Skip to main content Accessibility help

Human Rights Due Diligence as Risk Management: Social Risk Versus Human Rights Risk



The UN Guiding Principles on Business and Human Rights endorse a risk management perspective of human rights due diligence, which may create ambiguities with regard to the nature of risk and the objectives of risk management. By ‘human rights risk’ we understand a business enterprise’s potential adverse human rights impacts. Human rights risk can be contrasted to an enterprise’s ‘social risk’ which refers to the actual and potential leverage that people or groups of people with a negative perception of corporate activity have on the business enterprise’s value.

This article puts forward the argument that due diligence in respect of human rights risk is conceptually incompatible with the management of social risk, because social risk management and human rights due diligence vary at each step of the risk management process (risk identification, risk measurement and assessment, risk reduction measures). To resolve this incompatibility, an effective integration of human rights due diligence processes into corporate risk management systems would require an elevation of human rights respect to a corporate goal that determines corporate strategy.

  • View HTML
    • Send article to Kindle

      To send this article to your Kindle, first ensure is added to your Approved Personal Document E-mail List under your Personal Document Settings on the Manage Your Content and Devices page of your Amazon account. Then enter the ‘name’ part of your Kindle email address below. Find out more about sending to your Kindle. Find out more about sending to your Kindle.

      Note you can select to send to either the or variations. ‘’ emails are free but can only be sent to your device when it is connected to wi-fi. ‘’ emails can be delivered even when you are not connected to wi-fi, but note that service fees apply.

      Find out more about the Kindle Personal Document Service.

      Human Rights Due Diligence as Risk Management: Social Risk Versus Human Rights Risk
      Available formats

      Send article to Dropbox

      To send this article to your Dropbox account, please select one or more formats and confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your <service> account. Find out more about sending content to Dropbox.

      Human Rights Due Diligence as Risk Management: Social Risk Versus Human Rights Risk
      Available formats

      Send article to Google Drive

      To send this article to your Google Drive account, please select one or more formats and confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your <service> account. Find out more about sending content to Google Drive.

      Human Rights Due Diligence as Risk Management: Social Risk Versus Human Rights Risk
      Available formats



Hide All

Professor of Law, EDHEC Business School, LegalEdhec Research Center, [].



Hide All

1 For the sake of clarity, this article understands the term ‘business corporation’ to refer to a business enterprise whose commanding entity takes the legal form of a corporation or company limited by shares, and which pays dividends to its shareholders based on net profits. Responsibilities to respect human rights transcend the controlling entity and can be applied throughout the entire group. The wider term ‘business enterprise’ could cover any kind of commercially motivated operation, for example non-dividend-paying social businesses, commercial networks, or sole proprietorships. For various ways of organizing a business enterprise, see Orts, Eric W, Business Persons - A Legal Theory of the Firm (Oxford: Oxford University Press Oxford, 2013) 175 ; see also Ruggie, John, Just Business - Multinational Corporations and Human Rights (New York: W.W. Norton & Company, 2013) 9798 , who writes that in the case of a multinational corporation the notion ‘enterprise’ would include the ‘entire corporate group, however it is structured’.

2 Human Rights Council, ‘Guiding Principles on Business and Human Rights: Implementing the United Nations “Protect, Respect and Remedy” Framework’, A/HRC/17/31 (21 March 2011).

3 The International Council on Mining and Metals recommends ‘stand-alone human rights impact assessments’ in certain situations, in particular where a ‘range of human rights issues merit or require in-depth/discrete analysis’; see International Council on Mining and Metals (ICMM), ‘Human rights in the mining and metals industry - Integrating human rights due diligence into corporate risk management processes’, (March 2012), (accessed 25 July 2016). For an example of a non-integrative approach to managing human rights risk, see Baab, Mike and Jungk, Margaret, ‘The Arc of Human Rights Priorities: A New Model for Managing Business Risk’, (2011) Danish Institute for Human Rights (the subheading ‘a new model for managing business risk’ could be misleading, since the model deals with human rights risks and not business risk).

