Summary

Business and international criminal law

Anna Triponel

March 13, 2026

Gerald Pachoud of the Global Business Initiative on Human Rights (GBI) published Blind Spot in the Boardroom: Why Businesses Ignore International Criminal Law and Why They Shouldn’t (February 2026).

Human Level’s Take:
  • Companies are increasingly under scrutiny for how they operate in conflict settings. For example, the ongoing conflict in Iran and spillover effects in the Gulf States are already disrupting operations and supply chains, putting workers and local communities at risk, and raising risks for business. Meanwhile ongoing conflicts in Russia/Ukraine and Israel/Palestine have drawn increased public attention to businesses who may be connected to harms perpetrated by governments, armed forces and non-State actors.
  • What happens when a company is connected to violations of international criminal or humanitarian law? Legal, reputational and other business risks ensue. GBI’s brief underscores that exposure to international criminal law is a core governance risk — but one that many companies have not yet grappled with in their risk assessment, decision-making and escalation processes.
  • There are a number of ways in which this governance gap manifests, from companies seeing conflict as out of their control and therefore not owning the risk, to missing risks amid siloed human rights and business governance structures, to simply not knowing how to tackle a complex issue that can entail expensive follow-up.
  • There are a number of concrete actions that boards can take to more effectively manage their human rights risks in conflict contexts. This includes board-level training on international criminal law risks, embedding conflict and human rights screening into due diligence and escalation processes, and using credible external reporting as a trigger for escalation. It also includes documenting risk assessments, decision-making processes and governance decisions, which can be material in future investigations and litigation.
  • Ultimately, the brief emphasises that this issue is not going away and is likely to increase in future, as evidenced by the Lafarge Syria case and the Lundin Oil Sudan case. The objective is not to eliminate all risk, but to act responsibly and with consideration for how the company could be complicit with severe human rights abuses, which can help protect against legal and reputational risk.

Some key takeaways:

  • International criminal law is a governance risk: International criminal law (which encompasses crimes against humanity and war crimes) has moved beyond military and political contexts to become a material governance risk for companies operating in conflict-affected environments. The framework now reaches business conduct through doctrines of participation, aiding and abetting, and contribution. The 2021 indictment of French cement company Lafarge for complicity in crimes against humanity in Syria illustrates this exposure concretely. Jurisdictional reach is expanding: States including France, Germany and Sweden apply domestic criminal law under universal jurisdiction principles, enabling prosecution of serious international crimes regardless of where they occurred or the nationalities involved. Boards of companies in high-risk environments need to therefore treat this as a legal concern, not merely a reputational one. The core rules of international criminal law are directly relevant to companies whose commercial activities intersect with State security forces, armed groups or occupation-related economic systems. This can include individual liability, corporate liability and indirect commercial exposure, for example through financing, infrastructure, logistics or technology. This means that normal business activities in conflict-affected places can create criminal liability.
  • Governance gaps: If international criminal law is relevant for business, why aren’t companies treating it as a core governance risk? GBI’s brief identifies seven reasons for this. First, many companies do not see international criminal law as a relevant framework for business engaged in “neutral commerce” that is not directly related to war or conflict. Second, companies often over-rely on legal restrictions like sanctions and export-control compliance, although this does not necessarily shield a company from complicity in a war crime. Third, many in-house legal teams lack the specific training and expertise in international criminal law, which means that critical red flags fly under the radar. Fourth, due to siloing in corporate governance, human rights risks may be treated as outside of core legal and risk management processes — which can mean that they go unreported or un-escalated to the board. Fifth, there is a concern that documenting risks of complicity could later be used against the company in case of litigation, even though avoidance increases legal and reputational risk over time. Sixth, commercial and operational priorities tend to win out in cases where flagging complex legal risks could require a costly, time-consuming solution. Finally, the author notes that there is a false sense of security for many companies, as few prosecutions of companies for complicity in conflict took place. This is now changing as precedents like the Lafarge case in Syria and the case of Swedish oil company Lundin in Sudan.
  • Practical steps for boards and executives: There are a number of practical actions for company leaders to address this governance gap. For example, boards can ensure training on criminal exposure under international criminal law and establish formal escalation processes and documented decision-making where there are credible indicators of severe human rights abuses or links with conflict. In addition, screening for conflict exposure needs to be integrated into human rights due diligence and heightened human rights due diligence processes. Screening needs to be performed regularly and consider country, business activity and partner risks. Companies can also ensure that credible reporting on potential links to conflict and violations of human rights is used as a trigger for escalation. For instance, this can include reporting by the UN, NGOs and journalists, as well as documented patterns of abuse that indicate likely risk. Additionally, it is critical to preserve evidence of risk assessment and governance decisions, as these may be used in investigations and litigations. The author underscores that the objective is not to avoid risk entirely, but to ensure that decisions are “informed, documented, and defensible” given the operating context. The paper also includes a number of tools to support boards and executives in this work, including an early-warning checklist, risk decision matrix, and triggers for immediate escalation or exit versus proceeding safely.

Back to content hub

You may also be interested in

This week’s latest resources, articles and summaries.
No items found.
About Human Level
Home
What we do
Our Team
Our Values
Code of Conduct
Content Hub
Blog
Contact
Sign up here for regular insights
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Copyright © 2022 Human Level.