Canada’s FAFL Act: Harnessing Technology to Eradicate Forced & Child Labor in Supply Chains

A new law in Canada may be one to add to your monitoring of global regulations to prevent modern slavery in supply chains. Read on for details about the new legislation and what you need to know to ensure compliance.

What Is the Canadian Fighting Against Forced Labor and Child Labor in Supply Chains Act (FAFL)?

On May 11, 2023, Canada created a new law called the “Fighting Against Forced Labor and Child Labour in Supply Chains Act” (FAFL) to help make sure that businesses are treating their workers fairly. The law will start being enforced on January 1, 2024, and businesses will need to submit their first reports about how they’re following the law by May 31, 2024.

If a business or person doesn’t follow the law, they could be found guilty and might have to pay a fine of up to $250,000.

The Canadian government, like governments around the world, recognizes that there are serious problems with how some workers are treated in global supply chains. The FAFL law is Canada’s first step toward addressing these issues. It requires businesses to identify potential problems in their supply chains and work to solve them, or at the very least, to reduce them as much as possible.

The new Canadian law is similar to the German Supply Chain Act, the UK Modern Slavery Act, France’s Duty of Vigilance Law, and Australia’s Modern Slavery Act. It asks businesses, organizations, and government institutions to carefully examine their supply chains for potential problems. They also need to report on what they did in the past year to avoid using forced or child labor. This is one of the first laws that specifically mentions the issue of child labor in supply chains.

Who Needs to Comply With the FAFL?

With the first report due on or before May 31, 2024, government institutions and commercial organizations that meet the following criteria will need to comply.

An “entity/organization” is a corporation, trust, partnership or other unincorporated organization that:

  • is listed on the stock exchange in Canada; or 
  • has a place of business in Canada, does business in Canada or has assets in Canada and (based on its consolidated financial statements) meets at least two of the following conditions for at least one of its two most recent financial years:
    • has at least $20 million in assets
    • has generated at least $40 million in revenue
    • employs an average of at least 250 employees

The term “government institution” (which has the same meaning as in the federal Access to Information Act) means (i) any department or ministry of state of the Government of Canada; (ii) any body or office listed in Schedule 1 to the Access to Information Act; and (iii) Crown corporations and their wholly owned subsidiaries. 

In-scope organizations and government institutions are obligated to report to the Minister of Public Safety and Emergency Preparedness on the steps taken during the previous financial year to prevent and reduce the risk that forced labor or child labor is used (i) in the case of government institutions, at any step of the production of goods produced, purchased or distributed by the government institution; and (ii) in the case of entities, at any step of the production of goods in Canada or elsewhere by the entity or the importation of goods into Canada by the entity. 

This Act does not just apply to Canadian companies. In fact, it applies to all of an organization’s multi-tier suppliers, starting with the extraction of the relevant raw materials through to the delivery to the end customer. This means that even if your operations are not based in Canada, you will need to comply with the FAFL to ensure your customer’s compliance if you have a Canadian customer impacted by the Act.

Read on for more background on the FAFL, its requirements, and how to ensure your company and suppliers throughout your supply chain are in compliance.

Need more supply chain transparency? Consider Exiger’s supply chain risk management software or SDX software that can help surface all risks that might be hiding deep within your supply chain.

How to Comply with the FAFL

Annual reports must include the steps taken in the previous financial year to prevent and/or reduce the risk that forced labor or child labor was used at any step in the production of the goods by the reporting entity.

The report must also include information about the government institution’s or entity’s:

  • structure, activities and supply chains 
  • policies and due diligence processes in relation to forced and child labor 
  • activities and supply chains that carry a risk of forced or child labor being used and the steps it has taken to assess and manage that risk
  • measures taken to remediate forced or child labor 
  • measures being taken to remediate the loss of income incurred by the most vulnerable families that result from any measure taken to eliminate the use of forced or child labor from its activities and supply chains 
  • training provided to employees on forced and child labor 
  • process for assessing its effectiveness in ensuring that forced and child labor are not being used in its activities and supply chains

The relevant Canadian minister must maintain an electronic registry of all submitted reports, and the registry must be made available to the public on the Department of Public Safety and Emergency Preparedness website. The minister also has the discretion to impose specifications on the form and manner in which reports will be provided.

Organizations often have thousands of suppliers, particularly when you consider multi-tier suppliers. The FAFL Act requires you to be able to prove that you are managing your supply chain in such a way as to minimize the likely occurrence of forced or child labor in your supply chain.

It’s also important to be able to show how you have minimized this likelihood by the appropriate use of risk prioritization, supporting workflow, action tracking and reporting. This is best achieved with a risk management process supported by technology and data solutions to do this cost-effectively and efficiently.

This is in line with other regulations such as the German Supply Chain Act, which also requires organizations to establish a risk analysis and risk management system. All supply chain due diligence activities must be documented for proof of appropriate action.

To fulfill the requirements of the FAFL together with other similar regulations and to ensure vendors are as compliant as possible, try the following framework:

1. Establish a Supply Chain Risk Analysis and Risk Management System

Relevant government institutions and entities/organizations should analyze and assess supply chain risks in the following areas:

  • Slavery, child labor and forced labor
  • Minimum wage compliance
  • Occupational health, safety and working conditions

The following are not currently required under FAFL, but are part of other global regulations:

  • Unlawful breaching of water bodies, lands and forests
  • Environmental damage

You should set up effective compliance and preventative management systems for suppliers. This includes raising education and awareness within the organization and with suppliers.