4 The official commentary to UNGP 17, note 2, 18–19, says that, ‘Human rights due diligence can be included within broader enterprise risk management systems, provided that it goes beyond simply identifying and managing material risks to the company itself, to include risks to rights-holders.’ In an ongoing survey performed by the Business & Human Rights Resource Centre, it is possible to view responses of business corporations to the question of how they manage human rights. At the time of writing this article, most business corporations that offered information on the issue explained that human rights would be integrated into their risk management frameworks, cf the survey at (accessed 25 July 2016). See also, Désirée Abrahams and Yann Wyss, ‘Guide to Human Rights Impact Assessment and Management (HRIAM)’ (2010) guide endorsed by The International Business Leaders Forum (IBLF) and the International Finance Corporation (IFC), in association with the UN Global Compact for the global oil and gas industry see Ngyuen, Tam et al, ‘Management Systems Approach to Managing Human Rights Issues’ (2012) Society of Petroleum Engineers, doi:10.2118/158123-MS .

5 Human Rights Council, note 2, 16, commentary to UNGP 17; see also the definition of ‘human rights risk’ at United Nations Office of the High Commissioner, ‘The Corporate Responsibility to Respect Human Rights - An Interpretative Guide’, HR/PUB/12/02 (2012), 6–7. Under such a definition of risk, the UNGPs due diligence concept differs from approaches to human rights due diligence that are expressed exclusively in terms of preventing and mitigating the business and legal risks facing business corporations, as proposed by Sherman, John F III and KLehr, Amy, ‘Human Rights Due Diligence: Is It Too Risky?’, Corporate Social Responsibility Initiative Working Paper No. 55. (Cambridge, MA: John F. Kennedy School of Government, Harvard University, 2010), (accessed 25 July 2016).

6 Early on the Human Rights Council emphasized fundamental differences between social risk management and human rights due diligence. On this point see, e.g., Human Rights Council, ‘Human Rights Impact Assessments - Resolving Key Methodological Questions’, A/HRC/4/74 (5 February 2007). However, this article proposes that human rights due diligence not only requires a different risk management approach as suggested by the Human Rights Council (HRC), but that such a different approach implies different analyses to be made at each step of the risk management process.

7 It is acknowledged that business corporations do not conduct risk management homogenously. Existing risk management standards give management much leeway in designing risk management processes. Geographical, cultural, organizational and market contexts account for varying and complex approaches. Therefore, the arguments presented here are conceptual rather than empirical in nature.

8 There is no agreed upon definition of ‘enterprise risk management’ (ERM). ERM commonly refers to an integrative approach to risk management that is informed by an organization’s highest level goals and strategies. For example, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) defines ERM as ‘a process, effected by an entity’s board of directors, management or other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives’ (see, Committee of Sponsoring Organizations of the Treadway Commission, Enterprise Risk Management – Integrated Framework, Executive Summary, (COSO, 2004) 2 ).

9 See, for example, Human Rights Council, ‘Report of the Special Representative of the Secretary-General on the Issue of Human Rights and Transnational Corporations and Other Business Enterprises’, A/HRC/11/13 (22 April 2009), para 51: ‘Businesses routinely employ due diligence to assess exposure to risks beyond their control and develop mitigation strategies for them, such as changes in government policy, shifts in consumer preferences, and even weather patterns. Controllable or not, human rights challenges arising from the business context, its impacts and its relationships can pose material risks to the corporation and its stakeholders, and generate outright abuses that may be linked to the corporation in perception or reality. Therefore, they merit a similar level of due diligence as any other risk.’

10 Human Rights Council, ‘Report of the Special Representative of the Secretary-General on the Issue of Human Rights and Transnational Corporations and Other Business Enterprises, John Ruggie’, A/HRC/17/31/Add.2 (23 May 2011) 8.

11 Ruggie, John, ‘Global Governance and “New Governance Theory”: Lessons from Business and Human Rights’ (2014) 20 Global Governance 5 , 14. However, a forward-looking management standard can be useful in informing the contents of a due diligence liability standard – see, e.g., Bonnitcha, Jonathan and McCorquodale, Robert, ‘Is the Concept of “Due Diligence” in the Guiding Principles Coherent?’ (2013), or (accessed 25 July 2016).

