Transposition into law with a cautionary Brexit tone
Directive 2014/95/EU of The European Parliament and of The Council of 22 October 2014 (the Directive) amended Directive 2013/34/EU about disclosure of non-financial and diversity information by certain large undertakings and groups. Member States had an obligation to finalise the transposition of the terms of Directive 2014/95/EU into national legislation by 6 December 2016.
The UK has just made it under the wire by enacting The Companies, Partnerships and Groups (Accounts and Non-Financial Reporting) Regulations 2016 (the “Company Regulations 2016”) after they were approved by both the House of Commons and the House of Lords on 12 December 2016. These amend The Companies Act 2006 (Strategic Report and Directors’ Report) Regulations 2013 (the “Company Regulations 2013”). The law should come into force next week just before Christmas and will be applicable in both the UK, Scotland, and Northern Island.
In the new post-Brexit environment statements in both Houses reflected the Government view as being that the Directive was sensible, but that going forward things could change as the UK reevaluated its relationship with Europe.
When introducing the regulations on 7 December 2016 the Parliamentary Under-Secretary of State for Business, Energy and Industrial Strategy (Margot James MP) said:
“It is greatly to our advantage for the UK to maintain its reputation as a hub of global transparency. However, as our future relationship with the EU becomes clearer, it may lead us to examine whether certain aspects of company law are cost-effective. In the meantime, I am sure Members will agree that building on the reputation of UK governance and the reliability of annual reports can contribute to making the UK an attractive place to invest.”
Subsequently, in the House of Lords on 12 December 2016 Lord Henley said:
“[The UK had] implemented the minimum requirements of the directive. There is no gold-plating”. He then echoed Margot James MP by saying that “the United Kingdom’s company reporting regime is well regarded. It is very important to maintain the United Kingdom’s reputation as a hub of global transparency. However, as our future relationship with the EU becomes clearer, this may lead the Government to examine whether certain aspects of company law are cost effective. In the meantime, building on the reputation of UK governance and the reliability of annual reports can contribute to making the UK an attractive place to invest.”
What has actually happened to UK Law?
Transposition into national law meets the minimum requirements of the EU Directive, which is the Government’s preferred approach to EU implementation. In practical terms what has happened is that the Directive has been written into the Companies Act 2006 through the insertion of additional sections 414CA and 414CB after section 414C. Section 414C(7) is replaced by 414CB (1)-(6) except as it relates to community issues [see 414CB(7)].
Which companies are caught by the new 414CA and 414CB?
The Company Regulations 2016 impose a reporting obligation on large public-interest entities (listed companies and qualifying partnerships, banks, insurance undertakings and other companies that are so designated by Member States) to disclose relevant environmental and social information in their management reports, commencing with their first reports to be published in the financial year commencing on or after 1 January 2017. Certain exemptions apply, for example, if they are a small or medium sized company or if a company has less than 500 employees. Please refer to section 414C(1) for which companies are caught by the amendments and section 414C(3)-(7) for those which are exempt.
As Lord Henley said in the House of Lords, the regulations “are intended to capture companies that are likely to have the most impact on society and the environment.” He went on to say that the government estimates “that the total number of UK companies that will be impacted by the regulations beyond familiarisation costs will be around 260 public interest entities. A further 15,000 subsidiaries of public interest entities will also be impacted by the need for reporting across the corporate group.”
EU wide, the Directive will require around 6,000 large companies listed on EU markets, or operating in the banking and insurance sectors to comply.
What do companies need to do to comply?
Companies that are caught by the Company Regulations 2016 need to disclose, as a minimum requirement, relevant and useful information in their Strategic Report “to the extent necessary for an understanding of the company’s development, performance and position and the impact of its activity” relating to [see section 414CB(1)(a)-(e)]:
- environmental matters (including the impact of the company’s business on the environment),
- the company’s employees,
- social matters,
- respect for human rights,
- anti-corruption and anti-bribery matters.
The information provided in the statement must include [see section 414CB(2)(a)-(e)]:
- a brief description of the company’s business model;
- a description of the policies pursued by the company in relation to the matters mentioned above and any due diligence processes implemented by the company in pursuance of those policies,
- a description of the outcome of those policies,
- a description of the principal risks relating to the matters mentioned above, arising in connection with the company’s operations and, where relevant and proportionate-
- - a description of its business relationships, products and services which are likely to cause adverse impacts in those areas of risks, and
- - a description of how it manages the principal risks, and
- a description of the non-financial key performance indicators relevant to the company’s business. This means factors by reference to which the development, performance or position of the company’s business, or the impact of the company’s activity, can be measured effectively.
