This post first appeared on Risk Management Magazine. Read the original article.
As businesses expand beyond national borders, some find themselves working in places rife with conflict, exposing those companies and their employees to a host of potential dangers. These include being forced to shut down operations for safety reasons as well as paying or otherwise cooperating with violent groups to continue operating in possible violation of domestic and international laws. Companies should be aware of these risks and have plans in place for how to respond and protect their assets and staff.
For example, in November, a French court upheld criminal charges against French cement company Lafarge, which operated in Syria before and during that country’s civil war, and charges against a number of former company executives. Lafarge allegedly violated international sanctions by paying the Islamic State (also known as ISIS) and other violent groups over $5 million so it could continue operating in Syria until 2014, when ISIS attacks forced employees to abandon the company’s factory on the border between Syria and Turkey. Despite the growing danger and dozens of instances of workers being kidnapped, Lafarge also allegedly pressured employees to keep working and reneged on promises to provide buses for evacuating staff, leaving them to fend for themselves.
While the court announced it would continue investigating charges of “financing of terrorists, endangerment of people’s lives and violation of sanctions,” it also dismissed other charges of “complicity in crimes against humanity.” However, the former company officials charged could still see up to a decade in prison and significant fines.
Lafarge, which merged with Swiss company Holcim in 2015 to create LafargeHolcim, acknowledged “unacceptable individual errors,” stating that an independent investigation it commissioned found the company had paid third parties to make arrangements with multiple armed groups, but blamed those third parties for directing the money to those groups. It also stressed that “none of the individuals put under investigation is today with the company and the company stopped operating in the country more than five years ago.”
Similarly, in 2017, the families of U.S. servicemembers killed by an Iran-backed militia in Iraq filed a lawsuit against multiple pharmaceutical companies that allegedly indirectly provided the militia with funds, medicines and supplies. The families said that these companies—AstraZeneca, General Electric, Johnson & Johnson, Pfizer and Roche Holding—gave officials in the Iraqi Health Ministry money and medicine for access to the Iraqi pharmaceutical market at a time when the ministry was controlled by officials loyal to cleric Muqtada al-Sadr, leader of the Jaysh al-Mahdi (JAM) militia, also known as the Mahdi Army. These ministry officials allegedly funneled the money and medicine to JAM, which in turn used it to fund their operations, including attacks on U.S. troops in Iraq.
Families of U.S. servicemembers killed in Afghanistan also sued a group of contractors that allegedly paid local third parties to pass money to the Taliban to protect the contractors’ operations in the country, including hiring individual Taliban members to provide security. The contractors, which include large U.S. and international companies, were involved with reconstruction projects such as rebuilding dams and roads. They allegedly spent 20% to 40% of the funding for those projects on protection by the Taliban and other groups.
In the December 2019 lawsuit, lawyers cited as precedent the case of Chiquita Brands International and its involvement with terrorist groups in Colombia. Chiquita pled guilty in 2007 to violations of the International Emergency Economic Powers Act (IEEPA), which in 1995 made it illegal to provide support to narcotics traffickers in Colombia.
When operating in areas that require interacting with violent groups, understanding the legal restrictions is an integral part of any risk management approach.
Chiquita agreed to pay a $25 million fine for giving protection money to the right-wing terrorist group the United Self-Defense Forces of Colombia (AUC) to safeguard its operations in Colombia. As rebel control of Chiquita’s land shifted from group to group, the company also allegedly paid the left-wing terrorist groups National Liberation Army (ELN) and the Revolutionary Armed Forces of Colombia (FARC). In addition to terrorist attacks, all three groups have been involved in kidnappings and the country’s drug trade. The U.S. Department of State has also designated them foreign terrorist organizations (FTOs), meaning that it is illegal for any U.S. person or entity to provide them funding or a variety of other goods and services. In 2018, Chiquita also settled a lawsuit brought by several families of U.S. citizens killed by the FARC. The suit alleged that the company paid the terrorist group more than $220,000 from 1989 to 1999.
In these cases, Chiquita argued that it had been extorted by the terrorist groups and only paid them so that it could continue operating safely in Colombia. Essentially, this is the dilemma companies face: Pay dangerous groups and continue operating, or shut down operations and take serious losses. However, if the groups companies are paying or interacting with are designated terrorist organizations or if the company’s actions put employees in harm’s way, the law may not care.
When operating in areas that require interacting with violent groups, understanding the legal restrictions is an integral part of any risk management approach. For example, the IEEPA, enacted in 1977, is largely a series of sanctions targeting the assets of different groups or individuals in response to specific threats to the United States and its interests abroad. The law has been expanded to restrict activities in countries around the world including Colombia, North Korea, South Sudan, Russia, and to worldwide threats such as transnational criminal and terrorist groups or entities proliferating weapons of mass destruction.
Companies’ actions may also be limited by the U.S. law prohibiting “material support for terrorism,” passed after the September 11 attacks. Under this law, the United States prosecutes individuals who provide funds, assistance, advice, property or training to FTOs, as well as people joining or attempting to join those groups. While human rights and civil liberties advocates have criticized application of the law in cases where people have expressed support for groups classified as FTOs, paying these organizations for protection—directly or indirectly—may qualify as prosecutable material support. U.S. companies may also find themselves risking prosecution or lawsuits based
on the Foreign Corrupt Practices Act (FCPA) if they are paying or providing incentives to foreign government officials, political candidates or parties to further a business deal.
But compliance is only part of managing risks in volatile areas, said Steve Shapiro, senior specialist at Gartner. He stressed that a company’s leadership should not leave policy up to managers in the field, saying, “A piecemeal approach to political uncertainty, either through corporate silos or country managers, is outdated—enterprise-level responses are needed,” he said.
To that end, the United Nations has developed a framework for businesses called the Global Compact to encourage adoption of sustainable and socially responsible policies and practices. Ensuring that all operations follow the second of the Global Compact’s 10 principles—“businesses should make sure that they are not complicit in human rights abuses”—can help avoid risks when doing business in dangerous areas. The UN defines complicity as “being implicated in a human rights abuse that another company, government, individual or other group is causing,” either by actively aiding those abuses or by failing to act to prevent them. It suggests that companies can prevent these dangers by instituting a human rights policy and conducting regular and extensive due diligence, including human rights assessments of countries in which they do or will be doing business. Companies can also assess their own security and worker protection policies to prevent potential human rights abuses. The UN recommends that companies identify and address their functions that are most likely to commit violations, and privately and publicly condemn human rights abuses to establish expectations for conduct and prevent them from occurring.
Whether lawsuits result in unfavorable verdicts, dismissals or settlements, the risks to companies operating in conflict zones are clear. Being held liable for crimes or harm against employees or others, or simply being accused of such, can have a major impact on business operations and corporate reputations.
Adam Jacobson is associate editor of Risk Management.