The Dutch Banking Sector Agreement on Human Rights: Changing the Paradigm from ‘Opportunity to Affect’ to ‘Responsibility to Respect’ – By Benjamin Thompson

Editor’s note: Benjamin Thompson is a PhD candidate in business and human rights at Tilburg Law School in the Netherlands. His PhD research deals with the effects of the UN Guiding Principles on Business and Human Rights' endorsement of operational level, non-judicial grievance mechanisms and their role in improving access to remedy. He recently published an article for Utrecht Law Review’s Special Issue on Accountability of Multinational Corporations for Human Rights Abuses which discussed the roles the new Dutch multistakeholder initiative with the Dutch banking sector might play in improving banks’ performance with respect to human rights.

In November of last year the Asser Institute offered me the opportunity to take part in a roundtable on the Dutch Banking Sector Agreement (DBA), as part of their Doing Business Right Project. Signed in December 2017, the DBA is a collaboration between the banking sector, the government, trade unions and civil society organisations (CSOs), all based within the Netherlands: the first of its kind. It focuses on banks’ responsibility to respect human rights, as stipulated in the UN Guiding Principles on Business and Human Rights (UNGPs) and OECD Guidelines for Multinational Enterprises (OECD Guidelines), within their corporate lending and project finance activities. The DBA has been something of a hot topic in business and human rights circles. However, it has not yet published a public monitoring report, making any evaluation of its performance at this stage difficult. During the roundtable, we discussed the role of the DBA as a potential means to improve the practices of Dutch banks with respect to human rights. A key challenge identified from this discussion, as reported here, was the various ‘interpretive ambiguities inherent in the UNGPs’. A key conclusion was that ‘further dialogue is required... to ascertain what conduct on the part of the banks is consistent with international obligations’.

This is not a unique conclusion to arise from multistakeholder discussions on banks and human rights; the discussion often focuses on what financial institutions are required to do to meet their responsibility to respect human rights under the UNGPs. So much so that questions concerning implementation or evaluation are often left by the wayside. As a result, when presenting my research on the DBA for the Utrecht Centre of Accountability and Liability Law’s Conference on ‘Accountability and International Business Operations’, published here, I decided to focus on how the DBA had responded to those key points of friction where there is the greatest disagreement between how different stakeholders conceive banks’ human rights responsibilities. This blog post seeks to build on this previous entry, hopefully without too much repetition.

Banks and Human Rights

So, how do the UNGPs apply to banks? Well, there is hardly a dearth of initiatives set up with exactly that question in mind. We have had various OECD initiatives providing analysis on banks’ human rights responsibilities, the UN Environmental Programme’s Financial Initiative, the OHCHR and UN Working Group on transnational corporations and human rights’ pronouncements on this matter, the Thun Group’s discussion papers (2013, 2017a and 2017b) on the UN Guiding Principles and now the DBA. While some have pointed to the interpretive ambiguities within the UNGPs as themselves preventing any emerging consensus, and I am certainly not denying there are interpretive ambiguities (there are), I would suggest this is not, in practice, the key challenge in banks developing practices consistent with the UNGPs. Banks’ interpretation of the UNGPs is largely eclipsed by their own preconceived understandings of their existing due diligence processes with respect to social and environmental risks (E&S due diligence), which originate before the UNGPs and are arguably rooted more robustly in a market-based paradigm. While banks have, at times, expressed concerns over whether their existing E&S due diligence procedures can adequately incorporate the full range of behaviour required under the UNGPs,[1] there has been a considerable effort amongst some banks to interpret the UNGPs in line with their existing practices.

This is perhaps best illustrated in the Thun Group’s 2017 discussion papers which dealt with questions as to how the UNGPs applied to banks, in particular how banks should understand their involvement in human rights impacts related to their financing activities. The paper suffered from various deficits of interpretation (that banks cannot contribute to human rights harms, they have no role in remedy, due diligence is largely limited to whether and how to approve a financial transaction etc.). The paper was such an affront to the UNGPs that it prompted John Ruggie, the main architect of the UNGPs, to write an open letter pointing at many of these failings. A representative of the Thun Group, Christian Leitz responded to say the paper was an ‘industry perspective’ and that he would welcome Ruggie and other stakeholders’ views in order to foster a discussion. Ruggie responded stating that many of the (quite stark) failings of the Thun Group paper to encapsulate the intention of the UNGPs did not amount to rival ‘opinions’ or ‘interpretations’ but were ‘factually incorrect’ and that it would be difficult to have a dialogue based on ‘alternative facts’.