What companies need to think about under 'human rights'?
The requirement to report on human rights in a listed company's strategic report has existed since the Company Regulations 2013. As before, and in line with overarching guidance set out in the UN Principles on Business and Human Rights, categories of “respect for human rights” should continue to be defined in accordance with the International Human Rights Instruments. Of particular relevance for UK companies are the convention rights under the European Convention on Human Rights (ECHR) and its Protocols. The most relevant Convention rights under the ECHR that will be engaged under the Regulations are likely to be: the right to life (Article 2); the right not to be subjected to torture or inhuman or degrading treatment (Article 3); the prohibition of slavery and forced labour (Article 4); the right to respect for private and family life (Article 8); and the right to the peaceful enjoyment of a person’s possessions (Article 1, Protocol 1).
Will the changes require companies to adopt a new reporting framework?
Not so. The Company Regulations 2016 provide that where the information required to be included in the statement is published (elsewhere) by the company by means of a national, EU-based or international reporting framework, the statement must specify the framework or frameworks used, instead of including the information in the statement. Therefore, there is some flexibility for companies to disclose the relevant information in a separate report submitted under other international, European or national guidelines (e.g. the UN Global Compact, theUN Guiding Principles on Business and Human Rights, the OECD Guidelines for Multinational Enterprises, ISO 26000, etc.). However, where the relevant information is submitted in this way, it must still comply with the minimum requirements as to its content, under section 414CB. In Cerno we advise companies to report in line with the over-arching guidance provided by the UN Guiding Principles on Business and Human Rights. At the meta level we believe we can expect this to become the standard that governments will legislate towards. The EU directive and these regulations are an example.
How long have companies got to make these changes?
Affected companies will have over a year to get their ducks in a row, because the new requirements apply “in relation to the financial years of companies and qualifying partnerships beginning on or after 1st January 2017” [Section 1(1)(a)]. In other words, a company’s 2018 Strategic Report will need to be comply with the new regulations.
What happens if a company does not comply?
The penalties for non-compliance with the requirements as to the contents of the strategic report are unchanged. Under section 414D(2) of the Companies Act 2006 (as amended), if a strategic report is approved that does not comply with the requirements of the new regulations then every director of the company who knew that it did not comply, or was reckless as to whether it complied, and failed to take reasonable steps to secure compliance with those requirements or, as the case may be, to prevent the report from being approved, commits an offence. As non-compliance is made a criminal matter, any director who contravenes section 414D(2) is liable to criminal prosecution. The Department for Business, Energy and Industrial Strategy (BEIS) has responsibility for the “regulation” of limited companies and it will be responsible for undertaking criminal investigations and prosecutions relating to contraventions of section 414D(2). The Financial Conduct Authority (FCA) is the conduct regulator for financial services firms and financial markets in the UK and they are likely to be involved in any investigations and prosecutions in this sector of business.
Any director who is found guilty of an offence under section 414D(2) will be liable to a fine. Moreover, in cases where there has been a serious contravention, the directors are likely to be prosecuted for an indictable offence in the Crown Court, where the penalty upon conviction is an unlimited fine. Finally, a director who has been convicted of an offence under section 414D(2) in the Crown Court would be liable to be disqualified from holding office as director, or from being otherwise involved in the management of limited companies, under the provisions of section 2 of the Company Directors Disqualification Act 1986 (CDDA). The maximum period of disqualification under this section is 15 years. Even where a director is convicted of a summary offence under section 414D(2) in the magistrates’ court, he could be disqualified for a period of up to 5 years under section 5 CDDA.
The penalty regime under the Companies Act 2006 (as amended by the Company Regulations 2016) is, therefore, much stronger than under the Modern Slavery Act 2015, where under Section 54(11) the only state sanction against a non-compliant company is if the Secretary of State brings civil proceedings in the High Court for an injunction. The grounds of non-compliance under the Modern Slavery Act are also more limited, being limited to procedural matters, rather than content. So, under the Modern Slavery Act, non compliance is confined to situations where the statement was not approved and signed by the relevant senior entity (i.e. board of directors/director [s.54(6)(a)] or partner [s.54(6)(b)-(d)), or if it was not correctly published on the company website or, if the company has no website, it was not made available in a timely fashion [s.54(7)-(8)].
