February 2023

ESG and the Supply Chain

Environmental, social, and governance (ESG) issues remain a priority for regulators, investors, and other corporate stakeholders, making it crucial for companies to develop robust polices and mandates to address ESG risks in their supply chains.


A company risks legal, reputational, and economic damage if its suppliers:

  • Engage in illegal or inhumane employment practices.
  • Violate human rights.
  • Cause environmental harm.
  • Engage in bribery or corruption.

Through an emphasis on corporate social responsibility (CSR), consumers have been holding companies accountable for unethical behavior within the companies’ supply chains for some time. More recently, many investors and other corporate stakeholders have been considering ESG factors when evaluating a company’s performance and long-term viability and making investment decisions.

Additionally, governments, legislators, and regulators are now starting to require companies to disclose more information regarding their own practices and those of their suppliers. For example, in March 2022, the Securities and Exchange Commission (SEC) proposed new and amended rules to enhance and standardize disclosure regarding:

  • Climate-related risks and opportunities (for more information, see SEC Proposes Mandatory Climate Disclosure Rules on Practical Law). The proposed rules would require companies to disclose climate-related information in registration statements and annual reports, including:
    • climate-related risks that are reasonably likely to have a material impact on their business, strategy, and outlook;
    • board and management oversight of climate-related risks;
    • the management of climate-related risks;
    • greenhouse gas (GHG) emissions and related third-party assurance; and
    • climate-related financial metrics in the company’s audited financial statements.
  • Cybersecurity risk management, strategy, governance, and incident reporting (for more information, see SEC Proposes Enhanced Cybersecurity Disclosure Rules on Practical Law).

Consequently, many large public companies and private companies doing business in the US have started to:

  • Develop and maintain effective, comprehensive, and legally compliant ESG policies and mandates.
  • Integrate ESG considerations and objectives into their business operations, including their sales, human resources, compliance, legal, marketing, enterprise risk management, communications, and investor relations functions.

This article:

  • Defines ESG and CSR in the supply chain and discusses how they are related.
  • Explains why companies should treat ESG as a priority and an imperative.
  • Summarizes enacted and pending ESG-related laws and regulations in the US relating to supply chains.
  • Highlights the role of supplier codes of conduct and ESG clauses in supply chain contracts.
  • Discusses the main steps involved in creating an effective ESG policy.

(This article does not address international ESG laws or ESG-related obligations applicable to federal government contracts.)

ESG and CSR Defined

The terms ESG and CSR are sometimes used interchangeably. It may be more accurate to view ESG and CSR as two sides of the same coin. CSR may be summed up as a company’s sustainability efforts, that is, company actions aimed at having a positive impact on society and the environment. ESG refers to how investors and other stakeholders measure those sustainability efforts to assess the long-term viability of companies. (For more on the relationship between ESG and CSR, see Environmental, Social, and Governance (ESG): Overview on Practical Law.)


Generally, ESG is an umbrella term for a broad range of environmental, social, and governance factors that seek to provide investors with objective, quantifiable performance indicators. These factors can be described as follows:

  • Environmental. Environmental factors include issues relating to a company’s impact on the environment, including carbon emissions, waste management, water usage, deforestation, biodiversity, and pollution.
  • Social. Social factors generally address how a company treats a wide range of stakeholders, such as its employees, customers, local communities, and society generally, and includes issues such as human rights, diversity and inclusion, health and safety, nondiscrimination, human capital management, and privacy and data protection, and how the company addresses these issues within its supply chain.
  • Governance. Governance factors relate to how a company is managed and include issues such as director independence, board diversity, other board structure and composition issues, executive compensation, anti-competitive practices, bribery and corruption, and business ethics.

Arriving at a standard or universally accepted definition of ESG has been elusive. ESG factors that are relevant to a company differ depending on the industry and jurisdiction. Additionally, the prominence of particular factors may vary over time. For example, many companies had to quickly adopt health and safety measures for their employees during the COVID-19 pandemic.

(For more on ESG generally, including a discussion of the various global sustainability organizations and initiatives, such as the United Nations Global Compact, as well as ESG standards, voluntary disclosure frameworks, and ratings, see Environmental, Social, and Governance (ESG): Overview on Practical Law.)


