Explainer: Ethical sourcing and human rights due diligence

Why It Matters

An estimated 27.6 million people remain trapped in forced labour worldwide, and roughly half of those cases are linked to private-sector supply chains (International Labour Organization, 2024). As global sourcing networks grow more complex, the gap between corporate commitments and on-the-ground conditions has become a regulatory flashpoint. The European Union's Corporate Sustainability Due Diligence Directive (CSDDD), adopted in 2024, will require roughly 6,000 large companies to identify, prevent and mitigate human rights and environmental harms across their value chains (European Commission, 2024). Germany's Supply Chain Due Diligence Act (LkSG), which extended to companies with 1,000 or more employees in January 2024, has already triggered over 830 formal complaints in its first full year of operation (German Federal Office for Economic Affairs and Export Control, 2025). Beyond compliance, investors are paying attention: MSCI ESG Research found that companies flagged for severe labour-rights controversies underperformed their sector peers by an average of 3.4 percentage points per year between 2020 and 2025 (MSCI, 2025). Ethical sourcing is no longer a reputational nicety; it is a legal obligation and a material financial risk.

Key Concepts

Human rights due diligence (HRDD). HRDD is a continuous process through which companies identify, assess, prevent, mitigate and account for how their activities and business relationships affect people. The concept was codified in the UN Guiding Principles on Business and Human Rights (UNGPs) in 2011 and has since become the backbone of every major legislative proposal.

Salient human rights issues. Rather than auditing every conceivable risk, the UNGPs direct companies to prioritise the rights most at risk of severe negative impact. Common salient issues include forced labour, child labour, wage theft, unsafe working conditions, land rights violations and freedom of association.

Ethical sourcing. Ethical sourcing translates HRDD into procurement practice. It encompasses supplier codes of conduct, risk-based screening, independent auditing, grievance mechanisms and capacity building. The goal is to embed respect for human rights into purchasing decisions, not merely to detect violations after they occur.

Mandatory due diligence legislation. A wave of laws now compels disclosure or active prevention. Key frameworks include the French Duty of Vigilance Law (2017), the German LkSG (2023), the Norwegian Transparency Act (2022), the EU CSDDD (2024, with phased application from 2027) and the proposed Canadian Fighting Against Forced Labour in Supply Chains Act (2024). These laws differ in scope, enforcement and remedy provisions, but they converge on requiring companies to operate risk-based HRDD processes.

Grievance mechanisms. Both the UNGPs and the CSDDD require operational-level grievance mechanisms that allow affected workers, communities and rights holders to raise concerns without retaliation. Effective mechanisms are accessible, transparent and lead to documented remediation.

How It Works

Ethical sourcing and HRDD follow a six-step cycle aligned with the OECD Due Diligence Guidance for Responsible Business Conduct (OECD, 2018):

1. Embed responsible business conduct. Senior leadership adopts a policy commitment aligned with the UNGPs and integrates it into management systems, contracts and procurement criteria.
2. Identify and assess adverse impacts. Teams map supply chains, prioritise high-risk tiers and geographies, and conduct desktop risk assessments supplemented by site visits and worker interviews. Tools such as the Responsible Sourcing Tool and the Social Hotspots Database help flag commodity-level and country-level risks.
3. Cease, prevent and mitigate. Where risks are identified, the company develops corrective action plans. Prevention measures range from updating purchase-order terms to funding supplier capacity-building programmes that improve health, safety and wage practices.
4. Track implementation and results. Key performance indicators (KPIs), worker voice surveys and repeat audits verify whether corrective actions deliver change. Digital platforms such as Sedex and EcoVadis aggregate audit results and benchmark supplier performance.
5. Communicate. Under most mandatory regimes, companies must publicly report on their due diligence processes, findings and outcomes on an annual basis. The CSDDD requires a dedicated section in the management report.
6. Provide for remediation. When harm has occurred, companies must cooperate in remediation, which may include compensation, reinstatement, policy reform or systemic changes to sourcing practices.

This cycle is iterative: risk landscapes change as sourcing shifts, new regulations emerge and stakeholder expectations evolve.

What's Working

Legislation is accelerating corporate action. A 2025 survey by the Business and Human Rights Resource Centre found that 72 percent of in-scope companies under Germany's LkSG had established or strengthened HRDD processes within the first 18 months, compared with only 38 percent of comparable firms not subject to the law (BHRRC, 2025). Legislative pressure is translating into procurement-team headcount, budget allocation and board-level oversight.