12 The fourth EU money laundering directive, EU Directive 2015/849, could serve as an example for such an enhanced risk-based regulatory approach. Art 8 of the directive provides that member state laws impose certain risk management and compliance processes on financial and credit institutions as well as other entities that could be targeted by money laundering. Such companies are to have controls and procedures to mitigate and manage effectively the risks of money laundering and terrorist financing. For an overview of risk-based regulation see, e.g., Black, Julia, ‘Risk-based Regulation: Choices, Practices and Lessons Being Learnt’ in OECD, Risk and Regulatory Policy - Improving the Governance of Risk (Paris: OECD Publishing, 2010) 185224 , and, more generally, the research of the Centre for Analysis of Risk and Regulation (CARR) and the London School of Economics, (accessed 25 July 2016).

13 Michael Power describes the regulatory focus on a regulated entity’s internal controls as turning organizations ‘inside out’, see Power, Michael, The Risk Management of Everything: Rethinking the Politics of Uncertainty (London: Demos, 2004) 2425 .

14 International Standards Organization ISO-31000, Risk Management (2009) ISO, Guide ISO 79 (2009).

15 Cf, for example, Purdy, Grant, ‘ISO 31000:2009—Setting a New Standard for Risk Management’ (2010) 30:6 Risk Analysis, 881886 ; Aven, Terje, Renn, Ortwin and Rosa, Eugene A, ‘On the Ontological Status of the Concept of Risk’ (2011) 49:8–9 Safety Science, 10741079 .

16 Taylor, Mark B, Zandvliet, Luc and Forouhar, Mitra, ‘Due Diligence for Human Rights: A Risk-based Approach’, Corporate Social Responsibility Initiative, Working Paper No. 53, (Cambridge, MA: John F. Kennedy School of Government, Harvard University, 2009), (accessed 25 July 2016); see also United Nations Office of the High Commissioner (2012), note 5, which uses the catchphrase describing human rights due diligence as ‘knowing and showing’ that a business respects human rights.

17 Ruggie, note 1, 99.

18 Cf, note 8.

19 Cf Boatright, John, ‘Risk Management and the Responsible Corporation: How Sweeping the Invisible Hand?’ (2011) 116:1 Business and Society Review, 145170 ; Hubbard, Douglas W, The Failure of Risk Management: Why It’s Broken and How to Fix It (New York: John Wiley & Sons, 2009) 457458 .

20 For these techniques see in particular Loch, Christopher H, DeMeyer, Arnoud and Pich, Michael T, Managing the Unknown: A New Approach to Managing High Uncertainty and Risk in Projects (New York: John Wiley & Sons, 2006); Andersen, Torben J and Schroder, Peter W, Strategic Risk Management Practice (Cambridge: Cambridge University Press, 2010).

21 Cf Kytle, Beth and Ruggie, John, ‘Corporate Social Responsibility as Risk Management: A Model for Multinationals’, Corporate Social Responsibility Initiative Working Paper No. 10 (Cambridge, MA: John F. Kennedy School of Government, Harvard University, 2005); Jeffery, Neil, ‘Stakeholder Engagement: A Road Map to Meaningful Engagement’, Doughty Centre ‘How to do Corporate Responsibility’ Series No 2, (2009), 26 , 35.

22 Ruggie, note 1, 99–100.

23 This is not the place to engage in a discussion of the moral and policy implications of formulating problems and solutions in terms of risk. That any risk assessment does not merely require an empirical analysis of objective facts but at least also an appreciation of risk as a social construct with a normative basis is broadly accepted throughout the literature on risk and society. See, e.g., Beck, Ulrich, ‘Living in the World Risk Society’ (2006) 35:3 Economy and Society, 329345 ; Renn, Ortwin, Risk Governance: Coping with Uncertainty in a Complex World (London: Earthscan, 2008); Rendtorff, Jacob D, ‘Risk Management, Banality of Evil and Moral Blindness in Organizations and Corporations’ in Christoph Luetge and Johanna Jauernig (eds.), Business Ethics and Risk Management (Dordrecht: Springer, 2014).