Often referred to as corporate responsibility, corporate philanthropy, sustainability, business ethics, stakeholder theory, or corporate citizenship, CSR is defined differently by various international organizations and industry groups. The World Business Council for Sustainable Development (WBCSD) and the European Union (EU) published commonly used definitions of CSR:

In essence, when a company adopts CSR policies and practices, its planning and decision-making reflect the potential impact of its corporate actions on various stakeholders and constituencies.

Importance of ESG

There are several reasons to take ESG seriously, including:

  • Investor and consumer sentiment.
  • Legislative and regulatory requirements.
  • Exposure to legal risk.
  • Reputational capital and competitive advantages.

Recent events have created some headwinds for ESG in the US (see Thomson Reuters Institute, Special Report: ESG Under Strain (Nov. 10, 2022)). ESG is becoming increasingly politicized, with a number of states seeking to restrict the use of ESG investing for state funds and prohibiting the use of ESG factors by financial firms (for more information, see ESG and State Law in 2022: Conflicts and Trends and Key Developments in State ESG Law: 2022 Tracker on Practical Law). Moreover, the conflict in Ukraine and the resulting increases in energy prices may, in the short and medium term, increase the demand for fossil fuels. Despite these challenges, it is likely that ESG-minded investors, consumers, and regulators will continue to drive companies to earn their social license (see McKinsey & Company, Does ESG Really Matter — and Why? (Aug. 10, 2022)).

Investor and Consumer Sentiment

Since it was first introduced as a term at the 2005 Who Cares Wins conference, ESG has become increasingly important for investors and, consequently, for companies. In 2022, the number of publicly traded companies that published a sustainability report reached an all-time high, with 96% of S&P 500 companies and 81% of the Russell 1000 companies doing so (see Governance & Accountability Institute, Sustainability Reporting Trends). New investments in sustainable funds reached $87 billion in the first quarter of 2022, and the total value of global sustainable assets was $2.5 trillion after the first half of the year (see McKinsey & Company, Does ESG Really Matter — and Why? (Aug. 10, 2022)).

Consumers also continue to be an important driving force for ESG, with many companies touting their sustainability efforts and ESG programs as part of their marketing and advertising efforts. In some cases, companies have overstated those efforts or made misleading claims about the environmental impact of their products or services, a practice referred to as greenwashing, and regulators are starting to hold them accountable for doing so (for more information, see SEC Charges Company with Making False Statements in Sustainability Reports and Public Filings on Practical Law).

Legislative and Regulatory Initiatives

Certain existing and pending legal requirements impose disclosure obligations that are intended to encourage companies to address ESG-related issues in their operations.

These requirements do not mandate that companies take affirmative steps to adopt particular policies regarding their own supply chain practices or their suppliers’ practices. Rather, affected companies are required to disclose their policies regarding certain activities that have been deemed offensive to human dignity. These disclosures include:

  • Supply chain verifications.
  • Information on supply chain audit activities.
  • Supplier and third-party certifications.
  • Training provided to affected employees and contractors.
  • Information on compliance with local laws and the company’s ESG policies.

(For more on ESG-related legal requirements relevant to the supply chain, see Legislation and Regulations Impacting the Supply Chain below.)

Legal Risk

With an effective ESG policy that is carefully drafted and properly enforced, a company can better:

  • Comply with emerging ESG-related laws and regulations.
  • Preempt costly lawsuits and non-compliance actions.
  • Address the source of non-compliance by installing cultural mechanisms and fostering corporate alignment around the relevant issues.

Additionally, an effective ESG policy has a positive effect on relations between the company and its shareholders and other corporate stakeholders, employees, regulators, and government authorities.

