ABN AMRO: Developing a human rights risk register

Social impact is part of our corporate strategy. This starts with respecting human rights.

It is therefore important for us to have a clear overview of and address the negative impacts we may be connected to. We have an impact on people through our roles as an employer, a service provider, a lender, a procurer of goods and services, and an investment services provider. For this case study, we focus on our role as an investment services provider.

Why we developed the Human Rights Risk Register

Clients use our investment services to invest in shares or corporate bonds. They can do so in three ways: on their own (self-directed investing or execution-only), based on our experts’ advice (investing with advice), or by leaving all investment decisions to the bank (giving ABN AMRO a mandate). Therefore, our ability to influence clients’ decision-making varies. Nonetheless, this connects us to a very broad range of companies and thereby to a broad range of adverse human rights impacts on workers, consumers or communities. Therefore, in 2020, we developed a Human Rights Risk Register to identify, manage and address the bank’s human rights risks.

We identified four salient issues related to our investment services operations:

• Labour rights;
• Land-related rights;
• Right to life / right to health; and
• Right to privacy / freedom of expression.

We describe these four issues in detail within our Risk Register and link them to sectors, such as agri-commodities, big tech and energy, in which our investment services clients can invest.

Before prioritsing the most salient issues, a longlist of risks was compiled, and for each risk it was determined how robust our mitigation efforts were. This way, we were able to identify gaps in human rights risk management and inform senior management.

How we developed the Human Rights Risk Register and how it works

We have determined our salient human rights issues via the following steps:

1. Conduct desk research using internal and external documentation (e.g., peer analysis, internal policy documents, trend reports) to determine a longlist of possible human rights issues related to the different roles of the bank, including our investment services;

2. Engage with relevant internal and external stakeholders (e.g., NGOs, academics, sustainability consultants) by holding in-depth interviews and surveys to ensure our list is complete and accurate in terms of descriptions, contexts, triggers and consequences;

3. Prioritise issues within the Risk Register by looking at severity, likelihood and control, and the robustness of current and potential mitigating actions. Here, severity is based on scope (number and type individuals affected), scale (gravity of impact) and remediability (ability to restore). Likelihood is based on exposure (how we are involved), context (country/sector) and mitigation (existing actions of third party). The robustness of current and potential mitigation actions is based on a self-assessment of our policies and processes;

4. Validate results with relevant internal colleagues and present the results to our Sustainability Advisory Committee.

Identifying the bank’s salient risks allows us to monitor progress over time. The actions taken depend on the issue. Sometimes we need to change our own policy, while in other situations we have to use our leverage more effectively (e.g., engaging with an investee company).

Managing human rights risks happens across a range of departments within the bank. These departments are asked to report on a quarterly basis to Group Sustainability, which then analyses the information received and provides its opinion on the progress made.

This opinion is then sent to Central Risk Management, which assesses our risk profile and ensures that we remain in line with our risk appetite. Central Risk Management then submits the quarterly Enterprise Risk Management report and it is approved by the Group Risk Committee and Executive Committee. Therefore the Risk Register feeds into our Enterprise Risk Management process and has led to more robust governance and more involvement from senior management.

Example: Improving our investment standards in the defence sector

The Risk Register has recently helped us to improve our investment standards within the defence sector. We looked at the right to life / right to health, the risks around these issues and how we could mitigate these risks. We found we could do more.

Previously, within our exclusion list, we had defined six types of controversial weapons: nuclear weapons, white phosporous weapons, biological weapons, chemical weapons, cluster weapons and anti-personnel mines. These weapons are classified as controversial given their indiscriminate and disproportionate impact on civilians’ right to life and right to health. The exclusion list prohibits clients from investing in companies that are involved with these weapon types.

After updating our policies in March 2021, we included depleted uranium weapons and fully autonomous weapons in our exclusion list. Second, when it comes to our corporate lending activities, we decided to exclude private security companies that are active in countries we consider as high risk from a defence perspective and that are not a member of the International Code of Conduct Association.