In honour of Anti-Slavery Day on Oct. 18, companies may want to familiarise themselves with a recent guide, “Managing Compliance With Environmental and Human Rights Law in Organisations,” published by the Institute of Environmental Management & Assessment (IEMA) and written by Ardea International Director Colleen Theron.

The impetus behind the guide is the result of an online member survey conducted by the IEMA in early 2018 that found “nearly two thirds of the survey participants worked for organisations that did not have integrated compliance management systems in place to manage environmental and human rights compliance.”

The guide covers environmental and human rights regulation in the United Kingdom, environmental management systems currently in use, managing performance with respect to legal compliance, roles and responsibilities, as well as internal and external communications and external certification. “The underlying theme,” says the introduction, “is the introduction of compliance thinking into all aspects of organisational management.” There is also a substantial number of case studies and sources to frameworks, guides, regulations, and legal obligations, including the UN Global Compact, Sustainable Development Goals (SDGs) and, in the United Kingdom, the Companies Act, and strategic reporting requirements.

“Human rights treaties and conventions only apply to states, and it’s up to states that ratify these treaties to ensure appropriate domestic legislation is passed. They also don’t apply directly to business. And this is where the gaps appear.”
Colleen Theron, Director, Ardea International

Compliance with the relevant laws, says the guide, should be implemented using the following systems:

Audit (regulatory)


Compliance assessment (regulatory)

Operator compliance

Operator self-monitoring

Sampling (check monitoring)

Site inspection

Environmental and human rights law has evolved over the past few years so that there is a business case for integrating compliance with both kinds of law. The case is made stronger by the circumstance that statutory instruments transposing EU law into local law can be different in the U.K.’s four territories—England, Scotland, Wales, and Northern Ireland. The impact of Brexit complicates this situation even further.

For those with international supply chains added to the need to comply with U.K. regulations is the need to understand the domestic legislation within each country of operation. Marc Jourdan, policy and engagement lead at IEMA, says, “The company would need to ensure that its supplier has set up proper policies and procedures to comply with local regulations and legislation. The aim of the company would ideally be to lean on soft law frameworks like the UN Guiding Principles on Business and Human Rights (in its capacity as a set of soft law standards addressing both states and business enterprises) to encourage the suppliers to possibly go above and beyond their local regulatory obligations, which would most likely be less stringent than the obligations under [U.K. law].”

Key problems leading to lack of compliance

insufficient resources allocated within the organisation to compliance management
failure to identify or understand how to conform to legal requirements
over-reliance on conformance with a management system that is not closely integrated with legal compliance
low priority given within the organisation to compliance management
failure of the person in charge of legal compliance to sufficiently implement legal requirements
Source: Managing Compliance with Environmental and Human Rights Law in Organisations


Theron adds, “The issue is where different standards exist, a good example is the law relating to children, or where the law is not enforced. Arguably all companies should adopt voluntary framework principles like the UNGPs even though they are not a binding international treaty and don’t create legal obligations per se.” Theron noted that the power of big business has forced society to recognise that companies need to be held more accountable. She also warned that there is growing litigation against parent companies where subsidiaries are involved in the abuse of human rights.

While there are a significant range of sanctions for breaching environmental laws, from prison sentences to losing the license to operate, there are far fewer for the abuse of human rights. Some legislation has penalties enforceable by the courts for a breach, such as health and safety regulations, employment legislation, and human trafficking offences under the Modern Slavery Act. Rather, negative reputational impacts may serve as the most effective penalties. A company could lose its license to operate if it breached the Gangmasters Licensing Act, or it could receive an unspecified fine from the Secretary of State if it fails to disclose its modern slavery statement under the Modern Slavery Act—though this has yet to happen despite widespread lack of compliance.

Processes to follows as part of legal compliance checks (respondents could elect as many as apply):

Systematically define all activities, products and services (aspects) of the organisation – 60.5%
Review each environmental or human rights aspect against legal requirements – 50.1%
Review the degree to which each of the organisation’s activities, products and services are in compliance with these legal requirements – 62.9%
Document relevant legislative requirements and their relevance, and identify how they are to be managed and controlled – 75.4%
Allocate clear roles and responsibilities for compliance with specific pieces of legislation – 49.7%
Communicate how legal or other requirements are relevant to your specific site at all relevant levels – 56.1%
Include operational criteria within operating procedures and work instructions – 55.0%
Number of survey participants – 706
Source: Managing Compliance with Environmental and Human Rights Law in Organisations


In order to monitor compliance with either environmental or human rights laws, the IEMA survey found that organisations are managing legal compliance by using their ISO management system (a family of management systems, which help companies meet the needs of customers and shareholders while complying with statutory and regulatory requirements). More specifically, companies can use ISO 14001 to help them identify legal requirements, develop a compliance strategy, and then demonstrate compliance. ISO 14001 is based on a methodology known as Plan-Do-Check-Act which is ideal for compliance purposes. While ISO 14001 was designed for environmental compliance, its methodologies can be adapted easily to integrate human rights compliance, says the guide, by using annex SL—the high-level structure that brings a common framework to all management systems. While most of the guide deals with internal compliance management systems, section five deals with systems that can be certified by a third party as being in accordance with a national or international standard or European regulation.

As the guide identifies in a table listing the barriers to achieving compliance, companies are hampered by the sheer amount of rules: “acts of parliament; ever-changing regulations; individual permits, consents and licences; and European legislation.” The guide adds that, within many pieces of legislation “there are likely to be several separate compliance requirements for an organisation. Each of these needs to be identified, screened for relevance, understood, and acted upon before an organisation can satisfy itself that it has attempted to comply.”

Companies can visit IEMA’s Website to learn more about environmental and human rights regulation.