Yuet Ming Tham (ytham@mwe.com) is Partner, Global Chair - Compliance & Investigations Group, and Asia Managing Partner for McDermott Will & Emery in Singapore. Sam Johnson (srbjohnson@gmail.com) is Counsel for McDermott Will & Emery in Singapore.
Due diligence has long been a cornerstone of an effective compliance framework, especially when engaging third parties. The gathering of relevant data about a counterparty enables a company to make a risk-based assessment about the propriety of engaging that party, allowing companies to effectively mitigate risks related to noncompliance by the third party and the reputational damage that could follow.
The risks that companies have sought to identify by conducting counterparty due diligence have historically been heavily weighted toward bribery and corruption risk, financial crime risk, or links to politically sanctioned individuals or entities. However, in recent times, the range of risks has broadened to include, for example, those relating to a counterparty’s environmental, social, and governance (ESG) standards.
This article will examine the value of ESG counterparty due diligence and how it should be conducted. It will then consider the implications of ineffective ESG due diligence in the context of supply chain due diligence, first by considering an example of potential reputational/business damage and then by looking briefly at recent legislative activity that suggests heightened expectations by regulators, shareholders, and board members as to how businesses assess ESG risk.
Factoring in ESG standards
The rise of ESG as part of the cost of doing business has manifested in connection with the due diligence conducted in a transactional context. As with other forms of due diligence, any red flags identified with respect to ESG factors can have a material impact on deal structure (for instance, through the inclusion of indemnities or even a reduction in purchase price).
These considerations have also arisen in the context of how companies conduct counterparty due diligence, both at the time of onboarding and periodically during the lifetime of the engagement.
The factors that ESG counterparty due diligence can cover are broad and potentially encapsulate one or more of the following areas:
-
Environmental impact: For instance, the extent to which the counterparty’s business operations create waste, pollution, or other forms of environmental harm (e.g., animal welfare concerns).
-
Social/employee relations: For instance, any human rights or forced labor issues in a company’s workforce, suboptimal workplace conditions, and whether the counterparty permits any form of collective bargaining with its employees.
-
Corporate governance: For instance, board governance and a company’s commitment to business ethics.
The means by which ESG counterparty due diligence is conducted is largely similar to how other counterparty due diligence is conducted. One common method is through desktop database searches, often accessed through external providers, which collate and leverage access to a variety of public domain databases such as sanctions and other watch lists issued by national governments, company registry searches, litigation databases, and media reports. With respect to ESG counterparty due diligence, the sources covered by these searches can assess ESG risk at a national level (e.g., whether nongovernmental organizations have reported high incidences of child labor in a particular jurisdiction) or sector level (e.g., whether a particular industry is more prone to causing environmental impact), as well as analyzing a wider range of public sources to identify adverse media reports or regulatory issues (e.g., if a company has been fined for unsafe working conditions or has been alleged to promote poor corporate governance).
However, notwithstanding the breadth of information that desktop database searches provide, it is imperative that companies do not overemphasize its value in demonstrating effective counterparty due diligence. It may be appropriate (or even necessary) to supplement these searches with more targeted measures, such as interviews with representatives of the counterparty or (where available) exercising audit rights on a periodic basis to check whether the counterparty’s records demonstrate acceptable compliance. With respect to ESG compliance specifically, it may be appropriate to consider on-site visits, as many of the ESG factors mentioned above cannot readily be detected through desktop database searches or virtual interviews.
It’s about reputation and business risk
Though there are many good reasons to conduct ESG counterparty due diligence, the most powerful impetus to do so has been to help mitigate reputational risks associated with third-party practices in a company’s supply chain.
Even where countries have enacted laws requiring companies to be transparent about their efforts to eliminate modern slavery from their supply chains (such as the United Kingdom’s Modern Slavery Act 2015 and the California Transparency in Supply Chains Act of 2010), these laws have not penalized companies who disclose that they have failed to take any steps. As the official commentary on the Transparency in Supply Chains Act states, the law’s main goal was to benefit consumer awareness, specifically to provide consumers with “critical information about the efforts that companies are undertaking to prevent and root out human trafficking and slavery in their product supply chains.”[1]
However, poor supply chain diligence can certainly have implications beyond pure reputational damage and the possible loss of consumer confidence. In some circumstances, failing to maintain a responsible supply chain can have tangible business consequences. For instance, the London Bullion Market Association (LBMA), the international trade association overseeing the over-the-counter bullion market, has heavily promoted responsible ESG supply chain diligence in the context of the mining and sourcing of precious metals. LBMA’s members comprise representatives from both the upstream sector (e.g., refiners) and downstream sector (e.g., customer banks). A key function of the LBMA is to set standards with respect to the refining and trading of bullion. One important measure that the LBMA has implemented is the creation and maintenance of a Good Delivery List comprising refiners whose gold bars meet the LBMA’s standards. Only bars produced by refiners on the Good Delivery List can be physically held in London and traded on the Loco London market (the most widely traded global market for precious metals).
