Introduction

Risk Management

This tool is designed to assist in identifying potential human rights risks arising from the activities of corporate customers/clients. These may impact on a financial institution which is lending to the company or providing other forms of financial support or advice.

It does not explore how a financial institution should decide on the acceptability of identified risks. This is an issue for each lender to define in the context of its own policy Framework and applying its own risk management process.

Successful risk management in relation to human rights will need:

  • a clear process embedded in
  • governance mechanisms with
  • clear rules for decision making and
  • effective compliance and control functions.

The 'Protect, Respect and Remedy' Guiding Principles set out helpful advice on due diligence. They suggest an inclusive approach, incorporating human rights due diligence in broader risk management systems, provided that risks to rights-holders are fully considered.


Human rights due diligence: five steps

Step 1: Identify and assess actual and potential human rights impacts.

It is likely that some rights may be more relevant — this will depend on location, clients or products. If significant impacts are identified, then an enhanced process may be needed - for example, if the project is in a conflict zone or the client operates in a sector which has significant human rights issues.

The Thun Group suggests two criteria can be used to prioritise human rights impacts: first, the impact on the rights-holders themselves (including severity and the number of affected people) and second, the bank's connection to these adverse impacts.

Step 2: Consult with affected groups and relevant stakeholders.

This may include NGOs and civil organisations representing local communities, trade unions, community and religious leaders.

Step 3: Integrate the impact assessment findings across relevant internal functions and processes.

This will require:

  • leadership at a sufficiently senior level,
  • training to give people knowledge and skills across different functions, and
  • the capacity and resources to respond.

Step 4: Prevent or mitigate potential adverse impacts.

This needs to take into account how much leverage a financial institution has in each case. Appropriate steps to prevent human rights abuses need to be taken. If human rights have already been violated, then remediation will be necessary. This means reversing or stopping the violations.

Step 5: Track responses and communicate how impacts have been addressed.

This enables the institution to learn from its experiences and to keep stakeholders informed about actions.


Factors to take into account in assessing and managing human rights risk of clients/customers

Identification of potential risk factors

Other areas of this tool help to identify risk factors:

  • Key issues and questions - these focus on significant issues, but may not be easy to answer. However, raising these questions, and encouraging clients to consider them, will of itself both raise awareness and highlight those issues of most relevance and concern
  • Human rights issues by sector - for detailed information in relation to key sectors
  • Human rights issues by topic - for detailed information in relation to key topics
  • Resources - for sources of further information relating to areas of particular concern.

Degree of influence and leverage

Financial institutions should consider how much influence they have in a particular situation:

  • How significant is their relationship (financially and reputationally) to the client?
  • What relationship do they have with other key stakeholders?
  • How close are the human rights issues to the client's core business?
  • Can relationships with governments and trade bodies be used?
  • Is international status and profile a source of influence?

It is important to keep this issue under review, since the relationship between the financial institution and the client may vary over time.

Materiality

Financial institutions should consider the potential for a human rights concern to impact on their organisation and its reputation:

  • Does the issue, sector or location have a high public profile?
  • Does it have a high media profile?
  • Is it financially material to the institution?
  • Does it relate to current public and political concerns?

Complicity in crimes against humanity, war crimes and the most egregious abuses carry the most significant legal and reputational risks, and financial institutions should be aware of the possible consequences of decisions in such circumstances.

Role of other stakeholders

Financial institutions should be aware of the responsibilities of others (particularly governments) in addressing human rights abuses. They may choose to engage directly with governments or other stakeholders (where this is appropriate) to mitigate material human rights risks. Dialogue can be a key tool in addressing human rights impacts arising from clients' actions.

Expectations and responsibilities

The direct legal responsibility of a financial institution in relation to human rights abuses may be limited, but public expectation (including the views of NGOs, shareholders and the media) may lead to pressure for action. Financial institutions may be encouraged to raise clients' awareness of human rights abuses and, in some cases, to address these issues directly. Financial institutions should consider how this may impact on their licence to operate, although for some banks and in some markets the impact may be limited.

Small and Medium Enterprises (SMEs)

SMEs may not operate to the same standards as larger companies - for example, they may not have written policies in place. Expectations of SMEs should reflect what it is realistic for them to achieve, while recognising that human rights issues may be as significant for them as for larger companies. SMEs providing goods or services to other companies may be required to address human rights issues in their own business and supply chain as part of the tendering process.

State Owned Enterprises (SOEs)

Financial institutions dealing with clients which are wholly or partly government owned need to consider the risks of association with human rights issues or controversies concerning the state. There is also potential for state influence to have an impact on the relationship or transaction.

It may therefore be appropriate to exercise enhanced due diligence when undertaking relationships or transactions with state owned enterprises or agencies which may be associated with human rights abuses.