About the author: Leonard Feld is an Advisor on Human Rights, Business and Tech at the Danish Institute for Human Rights. He holds an LL.M. and a PhD from the European University Institute as well as a German law degree from the University of Bonn. His areas of expertise include international standards and European Union law on responsible business conduct, specifically the Corporate Sustainability Due Diligence Directive (CS3D), the Conflict Minerals Regulation, and the EU Forced Labour Ban. Aside from his advisory role, Leonard holds guest lectures on relevant topics at different universities.
This blog symposium is co-organised by OECD Watch and NOVA School of Law.
More than a decade after the UN Guiding Principles on Business and Human Rights (UNGPs) introduced human rights due diligence (HRDD), that is a process for companies to identify, prevent, mitigate, and account for negative impacts on human rights, the approach is considered indispensable to address human rights abuses and other negative externalities in the context of business operations. The Organisation for Economic Cooperation and Development (OECD) has played a significant role to that end by disseminating and further developing the approach through the 2011 edition of the OECD Guidelines for Multinational Enterprises (OECD Guidelines), the OECD Due Diligence Guidance for Responsible Business Conduct (OECD Guidance) from 2018 and various sectoral frameworks. These standards do not only endorse the concept of HRDD, but also expand on “risk-based due diligence” as a general means for multinational enterprises (MNEs) to address negative impacts, including those relating to the environment, employment practices, consumer interests, and corruption risks. The work of the OECD has inspired corporate practice as well as new laws that transpose due diligence requirements from international frameworks into business regulation, including the planned Corporate Sustainability Due Diligence Directive (CS3D) of the European Union (EU) currently being discussed in trilogue. Considering the significant role of the OECD in shaping due diligence in practice and regulation, the targeted update of the OECD Guidelines for Multinational Enterprises on Responsible Business Conduct (Updated OECD Guidelines) from June 2023 requires close attention. This blogpost hence examines the amendments to due diligence introduced by the updated framework and discusses the role of OECD standards alongside due diligence laws.
When compared to the 2011 edition, the Updated OECD Guidelines add several nuances to the due diligence approach. On the general level, the framework adopts the six-step due diligence process already set out in the OECD Guidance (Commentary 15 on Chapter II). This process description, which also serves as a template for the CS3D (compare Recital 16 of all legislative proposals), is consequently upheld as the “state-of-the-art”. At the detailed level, the Updated OECD Guidelines specify more clearly what due diligence entails and the specific role the process plays with respect to human rights, the environment, and science, technology and innovation. These changes reflect many of the developments in standards, law and practice that have evolved over the past decade.
For a start, the updated framework underlines that risk-based due diligence covers adverse impacts occurring at the downstream part of the value chain, meaning after a product or service has left a company. MNEs are expected to “take into account known or reasonably foreseeable circumstances related to the use of the product or service in accordance with its intended purpose, or under conditions of reasonably foreseeable improper use or misuse, which may give rise to adverse impacts” (Commentary 20 on Chapter II). The importance of managing impacts related to the use of products or services is again emphasised in Chapter IX on Science, Technology and Innovation (Commentary 112 on Chapter IX).
Already the due diligence recommendations in the OECD Guidelines from 2011 intend to cover the downstream part of the value chain, as emphasised in numerous decisions by National Contact Points as well as the OECD Guidance from 2018 (for a comprehensive analysis, click here). Moreover, various companies are already putting downstream due diligence into practice. The clarification in the Updated OECD Guidelines is yet important. Depending on the business context, the downstream value chain can pose severe human rights challenges. The information technology sector offers relevant examples, such as the misuse of software for surveillance or deepfake technology. When it comes to the CS3D, however, it remains debated whether and to what extent the planned due diligence requirements should cover the downstream value chain, including the use of products and services. In fact, neither of the negotiating positions of the Commission, the Council and the Parliament defines the value chain in a way that covers downstream economic activities and downstream business partners comprehensively. Against this background, the clarification in the Updated OECD Guidelines carries weight given the general interest and practical need to align due diligence laws with international standards. At the same time, the framework does not provide more details on what adequate downstream due diligence entails, although further guidance is needed to facilitate and align evolving corporate practice. This gap needs to be addressed in the future, for instance, through an OECD guidance document dedicated to downstream due diligence.
Another improvement concerns the dynamic nature of corporate involvement in an adverse impact, that is, whether an MNE (may) causes, contributes to or is directly linked to an impact through its business relationships. The Updated OECD Guidelines specify that corporate involvement is “not static” and “may change, for example as situations evolve and depending upon the degree to which due diligence and steps taken to address identified risks and impacts decrease the risk of the impacts occurring” (Commentary 16 on Chapter II). This welcome amendment underlines the need for regular assessments of whether a corporate response to an impact is still appropriate in light of the circumstances.
