Apple Puts Key Supplier on Probation in Reminder of Value of Human Rights Due Diligence
December 10, 2020 by Mark Dunn
Apple has put a key supplier on probation for violating its code of conduct for third parties. Pegatron is a Taiwan-based company involved in the assembly of Apple's flagship product: the iPhone. Apple found that Pegatron had asked students to work during the night and do overtime. It then allegedly attempted to disguise these violations by falsifying paperwork and misclassifying some workers. According to Apple's supplier rules, students should only do work which relates to their studies.
Although Apple acted quickly to take measures after discovering the violations, the disclosure gave the technology firm adverse media coverage at an important time for the company. Only days earlier, the US-based technology giant had held a major event to announce three new Mac computers with new processing chips, and pre-Christmas sales are a critical time for any retailer.
This is a reminder to companies of the impact that third-party misconduct can have on them reputationally, strategically and financially. Surveys of consumers, employees and investors demonstrate that more and more people want to buy from, work for and invest in companies with an ethical approach and a positive impact on societies. It is therefore important that companies run human rights due diligence checks on their suppliers to mitigate risks of ethical misconduct across their supply chain.
Regulatory requirements for human rights due diligence
In addition, failure to carry out human rights due diligence brings a legal risk. In recent years, countries have introduced a raft of regulatory guidance and laws that requires companies to carry out human rights due diligence. For example:
- In July, the US government issued an advisory to businesses about the risks of supply chain links to entities in China that engage in human rights abuses, including forced labour of Uyghurs. It warned: "In order to mitigate reputational and other risks, businesses should apply appropriate industry due diligence policies and processes."
- The UK's Modern Slavery Act of 2015 requires large businesses to regularly report on steps they take to prevent modern slavery in their supply chains. In September 2020, the UK government updated this requirement with further measures including a new digital government reporting service where companies' statements would be published.
- France's Duty of Vigilance law was introduced in 2017. It requires companies to take measures to identify human rights due diligence risks in their supply chain and prevent violations, with sanctions for failure to comply.
Further legislation is expected around the world in the near future, with encouragement from the United Nations' Guidinq Principles on Business and Human Rights. Specific examples could include:
- In 2021, the European Commission intends to introduce a new law making human rights due diligence mandatory for EU companies. This would require companies to carry out human rights due diligence and impose sanctions for failure to comply.
- The German government has recently proposed a Due Diligence Act which would require large companies based in the country to carry out human rights due diligence.
- On 29 November, Switzerland will hold a referendum on whether to adopt human rights due diligence legislation which mandates broader due diligence processes and carries a fine for non-compliance.
So, there is a clear trend towards increased regulatory requirements for companies to understand human rights risks in their supply chain. But given the complex and inter-connected nature of modern businesses, how can companies meet those requirements?
How can companies respond to human rights risks?
Human rights risks should be addressed in the same way that companies tackle the risk of bribery and corruption: with a coherent, company-wide compliance program. This program should be led by senior officers who set clear expectations of suppliers that ethical and legal behaviour is a necessary condition of the business relationship. Apple, for example, was able to point to its code of conduct when taking measures against Pegatron.
The core of any compliance program should be an effective due diligence and risk monitoring process. This allows companies to identify any entities in their supply chain that pose a heightened risk, then carry out enhanced due diligence on that third party. Ongoing monitoring allows organisations to proactively spot emerging threats and respond quickly to mitigate potential regulatory, financial, or reputational damage. Is it time to re-evaluate your process?