Human rights are inherent to all human beings. They are defined and established in more than 80 international legal instruments and define the fundamental protections of human dignity, needs, and freedoms, such as food, housing, privacy, personal security, and democratic participation.
Since the adoption of the Universal Declaration of Human Rights (UDHR) in 1948, the responsibility to protect human rights has primarily fallen on governments. Beginning in the early 2000s, however, it became increasingly clear that the freedoms enshrined in the framework could also be violated—and promoted—by the private sector.
All companies can impact human rights either positively or negatively through their action or inaction. The key framework speaking to these impacts is the UN Guiding Principles on Business and Human Rights (UNGPs), the authoritative global standard on business and human rights. The UNGPs have been incorporated into the OECD Guidelines for Multinational Enterprises, ISO 26000, IFC Performance Standards, GRI, UN Sustainable Development Goals, and many other frameworks and emerging regulations. They have also been endorsed by member states of the United Nations, courts, civil society and labor organizations, and business and industry associations representing thousands of companies, including UN Principles for Responsible Investment (PRI) and UN Environment Programme Finance Initiative (UNEP FI).
As part of the corporate responsibility to respect human rights, the UNGPs require companies to actively identify and manage the negative human rights impacts that they may cause or to which they may contribute or are linked through their business relationships.
This primer identifies the 10 most relevant, urgent, and probable human rights issues for financial services companies. It is intended as a starting point and should be supplemented by a robust human rights policy commitment, due diligence, processes and mechanisms to provide for and facilitate access to remedy, and meaningful engagement with those affected by the company’s operations and value chain. The information here is gathered from BSR’s direct engagement with financial sector companies, as well as our over 30 years of experience helping companies in all sectors manage their actual and potential adverse human rights impacts.
The financial sector comprises a wide range of businesses and activities, from asset owners and managers to private equity, venture capital, insurance, fintech, and commercial banking. Human rights impacts can arise at the corporate level as well as through the supply chain, retail products and services, corporate lending, wealth management, institutional investing, underwriting, and other financial products and services. While each of these financial sub-sectors and activities will have their own human rights risk profile and challenges, this brief highlights some of the most relevant risks to human rights for financial services companies.
While these risks can result in significant—and sometimes irreparable—harm to people, they can also trigger reputational, legal, regulatory, and financial consequences for financial services companies. By embedding respect for human rights into corporate and value chain activities, financial services companies will be better equipped to address human rights and social challenges. They will also become more stable and resilient, and strengthen their ability to create value in the face of emerging risks, socioeconomic shocks, and geopolitical shifts over time.
In 2011, the UN Human Rights Council unanimously endorsed the UN Guiding Principles on Business and Human Rights, the first international instrument to assign companies the responsibility to respect human rights.
Top Human Rights Risks
1: Ethical Business Practices
Financial services companies may be associated with unethical business practices, such as bribery, fraud, and corruption that result in human rights violations. For example, corruption can arise in supply chain contracting and in downstream lending and investment, particularly in large-scale infrastructure projects in jurisdictions with weak rule of law or investments sponsored by state-owned enterprises or linked to politically connected individuals. Corruption and bribery affect vulnerable communities and individuals—whether from a business relationship with a company that lacks sufficient standards and controls to prevent human rights violations or from the misdirecting of funds that could be spent on healthcare, education, or other public goods.
2: Conflict-Affected and High-Risk Areas
Financial services companies may be exposed to conflict-affected and high-risk areas (CAHRAs) through their operations or value chain activities. CAHRAs are not limited to regions of armed conflict but include areas of political instability, repression, institutional weakness, insecurity, the collapse of infrastructure and widespread violence, or other risks of harm to people. Financial services companies often have ties to CAHRAs through their downstream relationships, such as with companies in the agribusiness, energy, extractives, and other sectors that operate in or source raw materials from CAHRAs. These ties may also pose risks to safety, security, and livelihoods, as well as the potential for bribery and corruption.
3: Healthy Environment
Through their own operations and expansive value chain relationships across the economy, financial services companies are exposed to the environmental and social implications of these business activities. For example, providing capital to carbonheavy industries may adversely impact the environment (including impacts on water, biodiversity, air, and land) and cause human rights impacts related to the health and livelihoods of communities. Such activities may also accelerate climate change, which has the potential to adversely affect ecosystems, natural resources, and physical infrastructure—compounding negative impacts to key resources that threaten health and quality of life.
4: Labor Rights
Financial services companies should be attuned to labor rights violations in their own operations and value chains, including harmful impacts on indirect and contract workers. Labor rights cover a range of issues, from occupational health and safety and living wage to freedom of association and overall decent working conditions. While violations may exist in any sector, certain issues may be more prevalent and severe depending on the context. For example, workers in labor-intensive sectors may not have adequate health and safety protections, or workers located in geographies with weak or unenforced labor protections may be prevented or discouraged from, or punished for, unionizing or otherwise peacefully organizing.
