Soft or Hard Law? – Battling Human Rights Abuses in the Corporate World

Human rights abuses in multinational businesses draw immediate public attention and cause the reputation of the company to take a deep dive. Remember how many years it took for Nike to regain its reputation after their child labor scandal started back in the 1990s?

Regaining lost reputation requires actions in many different fields, the legal arena being one of them. So, what judicial tools are available to battle human rights abuses?

International and National Legislation

As discussed in my previous blog post, international human rights conventions oblige countries to comply with their standards and implement corresponding national legislation. However, this national legislation often only reaches the companies established in that state.

Severe human rights abuses usually occur farther from home in the subsidiaries or supply chains of multinational companies, as was the case with Nike. Given that national legislation doesn’t reach that far, the respect for human rights has traditionally relied on companies’ voluntary commitment to soft law mechanisms, such as international standards and guidelines.

However, now things seem to be changing. Europe is taking steps to introduce hard law measures to spread the corporate veil to cover operations further down multinational supply chains.

The United Kingdom on the Front Line

human rights_kuvituskuvaThe UK introduced the Modern Slavery Act last October. The act obliges companies exceeding a turnover threshold (£36 million) and doing business in the UK to prepare an annual public statement. This statement should cover the actions the company has taken to ensure that slavery and human trafficking are not taking place in its operations. The act requires that the statement is published on the company website with a link in a prominent place on the homepage. The act increases transparency of supply chains regarding possible abuses.

One notable feature of this act is the wide scope of application: all corporations doing a certain amount of business in the UK are obligated to prepare this public statement. Thus, it not only applies to companies incorporated in the UK, but also to those incorporated, for example, elsewhere in Europe, but operating in the UK.

France Tried to Take Things One Step Further

The French parliament introduced the so called Rana Plaza Bill, which aimed to hold French parent companies legally accountable for human rights abuses conducted by their foreign subsidiaries. Multinationals opposed this proposal heavily, saying it would harm their competitiveness. The chosen legislative path was deemed to be too aggressive in the current economic climate, and the proposal was overruled in the Senate. However, the French legislative procedure allows for the reopening of this issue. Thus, this case may not yet be closed.

EU-wide Obligations Upcoming Up

Despite France’s retreat, there is already something more wide-spread on the horizon. The EU Parliament has accepted a directive that obliges large public-interest companies to disclose relevant information on non-financial matters, such as respect for human rights and anticorruption issues. National legislation is to be in place by the end of 2016, and the first obligatory non-financial reports covering the financial year 2017 should see daylight in 2018.

What Should Corporate Executives Make of All This?

My first recommendation is that, if you’re involved in the management of a multinational, you should keep a close eye on this issue, as it is clearly gaining increased attention on the agendas of legislators. The media and various NGOs have worked hard to raise awareness of human rights issues for several years.

The bottom line, however, is this: companies are obliged to obey and respect human rights globally, as these matters should be implemented in respective national constitutions. Thus, it doesn’t really matter whether a specific hard law measure is in use in any given country. Companies simply cannot opt out of human rights in their operations.

Anne Vanhala

 

EU-Wide Data Protection Regulation Moves Forward – Nine Things You Should Know

We are going to have an interesting autumn when it comes to data protection regulation.  On 15 June 2015, the Ministers in the Justice Council finally reached a political agreement on the new data protection rules, confirming the approach taken in the Commission’s proposal back in 2012. Trilogue negotiations between the Commission, the European Parliament and the Council of the EU will start already on 24 June next week, and the intention is that the reform will be finalised by the end of 2015.

I have gathered nine highlights of the new data protection rules that you should know.

One continent, one law: the Regulation will establish a single, pan-European data protection law replacing the current inconsistent patchwork of national laws. In the future, your company will only have to deal with one law, not 28.

Strengthened individual rights: companies will have to inform individuals in a clear and understandable way about the processing of their personal data. When there are no longer legitimate grounds for retaining data, an individual will be able to ask for the data to be deleted (right to be forgotten).  A right to data portability will help people transfer personal data between service providers.

Right to know if hacked: your company will have to notify the national data protection authority as soon as possible (not later than 72 hours) about data breaches and will also have to notify affected data subjects without undue delay.

Data protection impact assessment: an assessment will be required when processing is likely to result in a high risk for the individuals, such as discrimination, identity theft or fraud, financial loss, damage to reputation, unauthorised reversal of pseudonymisation or significant economic or social disadvantage.

Data protection officer: it will no longer be obligatory to appoint a data protection officer unless mandatory under national law.

Codes of conduct: the regulation will encourage codes of conduct to be drawn up for specific sectors and for specific needs of SMEs (small and medium-sized companies).

European rules on European soil: if your company is based outside the EU, it will have to apply the same rules and guarantee the same level of protection for personal data when offering services in the European market.

More powers for independent national data protection authorities: in order to effectively enforce the rules, national data protection authorities will be empowered to fine companies that violate EU data protection rules. The fine may be up to €1 million or 2% of the global annual turnover of the offending company.