Since 2011, the LBMA has implemented a Responsible Sourcing program to verify the legitimacy of a refiner’s supply chain (by requiring refiners to demonstrate that they have taken active efforts to combat issues in their supply chain, including human rights abuses and environmental compliance). All refiners on the Good Delivery List must pass an annual audit in accordance with the requirements of the Responsible Sourcing program to retain their Good Delivery List accreditation, including an assessment as to whether the policies and procedures implemented by the refiner are suitable. A failure to pass this audit can result in the removal of a refiner from the Good Delivery List, blocking their access to the global over-the-counter market (many market participants often require Good Delivery List accreditation as a prerequisite to purchase bullion from a particular refiner).
Further, in 2020, LBMA launched a formal review of one refiner’s compliance with the Responsible Sourcing program in response to media allegations that one of the small-scale miners in Papua New Guinea from whom it had received gold used child labor and deployed mercury as part of its operations.
While the LBMA’s review resulted in the refiner retaining its Good Delivery List status with no material wrongdoing being identified, the review identified areas for enhancement (for instance, putting excessive weighting to country, rather than counterparty, risk in determining whether an on-site visit was required to any mines) and requested that the refiner implement certain improvements to its systems and controls.[2]
Increased legislative and regulatory intervention
There are also strong signs of increasing legislative and regulatory intervention to incentivize companies to conduct proper ESG due diligence.
In May 2019, the final independent review of the United Kingdom’s Modern Slavery Act 2015 was released. The report concluded that the current requirement for eligible companies to make a statement disclosing the efforts made to address modern slavery risks in their supply chains was “not sufficient and it is time for the Government to take tougher action to ensure companies are taking seriously their responsibilities to eradicate modern slavery from their supply chains.”[3] The report further concluded that “failure to comply with modern slavery obligations should be viewed as on the same level as failure to file accurate accounts or prevent bribery and corruption.”[4]
In June 2021, the United Kingdom introduced the Modern Slavery (Amendment) Bill, which if enacted will materially impact the requirement for eligible companies to make a compliant modern slavery statement. The changes include the introduction of a new offense if a company supplies a false modern slavery and human trafficking statement, with liability for this offense attaching to a “responsible person” within the company (such as a director).[5]
Think ‘ESG’ for more robust due diligence
The importance of including ESG issues as part of the due diligence framework cannot be understated, and many companies are taking note. One recent study polled more than 200 senior risk professionals in January 2021 and August 2021 on the inclusion of ESG as part of their anti-bribery and corruption framework. The study revealed that not only did three in five respondents factor in ESG, but that number had increased by six percentage points overall in 2021, with the biggest growth being seen in Asia-Pacific (16%) and the US and Canada (14%).[6] Accordingly, it is advisable for companies to consider how, not if, third-party ESG due diligence should be implemented as part of their compliance frameworks.
About the authors
Yuet Ming Tham is the global co-leader of Sidley Austin’s White Collar: Government Litigation & Investigations practice and leader of the Asia Pacific Compliance and Investigations practice.
Sam Johnson’s practice focuses on internal and regulatory investigations, with a particular focus on bribery and corruption, employee misconduct, and ESG-related issues.
Takeaways
-
Environmental, social, and governance (ESG) counterparty due diligence should be integrated into a company’s compliance framework.
-
A company should adopt a risk-based approach to ESG counterparty due diligence depending on the business model of the company and its counterparty.
-
ESG due diligence requires measures to be adopted; desktop searches alone are likely insufficient in identifying all material red flags.
-
Consider whether on-site visits to a counterparty are required.
-
With the increasing risk of regulatory intervention in evaluating supply chain due diligence, companies need to consider their potential exposure sooner rather than later.