Reputational Capital and Competitive Advantages

A company that defines its corporate culture with reference to ESG imperatives can leverage that commitment to forge powerful and lasting relationships with important stakeholders. ESG policies can differentiate a company’s brand, culture, and corporate identity and positively influence the decision-making of consumers, partners, investors, and talent. With reputational capital, a company can:

  • Aid its business development. Both activist and retail investors, as well as customers and other partners, are increasingly including ESG criteria in their investment and screening processes.
  • Earn consumer loyalty. Consumers increasingly rationalize buying decisions with reference to the corporate values of the manufacturer and its supply chain and other ESG practices.
  • Attract top talent. A company’s commitment to ESG can be a selling point to executives and other job candidates who increasingly demand a committed and coherent culture of concern for ESG-related issues.
  • Strengthen employee morale and commitment. Staff can be rallied to common causes to improve morale, efficiency, and loyalty in the midst of a highly mobile talent market.
A company that defines its corporate culture with reference to ESG imperatives can leverage that commitment to forge powerful and lasting relationships with important stakeholders.

Legislation and Regulations Impacting the Supply Chain

In contrast to other jurisdictions such as the UK and EU, there are no overarching laws that specifically regulate ESG in the US to date. However, a number of ESG-related laws and regulations have been enacted at the federal and state levels that affect the supply chain.

Federal Laws and Regulations

Federal ESG-related laws and regulations affecting the supply chain include:

  • The SEC’s conflict minerals rules.
  • The Foreign Corrupt Practices Act of 1977 (FCPA).
  • The Trade Facilitation and Trade Enforcement Act of 2015 (TFTEA).
  • The Countering America’s Adversaries Through Sanctions Act of 2017 (CAATSA).
  • The Uyghur Forced Labor Prevention Act of 2021 (UFLPA).

Additionally, if passed, the pending Business Supply Chain Transparency on Trafficking and Slavery Act of 2020 (BSCTTSA) would amend Section 13 of the Securities and Exchange Act of 1934 (Exchange Act) (15 U.S.C. § 78m) to mandate reporting companies to disclose their efforts to address forced labor, human trafficking, slavery, and the worst forms of child labor within the companies’ supply chain. The BSCTTSA is the federal version the California Transparency in Supply Chains Act of 2010 (Supply Chains Act) (see California’s Supply Chains Act below).

Conflict Minerals Rules

In 2012, the SEC adopted final rules implementing the conflict minerals disclosure requirements (Conflict Minerals Rules) set out in Section 1502 of the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 (Dodd-Frank Act) (15 U.S.C. § 78m(p)). The Conflict Minerals Rules are intended to reduce trade and exploitation of conflict minerals believed to be financing violent conflict in the Democratic Republic of the Congo (DRC) and the adjoining countries of:

  • Angola.
  • Burundi.
  • The Central African Republic.
  • The Republic of the Congo.
  • Rwanda.
  • South Sudan.
  • Tanzania.
  • Uganda.
  • Zambia.

Section 1502 added new Section 13(p) to the Exchange Act, which directs the SEC to adopt rules requiring reporting companies to disclose information regarding the use of conflict minerals that originate from the DRC or an adjoining country in the products they manufacture or contract to manufacture. The final rules require all affected companies to conduct due diligence and make annual disclosures on SEC Form SD by May 31 of each year, except that if that day falls on a Saturday, Sunday, or holiday, then on the first business day following (Exchange Act Rule 0-3(a)). As discussed below, Section 13(p) has been the subject of a legal ruling.

The minerals covered by the rules, which are included in many common products but are particularly common in electronics components, include:

  • Cassiterite.
  • Columbite-tantalite (coltan).
  • Gold.
  • Wolframite.
  • Derivatives of these minerals (including tin, tantalum, and tungsten).
  • Other minerals the US Secretary of State may designate in the future.

Under the final rules, if conflict minerals are necessary to the functionality or production of a product that a company manufactures or contracts to manufacture, the company (affected company) must conduct a reasonable country of origin inquiry to determine whether the conflict minerals both:

  • Originated in the DRC or an adjoining country.
  • Did not come from recycled or scrap sources.

If so, the affected company must perform heightened due diligence on the source and chain of custody of the conflict minerals that conforms to a nationally or internationally recognized due diligence framework. If the affected company determines otherwise, it must describe its reasonable country of origin inquiry and the results on Form SD.