While it might be true that the banks interpretations are ‘factually incorrect’ or, as David Kinley put it, that the recent Thun Group paper is simply an attempt by banks to dodge their human rights responsibilities all-together, how are we to understand this misalignment between banks’ understanding of the UNGPs and the logics of the UNGPs themselves (assuming ‘we’ share a kinship with the business and human rights project)? One can say that the Thun Group is failing to take its human rights responsibilities seriously; one can probably also cast that claim to include a much broader range of business enterprises and industries. However, to the extent to which businesses are not accepting and internalising the norms of the UNGPs, it is perhaps equally accurate to say both that businesses are failing to meet the UNGPs and that the UNGPs are failing in their ‘norm-building’ mission, with its key objective of ensuring business enterprises accept their responsibility to respect human rights as part of their business practices. Any serious proponent of the ‘business and human rights project’, must therefore understand the need to identify where the tensions are between industry perspectives and the UNGPs, and seek to evaluate which initiatives (if any) are successful (or partly successful) in bringing business enterprises’ understanding of their human rights responsibilities closer to that understood in the UNGPs. It is from this question of the extent to which banks are moved to a greater alignment with the normative requirements of the UNGPs that I will evaluate the Dutch Banking Agreement (DBA) as a multistakeholder agreement.

Given the backdrop of divergences over attitudes to banks and human rights, the DBA plays an important role. It is the only initiative which has actually reached any output on banks responsibility to respect human rights which is based on consensus. The initiatives cited above stem from organisations which represent a single type of stakeholder (States or banks), which may or may not consult other stakeholders but never require multistakeholder consensus for an output to be reached. Below is an analysis in how these divergences have been bridged somewhat in the text of the DBA, according to five identified divergences between the UNGPs and banks E&S due diligence processes. The description of banks’ perspectives with respect to their own E&S due diligence processes and human rights in the subsequent sections are principally taken from financial institutions’ responses to an OECD survey on environmental and social risks and the Thun Group papers: the Thun Group represents some of the world’s largest banks.

1.     ‘responsibility to respect’ vs ‘opportunity to affect’

While the UNGPs understand the actions businesses must take with respect to human rights as one of ‘responsibility’, E&S due diligence is more often understood as good business or ‘opportunity’.[2] This not only has connotations for both how banks see the nature of their practices with respect to human rights but also how they define the content of what is required. For instance, the contexts in which banks take action is often understood by the extent to which they have the opportunity to enact change in a client’s behaviour, rather than their responsibility for an impact (e.g., causing, contributing, directly linked, no link). Banks are happy to include ‘forward looking’ risk mitigation measures as part of their practices but are often reluctant to accept that they should take actions which imply a greater responsibility for the impact on their part. When understanding the application of the UNGPs, banks have often not considered themselves to be in even the lowest category of involvement (directly linked) in relation to human rights harms connected to their activities, preferring to consider themselves as not involved or ‘indirectly linked’.[3] Some have completely ruled out the relevance of remedy.[4] Banks have received more approval when they have discussed what they ‘could do’ compared to what they ‘should do’, where they are notably more ambitious. This led to a much more welcomed reaction to the first Thun Group paper in 2013, which focussed on operational principles, compared to more criticised Thun Group papers in 2017, which focussed on foundational principles.

The DBA commits adhering banks to meeting the responsibility to respect human rights, as understood in the OECD Guidelines and UNGPs (article 1). Adhering banks have all signed declarations of adherence to the Agreement stating that they are bound by the Agreement. However, as some of the requirements of the DBA go beyond the responsibility to respect (e.g., article 10 on Sustainable Development), it is not always clear which aspects of the DBA the stakeholders consider to be part of their responsibility to respect human rights and which arise solely from the Agreement itself.

One particularly progressive element of the DBA is its inclusion of remedy, referred to under the article ‘Enabling Remediation’. This article looks at the steps a bank can take to ensure their client’s provide remedy for human rights harms, and it also raises the question of how impacts can be addressed or remediated based on the categories of a bank’s involvement in human rights impacts. However, it omits any explanation of the categories of a bank’s involvement, leaving this to further exploration by a working group, which promises to incorporate guidance provided by the OECD. The findings of the working group are to be integrated into the practices of the adhering banks. Banks are required to have individual complaints mechanisms open to clients and third parties, but the DBA makes clear these are not grievance mechanisms as understood in the UNGPs/Guidelines (article 3.5). Banks seem to need only to report on steps taken to prevent and mitigate impacts in their annual reports used by the DBA’s monitoring committee, covering their implementation of articles 3 (on policies) and 4 (on due diligence) but not article 7 (on enabling remediation).