5: Indigenous Peoples’ Rights
While some financial services companies will need to address risks to Indigenous Peoples’ rights in the context of their own operations and supply chains, these risks more commonly arise in downstream activities, such as project finance, corporate lending, underwriting, and investment activities. These activities may be associated with land-intensive sectors and projects that affect land, resource, and cultural heritage rights, and potentially result in displacement, forced relocations, and violations of the right to free, prior, and informed consent (FPIC). These violations can result in negative health, environmental, economic, and cultural impacts to Indigenous communities.
6: Privacy and Data Security
In a digitized age, human rights risks related to privacy and data management increasingly arise in financial services companies’ own operations and value chain activities. Given the volume of sensitive data they collect, process, store, and share, they are vulnerable to human rights risks associated with inadequate data governance, weak cybersecurity protections, and third-party misuse. Such risks may arise in the company’s own operations, as well as upstream through relationships with cloud providers, data management vendors, analytics firms, and other business partners. These risks can manifest as privacy violations for employees, customers, and other stakeholders, and may cascade into other harmful impacts, such as identify theft, financial harm, and risks to personal security and wellbeing.
7: AI-Related Risks
Financial services companies may face human rights risks associated with AI at the corporate level or throughout the value chain. For example, in their own operations, AI systems may pose risks to the right to non-discrimination in hiring or negatively affect employees’ privacy and the right to just and favorable working conditions through monitoring and performance management practices. Upstream, where AI governance is weak or under-developed, there is a risk to privacy when third-party technology and data service providers collect or process data. Furthermore, workers in the data management supply chain may also face inadequate protections and poor conditions. Downstream, AI may adversely affect retail customers through biased credit decisions, insurance pricing, or financial advice, as well as through lending, underwriting, and investment relationships with companies developing or deploying AI systems that may result in serious risks to human rights. If not properly governed, these uses may contribute to a range of adverse impacts on individual rights and wellbeing.
8: Modern Slavery and Child Labor
With a global reach across sectors, financial services companies risk being associated with forced labor, child labor, and human trafficking, particularly in their value chains. There is an elevated risk of modern slavery and child labor in certain sectors of the investment and lending portfolio, such as mining and agriculture, and in lowerskilled sectors of the supply chain. Furthermore, countries with weaker labor laws or enforcement, or more informal economies, are at high risk of fostering conditions for forced labor, including child and juvenile workers. Such workers may be coerced into paying recruitment fees, working illegally without visas, or having their passports confiscated and wages withheld.
9: Discrimination
The financial services sector has historically had a high propensity for discriminatory practices, both within own operations and through its products and services. Within the workplace, this may involve discrimination against underrepresented groups in hiring, promotion, pay, and workplace cultural practices. Within retail lending and investment products and services, people may face discriminatory practices due to their age, race, ethnicity, sex, religion, disability, or other legally protected characteristics. Financial services companies may also be associated with discriminatory practices in their supply chain or procurement selection processes, as well as through their downstream relationships with companies that discriminate against their own workers or customers.
10: Grievance Mechanisms and Remedy
Access to effective grievance mechanisms and remedy is relevant for all financial services companies at the operational and value chain levels. In particular, people affected by corporate lending, project finance, underwriting, investment, and supply chain activities often do not have sufficient or trusted pathways to raise concerns, report abuses, or seek redress. Because access to remedy is both a distinct human rights issue and an enabling condition for the protection of other rights, denial of remedy can allow underlying harms—such as impacts on the environment, livelihoods, health, or privacy—to continue or deepen without accountability or redress.
Top 3 Opportunities for Positive Impact
1: Conduct Human Rights Due Diligence Across the Value Chain
Financial services companies can strengthen their response to salient human rights issues by embedding human rights due diligence across their own operations and value chain activities. This includes identifying and assessing actual and potential impacts, integrating findings into relevant decision-making, tracking the effectiveness of responses, and communicating how impacts are being addressed. Such an approach is especially important in contexts where the relevant sector, geography, or business model may pose heightened risks to people. In some cases, this may require conducting heightened human rights due diligence.
2: Adopt a Remedy Ecosystem Approach
Financial services companies should strive to contribute to the remedy ecosystem. The remedy ecosystem includes many points of intersection among laws, policies, institutions, mechanisms, and actors that together shape whether affected people can access and obtain effective remedy. Companies should cooperate in legitimate judicial and non-judicial processes, assess grievance channels to ensure they are effective at the operational and value chain levels, and use and build leverage to prevent and address harm that may occur.
3: Engage Rightsholders and Their Representatives
Meaningful engagement with rightsholders and their representatives is essential to understanding how adverse human rights impacts may arise and what is required for effective business action. Because financial services companies operate at a distance from the people affected by their decisions, engagement should be embedded throughout value chain due diligence. Meaningful engagement with rightsholders is essential for helping companies to better understand lived experience, identify otherwise unseen risks, and design responses that are more credible, preventive, and effective in practice. It can also strengthen trust, improve the quality of decisionmaking, and support more effective monitoring and remediation over time.
Get the Primer
Download
Resilient business strategies for a complex world.