If the affected company’s heightened due diligence reveals either that its conflict minerals did not originate in the DRC or an adjoining country or that the conflict minerals came from recycled or scrap sources, it must still describe its reasonable country of origin inquiry, its due diligence efforts, and the results of both on Form SD. If the affected company’s heightened due diligence reveals otherwise, the affected company must file a Conflict Minerals Report as an exhibit to Form SD.

The Conflict Minerals Report must:

  • Include an independent private sector audit.
  • Include a company certification.
  • Describe the measures the company has taken to exercise due diligence on the source and chain of custody of the conflict minerals.

(For more on complying with the Conflict Minerals Rules, see Conflict Minerals Diligence and Conflict Minerals Disclosure Requirements Checklist on Practical Law.)

On August 18, 2015, the DC Circuit issued an opinion reaffirming its 2014 ruling that Section 13(p) and Section 1502 violate the First Amendment to the US Constitution to the extent they require companies to report to the SEC and state on their websites that any of their products have “not been found to be ‘DRC conflict free’” (Nat’l Ass’n of Manufacturers v. SEC, 800 F.3d 518, 530 (D.C. Cir. 2015); for more on the 2015 ruling, see Conflict Minerals Challenge: DC Circuit Reaffirms Decision on Rehearing on Practical Law; for a discussion of the practical implications of this litigation, see Conflict Minerals Diligence on Practical Law).


The FCPA (15 U.S.C. § 78dd-1 to 15 U.S.C.§ 78dd-3) prohibits subject companies from offering or paying anything of value to any person while knowing that any portion will be offered, given, or promised to foreign government officials to assist in obtaining or retaining business (for more on the FCPA, see The Foreign Corrupt Practices Act: Overview on Practical Law).


President Obama signed the TFTEA on February 24, 2016. Among other things, the TFTEA amended the Tariff Act of 1930 and eliminated the long-standing “consumptive demand exception” to the prohibition against importing goods produced by convict labor, forced labor, or indentured labor. Previously, this exception allowed such goods to be imported in order to meet US consumptive demands.


President Trump signed CAATSA on August 2, 2017. Among other things, CAATSA creates a rebuttable presumption that forced labor was used in products made by North Korean nationals or citizens, wherever located.


President Biden signed the UFLPA on December 23, 2021. The US enacted the UFLPA to support the prohibition on the import of goods made with forced labor in the Xinjiang Uyghur Autonomous Region (XUAR or Xinjiang) of China. The UFLPA took effect on June 21, 2022.

State Laws

Some states have also enacted ESG-related legislation affecting the supply chain.

For example, Maryland’s House Bill 425 (2012 MD H.B. 425 (NS)), which became effective on October 1, 2012, prohibits state agencies from obtaining supplies or services from companies that violate the Conflict Minerals Rules.

Additionally, California has enacted two pieces of legislation affecting supply chains in the ESG arena:

  • The Supply Chains Act.
  • California Senate Bill 861.

California’s Supply Chains Act

The Supply Chains Act (Cal. Civ. Code § 1714.43) applies to a company if it meets all of the following criteria:

  • It is a retail seller or manufacturer as indicated on its California tax return.
  • It does business in California.
  • It has worldwide gross receipts in excess of $100 million.

A business covered under the Supply Chains Act must disclose to what extent, if any, it:

  • Verifies product supply chains to evaluate and address risks of human trafficking and slavery, and specifies if the verification was not conducted by a third party.
  • Audits suppliers to evaluate compliance with the company’s standards for trafficking and slavery in supply chains, and specifies if the verification was not an independent, unannounced audit.
  • Requires direct suppliers to certify that materials incorporated into the product comply with laws regarding slavery and human trafficking of the country or countries in which they are doing business.
  • Maintains internal accountability standards and procedures for employees or contractors failing to meet company standards regarding slavery and trafficking.
  • Provides training to company employees and management (that is, those who direct responsibility for supply chain management) on:
    • human trafficking and slavery; and
    • mitigating risks within the supply chains of products.

The information must be disclosed either:

  • On the homepage of the company’s website. On its face, the statute does not permit the information to be placed on a CSR-related landing page.
  • In writing within 30 days of receiving a written request from a customer, if the company does not have a website.