2.      ‘risks to people’ vs. ‘risks to bank’

E&S due diligence is principally concerned with risks that could present a liability to the financial institution; human rights risks are considered risks to the bank rather than risks to people, although these risks may coincide. This market-based paradigm depends on adverse impacts on a bank’s bottom line as the key incentive for a bank to carry out due diligence, and it also acts as a disincentive for banks to take action where doing so might deprive them of a business opportunity.[5]

When responding to an OECD survey on how financial institutions understand how the OECD Guidelines apply to them, financial institutions were asked what factors influences how much leverage they had. Banks largely identified risks falling under ‘risks to the bank’[6] as the main factors rather than factors that an outsider might see as more linked to the UNGPs understanding of leverage: the ability to influence a situation. Commercial providers of E&S risk information for use in E&S due diligence, such as Reprisk, still view environmental and social risks as those risks to the bank: to a bank's reputation, to banks complying with national law and to a bank’s finances.

The DBA looks to risks to people as the basis for what action should be taken (article 4.2). It recognises that this goes beyond existing E&S due diligence practices, and it expects banks to report on their human rights performance under the UNGPs Reporting Framework which requires that businesses look at impacts on people not themselves. Two occasions where a ‘risks to bank’ lens may enter the Agreement’s implementation is through the cross referencing of initiatives which do adopt this paradigm (the IFC Performance Standards and Equator Principles) and through mentioning that banks terminate their relationships where the client has broken ‘material due diligence requirements’ (article 4.3.b).

There is also reference to a concern over the potential financial implications for banks resulting from more robust human rights practices: the need to produce a ‘level playing field’ internationally (article 4.5.b).  However, at no point is it suggested that banks’ compliance with the DBA is contingent on them not being placed at a competitive disadvantage as a result. Overall, the ‘risks to bank’ paradigm is minimal and the ‘rights to people’ paradigm is kept central to the DBA.

3.     ‘transactional due diligence’ vs. ‘human rights due diligence’

Banks’ due diligence is commonly understood to primarily cover those actions taken by banks up to the point where the transaction takes place as opposed to the full duration of the business relationship as under the UNGPs. The types of measures expected will depend primarily on the type of financial product offered, the type of client and their overall risk profile. Banks have consequently interpreted those terms within the UNGPs/Guidelines which refer to actions moving beyond the client of actions required after the point of transaction narrowly, understanding value/supply chains as limited to their own suppliers[7] and not recognising any role for termination of relationships or remediation.[8] The Thun Group papers introduced ‘new’ terms to the UNGPs – unit of analysis and proximity – which largely sought to reconstruct the UNGPs to fit within this transaction based model, limiting how directly linked a bank was, and the actions a bank should take, to the type of transaction and which member of a corporate group the bank made the transaction with.

The DBA recognises that adhering banks should base what kinds of action they take based on the severity of the (potential) impact rather than the nature of the transaction (article 4.3(a)). The due diligence provisions do not state that actions to identify, prevent and mitigate human rights impacts are limited to the lead up to the transaction, and they expressly require the banks to monitor, track and assess the outcomes of their due diligence. It also stresses the need to look to creative means of exercising leverage (article 9).

The DBA covers many of those aspects of the UNGPs which banks have been reluctant to include in their policies and which have been hitherto overlooked by the Thun Group – termination of business relationships, value chains and remediation – albeit in a more diminished way than some of the other responsibilities under the UNGPs. Value chains are limited to those mapping exercises under the text and decided upon by the parties to the DBA, and identification of impacts in value chains is not expressly part-and-parcel of a bank’s human rights due diligence processes, which are largely limited to actions to be taken with respect to the client (article 4). Termination of relationships is mentioned as a possible action where a client is repeatedly not able or willing to comply with material due diligence requirements, but this is left entirely to the discretion of the bank (article 4.3(b)). Thus, the DBA accepts the need for more than a transactional due diligence approach, adopting an understanding closer to the human rights due diligence approach in the UNGP/Guidelines.

4.     ‘client-only engagement’ vs. ‘stakeholder engagement’

Banks limit themselves primarily to engaging with their client and not external stakeholders, as understood in the UNGPs. Engagement with external stakeholders is often considered the responsibility of the client, not the bank. Unfortunately, client-only engagement plays a dominant role in the DBA. All mention of meaningful consultations with stakeholders is the duty of the client, with banks expected to influence clients to do so, rather than also the responsibility of the bank. The DBA itself seeks to collaborate with the OECD, but does not expressly set up platforms for engagement with rights-holders. Inclusion of the CSOs and unions which are party to the DBA is itself seen as stakeholder engagement, and the CSOs and unions are expected to empower ways of interaction with affected stakeholders (article 12(a)), but this requirement is placed only on CSOs and there is no equivalent requirement on the adhering banks. Within the DBA itself, inclusion of rights-holders appears to depend on representation through the CSOs and unions. The text of the DBA sets up a dispute resolution mechanism, but this is again only open to parties of agreement; the DBA has no grievance mechanism open to external stakeholders to complain about its implementation, despite this being required under the UNGPs (article 13.3).