24 Power, Michael, ‘Risk, Social Theories and Organizations’, in Paul Adler et al (eds.), The Oxford Handbook of Sociology, Social Theory, and Organization Studies (Oxford: Oxford University Press, 2014) 370392 .

25 Definitions of ‘social risk’ vary but have in common the focus on the business’s interests. For example, Kytle and Ruggie, note 21, define social risk as occurring ‘when an empowered stakeholder takes up a social issue area and applies pressure on a corporation (exploiting a vulnerability in the earnings drivers – e.g. reputation, corporate image), so that the company will change policies or approaches in the marketplace’. Thus understood, pressure points on a business enterprise constitute social risk. See also Robert Holzmann, Lynne Sherburne-Benz and Emil Tesliuc, Social Risk Management: The World Bank Approach to Social Protection in a Globalizing World World Bank (May 2003) DC: World Bank (2003); Tamara Bekefi, Beth Jenkins and Beth Kytle, ‘Social Risk as Strategic Risk’, Corporate Social Responsibility Initiative, Working Paper No. 30 (Cambridge, MA: John F. Kennedy School of Government, Harvard University, 2006), present social risk as a factor for stakeholders or groups of people who, regarding a certain issue, have a negative perception of the company and may do damage to it.

26 See, for a discussion of the SLO and its relationship to academic concepts such as legitimacy, social contract and stakeholder theory Morrison, John, The Social License to Operate: How to Keep your Organization Legitimate (New York: Palgrave MacMillan, 2014); Demuijnck, Geert and Fasterling, Björn, ‘The Social License to Operate’ (2016) 136:4 Journal of Business Ethics, 675685 .

27 United Nations Office of the High Commissioner, note 5, 5.

28 ISO (2009), note 14.

29 Fraser, Ian and Henry, William, ‘Embedding Risk Management, Structures and Approaches’ (2007) 22:4 Managerial Auditing Journal, 392409 ; Jondle, Douglas et al, ‘Modern Risk Management Through the Lens of the Ethical Organizational Culture’ (2013) 15:1 Risk Management, 3249 .

30 COSO, note 8.

31 See, e.g., Boatright, note 19.

32 For the expression ‘human rights respect as a necessary cost of doing business’, see Arnold, Denis G, ‘Transnational Corporations and the Duty to Respect Basic Human Rights’ (2010) 20:3 Business Ethics Quarterly, 371399 .

33 Fiduciary or similar managerial duties owed to the corporation would probably not impede such an approach. See, for example, Human Rights Council, note 10. Peter Muchlinski takes this notion a step further by saying that duties of care may evolve in a way that they are also owed to foreseeable potential victims of business-related human rights infringements; see Muchlinski, Peter, ‘Implementing the New UN Corporate Human Rights Framework: Implications for Corporate Law, Governance, and Regulation’ (2012) 22:1 Business Ethics Quarterly, 145 , 157 et seq.

34 The ‘business case’ is understood here as a notion that is justified by value maximization, or simply put, ‘the bottom line’ for the business corporation. Occasionally, a different understanding of ‘business case’ becomes promulgated, for example by The global oil and gas industry association for environmental and social issues (IPIECA) that writes, ‘it is good business practice to understand the potential human rights issues and impacts associated with business operations, and to factor them into management plans.’, IPIECA, Human Rights Due Diligence Process: A Practical Guide to Implementation for Oil and Gas Companies (London: IPIECA, 2012). For a demonstration of the conceptual weaknesses of ‘business case’ thinking with regard to the human rights responsibilities of business enterprises see Wettstein, Florian, ‘Human Rights as a Critique of Instrumental CSR: Corporate Responsibility Beyond the Business Case’ (2012) XXVIII(106) Notizie di Politeia, 1833 .

35 Institute for Human Rights and Business, From Red to Green Flags - The Corporate Responsibility to Respect Human Rights in High-risk Countries (London: IHRB, 2011).

