, including customers, suppliers and non-governmental organizations.
When complying with legislation and developing and implementing CSR programs, companies often face obstacles that can be time-consuming or expensive to overcome. These include:
Unclear legislative mandates. Existing and pending legislation is unclear on certain key terms. For example, companies and industry groups have complained that the terms "human trafficking and slavery," "certification" and "verification" are not clearly defined under the Supply Chains Act.
Supply chain complexities. Supply chains are often long, complex and difficult to define. In most cases, a manufacturer purchases goods and services from many suppliers (direct suppliers), who in turn may have their own suppliers (indirect suppliers). Even where voluntary or legal obligations apply only to direct suppliers, companies can face significant logistic and legal challenges, for example, with respect to oversight, audit and enforcement, especially in the context of international sales.
Implementation difficulties. It may be difficult for companies to impose CSR obligations on its existing direct and indirect suppliers. Doing so may require companies to amend existing vendor contracts, which in turn may require renegotiation of economic or other terms of the relationship.
Challenging supplier audits. It is challenging for a company to determine whether its direct and indirect suppliers are complying with CSR obligations. Supplier audits can be costly and unsuccessful because of limited record access, transparency, consistency and clarity.
A company must be prepared to commit to the CSR policies it establishes at every level. As with other corporate policies, a commitment to CSR demands:
The buy-in of senior leadership and the communication of that buy-in to internal and external constituents.
Realistic procedures that are well-tailored to achieve implementation of set goals.
Effective, and rolling, communication, staff motivation and training programs.
A system for setting, measuring and publicizing specific targets.
Readiness to provide adequate responses to internal and external investigations and audits.
Regular review.
The World Business Counsel for Sustainable Development (WBCSD) and the European Union (EU) published commonly used definitions of CSR:
The WBCSD defines CSR as "the continuing commitment by business to behave ethically and contribute to economic development while improving the quality of life of the workforce and their families as well as of the local community and society at large."
The EU defines CSR as a "concept whereby companies integrate social and environmental concerns in their business operations and in their interaction with their stakeholders on a voluntary basis."
To standardize corporate CSR activities and communications and induce greater adoption of CSR policies, many international organizations, non-governmental organizations (NGOs) and industry groups have developed model CSR policies.
Companies can derive many benefits from employing voluntary regimes alongside mandatory regimes. For example:
Adopting existing frameworks means that companies need not reinvent the wheel.
Reporting content and format is standardized and therefore easily digestible by customers, partners, investors and employees.
Well-known voluntary regimes are highly visible and, therefore, use of those regimes can be a conduit for marketing, branding and communications efforts.
Voluntary model policies include the following:
The Sustainability Reporting Framework. Since 2000, Global Reporting Initiative has published globally applicable social and environmental sustainability reporting guidelines (Reporting Guidelines). The Reporting Guidelines, now in their third generation, feature sustainability disclosures that organizations can adopt flexibly and incrementally. The fourth generation of guidelines are scheduled to launch in May 2013.
The United Nations (UN) Global Compact. Launched in 2000 by the UN, the UN Global Compact (the Compact) is a leadership platform for the development, implementation and disclosure of responsible and sustainable corporate policies and practices in the areas of human rights, labor, environment and anti-corruption. The Compact works with businesses that are committed to aligning their operations and strategies with ten universally accepted principles in the areas of human rights, labor, environment and anti-corruption. Companies are asked to embrace, support and promote, within their sphere of influence, the ten principles and to report annually on progress. Over 6,000 businesses from 135 countries currently participate.
IT and Communications Compliance. Since 2009, the Electronic Industry Citizenship Coalition has published many standard supply chain-specific compliance documents that have been adopted by some of the biggest information and communications technology companies in the world.
ISO 26000. The International Organization for Standardization approved ISO 26000 in 2012 with a view to standardizing implementation of social responsibility practices in organizations, both public and private. ISO 26000 offers guidance on socially responsible behavior. It does not contain requirements and therefore, unlike ISO management systems standards, is not a certification standard.
Organisation for Economic Co-operation and Development (OECD) Guidelines. In 2011, the OECD updated its Guidelines for Multinational Enterprises (OECD Guidelines) for the fifth time since they were first adopted in 1976. The OECD Guidelines consist of recommendations for responsible business practice that are adopted by governments, which then in turn encourage their domestic enterprises to adhere to these recommendations. The OECD Guidelines have been adopted by 42 governments (including the US government) and cover topics such as disclosure, human rights, employment and industrial relations, environment, combating bribery, consumer interests, science and technology, competition and taxation.