Now that the May 31, 2025, filing deadline for reports under Canada’s Fighting Against Forced Labour and Child Labour in Supply Chains Act (the “Supply Chains Act”) has passed, we have had the opportunity to review many of the 2025 cohort of over 4,300 reports available for review in the Public Safety Canada online catalogue.


While the scope and comprehensiveness of the reports cover a wide variety of concerns, it has become very apparent that risk, risk management and risk mitigation are becoming more central to the essence of the reports.

Unpacking the reports, there are essentially three disclosure requirements. It is essential to remember that the mandatory disclosure in the report is retrospective: “the steps the entity has taken… during its previous financial year.” Looking at the mandatory disclosure requirements in the Supply Chains Act, there are three categories of disclosure:

  • Objective and factual disclosure
  • Risk identification disclosure
  • Assessment of the effectiveness of risk management

1. Objective and factual disclosure

The first category of disclosure elicits purely factual and objective historic information and data. For example, the overall disclosure requirement includes:

“the steps the entity has taken during its previous financial year to prevent and reduce the risk that forced labour or child labour is used at any step of the production of goods in Canada or elsewhere by the entity or of goods imported into Canada by the entity;”

the name of the reporting entity, the reporting period, as well as

  1. its structure, activities and supply chains;
  2. its policies and its due diligence processes in relation to forced labour and child labour;
  3. any measures taken to remediate any forced labour or child labour;
  4. any measures taken to remediate the loss of income to the most vulnerable families that results from any measure taken to eliminate the use of forced labour or child labour in its activities and supply chains; and
  5. the training provided to employees on forced labour and child labour.

These disclosures outline the governance and operational steps taken by the reporting entity to address the risk of forced labour and child labour in the business and its supply chains including the tools deployed by the reporting entity to manage the risk of forced and child labour.

2. Risk identification disclosures

The second category of required disclosure to be included in the report covers historic identification of risks of forced labour and child labour by the reporting entity: 

(c) the parts of its business and supply chains that carry a risk of forced labour or child labour being used and the steps it has taken to assess and manage that risk.

As this is a retrospective and historic disclosure, it sheds light on the reporting entity’s subjective assessment and management of actual and potential risks, such as:

  • the identification of actual risks of forced labour and child labour in the prior financial year;
  • the identification of potential risks of forced labour and child labour in the prior financial year;
  • the assessment of actual and potential risks of forced labour and child labour in the prior financial year; and
  • the management of actual and potential risks of forced labour and child labour in the prior financial year.

3. Assessment of the effectiveness of Anti-Forced Labour and Anti-Child Labour Risk Management Program

The third element of the report is, in many cases, the most challenging:

 

(g) how the entity assesses its effectiveness in ensuring that forced labour and child labour are not being used in its business and supply chains.

 

While the identification and assessment of risks are critical, this third element of disclosure focuses on the assessment of the effectiveness of reporting entity’s compliance program. The mere presence of a compliance program may only “tick the box.” Assessing the effectiveness of a reporting entity's compliance is essential. A sub-optimal and ineffective risk management program has the potential to be a “lose, lose” proposition for the reporting entity – “lose” because the compliance program itself is ineffective and “lose” because it places the reporting entity in a position of severe exposure to a number of financial, reputational and regulatory enforcement risks.

 

Accordingly, the anti-forced labour and anti-child labour compliance program must generally be bespoke to the reporting entity and designed for the task at hand. The compliance program should be adequately resourced and be an integral part of the reporting entity’s overall risk management program.

 

The 2024 Annual Report covering the first reporting period of the Supply Chains Act, that was tabled in Parliament under the direction of the Minister of Public Safety, indicated that 43.5% of reporting entities confirmed they have policies and procedures in place to assess their effectiveness in ensuring that forced labour and child labour are not being used in their activities and supply chains. We should expect that this important indicator will be much higher in the 2025 reporting year.

 

 

Our next article will focus on the policies, codes and other tools that should be in every reporting entity’s toolbox to ensure that its compliance program has a solid foundation.

 

If you have questions about the above content or other aspects of the Supply Chains Act, please contact the author directly at stephen.pike@gowlingwlg.com.

 

Click here to learn more about our ESG Advisory Services.