The UN's Guidance on a Very Hard Question
The UN Office of the High Commissioner for Human Rights (OHCHR) published a guidance note in 2023 titled Business and Human Rights in Challenging Contexts: Considerations for Remaining and Exiting. The document was designed to clarify what is expected from business enterprises under the UN Guiding Principles on Business and Human Rights (UNGPs) when they find themselves sourcing from or operating in contexts marked by conflict, political turmoil, or systematic violations of human rights. The UNGPs are the authoritative global framework for business and human rights, resting on three pillars: the state duty to protect human rights, the corporate responsibility to respect human rights, and the need for access to remedy. The OHCHR guidance zeroes in on the second pillar — what businesses must do in practice when operating environments make that responsibility especially difficult to fulfill. The core tension the guidance addresses is familiar to any procurement or compliance professional: stay in a risky relationship and risk complicity, or exit and potentially make conditions worse for the very workers you hoped to protect. The guidance acknowledges these are rarely straightforward decisions, and that a business will often weigh legal, commercial, and reputational factors alongside human rights ones. The UNGPs, however, are concerned specifically with preventing and mitigating risks to people — and the guidance provides a framework for doing exactly that.
The OHCHR defines three categories of challenging operating contexts that trigger heightened responsibilities for businesses.
The first category involves situations where a human rights environment is particularly grave due to conflict, political turmoil, or systematic violations of rights. In these contexts, a business's products or services could be used to commit human rights violations, or the business could become complicit in state actions that harm people. The second category covers situations where national laws or regulations require businesses to take actions that are inconsistent with internationally recognized human rights standards — for example, laws that impact privacy, freedom of expression, or freedom of assembly. In these cases, businesses are expected to seek legal advice and engage with governments to clarify the scope of the law or influence how it is enforced in practice. The third category involves situations where states simply cannot or do not protect internationally recognized rights at all, leaving businesses without a functioning regulatory backstop. Across all three categories, the OHCHR considers that a very swift and decisive response is warranted, and that businesses must carry out heightened human rights due diligence to fully understand how their presence and behavior bears on human rights risks to people.
The UNGPs do not simply tell companies to exit risk — they provide a structured way to evaluate whether engagement or disengagement better protects people.
The UNGPs offer a framework for evaluating and addressing adverse human rights impacts tied to business decisions. The involvement framework asks businesses to consider their degree of contribution to a harm and their leverage to change the situation. Where a business is causing or contributing to harm, it should cease doing so and remediate. Where it is not contributing but is directly linked through a business relationship, it should use its leverage to encourage the supplier to change. The decision to remain or exit depends on several factors: the leverage the business can realistically exert, the importance and replaceability of the relationship, and the severity and irreversibility of the abuse. Critically, the guidance stresses that exiting is not always the responsible choice. Leaving a supplier in a high-risk area can sometimes worsen human rights conditions — for example, if the departing company was a stabilizing employer or a check on abusive local practices. The spirit of responsible business is not about retreating from difficult situations but about actively engaging and seeking solutions. Where engagement is chosen, the business must adjust its operations and relationships to ensure it can continue to meet its human rights responsibilities. This means strengthening due diligence, increasing transparency with affected stakeholders, and setting clear, time-bound improvement targets with suppliers. Where no reasonable prospects exist that leverage can be effective, or where an action plan has repeatedly failed, disengagement may become appropriate — but only as a last resort.
If disengagement is the only responsible path forward, the OHCHR guidance outlines how to do it in a way that minimizes harm.
Removing a supplier, especially a strategic partner, is obviously difficult. The OHCHR recommends treating the decision to leave as a process, not as an event. Businesses should develop contingency plans in advance and, where possible, pre-agree on transition support for workers and service providers to minimize human rights-related risks during and after the exit. Exiting a challenging context or relationship demands human rights due diligence, meaningful stakeholder consultation, and careful management of post-exit consequences. Gradual, managed transitions are preferred over abrupt departures. Where operations are being sold or transferred, businesses should consider the human rights commitments of potential successors and structure the sale to favor more responsible entrants — including through contractual terms that require the buyer to maintain specific human rights policies. Laws like the EU Corporate Sustainability Due Diligence Directive reinforce this approach, requiring that disengagement occur only where there is no reasonable expectation that efforts to use leverage would succeed, and that companies evaluate whether the negative effects of termination would be significantly worse than the harm they were trying to prevent. Transparency and communication throughout the process are essential — both to maintain credibility and to meet the reporting obligations that regulations increasingly require. Supply chain risk management tools that provide visibility into supplier risk levels are critical to making these decisions with confidence rather than in the dark.
*not sales material disguised as 'resources.'