So what is different?
As just said, the penalties are stronger than that for non-compliance under the Modern Slavery Act. However, they are nothing new for companies already complying with the earlier Company Regulations 2013.
A key difference is that under the Companies Regulations 2013 (which enacted section 414C) there was no need to report on anti-corruption and anti-bribery matters. The obligation to report on anti-corruption and anti-bribery matters is an entirely new reporting requirement. The intention of the government is to “bring discussions on these issues to the boardroom and to demonstrate to shareholders and other parties that [companies] are considering issues in their proper context and addressing potential risks.” [See Hansard for both Margot James MP and Lord Henley].
The second difference might seem like a nuance, but it is fundamental, especially for human rights defenders who wished that the Modern Slavery Act had more bite. In short, under the earlier Companies Regulations 2013 and section 414C of the Companies Act 2006, if a company did not report on any of the matters listed, it needed to only state “which of those kinds of information it does not contain" [see section 414C(7)]. Similarly, section 54 of the Modern Slavery Act 2015 is aspirational because company's statements ‘may’, but need not include the sorts of information listed in the new Companies Regulations 2016, i.e. policies, risk assessment, due diligence, etc. [creating the new section 414CB(2)(a)-(e) of the Companies Act 2006]
Importantly, the newly created section 414CB(4) places a different emphasis on reporting. It states that “if the company does not pursue policies in relation to one or more of the matters [listed to report on] the statement must provide a clear and reasoned explanation for the company's not doing so”. In the words of Margot James MP when introducing the regulations into the House on December 7th 2016:
“The regulations strengthen the current regime by requiring companies that do not have policies in these areas to provide an explanation for not doing so. I stress that companies are not required to make policies in order to have something on which to report, but they will have to consider whether they should have policies on such matters. Furthermore, if they decide they should not, they will have to explain their reason for the omission.”
So yes, while companies may still not need to have policies, or conduct risk assessments, due diligence, or monitor impact, etc, around issues of human rights (or all others matters listed in 414CB(1)(a)-(e) for that matter) they will now need to publicly justify such omissions. This creates a whole new level of reporting burden and consequentpotential for embarrassment and reputational risk.
The intention of the government seems clear in our opinion. Large UK public interest companies are being asked to do more when reporting on human rights; and at the apex is the issue of modern slavery. This must be a good thing for those interested in ensuring business does more to be responsible for its human rights footprint.
So what comes next?
Official guidance would be helpful. The Directive itself requires the EU Commission to prepare non-binding guidelines on the methodology for reporting non-financial information by 6 December 2016. The EU Commission has stated that it is making its best efforts to make the guidelines useful for companies and that publication of the guidelines can be expected in spring of 2017. In the Commission's own words the slight delay has occurred in order to enable the drafters to consider as far as possible the work of the industry-led Task Force on climate-related financial disclosures established by the Financial Stability Board (FSB). This is no bad thing; but as lawyers and consultants seek to advise their clients on the nuances of the changes, official guidance will be helpful. Presumably, further guidance will come from the UK government in due course (similar to that provided under section 9 of the Bribery Act) .
It can be seen from the above summary that the new Company Regulations 2016 have moved the goal posts. Directors of companies/partners in partnerships that fall within the new Regulations will have to think much more carefully about the contents of their strategic report. Failure to do so may result in a criminal conviction and an unlimited fine.
The Company Regulations 2016 are another good step forward to encourage uptake by business of ethical human rights compliance. The trend towards asking businesses to do more on human rights that was started in the first instance by the UN Framework and Principles on Business and Human Rights, concretised into UK law by the Companies Regulations 2013 and the Modern Slavery Act 2015, is now being strengthened further by the Companies Regulations 2016.
All the signs are there that the legislators are saying the days of tick-box human rights/modern slavery compliance are over. Instead, they want to see more meaningful integration into business practice of human rights risk assessment, due diligence, impact measurement and remedy. At least they want to see this level of compliance undertaken by the bigger companies; and then see this effect trickle down to businesses who are involved further down the supply chains.
Cerno is an ethical practice that acts for government, corporate and NGO clients to solve problems of modern slavery. We can help you change your perception of compliance as being an ‘add-on’ cost, by ensuring that it becomes a useful tool to minimise risk and improve business practice to bring real value to your bottom line.
Paul Garlick QC / Michele Law (Cerno Co-Founders) ©