Editor’s
note: Benjamin
Thompson is a PhD candidate in business and human rights at Tilburg Law School
in the Netherlands. His PhD research deals with the effects of the UN Guiding
Principles on Business and Human Rights' endorsement of operational level,
non-judicial grievance mechanisms and their role in improving access to remedy.
He recently published an article for Utrecht Law Review’s
Special Issue on Accountability of Multinational Corporations for Human
Rights Abuses which discussed the roles the new Dutch multistakeholder
initiative with the Dutch banking sector might play in improving banks’
performance with respect to human rights.
In
November of last year the Asser Institute offered me the opportunity to take
part in a roundtable
on the Dutch
Banking Sector Agreement (DBA), as part of their
Doing
Business Right Project. Signed in December 2017, the
DBA is a collaboration between the banking sector, the government, trade unions
and civil society organisations (CSOs), all based within the Netherlands: the
first of its kind. It focuses on banks’ responsibility to respect human rights,
as stipulated in the UN
Guiding Principles on Business and Human Rights
(UNGPs) and OECD Guidelines for
Multinational Enterprises (OECD Guidelines),
within their corporate lending and project finance activities. The DBA has been
something of a hot topic in business and human rights circles. However, it has
not yet published a public monitoring report, making any evaluation of its
performance at this stage difficult. During the roundtable, we discussed the
role of the DBA as a potential means
to improve the practices of Dutch banks with respect to human rights. A key
challenge identified from this discussion, as reported here,
was the various ‘interpretive ambiguities inherent in the UNGPs’. A key
conclusion was that ‘further dialogue is required... to ascertain what conduct
on the part of the banks is consistent with international obligations’.
This
is not a unique conclusion to arise from multistakeholder discussions on banks
and human rights; the discussion often focuses on what financial institutions
are required to do to meet their responsibility to respect human rights under
the UNGPs. So much so that questions concerning implementation or evaluation
are often left by the wayside. As a result, when presenting my research on the
DBA for the Utrecht Centre of Accountability and Liability Law’s Conference on
‘Accountability
and International Business Operations’,
published here,
I decided to focus on how the DBA had responded to those key points of friction
where there is the greatest disagreement between how different stakeholders
conceive banks’ human rights responsibilities. This blog post seeks to build on
this previous entry, hopefully without too much repetition.
Banks
and Human Rights
So,
how do the UNGPs apply to banks?
Well, there is hardly a dearth of initiatives set up with exactly that question
in mind. We have had various OECD
initiatives providing analysis on banks’ human rights responsibilities,
the UN
Environmental Programme’s Financial Initiative,
the OHCHR
and UN
Working Group on transnational corporations and
human rights’ pronouncements on this matter, the Thun Group’s discussion papers
(2013,
2017a
and 2017b)
on the UN Guiding Principles and now the DBA. While some have pointed to the
interpretive ambiguities within the UNGPs as themselves preventing any emerging
consensus, and I am certainly not denying there are interpretive ambiguities
(there are), I would suggest this is not, in practice, the key challenge in
banks developing practices consistent with the UNGPs. Banks’ interpretation of
the UNGPs is largely eclipsed by their own preconceived understandings of their
existing due diligence processes with respect to social and environmental risks
(E&S due diligence), which originate before the UNGPs and are arguably
rooted more robustly in a market-based paradigm. While banks have, at times,
expressed concerns over whether their existing E&S due diligence procedures
can adequately incorporate the full range of behaviour required under the
UNGPs,[1] there has been a
considerable effort amongst some banks to interpret the UNGPs in line with
their existing practices.
This
is perhaps best illustrated in the Thun Group’s 2017 discussion papers which
dealt with questions as to how the UNGPs applied to banks, in particular how
banks should understand their involvement in human rights impacts related to
their financing activities. The paper suffered from various deficits of
interpretation (that banks cannot contribute to human rights harms, they have
no role in remedy, due diligence is largely limited to whether and how to approve
a financial transaction etc.). The paper was such an affront to the UNGPs that
it prompted John Ruggie, the main architect of the UNGPs, to write an open
letter pointing at many of these failings. A
representative of the Thun Group, Christian
Leitz responded to say the paper was an
‘industry perspective’ and that he would welcome Ruggie and other stakeholders’
views in order to foster a discussion. Ruggie
responded stating that many of the (quite stark)
failings of the Thun Group paper to encapsulate the intention of the UNGPs did
not amount to rival ‘opinions’ or ‘interpretations’ but were ‘factually
incorrect’ and that it would be difficult to have a dialogue based on
‘alternative facts’.
While
it might be true that the banks interpretations are ‘factually incorrect’ or, as
David Kinley put it, that the recent Thun Group
paper is simply an attempt by banks to dodge their human rights responsibilities
all-together, how are we to understand this misalignment between banks’ understanding
of the UNGPs and the logics of the UNGPs themselves (assuming ‘we’ share a
kinship with the business and human rights project)? One can say that the Thun
Group is failing to take its human rights responsibilities seriously; one can
probably also cast that claim to include a much broader range of business
enterprises and industries. However, to the extent to which businesses are not
accepting and internalising the norms of the UNGPs, it is perhaps equally
accurate to say both that businesses are failing to meet the UNGPs and that the UNGPs are failing in their
‘norm-building’ mission, with its key objective of ensuring business
enterprises accept their responsibility to respect human rights as part of
their business practices. Any serious proponent of the ‘business and human
rights project’, must therefore understand the need to identify where the
tensions are between industry perspectives and the UNGPs, and seek to evaluate
which initiatives (if any) are successful (or partly successful) in bringing
business enterprises’ understanding of their human rights responsibilities
closer to that understood in the UNGPs. It is from this question of the extent
to which banks are moved to a greater alignment with the normative requirements
of the UNGPs that I will evaluate the Dutch Banking Agreement (DBA) as a
multistakeholder agreement.
Given
the backdrop of divergences over attitudes to banks and human rights, the DBA
plays an important role. It is the only initiative which has actually reached
any output on banks responsibility to respect human rights which is based on
consensus. The initiatives cited above stem from organisations which represent
a single type of stakeholder (States or banks), which may or may not consult
other stakeholders but never require multistakeholder consensus for an output
to be reached. Below is an analysis in how these divergences have been bridged
somewhat in the text of the DBA, according to five identified divergences
between the UNGPs and banks E&S due diligence processes. The description of
banks’ perspectives with respect to their own E&S due diligence processes
and human rights in the subsequent sections are principally taken from
financial institutions’ responses to an OECD
survey on environmental and social risks and the
Thun Group papers: the Thun Group represents some of the world’s largest banks.
1. ‘responsibility
to respect’ vs ‘opportunity to affect’
While
the UNGPs understand the actions businesses must take with respect to human
rights as one of ‘responsibility’, E&S due diligence is more often
understood as good business or ‘opportunity’.[2] This not only has connotations
for both how banks see the nature of
their practices with respect to human rights but also how they define the content of what is required. For
instance, the contexts in which banks take action is often understood by the
extent to which they have the opportunity to enact change in a client’s
behaviour, rather than their responsibility for an impact (e.g., causing,
contributing, directly linked, no link). Banks are happy to include ‘forward
looking’ risk mitigation measures as part of their practices but are often reluctant
to accept that they should take actions which imply a greater responsibility
for the impact on their part. When understanding the application of the UNGPs,
banks have often not considered themselves to be in even the lowest category of
involvement (directly linked) in relation to human rights harms connected to
their activities, preferring to consider themselves as not involved or
‘indirectly linked’.[3] Some have completely ruled
out the relevance of remedy.[4] Banks have received more
approval when they have discussed what they ‘could do’ compared to what they
‘should do’, where they are notably more ambitious. This led to a much more welcomed
reaction to the first Thun
Group paper in 2013, which focussed on operational
principles, compared to more criticised Thun
Group papers in 2017, which focussed on
foundational principles.
The
DBA commits adhering banks to meeting the responsibility to respect human
rights, as understood in the OECD Guidelines and UNGPs (article 1). Adhering
banks have all signed declarations of adherence to the Agreement stating that
they are bound by the Agreement. However, as some of the requirements of the
DBA go beyond the responsibility to respect (e.g., article 10 on Sustainable
Development), it is not always clear which aspects of the DBA the stakeholders
consider to be part of their responsibility to respect human rights and which
arise solely from the Agreement itself.
One
particularly progressive element of the DBA is its inclusion of remedy,
referred to under the article ‘Enabling Remediation’. This article looks at the
steps a bank can take to ensure their client’s provide remedy for human rights
harms, and it also raises the question of how impacts can be addressed or
remediated based on the categories of a bank’s
involvement in human rights impacts. However, it omits any explanation of the
categories of a bank’s involvement, leaving this to further exploration by a
working group, which promises to incorporate guidance provided by the OECD. The
findings of the working group are to be integrated into the practices of the
adhering banks. Banks are required to have individual complaints mechanisms
open to clients and third parties, but the DBA makes clear these are not grievance
mechanisms as understood in the UNGPs/Guidelines (article 3.5). Banks seem to
need only to report on steps taken to prevent and mitigate impacts in their
annual reports used by the DBA’s monitoring committee, covering their
implementation of articles 3 (on policies) and 4 (on due diligence) but not
article 7 (on enabling remediation).
2. ‘risks to people’ vs. ‘risks to bank’
E&S due diligence is principally
concerned with risks that could present a liability to the financial
institution; human rights risks are considered risks to the bank rather than
risks to people, although these risks may coincide. This market-based paradigm
depends on adverse impacts on a bank’s bottom line as the key incentive for a
bank to carry out due diligence, and it also acts as a disincentive for banks to
take action where doing so might deprive them of a business opportunity.[5]
When
responding to an OECD survey on how financial institutions understand how the
OECD Guidelines apply to them, financial institutions were asked what factors
influences how much leverage they had. Banks largely identified risks falling
under ‘risks to the bank’[6] as the main factors rather
than factors that an outsider might see as more linked to the UNGPs
understanding of leverage: the ability to influence a situation. Commercial
providers of E&S risk information for use in E&S due diligence, such as
Reprisk, still
view environmental and social risks as those risks to the bank:
to a bank's reputation, to banks complying with national law and to a bank’s
finances.
The
DBA looks to risks to people as the
basis for what action should be taken (article 4.2). It recognises that this
goes beyond existing E&S due diligence practices, and it expects banks to
report on their human rights performance under the UNGPs
Reporting Framework which requires that businesses
look at impacts on people not themselves. Two occasions where a ‘risks to bank’
lens may enter the Agreement’s implementation is through the cross referencing
of initiatives which do adopt this paradigm (the IFC
Performance Standards and Equator Principles)
and through mentioning that banks terminate their relationships where the
client has broken ‘material due diligence requirements’ (article 4.3.b).
There
is also reference to a concern over the potential financial implications for
banks resulting from more robust human rights practices: the need to produce a
‘level playing field’ internationally (article 4.5.b). However, at no point is it suggested that
banks’ compliance with the DBA is contingent on them not being placed at a
competitive disadvantage as a result. Overall, the ‘risks to bank’ paradigm is
minimal and the ‘rights to people’ paradigm is kept central to the DBA.
3. ‘transactional
due diligence’ vs. ‘human rights due diligence’
Banks’
due diligence is commonly understood to primarily cover those actions taken by
banks up to the point where the transaction takes place as opposed to the full
duration of the business relationship as under the UNGPs. The types of measures
expected will depend primarily on the type of financial product offered, the
type of client and their overall risk profile. Banks have consequently
interpreted those terms within the UNGPs/Guidelines which refer to actions
moving beyond the client of actions required after the point of transaction
narrowly, understanding value/supply chains as limited to their own suppliers[7] and not recognising any
role for termination of relationships or remediation.[8] The Thun Group papers
introduced ‘new’ terms to the UNGPs – unit of analysis and proximity – which
largely sought to reconstruct the UNGPs to fit within this transaction based model,
limiting how directly linked a bank was, and the actions a bank should take, to
the type of transaction and which member of a corporate group the bank made the
transaction with.
The
DBA recognises that adhering banks should base what kinds of action they take
based on the severity of the (potential) impact rather than the nature of the
transaction (article 4.3(a)). The due diligence provisions do not state that
actions to identify, prevent and mitigate human rights impacts are limited to
the lead up to the transaction, and they expressly require the banks to
monitor, track and assess the outcomes of their due diligence. It also stresses
the need to look to creative means of exercising leverage (article 9).
The
DBA covers many of those aspects of the UNGPs which banks have been reluctant
to include in their policies and which have been hitherto overlooked by the
Thun Group – termination of business relationships, value chains and
remediation – albeit in a more diminished way than some of the other responsibilities
under the UNGPs. Value chains are limited to those mapping exercises under the
text and decided upon by the parties to the DBA, and identification of impacts
in value chains is not expressly part-and-parcel of a bank’s human rights due
diligence processes, which are largely limited to actions to be taken with
respect to the client (article 4). Termination of relationships is mentioned as
a possible action where a client is repeatedly not able or willing to comply
with material due diligence requirements, but this is left entirely to the
discretion of the bank (article 4.3(b)). Thus, the DBA accepts the need for
more than a transactional due diligence
approach, adopting an understanding closer to the human rights due diligence approach in the UNGP/Guidelines.
4. ‘client-only
engagement’ vs. ‘stakeholder engagement’
Banks
limit themselves primarily to engaging with their client and not external stakeholders,
as understood in the UNGPs. Engagement with external stakeholders is often
considered the responsibility of the client, not the bank. Unfortunately, client-only
engagement plays a dominant role in the DBA. All mention of meaningful
consultations with stakeholders is the duty of the client, with banks expected
to influence clients to do so, rather than also the responsibility of the bank.
