Human rights due diligence (HRDD) is no longer a voluntary aspiration. It is becoming a legal requirement and a defining feature of responsible business. 

For companies operating global supply chains, the question is not whether to conduct due diligence, but how to do it effectively, credibly, and at scale. 

This guide explains what HRDD means in practice, why it matters now, and how businesses can implement it in ways that manage risks to people while supporting resilient operations. 

What is human rights due diligence? 

Human rights due diligence is an ongoing process through which businesses identify, prevent, mitigate, and account for how they address their impacts on people. 

It is grounded in the UN Guiding Principles on Business and Human Rights (UNGPs) and centres on five core elements: 

1. Embedding responsible business conduct into governance and decision-making
2. Identifying and assessing actual and potential human rights impacts
3. Taking action to prevent and mitigate harm
4. Tracking whether responses are effective
5. Communicating transparently & providing or enabling access to remedy 

The focus is on risks to people, not just risks to the business. Effective HRDD is continuous: it evolves as risks change, rather than being a one-off audit or report. 

Over 82% of EU companies are likely to have exposure to forced or child labour risks at tier 2 suppliers, rising to over 99% at tier 3  [Supply Chain Due Diligence Risk Assessment for the EU]

Why human rights due diligence matters now 

Legal requirements are expanding 

Mandatory human rights due diligence legislation is being introduced in multiple jurisdictions. Companies are now expected to demonstrate structured risk assessment, preventive action, and public reporting. 

Key requirements typically include: 

• Robust governance and oversight
• Clear risk prioritisation
• Preventive and corrective action plans
• Accessible grievance mechanisms 

These laws are shaping how businesses structure their HRDD systems and are creating pressure for credible, operational practice. 

See an overview of the relevant legislation.

Even companies with robust first-tier oversight are likely to face hidden risks deeper in their supply chains. These risks cannot be managed through audits alone. Effective HRDD requires a proactive approach – combining engagement, collaboration with stakeholders, and rigorous risk assessment processes – to identify, prevent, and mitigate potential harms throughout the supply chain. 

Investor and stakeholder expectations 

Investors, customers, and civil society increasingly assess whether companies have effective human rights risk management in place. 

Companies without credible systems risk: 

• Legal and regulatory exposure
• Reputational damage
• Loss of investor confidence
• Operational disruption 

Companies that embed HRDD into their operations and decision-making are better positioned to manage these risks and build trust with stakeholders. 

The core steps of human rights due diligence in practice 

The UNGPs provide a framework; practical implementation requires systems that embed HRDD throughout operations and supply chains. 

The core steps of HRDD include:

1. Embed responsible business conduct 

Embedding begins with governance: 

• Adopt clear human rights policies aligned with international standards
• Assign senior accountability and board oversight
• Integrate human rights considerations into procurement, sourcing, and supplier management
• Align incentives and performance metrics with responsible practice 

Embedding HRDD requires cross-functional ownership — sustainability, legal, compliance, and procurement teams must all play a role.  

2. Identify and assess risks to people 

Risk assessment is the foundation of effective due diligence. 

It involves: 

• Mapping operations and supply chains
• Identifying salient risks — those posing the greatest risk of severe harm
• Analysing country, sector, and product-level risk
• Engaging workers and other stakeholders to understand real-world conditions 

Prioritisation is key: focus on where risks are most severe, rather than attempting to catalogue every potential issue.  

3. Prevent and mitigate adverse impacts 

Assessment must lead to action. Effective mitigation may include: 

• Adjusting purchasing practices that contribute to excessive hours or wage pressure
• Strengthening supplier management systems
• Supporting supplier capacity-building
• Collaborating with peers to address systemic risks 

Addressing structural drivers of risk, including commercial practices, is critical. Effective prevention goes beyond audits and inspections.  

4. Track effectiveness 

Monitoring ensures that actions are having an impact. 

