Uncertainty around law's scope leaves companies unclear about reporting responsibilities: lawyer
Less than a year after a new law began requiring companies and other entities to report measures they’ve taken to rid their supply chains of forced labour and child labour, many companies across the country have enacted a range of strategies to reduce the risk of inadvertently drawing on resources that involve slavery.
Despite the efforts of many entities to refine their risk assessment processes and better understand their supply chains, however, the number of entities that complied with the law’s reporting requirements was lower than anticipated.
That’s according to a report published last week by KPMG, which reviewed nearly 5,800 public submissions companies made under Canada’s Fighting Forced Labour and Child Labour in Supply Chains Act.
Jillian Frank, a labour and employment partner with KPMG who also serves as the firm's national ESG legal services lead, says the lack of compliance could be due to several factors, like companies’ uncertainty about whether they even fall under the law’s scope.
“The application of the act wasn’t very clear for a lot of private companies, nonprofits, educational institutions, hospitals, government or Crown organizations – so really, anyone other than a public company,” Frank tells Canadian Lawyer.
The Fighting Against Forced Labour and Child Labour in Supply Chains Act went into effect on Jan. 1 and set a deadline for covered entities to meet the reporting requirements by May 31. According to the reporting guidelines provided by Public Safety Canada, the reports had to identify parts of their activities or supply chains that were at risk of involving forced labour or child labour. The guidelines noted that “the purpose of reporting is not to certify that an entity is ‘risk-free,’ but rather to demonstrate that the entity has taken steps to identify and address risks.”
In its report, KPMG found that 20 percent of the entities that submitted reports this year have mapped out their supply chain to some degree, although only five percent explicitly indicated that this mapping extended beyond their direct suppliers.
Forty percent of reporting entities said they have a process to assess suppliers for modern slavery, the report said. Thirty-five percent perform due diligence checks of their own operations, while another 40 percent conduct due diligence of suppliers. Meanwhile, 60 percent of reporting entities said they provide human rights training for their workforce.
These numbers could improve in the future: 90 percent of the reporting entities said they would implement more measures moving forward, including developing policies and procedures, providing training, and doing more risk assessment and management.
According to Public Safety Canada, the act’s reporting requirements apply to entities – including public companies, private companies, and nonprofits – that are listed on a stock exchange in Canada, have a place of business in Canada, do business in Canada, or have assets of Canada. They also must meet certain financial criteria. The act also applies to government institutions that produce, purchase or distribute goods.
KPMG described the criteria as setting a “low threshold for qualifying as a reporting entity.” But Frank said the criteria could be ambiguous for certain organizations, largely because the threshold was not related to the volume of goods they imported. “If you’re a municipality and you have swim goggles that you’re selling at a municipal pool… it didn’t matter that that was 0.001 percent of your overall activities. There’s still a question of whether you have to file [a report] or not,” Frank says.
This ambiguity could have contributed to fewer than 6,000 entities submitting reports this year, but Frank said many small and mid-sized companies may have also lacked the legal resources to know that there were reporting requirements in the first place.
The KPMG report found that many of the reports filed lacked key information. Ninety percent of the reporting entities, for instance, did not name specific supply chain risks, while 20 percent of the entities that source goods globally did not provide information about where the goods were sourced from.
Another 65 percent of entities that filed reports failed to specify whether they were the importer of record, and 35 percent gave little to no description of their import activities.
Having assisted hundreds of companies with complying with the act, Frank says many entities encountered challenges putting together their reports. One such challenge was the lack of precedent for entities to follow. “The guidelines that the government gave – the way that the legislation was drafted to be very broad – didn't give a lot of companies any kind of guidance about what are those guardrails? What does ‘good’ look like?” Frank says.
It’s clear that the government guidance “wanted to be as broad as possible because the nature of the industries that are reporting are also very different and have varying degrees of maturity,” Frank says. “But I think that a number of companies didn't find that prescriptive enough.”
Frank notes, for example, that many companies have long supply chains that can span hundreds or even thousands of suppliers and don’t always have access to information about whether these suppliers are using labour agencies to hire workers, employing temporary workers, or have programs in place to prevent forced labour and child labour. The government guidance did not tell reporting entities to “focus on this good or focus on this country of origin or this type of practice,” Frank says.
She adds, “I think a lot of companies weren't sure where to start.”
Still, Frank emphasizes that many entities did their best with the resources they had.
“Companies responded, they complied. They were transparent about what they're doing,” she says.
“The expectation that there might have been more detail, more information, I think, is a good standard to set,” she adds. “But I don't think that without further regulations or further guidance setting out specific steps that companies are required to take, that they're necessarily going to volunteer that information proactively, especially at these early stages when they're really trying to determine what the best approach is to this issue.” 