A California Attorney General’s action for injunctive relief is the exclusive remedy for a violation of the Supply Chains Act. While private plaintiffs have no right of action under the Supply Chains Act, they may be able to bring claims under other statutes, such as the California Unfair Competition Law or the Consumer Legal Remedies Act.

(For more on the Supply Chains Act, see The California Transparency in Supply Chains Act: Overview on Practical Law.)

California Senate Bill 861

California’s Senate Bill 861 (2011 CA S.B. 861 (NS)), which became effective on August 22, 2012, requires any public company contracting with the State of California to comply with the Conflict Minerals Rules (see Conflict Minerals Rules above).

Supplier Codes of Conduct

Led by large retailers with considerable bargaining power, companies have been establishing standards for how their suppliers treat their workers and the environment. These minimum standards are often set out in a supplier code of conduct that the vendor must observe to do business with the company (for a model supplier code of conduct policy, with explanatory notes and drafting tips, see Supplier Code of Conduct Policy on Practical Law). Supplier codes of conduct, also referred to as vendor codes of conduct or responsible sourcing standards, are usually posted on company websites and sometimes incorporated by reference into the company’s supply chain contracts. Companies also require their suppliers to place posters in supplier facilities informing their workers of these minimum standards (for a model supplier code of conduct poster, with explanatory notes and drafting tips, see Supplier Code of Conduct Poster on Practical Law).

ESG Clauses in Supply Chain Contracts

Companies with the requisite bargaining power have also been increasingly including ESG-related representations and covenants in commercial contracts with suppliers and vendors. For example, companies may require their vendors to:

  • Represent that the vendor’s goods do not contain conflict minerals (for a model contract clause that a buyer can include in its sale of goods agreement to require the seller to represent that the goods do not contain conflict minerals, with explanatory notes and drafting tips, see General Contract Clauses: Conflict Minerals Representations and Warranties on Practical Law).
  • Covenant that the vendor’s goods have not been made using any form of forced labor (commonly referred to as modern slavery in the UK and other jurisdictions) (for a model contract clause that an importer of goods into the US can use to prohibit its foreign manufacturers or suppliers from using any form of forced labor in the production of the imported goods, with explanatory notes and drafting tips, see General Contract Clauses: Forced Labor Covenant on Practical Law).

While clauses requiring suppliers to reduce their GHG emissions are still rare, the SEC’s pending climate disclosure rules may provide public companies with an increased incentive to impose obligations on their suppliers to help them comply (for more on climate-conscious clauses, see ESG Clauses Increasingly Incorporated in US Supply Chain Contracts on Practical Law).

While clauses requiring suppliers to reduce their GHG emissions are still rare, the SEC’s pending climate disclosure rules may provide public companies with an increased incentive to impose obligations on their suppliers to help them comply.

Creating an ESG Supply Chain Policy

A comprehensive ESG program generally includes policies and procedures to address various ESG risks and opportunities. This article only considers the creation of an ESG policy for a company’s supply chain.

At a high level, when establishing a new ESG policy for the supply chain or reviewing an existing policy, a company should:

  • Identify the appropriate legal and operational leaders within the company to establish a working group.
  • Articulate the company’s objectives.
  • Recognize the potential challenges.
  • Ensure a commitment to ESG policies at all levels.

Working Group

Any company that wishes to establish a new ESG policy or to review its existing policy should first assemble a working group composed of the appropriate legal and operational leaders. Companies often establish such working groups to manage and oversee their ESG program, including establishing appropriate disclosure controls and procedures for collecting, verifying, and reporting ESG information. Members may include key operations executives, communications executives, risk management executives, human resource professionals, and in-house counsel. In time, and depending on the size of the company, the working group may also establish committees and sub-groups at various levels of the company.

The working group or a subset of the working group should be involved in the drafting or approval of any supply chain policy. The working group should also oversee the process of communicating the policy internally, including to senior management and the board of directors. While the board will typically not be involved in approving the policy, it should be notified of the policy’s existence and understand its role in helping the company meet its ESG objectives.

Company Objectives

A company’s ESG supply chain program should be shaped by:

  • Legal requirements.
  • Corporate values.
  • Market, industry, and societal norms.
  • The commercial context in which the company operates.