Worker voice technology is improving detection. Platforms such as WOVO and Ulula enable anonymous, real-time feedback from factory workers via SMS, app and voice call. Primark, which deploys worker voice across its top 500 suppliers, reports that this approach surfaces issues 60 percent faster than traditional social audits (Primark, 2025). Technology-enabled feedback loops are shifting the model from periodic snapshot audits to continuous listening.

Multi-stakeholder initiatives drive collective leverage. The Responsible Business Alliance (RBA), which represents electronics, retail and automotive companies with combined annual revenue exceeding US$8 trillion, has harmonised audit protocols through the Validated Assessment Program (VAP). In 2024, VAP audits covered over 3,200 supplier sites. Amfori BSCI similarly reached 2.7 million audits across 74 countries by end of 2025, demonstrating that industry-wide platforms can standardise expectations and reduce audit fatigue.

Traceability is improving upstream visibility. Companies like Unilever and Nestlé have invested in commodity-specific traceability platforms, mapping palm oil, cocoa and coffee supply chains down to the plantation level. Unilever reported that 91 percent of its palm oil volumes were traceable to the mill by the end of 2025 (Unilever, 2025).

What Isn't Working

Audit-only approaches miss systemic issues. Traditional social audits remain the dominant compliance tool, yet research by the Clean Clothes Campaign (2024) found that 85 percent of garment factories audited in South and Southeast Asia continued to commit at least one serious labour violation within 12 months of receiving an acceptable rating. Audits are often announced in advance, rely on management-selected worker interviewees and rarely address root causes such as purchasing practices that squeeze supplier margins.

Purchasing practices undermine supplier compliance. Aggressive pricing, last-minute order changes and short lead times create economic pressure that cascades into excessive overtime, wage suppression and subcontracting to unregistered facilities. A 2024 study by the International Accord for Health and Safety found that 43 percent of Bangladeshi garment suppliers reported buyer-driven margin compression as the primary barrier to improving working conditions (International Accord, 2024).

Fragmented legislation creates compliance complexity. With at least 14 mandatory due diligence or disclosure laws enacted or proposed across jurisdictions by early 2026, companies face overlapping and sometimes conflicting requirements regarding scope, reporting timelines and enforcement. Small and medium-sized enterprises in supply chains are particularly exposed, as they may need to respond to multiple buyer questionnaires tied to different legal frameworks.

Remediation remains underdeveloped. Even when harms are identified, access to effective remedy is limited. The Corporate Human Rights Benchmark (World Benchmarking Alliance, 2025) found that only 18 percent of assessed companies demonstrated evidence of providing remedy to affected stakeholders in the most recent reporting cycle.

Key Players

Established Leaders

• Sedex — Hosts the world's largest collaborative platform for sharing ethical supply chain data, with over 85,000 member sites across 180 countries.
• EcoVadis — Rates the sustainability performance of over 130,000 companies using a scorecard methodology covering labour, environment, ethics and procurement.
• Amfori — Operates BSCI and BEPI frameworks used by more than 2,500 retailer and importer members for social and environmental due diligence.
• Responsible Business Alliance (RBA) — Industry coalition setting standards and running validated audits across electronics, automotive and retail sectors.

Emerging Startups

• Ulula — Worker engagement platform providing real-time voice, survey and grievance data from supply chain workers in over 100 countries.
• Sourcemap — Supply chain mapping and traceability software enabling companies to visualise and monitor multi-tier supplier networks.
• Altana AI — AI-powered supply chain intelligence platform used by governments and enterprises to detect forced-labour risk, sanctions evasion and illicit trade flows.
• Prewave — AI-driven risk monitoring that scans news, social media and regulatory data to alert buyers to emerging human rights and environmental risks.

Key Investors & Funders

• KnowTheChain — Investor-backed benchmark assessing forced-labour risks in ICT, food and beverage, and apparel supply chains, supported by Humanity United.
• Investor Alliance for Human Rights — Coalition of institutional investors representing over US$21 trillion in assets under management that engages companies on HRDD.
• European Commission — Primary funder and legislative driver of mandatory HRDD through the CSDDD and complementary instruments such as the EU Forced Labour Regulation.

Sector-Specific KPI Benchmarks

These benchmarks reflect leading-practice ranges drawn from BHRRC, RBA and Amfori reporting as of 2025. Actual performance varies significantly by company maturity and geography.