Furthermore, the updated framework places more emphasis on the proactive use and increase of leverage to address negative impacts that a company is directly linked to through its business relationships. The list of recommended measures features support, training and capacity building as well as the provision of positive incentives for business partners that operate more responsibly (Commentary 23 on Chapter II). These changes are laudable as they highlight the primacy of preventing negative impacts over responding to them.
Commentary 25 on Chapter II further underlines the importance of responsible disengagement. Already the 2011 edition of the OECD Guidelines stipulate that MNEs must consider negative impacts resulting from a decision to disengage from a business relationship. The Updated OECD Guidelines now emphasise that MNEs should also seek to meaningfully consult with relevant stakeholders in a timely manner and take appropriate steps to address negative impacts resulting from disengagement. These are important clarifications as the decision to disengage does not relieve MNEs of their responsibilities.
Noteworthy is also the specific mention of “enhanced due diligence” processes in the Updated OECD Guidelines that account for the severity of potential or actual impacts. While it is already recognised that due diligence processes should follow a risk-based approach, the framework specifically recommends “heightened” or “enhanced due diligence” in relation to marginalised and vulnerable individuals, in situations of armed conflict or increased risk of gross human rights abuse, and concerning risks to biodiversity in protected areas (Commentary 45 on Chapter IV and Commentary 80 on Chapter VI).
Finally, the Updated OECD Guidelines strengthen the role of due diligence in relation to environmental impacts, technology-related challenges and corruption. Chapter VI on the Environment now contains a non-exhaustive list of environmental impacts that risk-based due diligence processes should address (introduction to Chapter VI). This list features climate change as well as biodiversity loss and deforestation, among others. Due diligence processes are also recommended in the context of the green transition. The framework advises MNEs to undertake due diligence to address social impacts resulting from either decision, to move away from unsustainable activities or towards greener practices (Commentary 70 on Chapter VI). With respect to adverse impacts related to science, technology and innovation, Chapter IX advises MNEs specifically to undertake risk-based due diligence – an important amendment further discussed by Shreeja Sen in her contribution to this Blog Symposium. In addition, the Updated OECD Guidelines specify that corporate measures against corruption should include risk-based due diligence processes (Chapter VII on Combating Bribery and Other Forms of Corruption, paragraph 2).
Another important amendment is that due diligence requires meaningful engagement with relevant stakeholders or their legitimate representatives. This welcome improvement is discussed in Caroline Omari Lichuma’s contribution to this Blog Symposium.
Unlike the 2011 framework, the Updated OECD Guidelines could draw on a large set of general and sector-specific due diligence standards, evolving due diligence laws, and growing corporate practice. It is therefore not surprising that the latest version adopts many of the improvements to the concept of due diligence that evolved since 2011. The result is not a revolution, but a consolidation of the state-of-the-art. The nuanced changes are nevertheless important as they clarify and raise the standard of responsible business conduct against which corporate practice is assessed in the near future.
Furthermore, the Updated OECD Guidelines are likely to serve as a reference point in the development and reform of due diligence laws. The trilogue negotiations on the CS3D illustrate the many controversies surrounding due diligence in the context of regulation, such as the coverage of downstream economic activities. In this context, the Updated OECD Guidelines are an authoritative standard that calls for coherence. At the same time, there remain qualitative differences between soft law standards and hard business regulation. Whereas the Updated OECD Guidelines can define what adequate due diligence involves, the framework offers no guidance on inherently legal questions like how to define effective enforcement mechanisms, including liability clauses.
Looking forward, the OECD should continue to refine the due diligence approach. The potential future adoption and implementation of a CS3D will increase demand for guidance that is tailored to individual sectors or focused on specific challenges, like downstream due diligence. Here, the OECD is well-positioned to develop standards in close cooperation with stakeholders, including the EU. The Updated OECD Guidelines, in turn, may become less relevant for companies that fall under due diligence laws. Yet, courts may take the framework as a reference point to help resolve questions of interpretation arising from relevant legislation. In any event, the Updated OECD Guidelines remain significant as a common and continuously evolving standard on adequate due diligence that extends also to non-EU countries, whether they are members of the OECD or voluntarily adhere to the framework.
Suggested citation: L. Feld, ‘A (Slight) Raise of the Bar: Due Diligence in the 2023 Update of the OECD Guidelines for Multinational Enterprises on Responsible Business Conduct’, Nova Centre on Business, Human Rights and the Environment Blog, 9th November 2023