5.     ‘knowing and withholding’ vs. ‘knowing and showing’

In the UNGPs, there is an understanding that the relationship between civil society and business will move from ‘naming and shaming’ – whereby outsiders shame businesses for human rights impacts – to ‘knowing and showing’ – where businesses themselves understand and deal with their human rights impacts – showing what actions they are taking. However, banks are largely opposed to such a level of transparency, often glossing over any responsibility to ‘account for’ what actions they take publicly, beyond publishing their policies, sometimes citing regulatory rules or client confidentiality as a reason for not doing so.[9]

Client confidentiality plays a dominant role in banks’ reasons for not disclosing their human rights performance. The DBA states that all of the commitments of the banks are subject to law, and disclosure of banks’ actions in pursuance of the DBA’s provisions is limited by client confidentiality and banks’ internal policies (article 14.8(a)). It also states that banks should engage in being as transparent as possible and that the parties should discuss options for greater transparency (article 6.10).

The first and only public output of the DBA to date was legal advice on what forms of information banks could share with the CSOs and the public. It did not limit itself to law, including provisions of loan agreements that banks enter into and market practice. It concluded that individual client information cannot be discussed unless there is the consent of the client, this information is released in compliance with a statutory obligation of disclosure or it is made anonymous. This is likely to significantly impact what banks can ‘know and show’ in the course of their activities and in their reports under the DBA.


The future of the DBA

In this blog, I have focussed on how the DBA may help bridge the current deficit between how banks have traditionally sought to interpret the UNGPs in relation to their activities and the logics of the UNGPs themselves. To the extent the text of the DBA has bridged some of these gaps, the question remains to what purpose. Although it is too early to tell how the DBA will be implemented in practice, in my full article, which this blog is based on, I go into three roles that the DBA might play: regulation, experimentalism, and advocacy.

Regulation depends on ‘rules’ which will require a greater degree of conciseness than is in the UNGPs themselves. In those areas where there is the greatest convergence between the UNGPs and existing E&S due diligence processes, e.g., risk mitigation at the point of transaction, the DBA does have relatively precise requirements. In practice, enforcement of these requirements may, to some extent, be compromised by the DBA’s less-than-ideal enforcement apparatus, as there are some conflicts of interest between the different bodies responsible for the DBA’s implementation.[10]

Experimentalism is particularly relevant for those parts of the DBA where there is less consensus between the parties, e.g., remediation. Experimentalism is based on an iterative and reflexive cycle whereby broadly defined goals and metrics are agreed on, preliminary actions are taken, these actions are assessed against the goals and metrics, and then the goals and metrics are revised in light of lessons learned before the cycle begins again.

Advocacy refers to the DBA’s potential as possibly the only initiative in banking and human rights to result from a genuine multistakeholder consensus to advocate for the uptake of similar norms at the international level. For instance, the outcomes of the remedy working group and the exchange of best due diligence practices is expected to feed into the OECD processes on banking and human rights. This will depend on the DBA not only reaching new normative consensuses but also a) advocating for them internationally and b) demonstrating their added value in practice. While the DBA shows promise, it is yet to be seen what role it will actually play (if any) in the wider business and human rights project.                                        

[1] OECD Working Party on Responsible Business Conduct, ‘Environmental and Social Risk Due Diligence in the Financial Sector: Current Approaches and Practices’ (June 2013), (OECD Survey), p. 53.

[2] Ibid., p. 54.

[3] Ibid., p. 51.

[4] Thun Group, ‘Discussion Paper on the Implications of UN Guiding Principles 13 & 17 in a Corporate and Investment Banking Context’,(January 2017), p. 15.

[5] OECD, ‘Global Forum on Responsible Business Conduct 26-27 June 2013 Summary Report’ (2013), p. 17.

[6] OECD Survey, p. 61.

[7] Ibid, p. 52.

[8] Thun Group 2017 paper.

[9] Benjamin Thompson, ‘The Dutch Banking Sector Agreement on Human Rights: An Exercise in Regulation, Experimentation or Advocacy?’ (2018) 14(2) Utrecht Law Review 84, p.89.

[10] Ibid., p. 96.

Comments are closed