Do we finally have some clarity over "minimum safeguards" in sustainable finance?

The purpose of MS is to ensure that an investment cannot be described as sustainable where it fails to meet minimum social standards. Although Article 18 of the Taxonomy Regulation defines MS in terms of international standards, these may not be binding on, nor enforceable against, all entities because governments may not have enshrined them into national law.

The EU Taxonomy, with its focus on reporting, does not require adherence to the standards, even though the prospect of disclosure of a poor record in these governance areas may be a driver of improved performance (and some pan-EU and domestic laws may require compliance with aspects of the standards). Similarly, the EU's draft Directive on Corporate Sustainability Reporting ("CSRD") would explicitly require disclosures on human rights, social and governance issues, as well as environmental matters, but an entity could theoretically disclose low levels of adherence to international standards without any legislative penalties.

By contrast, the draft EU Directive on Corporate Sustainability Due Diligence ("CS3D"), which is still in discussion among European legislators, would require in-scope companies to comply with national implementing laws aligned with international standards on human rights and labour laws (such as the OECD Guidelines and the UNGP); this is described by the PSF as the "hardening" of soft law instruments. For this reason, the report discusses MS in the context of CS3D, in some detail.

The report notes that several European countries have laws on "responsible business conduct standards", namely France, Germany, the Netherlands and Norway, with early legislative action in others (Austria, Belgium, Finland and Spain). While in principle there is some potential for compliance with these laws to be equivalent to compliance with the MS, the divergent scope, coverage, disclosures and implementation under the respective national laws mean that in practice compliance with MS cannot be assumed from mere compliance with these laws. 

For benchmarking purposes, investors struggling to work out how to comply with the MS in the absence of any guidance may be interested in the PSF's analysis of current market practice. The report observes an overall difficulty for entities trying to comply with MS, with lack of data a key issue, particularly for non-EU countries.

A key missing piece of the puzzle relates to the "process" element of compliance with MS. Specifically, the report notes that a core element of MS compliance is a requirement that companies actively implement due diligence processes and report on progress in doing so. To measure compliance with this requirement, the first step, the PSF suggests, is to "understand whether a company reports on its due diligence approach". Without this, the entity cannot be considered MS compliant. Interestingly, therefore, the report concludes that the lack of data in this area indicates low overall compliance with the UNGP – the assumption being that, if the data is not available, companies must not be reporting it. This is notwithstanding some entities' approach of adopting the UNGC in order to demonstrate compliance with the UNGP and therefore the MS.  

The report also critiqued the use of ESG rating agencies more generally. Though none were named, four were reviewed in the course of compiling the report, with their various approaches to deciding a rating assessed according to (i) topics covered as against the four "core" topics for which compliance with MS should be defined (being human rights, including workers' rights, bribery and corruption, taxation and fair competition); and (ii) the process element highlighted above, as against a solely performance (or outcomes) based assessment (i.e. those agencies which use controversies screens to pick up publicly disclosed allegations on human rights abuses of the company). The report notes that any ESG rating that is based on an absence of controversy alone, or which uses its own value judgement of the seriousness of a controversy, is not adequately assessing compliance with the UNGPs because it does not assess the company's DD process. It is clear, then, why the PSF report notes that rating agencies are said to be "struggling" with the same data gap issues as those entities trying to comply with MS. Without such data, ESG rating agencies would rapidly find few entities to be in compliance with the UNGP, and by extension MS, thereby reducing the value of their own offering.

Controversy screening, although helpful, is to be understood not as a compliance tool but more a quality assurance tool in respect of the entity's due diligence screening. While findings from a controversy screen could indicate that the entity's DD process is not wholly effective, if the DD process works, a controversy screen would add nothing. This is because, the report suggests, a controversy finding does not necessarily indicate a failure to comply with MS, provided the entity remediates and uses the finding to improve its DD process.

Helpfully, the report recognises and recommends that any interpretation of "minimum safeguards" must be consistent with the upcoming CS3D, as well as existing legislation in related areas such as taxation and competition. As expected, the report makes clear that any non-EU company looking to adhere to MS cannot rely on standards less onerous than those applied to EU companies; this is despite the CSRD having an explicit provision for compliance to be achieved via equivalent regimes. The problem at present is that no international regime is as far reaching as that of the EU.

Key messages are that entities must implement adequate processes to ensure compliance with laws in the area of human rights, corruption, taxation and fair competition, and then the performance of those entities must be monitored. Although CS3D and CSRD will provide a route to compliance in respect of human rights, the PSF considers this not to be the case in respect of bribery (covered by CSRD but not CS3D at present), taxation and fair competition (which includes consumer rights and data protection). In these areas, entities must implement a process and report on it, and their performance will be measured by final convictions in court.

As already mentioned, the report places considerable emphasis on the "two dimensional assessment of MS alignment", namely both a process to avoid harm and an outcome indicating that harm was (mostly) avoided. The process is described as a "means to an end, rather than an end in and of itself", indicating that DD is far from a checkbox exercise, and the process is expected to evolve and develop according to the outcomes it delivers. As noted above, whereas an entity could be compliant with the MS if it discovers some occasional harm in its supply chain, it cannot be compliant with the MS if it has no robust process in place to avoid such harm.