Companies should: 

• Develop clear indicators linked to identified risks
• Use a mix of quantitative and qualitative data
• Collect feedback from workers and affected communities
• Regularly review and adjust plans 

Audits alone are insufficient; integrating feedback and ongoing assessment ensures HRDD systems remain effective.  

5. Communicate and enable remedy 

Transparency and access to remedy are essential. 

Businesses should communicate: 

• Identified risks
• Actions taken
• Progress achieved
• Challenges encountered 

Where harm occurs, companies should provide or enable remediation. Worker voice mechanisms are central to identifying risks and verifying effective responses.  

Human rights due diligence in supply chains 

Supply chains often present the most significant human rights risks. 

Common issues include: 

• Forced labour or modern slavery
• Child labour
• Unsafe working conditions
• Restrictions on freedom of association
• Gender-based discrimination and violence
• Wage insecurity 

Effective due diligence in supply chains requires: 

• Risk-based prioritisation across tiers
• Visibility beyond Tier 1 suppliers
• Long-term supplier engagement
• Responsible purchasing practices
• Consultation with workers and other stakeholders 

Collaboration, transparency, and structural changes are key to addressing these risks effectively. 

Mandatory human rights due diligence 

Mandatory HRDD laws typically require companies to: 

• Conduct ongoing risk assessments
• Adopt preventive action plans
• Monitor implementation
• Establish grievance and remediation mechanisms
• Report publicly on due diligence processes 

Some laws introduce administrative penalties or civil liability for non-compliance. Companies benefit from aligning their systems with international standards and proven operational practices to manage these risks consistently. 

Common implementation challenges 

Even committed companies encounter obstacles, including: 

• Treating HRDD primarily as a reporting exercise
• Misalignment between commercial practices and human rights commitments
• Limited engagement with workers
• Fragmented internal ownership
• Resource and capacity constraints 

Addressing these challenges requires senior leadership support, cross-functional collaboration, and practical, risk-based systems.  

Support and practical resources 

Many organisations benefit from guidance, frameworks, and collaboration to strengthen HRDD. Practical approaches include: 

• Risk assessment methodologies
• Supplier engagement and capacity-building programmes
• Worker voice and grievance mechanisms
• Peer learning and collaborative initiatives
• Targeted training for procurement, compliance, and sustainability teams 

Drawing on sectoral experience and collaboration with stakeholders improves both credibility and effectiveness.  

Frequently asked questions 

Is human rights due diligence mandatory? 
In an increasing number of jurisdictions, yes. Legal requirements are expanding, and companies must ensure their systems are robust and adaptable. 

How is HRDD different from ESG? 
ESG covers environmental, social, and governance performance. HRDD is a specific management process focused on identifying and addressing impacts on people. 

Is HRDD the same as auditing? 
No. Auditing is one tool within a broader due diligence system. HRDD includes governance, risk assessment, preventive action, monitoring, and remediation. 

Who should lead HRDD within a company? 
Ultimate responsibility sits with senior leadership and the board. Effective implementation requires coordination across procurement, legal, compliance, and sustainability teams. 

Why is worker engagement important in HRDD? 
Workers are often best placed to identify risks and early warning signs. Meaningful engagement improves both risk assessment and remediation outcomes. 

Strengthening your human rights due diligence approach 

Human rights due diligence is not a compliance checklist. It is a structured, continuous approach to managing risks to people in complex business environments. 

Done well, it strengthens supply chains, reduces legal and operational risk, and builds stakeholder trust. 

Organisations that combine robust governance, practical systems, and stakeholder engagement — including workers and civil society — are best placed to meet rising expectations and demonstrate credible responsible business practice. 

Explore human rights due diligence in practice

How to implement HRDD
Supplier engagement and HRDD
Risk assessment
Responsible purchasing
Legislation guidance

File(s)

Mandatory human rights and environmental due diligence guidance

Developed to help companies navigate emerging mHREDD legislation, this Guidance also supports businesses in aligning with international standards.

Read more