The working group should have a clear understanding of existing and proposed ESG-related legislation affecting the supply chain (see Legislation and Regulations Impacting the Supply Chain above).

The working group should also be familiar with voluntary sustainability reporting frameworks developed by global sustainability organizations and initiatives. As there is currently no standardized mandatory ESG disclosure framework in the US, companies can look to organizations and initiatives such as the United Nations Global Compact, the Global Reporting Initiative, and the Sustainability Accounting Standards Board for guidance. (For more on sustainability organizations and initiatives, see Environmental, Social, and Governance (ESG): Overview on Practical Law.)

The working group should also consider existing and current:

  • Governance policies, corporate values, mission statements, and goals. It is particularly important that an ESG supply chain policy adhere to other ESG-related policies, such as environmental and corporate governance policies (for example, codes of conduct, FCPA policies, and data security policies).
  • Budget, resources, management, and accountability structures.
  • Prevailing thoughts, opinions, activities, and commitments of employees and other stakeholders.
  • ESG-related operational goals set by the company.

Synergies can be obtained from coupling the development of an ESG program with marketing, branding, communications, financial reporting, and investor relations efforts. The working group should regularly analyze the ESG areas that pose the most risk and present the greatest opportunity to the business. The working group should be particularly alert to identifying and prioritizing activities that could potentially:

  • Help retain or win clients and contracts.
  • Expose the company to unacceptable levels of risk if not addressed.
  • Improve relations with major stakeholders, including investors, customers, suppliers, regulators, employees, and non-governmental organizations.
As there is currently no standardized mandatory ESG disclosure framework in the US, companies can look to organizations and initiatives such as the United Nations Global Compact, the Global Reporting Initiative, and the Sustainability Accounting Standards Board for guidance.

Potential Challenges

When complying with legislation and developing and implementing ESG programs for the supply chain, companies often face obstacles that can be time-consuming or expensive to overcome. These include:

  • Conflicting legislative mandates. With the politicization of ESG in the US, companies with ESG programs that operate in multiple states are confronted with conflicting state laws on ESG, where being in compliance in one state may mean violating the law in another (for more information, see ESG and State Law in 2022: Conflicts and Trends and Key Developments in State ESG Law: 2022 Tracker on Practical Law).
  • Supply chain complexities. Supply chains are often long, complex, and difficult to define. In most cases, a manufacturer purchases goods and services from many suppliers (direct suppliers), who in turn may have their own suppliers (indirect suppliers). Even where voluntary or legal obligations apply only to direct suppliers, companies can face significant logistical and legal challenges, for example, with respect to oversight, audit, and enforcement, especially in the context of international sales.
  • Implementation difficulties. It may be difficult for companies to impose ESG reporting obligations on their existing direct and indirect suppliers. Doing so may require companies to amend existing vendor contracts, which in turn may require renegotiation of the economic or other terms of the relationship.
  • Challenging supplier audits. It is challenging for companies to determine whether their direct and indirect suppliers are complying with ESG reporting obligations. Supplier audits can be costly and unsuccessful because of limited record access, transparency, consistency, and clarity.

Commitment to ESG

A company must be prepared to commit to the ESG policies it establishes at every level. As with other corporate policies, a commitment to ESG demands:

  • The buy-in of senior leadership and the board of directors and the communication of that buy-in to internal and external constituents (for a model briefing for in-house counsel to give business executives to educate them on ESG, with explanatory notes, see ESG Issues in US Supply Chains: Business Briefing on Practical Law).
  • Realistic procedures that are well-tailored to achieve implementation of set goals.
  • Effective and ongoing communication, staff motivation, and training programs.
  • A system for setting, measuring, and publicizing specific targets.
  • A readiness to provide adequate responses to internal and external investigations and audits.
  • Regular review.

(For more on designing, implementing, and enforcing an ESG supply chain compliance program, see Developing an ESG Supply Chain Compliance Program on Practical Law.)

This article is based on an original version by Ron C. Llewellyn of Fenwick & West LLP and Ashley C. Walter of Orrick, Herrington & Sutcliffe LLP.