Also, establish monitoring requirements with due diligence obligations within the organization and assess whether the organization has the skills and capabilities to investigate and address human rights issues discovered within the multi-tier supply chain. 

Organizations should conduct risk analysis systematically and share the results with relevant decision-makers. Employing a risk management information system such as Exiger’s Supply Chain ExplorerInsight 3PM, SDX and DDIQ can assist companies in discovering potential risks in their supply chain to help comply with Canadian and other countries’ regulatory obligations.

2. Develop a Human Rights and Associated Environmental Strategy for Your Supply Chain

Once the risk management system is defined, the next step in FAFL compliance is to establish a risk management strategy that will mitigate or eliminate human rights violations issues that have occurred in the past or could be anticipated in the future.

The risk management measures include:

  • Supplier compliance: Relevant parties must deploy an appropriate procurement and supplier management strategy and consider the potential supplier’s compliance with human rights and environmental standards. Suppliers should provide assurance to their customers that they will comply with the required due diligence activities, but you should not rely solely on these written assurances. Both parties should mutually agree on appropriate contractual control and risk management mechanisms.
  • Remedial action: After a violation or breach has been identified, you should initially try to mitigate the poor HR practices of the supplier. This action should be taken immediately with the supplier to prevent, cease, or mitigate the violation.
  • Temporary or permanent cessation: You can also choose to temporarily suspend the business relationship with the supplier if appropriate corrective actions are not being taken. If the supplier has caused a serious human rights violation that is beyond remedy, the organization can cease its relationship.
  • Remediate the loss of income: This would include losses incurred by the most vulnerable families that resulted from any measure taken to eliminate the use of forced or child labor from its activities and supply chains. This is a specific further requirement coming out of the Canadian FAFL Act. 

It’s good to review these risk management measures at least annually and whenever a significant change in the risk exposure profile has occurred.

3. Impose Certain Obligations on Direct (First-Tier) Suppliers

An increasing number of multinational corporations have pledged to partner only with suppliers who comply with relevant environmental, social, and governance (ESG) standards. These corporations expect their first-tier suppliers to comply with ESG standards and ensure their lower-tier suppliers do the same. The objective of this pledge is to create a cascade of sustainable practices down to the nth-tier supplier.

To help ensure that suppliers comply with FAFL, you can impose specific obligations such as a Code of Conduct backed up by appropriate compliance and ongoing ESG risk assessment measures, which include adherence to forced or child labor laws, and other global regulatory requirements, as necessary.

4. Create Measures for Lower-Tier Suppliers

While direct suppliers may violate regulations, organizations are also required to exercise the same caution in each successive tier of their supply chain. Many times, these lower-tier suppliers are smaller companies with less established governance structures and resources.

As a first step, try to gain appropriate visibility beyond your first-tier suppliers, particularly in respect of supply chains that are regarded as higher risk. You can leverage DDIQ, Insight 3PMSupply Chain Explorer and SDX to help illuminate relevant suppliers down to the nth-tier. This supply chain risk management software brings improved transparency to all tiers and helps you discover, understand and mitigate potential threats.

5. Report Annually on Compliance with Due Diligence Obligations

The FAFL, in line with other regulations, mandates that organizations generate annual reports on due diligence activities, risk analysis and risk management actions. Both entities and government institutions must make their reports available to the public, including by publishing them in a prominent place on their websites. 

A corporation incorporated under the Canada Business Corporations Act is also required to deliver its report to each shareholder, along with its annual financial statements. The reports must be available online no later than May 31st each year.

You can leverage templated questionnaires like the Slavery and Trafficking Risk Template (STRT), which is an industry-standard and available as an open-source document. The template can be used with the Exiger workflow solution to probe direct suppliers. The supply chain risk management software then calculates an appropriate risk score and potential areas for further action.

What Are the Consequences for Non-Compliance with FAFL Requirements?

The FAFL Act grants significant authority to individuals appointed by the Minister of Public Safety and Emergency Preparedness, empowering them to enforce compliance. Any entity failing to follow the Act — be it neglecting report preparation or obstructing investigations — can face a penalty of up to $250,000. The same applies to entities providing false information to the Minister or their representatives. If an offense is committed, anyone in a leadership role who sanctioned or participated in it could also be held accountable.

The Act might indirectly increase the cost of non-compliance, as it comes at a time of increasing scrutiny over false ESG claims, also known as “greenwashing.” Stakeholders, including regulators, shareholders and activists, are increasingly vigilant about these claims, leading to stricter enforcement and possible legal consequences.

Finally, the Act modifies the Customs Tariff, prohibiting the import of goods into Canada that involve child labor and extending the existing ban on forced labor. It integrates the definitions of “forced labor” and “child labor” from the Act into the prohibition.

Looking to empower your company or agency to protect your supply chains from lurking risks? Consider Exiger’s risk management solutions: DDIQ, Insight 3PM, Supply Chain Explorer and SDX solutions.

our blog


Empowering customers with Supply Chain AI
Gartner Event Encourages a ‘Rethink’ of Global Supply Chains
Supply chain risk management solution overview
Supply Chain Risk Management Vendor Analysis
breaking chains modern slavery
Regulations to Prevent Modern Slavery in Supply Chains 

Demo The
Exiger Platform

Save the Day
Be a supply chain superhero