Modern Slavery: What Is Expected Of Organizations?

Thomas Frénéhard

Since I posted the blog “Combating Modern Slavery—It’s More Than Compliance, It’s Ethics!” a few months ago, I have gotten many questions from colleagues and readers about this topic. I have to admit that many reached out to understand if I was taking a stand or if this was really a pressing issue… and they weren’t really reassured by my response.

It’s not a problem of the past

Let’s start once again with a few facts. At the peak of the slave trade period, usually defined as lasting from 1526 to 1867, there were an estimated 12.5 million people in slavery. This already staggering figure is actually quite pale in comparison to the 40.3 million people in slavery in 2016, according to statistics from NGOs and international agencies.

Let’s also compare the economics of it. Back in 1850, it is estimated that the cost of a slave would be approximately US$4,000 in today’s money. This cost has decreased drastically to reach barely $90 today. And it’s not me saying that; it’s internationally recognized organizations such as Alliance 8.7, Free the Slaves, and Walk Free Foundation, which work with the likes of the International Labor Organization and the United Nations on this matter.

Now that we have established that this is not a problem of the past but is still very much happening today, let’s be clear: The role of a business is not to fight criminal organizations. This is a governmental responsibility. But businesses have the task of supporting the state in doing so, ensuring that they respect the legislation but also act with integrity.

Corporate responsibility and the regulations that apply

And to be able to validate that, many regulators ask that organizations publish a descriptive statement with regard to what they do to fight this curse—and abide by it, of course. Most regulations actually request that this statement be made publicly available, as they expect the support of consumers in ensuring that modern slavery is fought.

The Modern Slavery Act in the UK or the California Transparency in Supply Chains Act in the U.S., for instance, highlight that the homepage of the company’s website must contain a prominent link to the statement. Some countries have even created—or plan to create—a database of all statements so that consumers can be informed about what the brand they are buying is doing in this regard. (See SAP’s Modern Slavery Statement and Human Rights and Labor Standards policies.)

What should companies include in this statement?

There is no real official standard for such communication, but many regulations converge to the content.

Let’s start with the general information. Most often, companies are asked to include their organizational structure, business model, and a description of their supply chain.

Concerning the standards, the regulations request that companies describe the control environment, of course, but most importantly, the policies in relation to slavery and human trafficking in place for their employees and suppliers, and the outcomes of these policies. In addition, they are asked to provide a description of the training about slavery and human trafficking available to their staff.

What about performing risk assessments?

Most regulations also request that organizations perform a risk assessment of the parts of the business and supply chains where there is a risk of slavery and human trafficking taking place. Where could the risks be? What is the likelihood that the organization or its suppliers would have forced labor within its workforce? These are typical questions. For low risks, the company must report its findings and briefly describe how this was determined. But for high risks, companies must include all the steps they are taking to mitigate them.

Organizations are also held accountable for a sound due diligence. Audit and supplier certification is a common requirement in many guidelines. Here, neither responsibility nor accountability can be outsourced.

Bringing in the C-suite

Finally, to ensure that the statement published engages the company, most legislations request that it be approved by the board of directors (or equivalent management body) and signed by a director. Continuous monitoring is sometimes mentioned with the setup of a dedicated alert structure (much like a whistleblowing hotline, but dedicated to raising potential slavery cases).

The EU Directive of 2014, but also the UK Modern Slavery Act, hint at companies needing to report on the effectiveness of their policies and monitoring by measuring against such performance indicators as it considers appropriate. Note that these indicators are not defined and left to the company to determine.

By working on such a statement, the company already gets more clarity itself as to what it is doing to eradicate modern slavery from its supply chain. And keep in mind that it’s not just about compliance; it’s about ethics. And it’s the right thing to do.

Has your company already worked on such statements? Are there any lessons that you can share? I look forward to reading your thoughts and comments either on this blog or on Twitter @TFrenehard

Learn more

Want to hear more how GRC and security leaders are harnessing the power of technology innovations to transform their operations? Register today to attend the first-ever, complimentary online SAP Finance and Risk Management Virtual Event for an insightful experience of customers, experts, partners, and SAP executives discussing today’s pressing challenges and opportunities.

Follow SAP Finance online: @SAPFinance (Twitter)  | LinkedIn | FacebookYouTube


Thomas Frénéhard

About Thomas Frénéhard

Thomas is part of the Global Centre of Excellence for Finance and Risk solutions where he has a focus on Governance, Risk, and Compliance topics. Prior to that, he was a Senior Director in the Governance, Risk, and Compliance Solution Management team. His particular responsibility was with Risk Management but other functional areas of focus were in Internal Control & Compliance Management and Audit Management. He is also a regular contributor on social media and presenter at various SAP and non-SAP conferences on GRC matters.