Action Checklist

• Conduct a gap analysis against the CSDDD and applicable national laws. Map your company's obligations by jurisdiction, entity size and sector to determine which requirements apply and by when.
• Map your supply chain beyond Tier 1. Use digital mapping tools and supplier questionnaires to identify sub-suppliers, raw-material origins and high-risk nodes.
• Prioritise salient human rights issues. Engage stakeholders, review commodity-specific risk indices and focus resources on the most severe and likely impacts.
• Deploy worker voice technology. Supplement audits with continuous, anonymous worker feedback mechanisms to surface issues that audits miss.
• Align purchasing practices with human rights commitments. Review pricing, lead times and payment terms to ensure they do not incentivise suppliers to cut corners on labour standards.
• Establish or strengthen grievance mechanisms. Ensure accessibility for workers and communities across languages and literacy levels, with clear timelines for investigation and response.
• Set and disclose measurable KPIs. Track audit coverage, corrective action closure rates, worker voice participation and remediation outcomes, and report publicly.
• Invest in supplier capacity building. Allocate budget for training, management systems support and collaborative improvement programmes rather than relying solely on punitive disqualification.

FAQ

What is the difference between a social audit and human rights due diligence? A social audit is a point-in-time assessment of a supplier's labour and safety practices, typically conducted by a third-party firm over one to three days. HRDD is a broader, ongoing management process that includes risk identification, prevention, tracking, communication and remediation across the entire value chain. Audits are one input into HRDD, but they are not sufficient on their own.

Which companies are subject to the EU CSDDD? The CSDDD applies to EU companies with more than 1,000 employees and net worldwide turnover exceeding EUR 450 million, as well as non-EU companies meeting the same turnover threshold from EU-generated revenue. Application is phased: the largest companies must comply from 2027, with full coverage by 2029. Companies in high-risk sectors such as textiles, agriculture and extractives face additional scrutiny.

How should companies handle suppliers that fail to meet human rights standards? Disengagement should be a last resort. The OECD Guidance and the CSDDD both emphasise that companies should first use their leverage to support improvement through corrective action plans, capacity building and revised purchasing terms. Abrupt disengagement can harm the very workers the process aims to protect by causing job losses. If a supplier refuses to engage or serious violations persist, responsible disengagement with consideration of worker impacts is appropriate.

What role do investors play in ethical sourcing? Institutional investors increasingly use HRDD performance as a proxy for governance quality and risk management. The Investor Alliance for Human Rights actively engages portfolio companies on supply chain labour risks. KnowTheChain benchmarks influence investment screening: companies scoring in the bottom quartile face higher likelihood of shareholder resolutions and divestment. Asset owners representing over US$10 trillion have signed statements calling for mandatory HRDD legislation.

How can small and medium-sized enterprises begin HRDD? SMEs can start with three steps: adopt a human rights policy statement aligned with the UNGPs, use publicly available risk tools (such as the ILO's Global Estimates of Modern Slavery and the US Department of Labor's List of Goods Produced by Child Labor) to identify priority areas, and participate in industry platforms like Sedex or Amfori that aggregate compliance information and reduce duplicative buyer requests.

Sources

• International Labour Organization. (2024). Global Estimates of Modern Slavery: Forced Labour and Forced Marriage. ILO, Walk Free & IOM.
• European Commission. (2024). Directive on Corporate Sustainability Due Diligence (CSDDD): Final Text and Impact Assessment. European Commission.
• German Federal Office for Economic Affairs and Export Control (BAFA). (2025). Annual Report on the Implementation of the Supply Chain Due Diligence Act (LkSG). BAFA.
• MSCI. (2025). ESG Controversies and Financial Performance: Labour-Rights Risk in Global Equities. MSCI ESG Research.
• Business and Human Rights Resource Centre. (2025). Survey: Corporate Responses to Mandatory Human Rights Due Diligence in Germany. BHRRC.
• Primark. (2025). Ethical Trade and Environmental Sustainability Programme: Worker Voice Update. Primark/ABF.
• Clean Clothes Campaign. (2024). Fig Leaf for Fashion: How Social Auditing Protects Brands and Fails Workers. Clean Clothes Campaign.
• International Accord for Health and Safety in the Textile and Garment Industry. (2024). Supplier Survey: Purchasing Practices and Working Conditions in Bangladesh. International Accord.
• World Benchmarking Alliance. (2025). Corporate Human Rights Benchmark: 2025 Assessment Results. WBA.
• OECD. (2018). OECD Due Diligence Guidance for Responsible Business Conduct. OECD Publishing.
• Unilever. (2025). Sustainable Sourcing Progress Report: Palm Oil, Cocoa and Tea Traceability. Unilever.