In addition to a scenario where the entity has no, or inadequate, DD processes as outlined in the UNGP and the OECD Guidelines, the entity will also be deemed non-compliant with MS where there are clear indications of its failure to implement DD resulting in serious incidents occurring. This may be evidenced by:

• a conviction in court in respect of labour law or human rights (categories of cases to be expanded);
  
  
• an OECD National Contact Point accepting a case, with the entity then refusing to engage with the complainant or the NCP finding the entity not to be complying with the OECD Guidelines; or
  
  
• the Business and Human Rights Resource Centre (BHRRC) taking up up an allegation against the entity and the entity not responding in three months (in this case the entity will remain non-compliant for two years).

While the above criteria are likely to indicate a serious human rights or labour law breach, and quite a high bar, they are consistent with the principle that an entity is not expected to have a spotless record in relation to ESG, provided it learns from its mistakes.

The first key requirement, without which an entity cannot be in compliance with the MS, is for adequate DD processes. The report suggests that adequacy (presumably from the perspective of both investors and enforcement agencies) can be measured via the disclosures under the CS3D and CSRD where applicable, with reporting covering human rights due diligence in some detail, as proposed in the exposure drafts by expert advisory group EFRAG. The report details 6 key OECD/UNGP requirements which demonstrate whether an entity has implemented adequate human rights DD, and which map directly to disclosures proposed under the EFRAG standards:

Adequacy is to be judged according to the risks of the business model, jurisdiction and sector, consistently with the OECD's proportionate approach.

When considering some "best practice" examples of how companies are already seeking to align their human rights due diligence processes with MS requirements, the report supports the risk-based approach most often adopted by entities already seeking to comply with the MS, particularly those with Taxonomy-eligible activities, for example in the energy sector. This would see the entity prioritising risks based on severity and likelihood of occurrence, and would include a supplier questionnaire with enhanced DD in the event that initial screening raises concerns.

Once CS3D is finalised, and provided it retains alignment with the UNGP and OECD Guidelines, the report suggests that covered entities will be considered compliant with the MS in the absence of any convictions for breaches, but only in respect of those matters it covers (ie. human rights and labour rights).

In respect of the human rights DD process assessment element of MS compliance, until the CS3D is implemented (which increasingly looks to be quite a long period, despite initial efforts to push through the legislation quickly), the PSF suggests that external data sources such as the World Benchmark Alliance (covering over 1000 companies) may be relied on, or the underlying indicators used in those assessments applied to companies not yet subject to a WBA rating.

The report includes more detailed examples of non-compliant approaches and specifics on each of the four "core" MS areas, including bribery and corruption and taxation.

The report addresses project finance scenarios where the project is implemented by an SPV and the investor is looking at the sustainability of the project. Though acknowledging that an SPV with few employees and turnover is likely to qualify as a SME, the report suggests that an SPV should not be allowed to apply the lighter standards under development for SMEs under CSRD, but should comply with the CSRD large company reporting rules. Where the SPV is wholly or majority owned, the parent company would be required to demonstrate adherence to MS in order for the investment to be deemed sustainable. This conclusion is consistent with the Taxonomy, where the nature of the economic activity and its potential impacts rather than the size or nature of the entity performing it is determinative. However, considering that compliance with CSRD is the clearest means to compliance with the MS on human rights, this conclusion may lead to a position where SPVs (and SMEs more generally) are de facto required to report under CSRD. Alternatively, companies would face the unenviable task of devising a different way of complying. Interestingly, the report suggests that the Equator Principles may support – but not entirely cover – a compliance approach for investors (as these are not fully aligned with the UNGPs).

The report provides some very clear direction for investors and corporates looking to implement minimum safeguards in their business. The PSF appears keen to redeploy industry's efforts away from the relatively low-hanging fruit of identifying a prosecution or controversy around a human rights abuse, and towards the procedures and processes which will shape and improve ESG due diligence over the longer term, which is very much in line with the CSRD and CS3D approach and with the UNGPs themselves. It will also be a relief to investors to know that they need not rule out an investment for a less-than-perfect ESG record, provided the entity can put in the work to improve its future performance.

For now, all eyes remain on the CS3D, under which the human rights DD requirements will crystallise into legally binding obligations for in-scope companies. Though the prospect of MS compliance being assumed for companies covered by CS3D is a good news, MS compliance will remain something of a patchwork when tax, competition and other aspects of ESG tracking and performance must be taken into account outside of the CS3D. For UK companies with significant operations in the EU, the compliance position is largely the same as for EU companies, given the extraterritorial reach of the CSRD and CSDD, which though burdensome on the one hand, will yield much of the data required for Taxonomy and/or SFDR reporting. The UK continues to press ahead (albeit slowly) with its own sustainable disclosures regime, as well as a UK specific taxonomy; businesses will be hoping, however, that the UK Government does not opt for a vastly different approach, when the EU seems so intent on creating a gold standard for sustainable and responsible business conduct.