One-stop shop: companies will only have to deal with a single supervisory authority, which will make it easier and cheaper for companies to do business across the EU. Similarly, individuals will only have to deal with their national data protection authority—in their own language—even if their personal data is processed outside their home country.

I am optimistic that the new regulation will strengthen and harmonise data protection rules in the EU. We will be closely monitoring the progress of the new general data protection regulation and keep you up-to-date on any developments.

Eija Warma

 

See our previous news items on the topic:

EU Data Protection Reform Approved by the Parliament

European Commission Proposal For New Personal Data Rules

EU Parliament’s LIBE Committee Voted on Data Protection

Sanctions—As the Dust Settles

The activity surrounding the Ukraine crisis during the past several months has shown that sanctions can be imposed rapidly in response to changes in the political climate. However, that flurry of sanctions activity has slowed during the past month, providing a good opportunity to assess how your business landscape has changed because of the sanctions—and what you can do to adapt to those changes.

1. Be Aware of Sanctions Relevant for Your Business

The Ukraine sanctions have had a noticeable impact in many sectors of the Finnish market, however, it is good to remember that other sanctions programmes also exist and can have a real-life impact. The penalties for violating any of sanction can be significant, and there are many more sanctions programmes in force than just those concerning Ukraine. The EU and the US each have approximately 30 separate sanctions programmes in force at the present time.

You may be caught by surprise of the range of business transactions that are restricted or forbidden by sanctions under various circumstances. Sanctions touch on a wide variety of activity. Although prohibitions against doing business with specific individuals or companies have been well-publicised during the Ukraine escalation, other restrictions on certain types of business activity (such as providing services or certain goods even if the counterparty is not sanctioned), tend to receive less attention in the media.

Older sanctions programmes, such as those concerning Iran and activities linked to terrorist organisations in various countries around the world, have a broad reaching effect but receive little if any press attention. Importantly, enforcement actions by EU Member States and the US authorities include an investigation of whether the violator knew or should have known that their conduct violated sanctions laws.

Also, it is good to keep in mind, that other countries (such as Canada, Australia and Switzerland) have also imposed their own sanctions. Although EU and US sanctions may be for many Finnish enterprises the most likely applicable sanctions programmes, it is good to be aware that other authorities can and do impose sanctions of their own.

2. Determine if Planned Business is Affected by Sanctions

If you believe that a business transaction that you have planned could be affected by sanctions, there are some steps you can take to protect yourself against liability—both in case of a sanctions-triggered dispute with your counterparty, as well should an official investigation occur.

  • Identify as many of the personnel involved in the transaction as is reasonably possible, including both your own and those of your counterparties. Whether you are required to comply with any particular sanctions programme depends upon a number of factors, including where you and your counterparty are performing your obligations under the contract, where your decision-makers for that transaction are located while making decisions for that transaction, and the citizenship and residency rights of personnel involved in the transaction.

    In addition, involvement by individuals or entities listed as sanctioned on the official lists, or because of the application of the 50% ownership rule, and the involvement of certain goods or services, can all affect whether a particular transaction will be affected by sanctions laws. Looking for the moment only at the background of the personnel involved, it is important to know that even a company that is registered and headquartered in Finland and that has no connection to the US, could in some circumstances be required to comply with US sanctions laws if a particular business transaction has a connection to the US.

    The US authorities have a history of threatening civil or even criminal prosecution against foreign companies when those companies are believed to have caused US persons to violate US sanctions laws. Knowing as much as possible about the connections of personnel and companies involved in your transactions will improve your ability to determine whether your business plans might need to comply with EU or US sanctions, or perhaps on some occasions with both.

  • Identify your counterparties and determine if they are sanctioned. Official lists of every individual and company specifically sanctioned by the EU or the US (or sometimes by both) can be found and searched online. However, be aware of the 50% ownership rule—a company may be sanctioned, even if it is not listed on the official lists, if that company is owned 50% or more by one or more sanctioned persons.

    Try to obtain as much information as is reasonably possible about your counterparties, including their full names, official registration numbers, office locations and (if possible) the identities of their major shareholders.This information will help you perform a thorough due diligence review of potentially applicable sanctions programmes to determine if the transaction is at risk for a sanctions violation.Your current business should also be examined to rule out potential problems if you become aware that one or more sanctions programmes could potentially be applied to that business.

  • Examine your business transactions to determine if they could trigger any industry-specific, or goods or services-specific sanctions violations. Remember that certain types of business transactions could be restricted or prohibited by sanctions laws even if none of the parties involved are sanctioned. Check the types of goods involved; the export, import or transfer through of certain goods is restricted or forbidden when certain geographic locations or sanctioned parties are involved. Pay attention also to goods assembled from parts manufactured in different locations—parts manufactured in certain countries could in some cases be subject to sanctions restrictions which could impact the distribution of the final products. Be aware also that the export, import or transfer through of certain goods may be forbidden if the final destination of those goods is a restricted industry, or a restricted geographic location or is connected to particular companies or individuals.