36 See, e.g., Business Leaders Initiative on Human Rights (BLIHR), ‘A Guide for Integrating Human Rights into Business Management’ (2009), (accessed 21 December 2015).

37 Human Rights Reporting and Assurance Frameworks Initiative (RAFI), ‘UN Guiding Principles Reporting Framework’ (2015), (accessed 25 July 2016).

38 Spedding, Linda and Rose, Adam, Business Risk Management Handbook - A Sustainable Approach (Oxford: Elsevier, 2011) 313366 .

39 Taylor et al, note 16.

40 Cf Graetz, Geordan and Franks, Daniel M, ‘Incorporating Human Rights into the Corporate Domain: Due Diligence, Impact Assessment and Integrated Risk Management’ (2013) 31:2 Impact Assessment & Project Appraisal, 97106 ; Abrahams and Wyss 2010, note 4, 20.

41 Business for Social Responsibility (BSR) Conducting an Effective Human Rights Impact Assessment - Guidelines, Steps, and Examples (BSR, 2013) 6.

42 Studies on links between business success and ‘corporate social responsibility’ are far more common. However, even such studies must be read with caution as regards the evidence for a ‘business case’, see in particular Rost, Katja and Ehrmann, Thomas, ‘Reporting Biases in Empirical Management Research: The Example of Win-Win Corporate Social Responsibility’ (2015) Business & Society, 149 .

43 Davis, Rachel and Franks, Daniel, ‘Costs of Company-Community Conflict in the Extractive Sector’, Corporate Social Responsibility Initiative Report No. 66 (Cambridge, MA: Harvard Kennedy School, 2014).

44 The problematic two-sidedness of the supposed ‘business case’ for human rights respect finds a parallel in the more general discussion about a business corporation’s interest in obtaining a ‘social license to operate’. For more on this, see Demuijnck and Fasterling, note 26.

45 See for example Kytle and Ruggie, note 21.

46 See in a wider context Paine, Lynn Sharp, ‘Does Ethics Pay?’ (2000) 10:1 Business Ethics Quarterly, 319330 , who puts forward that the business case for ethical behavior of companies is rather highly dependent on context and situation than generally given.

47 For a parallel argument that calls into question Michael Porter and Mark Kramer’s ‘Creating shared value’ concept, see Crane, Andrew et al, ‘Contesting the Value of Creating Shared Value ’ (2014) 56(2) California Management Review, 130 , 136–8.

48 Condamin, Laurent, Louisot, Jean-Paul and Naïm, Patrick, Risk Quantification: Management, Diagnosis and Hedging (Hoboken: Wiley & Sons, 2006) 14 et seq.

49 A further illustration of the point could be made by making reference to the IPIECA, note 34, 4. The organization puts forward several business drivers for improving human rights due diligence, among which: ‘help prevent disruptions to construction and future disruptions to operations, and improve business continuity, including providing reliable energy and managing budgets and schedules’. Disruptions indeed expose a business’s assets. However, for assessing risks to the business’s assets it does not matter if a business disruption could be linked to corporate activity that has been qualified as having an adverse human rights impact or not. A business corporation could perfectly manage risks of business disruption, prioritizing its factual causes according to their probability and severity without undertaking any kind of normative assessment.

50 To the extent that risk management is conducted through establishing correlations between adverse human rights impacts and losses, the indirect nature of causality might be less relevant. However, establishing correlations between adverse human rights impacts and losses (to value) has been limited to date, because adverse human rights impacts can only be identified when taking into account normative assessments of the individual case, which has so far excluded the existence of large datasets offering comparable data for establishing reliable correlations.

