The Canadian Parliament is on the verge of passing new modern slavery legislation, the Fighting Against Forced Labour and Child Labour in Supply Chains Act (Bill S-211). The Act requires Canadian government institutions and select private-sector entities to, “report on the measures taken to prevent and reduce the risk that forced labour or child labour is used by them or in their supply chains.” The Act also provides for an inspection regime to enforce its provisions. As with the UK Modern Slavery Act, Australia Slavery Act, and other similar legislation, Bill S-211 contributes to the global fight against forced labour, child labour, and other forms of modern slavery.
This article explains who must comply with the Act, summarizes its requirements and penalties, and shares eight best practices for assessing forced labour risks in your supply chain.
All Canadian government organizations that produce, purchase or distribute goods in Canada must comply with the Act. In addition, commercial entities must comply if they are either a) listed on a stock exchange in Canada, or b) do business in and have assets in Canada that are at least $20 million, generate at least $40 million in revenue, and employ an average of at least 250 employees.
Note: Please review the Act in detail for a complete list of obligations. All best practice recommendations provided in this post should not be taken as legal advice.
Before May 31 of each year, Canadian government institutions and other in-scope entities must report on the steps they took to prevent and reduce the risk of forced labour or child labour in their supply chains during the previous fiscal year. This includes all stages of production for goods produced, purchased or distributed.
The report should include a summary of the following information about the organization:
The Act also requires organizations to issue a public report and publish it in a prominent place on their website.
If an organization fails to comply with the Act’s provisions, it could be liable for a fine of not more than $250,000.
Managing ESG Risks Across the Extended Enterprise
This analyst report from GRC 20/20 uncovers best practices for including ESG in your third-party risk management program.
The Act will come into effect on January 1 in the year following its royal assent, so now is the time to prepare to report on your supply chain practices. Consider these eight best practice recommendations to make the process easier:
Evaluate new suppliers on their environmental, social and governance (ESG) positions – including labour practices – by reviewing recent business and reputational insights, legal filings, ESG scores, sanctions and other related intelligence. Consolidate all insights into a single supplier profile that can be accessed by all teams in the organization, versus juggling multiple different sources of information. Also, align intelligence gathering with broader RFx management processes for more holistic supplier reviews.
Ensure enforcement of forced labour and child labour restrictions by building provisions into supplier contracts and tracking the supplier’s reporting progress over time. Instead of treating the contracting process separately, integrate it into your supplier risk assessment process. Do this by centralizing all contract distribution, discussion, retention and review processes and leveraging workflow throughout the supplier contract lifecycle.
Assess suppliers for threats to your organization by capturing, tracking and quantifying inherent risks. Calculate inherent risk based on criteria including:
From this inherent risk assessment, your team can automatically tier and profile suppliers; set appropriate levels of further diligence; and determine the scope of ongoing assessments.
Building and maintaining a centralized supplier database is essential to ensuring an effective supplier risk management (SRM) program and meeting the Act’s reporting requirements. The database should include comprehensive supplier profiles and provide role-based access to company contacts, demographics, 4th-party and Nth-party connections, and risk intelligence. This starts with any profiled risk data and external risk information captured during the RFx stage. This will also enable you to identify relationships between your organization and third, fourth and Nth parties to discover dependencies and assess any related exposure.
Instead of emailing suppliers with spreadsheet-based questionnaires asking for labour practice attestations, automate the process with a centralized and targeted web-based assessment. This enables you to centrally review and approve all assessment responses. It also enables you automatically register risks or reject responses and request additional input or evidence. Consider conducting assessments using a supplier risk management solution that it is backed by workflow, task management, and built-in remediation recommendations and reporting – all of which make it easier to meet reporting requirements and deadlines.
The Act requires organizations to report on measures taken to remediate any forced labour or child labour in their supply chains. Using the results of supplier assessments from step 5, you can make recommendations to the supplier, ask for policy clarifications, and be prepared to report any labour violations to authorities. Supplier risk management solutions will include built-in remediation suggestions for suppliers. It’s important to follow through on this step, since it is essential for mandated reporting.
Assessments are critical to gaining an insider’s view into a company’s labour practices. However, a lot can happen between annual report submissions. That’s why it is important to validate annual due diligence assessment results with continuous insights into reputational information, adverse media and negative news, regulatory and legal actions, sanctions and more. You can then correlate intelligence from continuous monitoring with periodic assessment results for more unified risk reporting. As noted in step 1, consolidating all intelligence into a “single pane of glass” will optimize your risk analysis efforts.
Store and distribute supplier labour policy documents, assessment results, monitoring findings, and remediations for dialog and attestation at the time of reporting. Supplier risk management solutions provide role-based access, enabling you to extend visibility to external auditors who may be examining your due diligence processes and consulting on annual reporting requirements.
The Prevalent Third-Party Risk Management Platform enables you to address forced labour, child labour and modern slavery risks by automating survey-based assessments of supplier labour controls and validating the results with continuous external monitoring of their real-world practices. With Prevalent, you can: