conflict minerals disclosure requirements

JAN-MAR 2014www.riskandcompliancemagazine.com

RCrisk &compliance&

Inside this issue:

FEATURE

The evolving role of the chief risk officer

EXPERT FORUM

Managing your company’s regulatory exposure

HOT TOPIC

Data privacy in Europe

REPRINTED FROM:RISK & COMPLIANCE MAGAZINE

JAN-MAR 2014 ISSUE

DATA PRIVACY IN EUROPE

www.riskandcompliancemagazine.com

Visit the website to request a free copy of the full e-magazine

Published by Financier Worldwide [email protected]

© 2014 Financier Worldwide Ltd. All rights reserved.

R E P R I N T RCrisk &compliance&

CONFLICT MINERALSDISCLOSURE REQUIREMENTS

��

��

risk &complianceRC&

��

��

��

��

��

��

��

REPRINTED FROM:RISK & COMPLIANCE MAGAZINE

OCT-DEC 2014 ISSUE

www.riskandcompliancemagazine.com

Visit the website to requesta free copy of the full e-magazine

Published by Financier Worldwide [email protected]

© 2014 Financier Worldwide Ltd. All rights reserved.

2 www.riskandcompliancemagazine.comRISK & COMPLIANCE Oct-Dec 2014

MINI-ROUNDTABLE

MINI-ROUNDTABLE

CONFLICT MINERALS DISCLOSUREREQUIREMENTS

www.riskandcompliancemagazine.com 3RISK & COMPLIANCE Oct-Dec 2014

MINI-ROUNDTABLE

PANEL EXPERTS

Jonathan Hughes is the director of Assent Compliance’s Conflict Mineral service division. During his time with Assent, he has overseen various programs including REACH, RoHS and Conflict Minerals. Mr Hughes has been instrumental in the architecture and further development of Assent’s Compliance Software and Consulting service offerings. He represented Assent Compliance when requested to speak with the SEC in person regarding Conflict Minerals. His feedback was requested in writing, submitted to the SEC and cited in the Final Rules. Mr Hughes has also participated in an upcoming report to be released by the Government Accountability Office this summer.

Jonathan Hughes

Director

Assent Compliance Inc.

T: +1 (613) 290 8044

E: jon.hughes@assent

compliance.com

Jane C. Luxton is a member of Clark Hill PLC’s Environment, Energy, and Natural Resources Practice Group based in the Washington, DC office. Ms Luxton has extensive experience in conflict minerals and related supply chain accountability legal issues. Her practice includes advising mining, metals, and manufacturing companies on a range of US and international legal compliance issues as well as sustainability regimes. She has served in senior legal positions with the US Departments of Justice and Commerce.

Jane C. Luxton

Partner

Clark Hill PLC

T: +1 (202) 572 8674

E: [email protected]

Joseph A. Hall is a member of Davis Polk’s Corporate Department. His practice includes advising issuers and underwriters on capital markets transactions; advising SEC-regulated entities on regulatory matters; and advising on securities, corporate and governance matters, generally. He returned to the firm in 2005 following completion of his service at the US Securities and Exchange Commission as Managing Executive for Policy under Chairman William H. Donaldson. As a member of Chairman Donaldson’s senior management team, Mr Hall assisted in directing the Commission’s policy-making and enforcement activities.

Joseph A. Hall

Partner

Davis Polk

T: +1 (212) 450 4565

E: joseph.hall@davispolk.

com

Charles A. Riepenhoff, Jr is a managing director in KPMG’s Forensic practice. He serves as the firm’s Advisory Lead for Conflict Minerals, is a CMR reporting specialist, and a member of KPMG’s Conflict Minerals Executive Steering Committee. Mr Riepenhoff has more than 40 years of diversified experience in the areas of regulatory compliance, investigations, and audit. He has served as an instructor for national training programs and a lecturer at The Institute of Continuing Legal Education of the State Bar of Georgia and the Atlanta Bar Association.

Charles A. Riepenhoff, Jr

Advisory Managing Director

KPMG LLP

T: +1 (404) 222 3289

E: [email protected]

As Associate VP of Industry Solutions, Sonal Sinha is responsible for driving solutions and strategy for MetricStream in industries such as consumer packaged goods, retail and technology. Ms Sinha comes to MetricStream with over a decade of experience as a Risk Management and Compliance Leader at global consulting, financial services and technology corporations such as Google, Visa and KPMG. Ms Sinha holds a B.Sc. (Honours) from the University of Texas, Arlington and a joint M.B.A. from University of California, Berkeley’s Haas School of Business and Columbia Business School in New York.

Sonal Sinha

Associate Vice President

MetricStream

T: +1 (650) 620 2955

E: sonalsinha@metricstream.

com

CONFLICT MINERALS DISCLOSURE REQUIREMENTS


MINI-ROUNDTABLE

RC: Could you provide a brief overview of key issues surrounding ‘conflict minerals’? What considerations do companies need to make about the materials they use and where they are sourced?

Riepenhoff: Under Section 1502 of the Dodd-

Frank Act, the rules of the US Securities and

Exchange Commission (SEC) provide that companies

reporting to the SEC under the 1934 Securities

Exchange Act determine annually whether they use

conflict minerals in their manufacturing process.

Conflict minerals are defined as gold, tin, tungsten,

and tantalum (3TG) originating in the Democratic

Republic of the Congo (DRC) and its neighbouring

countries where military strife has been financed by

the sale of these minerals. Companies must disclose

by filing a Form SD and a Conflict Minerals Report

(CMR) the source of the minerals if they come from

the DRC or surrounding countries and they must

determine whether the 3TG they use is ‘DRC conflict

free’, ‘DRC conflict undeterminable’, or ‘Not found

to be DRC conflict free’, as defined in the SEC’s final

rules on conflict minerals of 22 August 2012. There

are several key issues companies should consider

with regard to Section 1502. These include their

procurement strategy for conflict minerals, and the

reliability of data received through a Reasonable

Country of Origin Inquiry (RCOI). Companies should

also consider how best to protect their brand and

examine their exposure to a range of risks, including

reputational, operational and legal. Companies are

vulnerable if they do not know who their business

partners are, how they operate, how they source

their materials, how they manufacture, and so on. It

is more important than ever that companies should

know the source of the products they buy in order to

manage associated risks.

Hughes: There are a number of key issues

surrounding conflict minerals. Companies need to

ensure business continuity and a positive brand

image while being in compliance with the mandated

legislation. They should install a business process

that allows them to gain supply chain transparency

at the material level and develop a holistic materials

compliance program. All of this should be done at

an affordable price. Finally, they need to ensure that

the business process selected for conflict minerals

‘scales’ in the event that new, similar regulations

involving restricted or monitored substances or

materials are put in place.

Luxton: Conflict minerals, writ large, is a supply

chain accountability program evolving on multiple

fronts that companies need to address. The SEC

rule is certainly one important part. Only 1300-some

companies of an expected 6000 filed the required

forms. Those that made 2014 submissions should

be working to improve their performance for 2015,



MINI-ROUNDTABLE

and those that want to qualify their products as

‘DRC conflict free’ must put in place an independent

private sector audit (IPSA). The conflict minerals

court case is moving forward again, and reporting

requirements could change – another challenge. But

for companies thinking strategically about supply

chain and reputational risk, many other competitive

factors overshadow the importance of the rule.

Pressure from customers – both consumers and

sustainability-focused business customers

– along with investor and interest groups

that rate and rank performance, are

much stronger market forces driving

sophisticated corporate behaviour.

Today’s environment offers both risks and

opportunities.

Hall: Over the last few years we have

seen increasing interest by institutional

investors – particularly socially conscious

investors – and now the US federal

government, in the way companies’

purchasing decisions may inadvertently be helping

to finance armed conflict in the DRC. Relatively few

US manufacturers directly source their commodity

inputs from the African continent, but quite a few

US manufacturers build products with raw materials

that may have originated from the continent

somewhere up the supply chain. Investor and

regulatory attention to the issue is now compelling

many of these companies to examine their supply

chains with an unprecedented level of rigor. A few

years ago the main concerns of a supply chain

manager when purchasing commodities and other

manufacturing inputs might have been price,

quality and reliability of supply and delivery; now

that same manager is bound to ask whether her

company’s sourcing policies may inadvertently

leave the company vulnerable to adverse publicity.

This would be a concern for any company, but for

a consumer products company in particular, the

negative repercussions could be significant. So this is

of a piece with other ‘corporate social responsibility’

issues that public companies increasingly must deal

with, from environmental topics such as carbon

footprint and water quality, to human rights concerns

such as employment anti-discrimination policies and

fair trade practices.

Charles A. Riepenhoff, Jr,KPMG LLP

“Companies are vulnerable if they do not know who their business partners are, how they operate, how they source their materials, how they manufacture, and so on.”



MINI-ROUNDTABLE

Sinha: The impact, breadth, applicability and

requirements of the conflict minerals rule indicates

that it is poised to change the face of compliance in

many ways. Over the last decade, organisations have

seen a flurry of new regulations, the primary focus

of which has been on disclosures around financial

controls, accounting practices, operating results

and the overall financial strength of a company. On

the other hand, even though it is regulated by the

SEC, the conflict minerals rule is nearly devoid of

a financial governance angle. Instead, it is focused

on corporate social responsibility. Until

recently, corporate social responsibility

has been a voluntary activity for most

companies. Visionary companies, however,

have quickly realised that complying

with the conflict minerals rule – and

understanding the materials they use and

where they are sourced – will also help

them demonstrate social responsibility,

which can bring about short-term and

long-term reputational and financial

benefits.

RC: How has legislation dealing with the problem of conflict minerals evolved in recent years? What developments have you seen in the past 12-18 months?

Hughes: Industry at large has gone through

the Kübler-Ross Stages: denial, anger, bargaining,

depression and acceptance. Firms are now installing

compliance programs and have accepted the

regulation as a business requirement. While some

court issues continue, industry at large has accepted

and is trying to meet compliance requirements.

Sinha: The SEC adopted Section 1502 of the Dodd-

Frank Act, requiring that publicly listed companies

disclose their use of conflict minerals. The rule

requires all US publicly listed companies that use

3TG metals in their products to, firstly, determine if

these minerals originated in the DRC and certain

surrounding countries, and secondly, to identify if

these minerals were sourced conflict-free or not.

In the broadest sense, the rule aims to minimise

funding to armed groups that engage in human

rights violations in the Congo and adjoining regions.

Regulators believe that by encouraging organisations

Sonal Sinha,MetricStream

“The impact, breadth, applicability and requirements of the conflict minerals rule indicates that it is poised to change the face of compliance in many ways.”



MINI-ROUNDTABLE

to make public disclosures regarding the source

and movement of conflict minerals across their

supply chain, that over time, companies will look to

source minerals from conflict-free sources. The SEC’s

upholding of the conflict minerals rule, in spite of

multiple appeals, highlights their focus on actually

addressing the problem of conflict minerals.

Hall: In the US, the 2010 Dodd-Frank Act directed

the SEC to require publicly traded companies to

report on the existence of conflict minerals in their

supply chains. The SEC’s rule went into effect in

2013, with the first reports being due in early June

2014. However the SEC’s rule was challenged in

federal court by a group of trade and business

associations, and shortly before the first round

of reports were due, the court struck down a key

provision of the rule. The SEC soon announced that

companies would nevertheless be required to file

their reports by the original due date, but would not

have to label their products in a manner that would

convey whether or not they were free of inputs

that may have directly or indirectly financed armed

conflict in the DRC. So the first round of filings was

rather ambiguous on that point – and as a group

the filings were the subject of some criticism for it.

We are now waiting for the SEC’s next move, which

could involve a request for the court to clarify that

the SEC’s rule as originally adopted is now fully in

effect for reports covering calendar 2014, which

will be due in May 2015. Just to keep everyone

guessing, however, if control of the US Senate

passes into Republican hands after the November

elections, we could see a movement in Congress

to repeal portions of the Dodd-Frank Act, including

the provisions authorising the SEC to promulgate

the conflict minerals rule. So in the US we may still

be a long way off from knowing whether legally

mandated conflict minerals reporting will continue to

exist for 2015 and beyond.

Riepenhoff: The most significant developments

since the SEC promulgated the final rules governing

Section 1502 in August 2012 have not come from

the legislation per se, but rather from the courts.

The US court of appeals ruled that the requirement

to disclose ‘not found to be DRC conflict free’

violated a corporation’s right of free speech under

the first amendment. In a separate meat-labelling

case, a different appeals court ruled that the

public’s right to know overrode a company’s first

amendment rights. The SEC issued a temporary

stay in December 2013 relieving the requirement on

companies to disclose their status determination,

such as ‘undeterminable’ or ‘conflict free’, for the

2013 reporting period. The SEC has asked that the

appeals court reconsider its ruling. The outcome of

the various court rulings may have an impact on

whether companies will eventually be required to

declare their manufacturing process status with

regard to conflict minerals. Whatever the outcome,

though, there is growing pressure on companies



MINI-ROUNDTABLE

from various stakeholders, including customers, to

make their supply chains more transparent, so they

should establish strong processes to do this. If they

do so, they may gain a competitive advantage.

Luxton: After the 2010 passage of conflict

minerals reporting legislation in Section 1502 of the

Dodd-Frank Act, the centre of activity shifted to the

SEC’s 2012 implementing rule. The rule left many

terms ambiguous, and the SEC was forced to issue

‘frequently asked questions’ documents and on at

least one occasion an interpretive letter, the broader

applicability of which remains unclear. In April 2014,

after an appeals court invalidated the rule’s specific

labelling requirements as contrary to the First

Amendment, the SEC released guidance on revised

compliance expectations. In July, an unrelated First

Amendment case raised new questions

about the conflict minerals decision, and

the court has called for briefing on possible

reconsideration, which could potentially

reinstate the original requirements or lay

the groundwork for different disclosures.

Also in July, the US adopted specific conflict

minerals sanctions criteria that apply not

just to SEC-filing companies but to all

businesses operating in the US. Without

question, this is an evolving area of law.

RC: Which sectors and industries need to be most aware of the SEC’s

conflict minerals disclosure requirements, including available exemptions? What checks should these companies make on their internal operations?

Luxton: The SEC’s disclosure requirements are

an equal-opportunity problem for all manufacturing

sectors and industries. With no de minimis cutoff

and few exemptions, manufacturing companies

and those that ‘contract to manufacture’ need to

be engaged. And that is also true for the many

companies that do not file SEC reports but are

caught up in supply chain tracing at the insistence of

their publicly traded customers. Some industries, for

instance electronics and automotive manufacturers,

were early adopters and have worked hard to

establish standardised search templates and support



MINI-ROUNDTABLE

smelter certification programs, but others

have lagged behind. Those in the forefront

have given notice they expect better

responsiveness and data quality from

their suppliers than occurred in 2014, and

buyers are increasingly looking for ways to

leverage their purchasing power to increase

a supplier’s willingness to provide needed

information.

Hall: Any SEC-reporting company,

domestic or foreign, with manufacturing

operations – including outsourced

manufacturing operations – needs to be

aware of the rule and needs to determine whether

any of its products falls within the scope of the

rule. If so, there aren’t any reporting exemptions,

as such. For example, there is no de minimis

exemption that would allow a company with only

a tiny amount of conflict minerals in its products

to escape the reporting obligation. The rule itself is

rather convoluted, however, and not every company

that uses conflict minerals in its manufacturing

operations is caught by it. That said, companies

in the electronics or heavy manufacturing

industries will, because of the nature of their

products, tend to be covered, while companies in

the service industries, such as transportation or

telecommunications, may not be.

Sinha: The conflict minerals rule is imposed on

all US publicly listed companies, which means that

thousands of organisations are affected, across

multiple industries, including electronics, aerospace,

manufacturing, automotive, jewellery, retail,

healthcare and energy. On top of that, hundreds of

thousands of suppliers also have to demonstrate

compliance. For the most part, previous regulatory

compliance requirements have been inward-looking;

companies have been held responsible for the

activities within their organisations. On the other

hand, with the conflict minerals rule, a company

must look outward, as well as inward. In this case, it

means assessing the entire supply chain, all the way

down to the smelters, to determine the origin of the

raw materials in their products.



MINI-ROUNDTABLE

Riepenhoff: All sectors that manufacture

products for sale or sell products containing 3TG

need to establish a policy for conflict minerals. The

final rules require a company that manufactures, or

contracts to manufacture products, to determine

whether they use 3TG, and if so, perform the RCOI as

well as due diligence for responsible supply chains,

and then meet certain disclosure requirements.

There are no specific exemptions to these rules.

However, the SEC’s final rules do provide companies

with the latitude to reach their own interpretation as

to the meaning of some terms, such as ‘reasonable’

and ‘functionality’. Internally, companies should

develop a standard operating procedure which

defines the process and responsibilities for meeting

the requirements established by the rules. Many

functions within an organisation are involved, such

as procurement, design, engineering, production, IT

and legal. It is important that these functions work

together to compile and document the company’s

process and decision making and to ensure that

accurate filings are made to the SEC.

Hughes: 3TGs are most prevalent in electronics,

automotive and aerospace or manufacturing as a

whole, which dictates that these sectors need to be

most aware. Firms in these sectors need to have a

scalable means of collecting, analysing and reporting

on material data from their supply chain.

RC: What risks may arise through a company’s dealings with third party partners and suppliers? How are such relationships addressed by the disclosure rules?

Hall: It’s a given that no public company will

want to be in the position of having to report that

its purchasing activity may have contributed to

financing armed conflict in the DRC. As a result,

companies will want to deal with suppliers who can

credibly certify that their minerals did not originate

in the DRC or an adjoining country, or, if they did,

that they did not finance armed groups in the region.

But this is no easy task when companies may deal

with hundreds or even thousands of suppliers, who

themselves may be several steps removed from

the actual mines, smelters and processing facilities

where the minerals originate. So a company’s

relationships with its suppliers, and the degree to

which the company is able to obtain their diligence

and cooperation, will directly impact what the

company can and cannot say about the impact

of its purchasing activity. This is presumably the

point of the rule; while structured as a disclosure

requirement, the goal would appear to be to force

companies to examine their supply chains at a

minute level and hold them directly responsible

for whether their purchasing decisions are having



MINI-ROUNDTABLE

an indirect and unintended impact in a far-away

country.

Hughes: The major risk in dealing

with third party providers is selecting

the wrong program type and risking an

overspend on consulting rates. There

have been examples of consulting firms

charging upwards of $1m to clients,

where more scalable, robust and effective

programs could have been implemented

internally or through other providers for a

quarter of the cost.

Riepenhoff: Companies face a range

of risks with regard to their supply

chain. One item that is high on the list is brand

reputation and the impact of a company’s dealings

with customers, suppliers or third party partners.

A company’s reputation could be harmed if it finds

it is using conflict minerals or if it determines that

it is inadvertently purchasing from suppliers that

are on a sanctions list. Conflict minerals reporting

is one step toward supply chain transparency and

corporate responsibility. It will require a significant

and expanded effort, regardless of conflict minerals,

to meet the growing demand from stakeholders for

increased supply chain transparency. Companies

need to have systems, processes, and contracts that

enable them to understand what is in their products

and where the ingredients come from. Regulators in

the US and elsewhere – for example the UK Timber

Act and rules regarding Blood Diamonds – are

continually looking for ways to require companies

to expand disclosures about their supply chains.

These disclosures include not only materials

sourcing but also human rights issues such as child

labour. Another significant risk is regulatory risk. If

the conflict minerals reporting program is regarded

by a company as temporary or is not integrated

with other compliance programs, the company

risks running afoul of other regulations that, at first

sight, are not connected to Section 1502, such as

sanctions, anti-bribery laws, and so on.

Sinha: Global supply chain expansion and a more

decentralised supplier base offers organisations

cost advantages and new opportunities to reach

consumers. However, as the organisation’s supply

Joseph A. Hall,Davis Polk

“It’s a given that no public company will want to be in the position of having to report that its purchasing activity may have contributed to financing armed conflict in the DRC.”



MINI-ROUNDTABLE

chain becomes more distributed and more global,

it also becomes more vulnerable than ever. Dealing

with third party partners and suppliers poses various

risks, such as disruptions caused by uncertain

economic cycles, unpredictable consumer demands,

and natural and man-made disasters.

There are a number of supply chain

risks including data breaches, IP theft,

geopolitical risk and poor supplier

performance. As such, going through

the necessary due diligence processes

to arrive at the required conflict

minerals disclosure requirements is

vital, and will provide organisations

with a better understanding – including

greater visibility and transparency

– over their entire supplier ecosystem,

as well as the individual suppliers.

Luxton: One principal risk is from suppliers that

are unwilling or unable to provide full and accurate

source information obtained from their upstream

supply chains. Lack of this information places

reporting companies at a competitive disadvantage

compared to others that can show their customers,

investors and the market that they are further

along in the race for conflict-free products or even

informed transparency. The SEC rule does not require

100 percent accuracy in reporting, but rather good

faith reliance on information that includes refusing

to overlook red flags. Even the US Commerce

Department recently conceded it can’t tell which

smelters are tied in to DRC conflict activity, so for the

time being, companies must do what they can to get

the best possible information and document their

efforts. A second major risk is unexpected surprises,

such as instances of bribery or sanctions violations

discovered in the supply chain.

RC: Could you describe the Reasonable Country of Origin Inquiry (RCOI) process in terms of addressing anti-bribery and corruption and Office of Foreign Assets Control (OFAC) risks? What actions should a company in response to these risks?

Sinha: What makes the conflict minerals rule

especially interesting is its flexible, less prescriptive

approach. For example, if a company is unable to

Jane C. Luxton,Clark Hill PLC

“With the recent expansion of the sanctions criteria to add individuals and groups supporting illicit trade in conflict minerals, the risks have increased.”



MINI-ROUNDTABLE

determine whether the minerals in its products have

originated in the covered countries, they can prepare

a ‘DRC conflict undeterminable’ report. This report is

valid for a temporary two-year period, or four-year

period for smaller companies. This gives companies

more time to conduct the necessary due diligence.

If, after conducting an RCOI, a company determines

that conflict minerals in its products have originated

from the DRC and surrounding regions, then the

company is required to initiate additional due

diligence on the source and chain of custody of its

conflict minerals. According to the Organisation for

Economic Cooperation and Development (OECD),

due diligence in the mineral supply chain is “an

ongoing, proactive, and reactive process through

which companies can ensure that they respect

human rights, and do not contribute to conflict”.

Riepenhoff: An RCOI means that a company must

conduct an inquiry regarding the origin of its conflict

minerals that is reasonably designed to determine

whether any of its conflict minerals originated in

the covered countries and must perform the inquiry

in good faith. The best way to conduct the inquiry

is through an integrated compliance program

designed to address all regulatory risks including

anti-bribery regulations, economic sanctions, and so

on. Uncovering infractions in one area of compliance

can actually help with compliance in another area.

When companies filed their conflict minerals reports

to the SEC in June 2015, a number of them revealed

that they had bought gold from North Korea,

unwittingly in contravention of US sanctions against

the country.

Luxton: I see this as a critical focal point for

corporate risk management. The supply chain review

involved in the RCOI process – and of course further

diligence if required – can unearth unpleasant

surprises, including evidence of violations of the

Foreign Corrupt Practices Act, UK Bribery Act,

and OFAC sanctions rules. The first round of SEC

conflict minerals filings included some embarrassing

revelations from major companies forced to admit

that sanctioned North Korean gold was found in

their supply chains. With the recent expansion of

the sanctions criteria to add individuals and groups

supporting illicit trade in conflict minerals, the risks

have increased. Companies need to integrate the

programs they have in place or are hopefully building

to address all of these risks and make sure attorneys

are involved, to maximise the company’s protection

while it determines the scope of any violations and

how best to meet disclosure and other obligations.

Hall: It’s possible that a company that has robust

anti-bribery, anti-corruption and OFAC policies and

procedures will find it somewhat easier to conduct

the RCOI because such a company may, as a

general matter, have more insight into and ability to

obtain information from its supply chain partners.

But in practical terms, the RCOI is not a procedure



MINI-ROUNDTABLE

that most companies would already have been

undertaking in order to comply with existing anti-

corruption laws and sanctions regimes.

RC: If a company acquires a target that it suspects falls within the scope of the disclosure requirements, what steps does it need to take?

Riepenhoff: The rules provide for an eight-month

extension in the company’s annual filing to the SEC

if it makes an acquisition. As quickly as practical,

an evaluation should be performed to determine

whether the acquisition meets the conflict minerals

rules. In any event, the subsidiary should be included

in the company’s integrated compliance program,

addressing all regulatory risks, not just

those related to conflict minerals.

Luxton: Under the rule, a company that

acquires or otherwise obtains control over

a business subject to conflict minerals

reporting obligations must provide a report

covering the new business, starting with the

first reporting calendar year that begins no

sooner than eight months after the effective

date of the acquisition. For example, if the

deal closed in March 2014, because eight

months later would still be in calendar year

2014, the acquiring company would need to

file a report for calendar year 2015. If the deal closed

in May, the company would have an extra year

before it was required to report, since the end of

the eight-month period would fall in 2015. However,

these rules apply only to acquiring companies that

did not have an independent, pre-existing disclosure

obligation. Presumably the theory is that a company

already required to report would have systems in

place to allow it to meet new supply chain tracing

needs.

Hall: If the target was not already subject to the

disclosure rules, during due diligence the acquiring

company should seek to understand whether

any of the target’s products are ‘in scope’, and if

so whether the target has followed supply chain

and sourcing policies designed to avoid the use



MINI-ROUNDTABLE

of conflict minerals from the DRC and adjoining

countries. In the likely event that the target has not,

the acquiring company should try to get a handle

on the complexity of the target’s supply chain, since

bringing the target into compliance with disclosure

obligations, or even restructuring the target’s supply

chain, may well impact post-acquisition integration

costs. Note that the target’s operations would

be covered by the company’s conflict minerals

disclosures in the year following the acquisition if

the acquisition closes before 1 May; otherwise they

would be deferred until the next year.

Sinha: The conflict minerals rule ushers in

changes to the relationships and disclosure

requirements between the organisation, its suppliers

and associated regulatory bodies. In order to arrive

at a disclosure, the company must understand all

of its suppliers, assessing the contracts between

the company and its suppliers. It also requires that

companies implement conflict minerals surveys,

assessments, audits and due diligence to track if

the necessary steps have been taken by all of the

suppliers and smelters in order to demonstrate

‘conflict free’. Unlike other regulations, this rule

impacts the external operations and relationships

with suppliers. Significant effort is required, and the

processes the organisation must take to conduct

the necessary due diligence requires great cross-

functional collaboration across the organisation;

from the chief procurement officer, general counsel,

CFO, COO, supply chain and procurement, legal

counsel, compliance, finance, internal auditors,

corporate social responsibility teams, external

auditors, and more.

RC: What consequences can companies expect if they are found to be non-compliant with the requirements?

Hughes: Non-compliance, in the literal

sense and with respect to complying

with Dodd-Frank as an SEC issuer, would

typically mean at least one of the following:

not executing your reasonable country

of origin inquiry in good faith; failing to

conduct due diligence in according with the



MINI-ROUNDTABLE

OECD framework; or failing to disclose your findings

properly in your Form SD and CMR. What some

people mean when they say ‘non-compliance’ is

the presence of 3TGs in a company’s supply chain

that are sourced from conflict afflicted mines in the

DRC. Strictly speaking, the latter is not an instance

of ‘non-compliance’ with Dodd-Frank as long as

it is reporting in a company’s filings with the SEC.

For non-compliance on the basis that 3TGs are

present in a company’s supply chain and sourced

from conflict afflicted mines in the DRC, there are

three possible ramifications: loss of business due to

contractual obligations with your customers; damage

to brand image due to public disclosure; or sanctions

under the latest amendment to Executive Order

13413. In theory, a company that knowingly supports

these mines could be subject to sanctions under this

executive order through its indirect support of those

persons in the DRC committing war atrocities and

illicitly trading 3TGs. Does this mean that companies

are going to start receiving sanctions if it is found

that one of the smelters listed on their CMRT has

sourced from a conflict afflicted mine in the DRC?

That is highly unlikely – but it is something that could

be used as a stick against flagrant violators.

Sinha: What makes the conflict minerals rule

different than most is that the regulators aren’t the

only ones judging a company’s compliance efforts.

This judgment also falls with various stakeholders,

such as non-governmental organisations, investors

and customers, which are also interested in a

company’s published conflict minerals report.

Conflict minerals will likely become a brand and

reputation issue, which is also a financial issue.

Responsible sourcing is increasingly important to

consumers, and will likely become a base-level

requirement needed to stay competitive. On top of

that, negative press generated about a company’s

conflict minerals-related efforts can likely also have

a huge effect on reputation, sales and profitability.

It is in a company’s best business interest to invest

the necessary time and resources in building

a comprehensive conflict minerals program,

recognising that this effort is a critical stepping-

stone to a more sustainable and responsible supplier

governance program.

Hall: Using conflict minerals from the DRC or an

adjoining country is not itself a violation of the SEC’s

rule. However, whether or not a company falls into

this category, if it is subject to the SEC’s conflict

minerals reporting requirements and it fails to file a

report, or it files an incomplete or inaccurate report,

at a minimum it – along with its senior executives

– would be subject to an enforcement action by the

SEC.

Riepenhoff: The rules do not provide for

financial or other penalties to be levied by the

SEC in the event of non-compliance. But some

NGOs, such as the Responsible Sourcing Network



MINI-ROUNDTABLE

and Enough, are closely monitoring the reporting

practices of companies and are keenly interested

to see companies reduce their purchase of

conflict minerals. Companies can expect to come

under pressure not only from NGOs but also their

customers to meet the requirements of the Act.

Luxton: Companies face three types of direct

legal consequences if they fail to comply with the

rule. The SEC Office of Enforcement has the power

to bring enforcement actions against non-compliant

companies, but in practice it is very unlikely that

the SEC will take aggressive action, particularly in

the early days of the rule and except in a case of

egregious conduct. Section 18 of the Exchange Act

of 1934 provides a private right of action against

any person who makes a false statement on which

a purchaser or seller of a security relies, unless the

person can show he did not know the statement

was false or that the statement did not affect the

price of the security; these are tough evidentiary

burdens to meet. Note that this provision does not

apply to companies that simply fail to file. Finally,

California and Maryland have passed laws barring

state officials from awarding procurement contracts

to companies that fail to comply with the SEC’s

conflict minerals rule.

RC: What advice can you offer to firms on building a comprehensive conflict

minerals program and adequately addressing disclosure requirements?

Luxton: The most important advice I can

offer a company is to integrate its supply chain

accountability functions in a carefully planned

and strategic way. The SEC’s conflict minerals

disclosure requirements are only one aspect of a

larger phenomenon, and supply chain transparency

demands will only become more numerous and

insistent. The EU is considering conflict minerals

legislation with a wider geographic scope than US

law; states are conditioning procurement on conflict

minerals compliance. But far more is involved: two

states already have supply chain responsibility

regimes focused on human trafficking and slavery,

and federal legislation has been introduced along the

same lines. A recent appellate case held chocolate

makers potentially liable for slavery in their upstream

supply chains. Major industrial customers are

pressuring their suppliers for disclosures relating to

the EU REACH and RoHS programs, carbon usage,

and other socially conscious issues. Companies that

deal effectively with these business risks in a savvy,

coordinated way can reduce corporate vulnerability,

realize efficiencies, and win competitive advantage.

Hall: Companies should start early, devote

the required resources and make sure senior

management understands the magnitude and



MINI-ROUNDTABLE

complexity of the task. Avoid the temptation to

hand the task off to the accounting and legal

personnel who typically handle SEC filings; while

they will need to be involved – in particular, legal

staff will play a critical role in interpreting the rule

and determining whether the company is subject

to it in the first place, and if so which products are

covered – compliance with the disclosure

requirements will depend heavily on the

efforts of the company’s supply chain

managers and other business people who

are typically a step removed from SEC

reporting.

Hughes: Conflict minerals is just one

restricted or monitored substance. For

example, the EU RoHS directive prohibits

the use of lead. If companies develop

separate compliance programs for each

restricted substance, material or social

regulation, their costs will run out of control. Once

firms accept the need for a holistic program to

address product compliance and implement that

program, they will be in a strong compliance position

for the future.

Sinha: First and foremost, companies need to

take a proactive, long-term approach to compliance,

regardless of what stage they are in with regards

to their conflict minerals due diligence or reporting

requirements. This also means establishing the

right foundation: companies need to be clear with

themselves and their stakeholders, with what they

are setting out to do, and what they are trying

to achieve. Engaging the right teams, and hiring

and promoting the right people, can help ensure

that a company’s compliance efforts are well-

coordinated, and cost and time effective. It is also

important to take a risk-based approach to conflict

minerals compliance. This means identifying high-

risk suppliers and high-risk products first. Based on

this, companies can prioritise efforts and budgets

accordingly. My final piece of advice would be to

leverage technology and solutions which can help

strengthen, simplify and automate conflict minerals

management. A long-term, proactive strategy, with

the right technology solution, will increasingly be

what sets leading organisations apart from the rest.


Jonathan Hughes,Assent Compliance Inc.

“Once firms accept the need for a holistic program to address product compliance and implement that program, they will be in a strong compliance position for the future.”


MINI-ROUNDTABLE

Riepenhoff: A comprehensive approach is a

good place to start. Conflict minerals reporting

should be tied to compliance with other supply chain

regulations to make data gathering more efficient

and to strengthen the entire reporting process. A

well-run company does not want to operate without

a deep knowledge of its supply chain; the more it

knows, the better it will be able to prevent supply

interruptions and other threats to efficiency and

smooth operations. Hiding the head in the sand is

not a good way to run a company. Prevention of

negative events is one side of the coin; the other

side is enhancing the benefits to the company.

A more transparent supply chain will improve

efficiency and resiliency. And it will enhance a

company’s reputation. If investors and the public

have a good opinion of the company, this can only

be beneficial, not only for the share price but for

society at large. Transparency breeds trust. RC&


conflict minerals disclosure requirements

Documents