    Service contracts may also be subject to restrictions or prohibitions when certain industries, citizens of certain countries or particular geographic locations are involved. Exactly what business activities are allowed and which require prior approval from the authorities, as well as which activities are forbidden, depends upon all the facts of a particular business transaction.

3. Prepare Your Strategy to Prevent Violations and Get the Deal Done

Prepare a plan of action to address the risks and to protect yourself against liability. Documenting your efforts to perform an appropriate due diligence sanctions check may prove useful in the future should the need arise to demonstrate that you performed the level of due diligence which the circumstances called for, e.g. in case of an official investigation. It may also be helpful to prepare internal training and education programmes to ensure that your employees are able to identify and address possible sanctions issues.

Depending upon the nature of particular situations, it may be beneficial to seek an official clarification or approval of business activities from the authorities. It is also possible in some cases to apply to the authorities for a special license to conduct business which may otherwise be prevented by sanctions restrictions.

You may also wish to review your transaction agreements to ensure that they contain language which offers you the maximum protection in the event that the restrictions imposed by existing sanctions, or new sanctions which could be imposed in the future, restrict or prevent the performance of those transactions.

Kristina Rutsky

Laki, jota meidän ei vieläkään tarvitse noudattaa?

Parikymmentä vuotta sitten istuin oikeustieteen opiskelijana eduskunnan lehtereillä, kun Suomi päätti liittyä Euroopan unioniin. Äänestys sujui eleettömästi, ja ulkomaalaiset toimittajat jäivät ihmettelemään, oliko se todella tässä. Ei julistuksia, ei torvisoittoa. Nyt kaksi vuosikymmentä myöhemmin ihmettelen, ettemme täällä Suomessa tunnu vieläkään ymmärtävän keskeistä EU-lainsäädäntöä – vai johtuuko se vain siitä, ettemme halua ymmärtää?

Kilpailuneutraliteetilla tarkoitetaan julkisen ja yksityisen elinkeinotoiminnan tasapuolisia toimintaedellytyksiä. Kilpailuneutraliteetin vaatimus on osa EU:n valtiontukisääntöjä, joita on noudatettu Suomessakin vuodesta 1995 alkaen.

Vuonna 2007 Euroopan komissio totesi Tieliikelaitosta koskevassa päätöksessä, ettei julkinen sektori voi harjoittaa taloudellista toimintaa siten, että se hyötyisi veroeduista ja konkurssisuojasta. Tieliikelaitos yhtiöitettiinkin sittemmin Destiaksi.

Nyt vuonna 2014 poliitikot tekevät EU-sääntöjen noudattamisesta mielipidekysymyksen ja työntekijät lakkoilevat yhtiöittämisen edessä. Tämän osoitti hyvin Palmian yhtiöittämistä koskeva päätöksenteko.

Tasapuoliset mahdollisuudet kaikille

Kun kyse on taloudellisesta toiminnasta, jossa tavaraa tai palveluita myydään EU:n jäsenvaltioiden rajojen yli, tai kun alalla toimii kansainvälisiä yrityksiä, kaikilla osapuolilla pitää olla tasapuoliset ja reilut mahdollisuudet harjoittaa liiketoimintaansa. Näistä säännöistä emme voi vapaasti poiketa kansallisella tasolla. Tästä huolimatta kuntalaki sisältää yhtiöittämisvelvoitteen poikkeuksia, joita EU:n valtiontukisääntely ei tunne.

On hyvä muistaa, että EU-oikeuden etusijaperiaate on ollut voimassa jo vuodesta 1965. Ristiriitatilanteessa kansallinen sääntö väistyy.

Merkittävin ongelma ei ole se, että EU-sääntöjä ei noudateta, vaikka siitä saattaakin seurata Suomen valtiolle rikkomuskanteita ja korvausvelvoitteita. Merkittävin ongelma on itse kilpailuneutraliteettivaje.

Kilpailu kannustaa kehittymään

Julkisen palvelutuotannon epäreilut kilpailuedut syrjäyttävät yksityisiä, tehokkaasti toimivia ja veroja maksavia yrityksiä markkinoilta. Julkiset markkinat keskittyvät ja taantuvat, eikä niiden palvelutarjonta kehity samalla tavalla ilman kilpailua.

Samalla yhteiskunnan kustannukset ja meidän jokaisen maksamat verot nousevat. Kehittymättömiltä kotimarkkinoilta yritysten on myös kovin vaikeaa ponnistaa nopeasti kehittyville kansainvälisille markkinoille.

Mielestäni meillä Suomessa ei oteta kilpailuneutraliteettiongelmaa vakavasti. Olisiko jo aika?

Anna Kuusniemi-Laine

Lue lisää aiheesta Defensor Legiksen numerosta 4/2014: ”Kilpailuneutraliteetti, valtiontuki ja kuntien taloudellisen toiminnan yhtiöittämisvelvollisuus”. Lataa PDF-versio artikkelista: Defensor Legis 4 2014