51 According to mainstream stakeholder theory as it is defended by Edward Freeman and others, stakeholder interests are taken into account instrumentally, i.e., with a view to maximizing the value of the firm. See for example Phillips, Robert, Edward Freeman, R and Wicks, Andrew C, 2003, ‘What Stakeholder Theory is not’ (2003) 13:4 Business Ethics Quarterly, 479 , 486 et seq. For the notion of instrumental stakeholder theory, see Jones, Thomas M, ‘Instrumental Stakeholder Theory: A Synthesis of Ethics and Economics’ (1995) 20:2 Academy of Management Review, 404437 . People who have no leverage over the business’s operations and whose lives are negatively affected by business activities would only be taken into account as ‘stakeholders’ under a normative perspective on stakeholder theory that emphasizes the need to consider those with legitimate (moral) claims on the company rather than just those with significant stakes in it. On this point, see Waxenberger, Bernhard and Spence, Laura J, ‘Reinterpretation of a Metaphor: From Stakes to Claims’ (2003) 12:5 Strategic Change, 239249 .

52 In a similar vein, Florian Wettstein argues that an instrumental account of corporate responsibility would motivate companies to prioritize stakeholders with a high potential impact on the business rather than paying attention to those who have little power to make their own claims heard, see Wettstein, note 34, 27.

53 Ruggie, note 1, 99–100.

54 Cf United Nations Office of the High Commissioner (2012), note 5, 7, where it is noted that human rights risk is prioritized according to severity of impact.

The commentary to UNGP 14 defines ‘severe human rights impact’ with reference to its scale, scope and irremediable character; see Human Rights Council, note 2, 16.

55 Condamin, Louisot and Naïm, note 48, 28 et seq.

56 Some risk management advisors appear to have developed methodologies for measuring adverse human rights impacts. For example, on its website Verisk Maplecroft claims that its ‘Human Rights Risk Atlas 2015’ would ‘help business, investors and international organisations assess, compare and mitigate human rights risk across all countries.’; see (accessed 25 July 2016). However, to the extent that the details of their methodologies are held confidential, they cannot be satisfactorily appraised by academic research. The same applies to corporations that communicate assessments of human rights risk, but do not disclose how it is quantified.

57 See ‘The Corporate Human Rights Benchmark – Pilot Methodology 2016’, jointly developed by Aviva Investors, Business & Human Rights Resource Centre, Calvert Investments, Institute for Human Rights and Business, VBDO and Vigeo Eiris, available at (accessed 25 July 2016). Damiano de Felice demonstrates the prospects but also the shortcomings and pitfalls of human rights performance indicators; see de Felice, Damiano, ‘Business and Human Rights Indicators to Measure the Corporate Responsibility to Respect: Challenges and Opportunities’ (2015) 37 Human Rights Quarterly, 511555 .

58 Cf United Nations Office of the High Commissioner, note 5, 7.

59 Hoyt, Robert E and Liebenberg, Andre P, ‘The Value of Enterprise Risk Management’ (2011) 78:4 Journal of Risk and Insurance, 795822 .

60 The prerequisite of having an available common measure for assessing risk has led to ERM being questioned as a basis for rational decision-making. See in particular Schiller, Frank and Prpich, George, ‘Learning to Organise Risk Management in Organisations: What Future for Enterprise Risk Management’ (2014) 17:8 Journal of Risk Research, 9991017 .

61 Spedding and Rose, note 38.

62 Note that in their book Spedding and Rose do not explain in detail how they reached these estimations.

63 See on this point Schiller and Prpich, note 60.

64 The ISO 31000:2009 standard recommends several risk reduction measures:

- (1) ‘Avoiding the risk by deciding not to start or continue with the activity that gives rise to the risk’

- (2) ‘Accepting or increasing the risk in order to pursue an opportunity’

- (3) ‘Removing the risk source’

- (4) ‘Changing the likelihood’

- (5) ‘Changing the consequences’

- (6) ‘Sharing the risk with another party or parties (including contracts and risk financing)’

- (7) ‘Retaining the risk by informed decision’.

65 Note that the official commentary to UNGP 11 deems that such positive measures do not offset failure to respect human rights, see Human Rights Council, note 1, 14.