The DBA itself seeks to collaborate with the OECD, but does not expressly set
up platforms for engagement with rights-holders. Inclusion of the CSOs and
unions which are party to the DBA is itself seen as stakeholder engagement, and
the CSOs and unions are expected to empower ways of interaction with affected
stakeholders (article 12(a)), but this requirement is placed only on CSOs and
there is no equivalent requirement on the adhering banks. Within the DBA
itself, inclusion of rights-holders appears to depend on representation through
the CSOs and unions. The text of the DBA sets up a dispute resolution
mechanism, but this is again only open to parties of agreement; the DBA has no
grievance mechanism open to external stakeholders to complain about its
implementation, despite this being required under the UNGPs (article 13.3).
5. ‘knowing
and withholding’ vs. ‘knowing and showing’
In
the UNGPs, there is an understanding that the relationship between civil
society and business will move from ‘naming and shaming’ – whereby outsiders shame
businesses for human rights impacts – to ‘knowing and showing’ – where
businesses themselves understand and deal with their human rights impacts – showing
what actions they are taking. However, banks are largely opposed to such a
level of transparency, often glossing over any responsibility to ‘account for’
what actions they take publicly, beyond publishing their policies, sometimes
citing regulatory rules or client confidentiality as a reason for not doing so.[9]
Client
confidentiality plays a dominant role in banks’ reasons for not disclosing
their human rights performance. The DBA states that all of the commitments of
the banks are subject to law, and disclosure of banks’ actions in pursuance of
the DBA’s provisions is limited by client confidentiality and banks’ internal policies (article 14.8(a)). It also states that
banks should engage in being as transparent as possible and that the parties
should discuss options for greater transparency (article 6.10).
The
first and only public output of the DBA to date was legal advice
on what forms of information banks could share with the CSOs and the public. It
did not limit itself to law, including provisions of loan agreements that banks
enter into and market practice. It concluded that individual client information
cannot be discussed unless there is the consent of the client, this information
is released in compliance with a statutory obligation of disclosure or it is
made anonymous. This is likely to significantly impact what banks can ‘know and
show’ in the course of their activities and in their reports under the DBA.
The
future of the DBA
In
this blog, I have focussed on how the DBA may help bridge the current deficit
between how banks have traditionally sought to interpret the UNGPs in relation
to their activities and the logics of the UNGPs themselves. To the extent the
text of the DBA has bridged some of these gaps, the question remains to what
purpose. Although it is too early to tell how the DBA will be implemented in
practice, in my full article, which this blog is based on, I go into three
roles that the DBA might play:
regulation, experimentalism, and advocacy.
Regulation
depends on ‘rules’ which will require a greater degree of conciseness than is
in the UNGPs themselves. In those areas where there is the greatest convergence
between the UNGPs and existing E&S due diligence processes, e.g., risk
mitigation at the point of transaction, the DBA does have relatively precise
requirements. In practice, enforcement of these requirements may, to some extent,
be compromised by the DBA’s less-than-ideal enforcement apparatus, as there are
some conflicts of interest between the different bodies responsible for the
DBA’s implementation.[10]
Experimentalism
is particularly relevant for those parts of the DBA where there is less
consensus between the parties, e.g., remediation. Experimentalism is based on
an iterative and reflexive cycle whereby broadly defined goals and metrics are
agreed on, preliminary actions are taken, these actions are assessed against
the goals and metrics, and then the goals and metrics are revised in light of
lessons learned before the cycle begins again.
Advocacy
refers to the DBA’s potential as possibly the only initiative in banking and
human rights to result from a genuine multistakeholder consensus to advocate
for the uptake of similar norms at the international level. For instance, the outcomes of the remedy working group
and the exchange of best due diligence practices is expected to feed into the OECD
processes on banking and human rights. This will depend on the DBA not only
reaching new normative consensuses but also a) advocating for them
internationally and b) demonstrating their added value in practice. While the
DBA shows promise, it is yet to be seen what role it will actually play (if
any) in the wider business and human rights project.
[1] OECD Working Party
on Responsible Business Conduct, ‘Environmental
and Social Risk Due Diligence in the Financial Sector: Current Approaches and
Practices’ (June 2013), (OECD Survey), p. 53.
[2] Ibid., p. 54.
[4] Thun Group, ‘Discussion
Paper on the Implications of UN Guiding Principles 13 & 17 in a Corporate
and Investment Banking Context’,(January 2017), p. 15.
[5] OECD, ‘Global
Forum on Responsible Business Conduct 26-27 June 2013 Summary Report’
(2013), p. 17.