66 Catherine Coumans reports a case that provides an extreme example of the point made here. In this case the corporation’s social risk reduction measures may even have intensified human rights risk. A mining corporation had engaged with consultants, development agencies and socially responsible investment firms, and it was precisely this engagement that may have facilitated the continuation of harmful practices. According to Coumans, such situations can arise when the intermediaries in question fail to advance the claims being made by rights-holders against the corporation, when they lend legitimacy to corporate strategies, and, being bound by confidentiality agreements, remain silent about the human rights abuses which they are able to observe. See Coumans, Catherine, ‘Occupying Spaces Created by Conflict: Anthropologists, Development NGOs, Responsible Investment, and Mining: with CA comment by Stuart Kirsch’ (2011) 52(S3) Current Anthropology, Corporate Lives: New Perspectives on the Social Life of the Corporate Form, 2943 .

67 See, for example, Damodaran, Aswath, Strategic Risk Taking – A Framework for Risk Management (New Jersey: Pearson / Wharton School Publishing, 2007).

68 See above, note 64.

69 Joseph Heath cautions against assuming perfectly rational behavior of companies. He suggests that agency theory and other economic theories based on rational behavior models would be helpful analysis tools as they operationalize ‘a certain form of moral scepticism’ and show ‘what the consequences of generalized immorality would be’—rather than tools to predict actual behavior. See Joseph Heath ‘The Uses and Abuses of Agency Theory’ (2009) 19:4 Business Ethics Quarterly, 497–528.

70 However, popular ‘business case’ thinking that underwrites the view that it might be profitable to respect human rights is implicitly suggesting that it is a consideration to take into account. A parallel argument with regard to the corporate responsibility to respect human rights as being moral duty has been presented by Fasterling, Björn and Demuijnck, Geert, ‘Human Rights in the Void? Due Diligence in the UN Guiding Principles on Business and Human Rights’ (2013) 116 Journal of Business Ethics, 799814 .

71 Muchlinski, note 33.

72 In the field of private security, reference could be made to the Voluntary Principles on Security and Human Rights, see: (accessed 20 June 2016). For a case study on the implementation of the Principles and the problems associated with their use on the ground see, e.g., EarthRights International &The Centre for Environment, Human Rights and Development, ‘Assessing and Improving the Voluntary Principles on Security & Human Rights: Lessons from the Nigerian Experience’ (May 2013), (accessed 20 June 2016).

73 See above, Section IV.

74 Cf United Nations Office of the High Commissioner, note 5, 51, that recommends not entering into a business relationship, when it is unlikely that the business enterprise can use its leverage to prevent or mitigate the risk of human rights abuses by the other party.

75 Fasterling, Björn, ‘UN Guiding Principles on Business and Human Rights – Implications for Human Rights Risk Management’ (2015) 27 Revue Internationale de la Compliance et de l’Ethique des Affaires, 2023 .

76 Cf Wesley Cragg, who argues that the respect of human rights as an explicit ethical obligation would provide the responsibility to respect with a stronger justificatory foundation. Cragg, Wesley, ‘Ethics, Enlightened Self-Interest, and the Corporate Responsibility to Respect Human Rights: A Critical Look at the Justificatory Foundations of the UN Framework’ (2012) 22:1 Business Ethics Quarterly 936 . Björn Fasterling and Geert Demuijnck hold that corporate responsibility to respect human rights would need a ‘moral commitment’ by corporate agents to be effective, Fasterling and Demuijnck, note 70.

77 Denis G Arnold has argued that human rights respect should be interpreted in a moral sense, meaning that human rights should be considered as minimal ethical requirements that are universally valid, which implies that the moral duty to respect them would be an absolute side-constraint of doing business. See Arnold, note 32.

78 For this argument, cf Sherman and Lehr, note 5.

* Professor of Law, EDHEC Business School, LegalEdhec Research Center, [].


Human Rights Due Diligence as Risk Management: Social Risk Versus Human Rights Risk



Altmetric attention score

Full text views

Total number of HTML views: 0
Total number of PDF views: 0 *
Loading metrics...

Abstract views

Total abstract views: 0 *
Loading metrics...

* Views captured on Cambridge Core between <date>. This data will be updated every 24 hours.

Usage data cannot currently be displayed