On July 25, 2024, the Civil Rights Audit Standards (the Standards) were published by an independent committee led by PolicyLink, a leading national research and action institute dedicated to racial and economic equity and CapEQ, an impact investing and advisory firm specializing in corporate social responsibility. These organizations collaborated over 12 months, emphasizing the diverse perspectives and expertise involved, to develop a framework designed to enhance corporate transparency and accountability in civil rights practices. Additionally, these guidelines aim to provide consistent and clear principles for conducting civil rights audits, ensuring the reliability and comparability of audit results across different organizations and industries. This uniformity helps establish a baseline for measuring, tracking, and improving corporate civil rights practices. At the launch of the Standards, the Committee published a written report and an informational video on YouTube. 

Overview and Significance of the Civil Rights Audit 

The Civil Rights Audit has emerged as an effective method for driving change within organizations, and it is increasingly becoming an organizational best practice. This is not a surprise given that federal, state, and local laws mandate that individuals must be treated fairly regardless of their demographics, underscoring the critical role of Civil Rights Audits in ensuring legal and ethical compliance. However, one issue with earlier audits was that as more companies completed and published reports, it became clear that methodologies and results could vary dramatically, calling into question the interpretation and validity of audit findings. As a tool for promoting diversity, equity, inclusion, and accessibility (DEIA), Civil Rights Audits help companies identify and address discrimination issues, build stakeholder trust, and advance responsible business practices. By providing a structured approach to evaluating and improving civil rights compliance, Civil Rights Audits enable organizations to create more equitable and inclusive environments, ultimately benefiting both the company and its broader community. This assessment is unique from other organizational evaluations, such as DEIA Risk Assessments and compliance audits, as it specifically examines an organization's adherence to civil rights principles and its efforts to prevent discrimination and promote equity across all aspects of its operations, taking into account many stakeholder perspectives. 

The Nine Standards 

The framework for the Standards consists of nine distinct principles (e.g., Meaningful Engagement with Key Stakeholders, Access to Critical Information). The guidance provides an "Explanation" for the background of each standard and "Implementation" criteria to determine if the standard is met. The initial iteration of the Standards are general principles for all companies, with the possibility of future industry-specific standards from the development committee. 

1. Comprehensive Scope 

Consideration of the audit's scope is crucial as it defines the depth and breadth of the review, ensuring that it effectively identifies and addresses both known and previously unrecognized risks of bias and discrimination across key aspects of the company's operations. A comprehensive audit involves examining all essential elements of the company, including its policies, practices, products, services, workforce, and community impact. This thorough review helps identify gaps and shortcomings and provides recommendations for addressing them. 

The scope is agreed upon by both the company and the auditor. While a comprehensive review that covers all aspects of the organization is generally preferred, there are instances where a more focused approach may be appropriate. For example, a racial equity study might concentrate solely on the experiences of racial and ethnic groups. In such cases, auditors should clearly explain the rationale for this narrower focus in their report. It’s important to recognize that audits are not a “one size fits all” process; the scope, needs, and requirements can vary dramatically based on the unique context of each organization and the stakeholder needs. 

2. Independent, Qualified Auditor 

The second standard underscores the importance of both independence and expertise. The auditor must be completely independent, free from conflicts of interest or any appearance thereof, and possess substantial expertise in civil rights and racial justice to conduct a thorough and meaningful audit. The auditor’s independence and neutrality are crucial for maintaining objectivity and ensuring the audit's credibility. The lead auditor and the entire team must avoid any conflicts of interest, including previous involvement in defending the company against discrimination claims. The lead auditor must certify their independence in writing to the company and in the audit report, affirming their unbiased professional judgment.  

Equally essential is the expertise within the audit team to understand the specific context and nuances of the civil rights issues being examined. The lead auditor should have extensive expertise in civil rights and racial justice, supported by a team with relevant experience. While auditors are not required to be lawyers, the American Bar Association (ABA) Model Rules of Professional Conduct are recommended as a valuable resource. Ideally, the lead auditor will have a strong foundation in U.S. civil rights laws and values, with expertise in civil rights and anti-discrimination law or policy. Experience in related areas such as DEIA, artificial intelligence/technology bias, or equal employment opportunity is also valuable. If the lead auditor lacks deep expertise in civil rights law, their team should include members with authoritative knowledge in these areas. 

3. Meaningful Engagement with Key Stakeholders 

Engaging a wide range of perspectives is essential to ensure a comprehensive understanding of the issues at hand, and active engagement with stakeholders is necessary to build trust, validate findings, and address all relevant concerns effectively. The scope of the audit determines the extent of stakeholder engagement required. At a minimum, the auditor should engage with those who requested the audit, as well as civil rights advocates, employees, unions, or worker groups who raised concerns. Additional engagement may include investors, asset managers, and other shareholders. Key internal stakeholders may involve the board of directors, CEO, senior management, and relevant teams such as human resources, legal, and compliance. To protect against retaliation, confidential communication channels should be established, keeping the identities of non-senior employees confidential. 

For a credible audit, it is essential that the company and the requesting party agree on the audit's scope, timeline, and auditor selection. The auditor should engage meaningfully with the requesting party and other stakeholders throughout the audit process, ensuring unrestricted access to relevant employees and safeguarding confidentiality where necessary. 

4. Access to Critical Information 

An effective audit relies on access to key data. Thus, the auditor and the company must work together to ensure timely and comprehensive access to necessary information and knowledgeable individuals. This data encompasses demographic representation, recruitment and retention practices, diversity and inclusion programs, pay equity policies, grievance and complaint procedures, and anti-discrimination training. To ensure accuracy and balance perspectives, the auditor uses external data to triangulate and validate findings. External data plays a crucial role in confirming the reliability of internal information, providing an additional layer of verification and ensuring a more comprehensive analysis. The auditor collects data from internal and external sources, engages with stakeholders for their insights, and consults experts for analysis, focus groups, and additional support. This thorough approach guarantees a complete understanding of the issues and well-informed recommendations. If the auditor is unable to access crucial information, the audit report should clearly state the nature of the information gap and the reasons for it.

5. Rigor and Objectivity

The auditor must conduct a comprehensive review of all aspects within the audit's scope, including original data, documents, policies, practices, and procedures, as well as internal data that informs decisions related to bias, discrimination, and racial justice. This review involves interviewing individuals at various levels within the organization and engaging with key internal and external stakeholders who have firsthand knowledge of the company’s operations or are aware of relevant issues and risks. In the methodology section of the final audit report, the auditor provides a detailed account of the steps taken to ensure a thorough and meaningful review of all pertinent information. The auditor also certifies that the audit and report adhere to the established Standards, with the company supporting the auditor in meeting these requirements.

6. Transparency

The company must publicly announce its decision to undertake a civil rights audit within 30 days of appointing the lead auditor and finalizing the timeline. Upon completion, the audit will result in a public report available on the company’s website. This report will detail the audit’s scope, methodology, findings, and recommendations, addressing all relevant civil rights issues and outlining a clear action plan for timely and effective resolution. Recommendations will be specific, measurable, and directly linked to the identified issues. While the audit report does not need to disclose details that could increase legal risk if civil rights issues are found, the company must ensure transparency and accountability by sharing sufficient information to build trust with stakeholders. In cases where some information is withheld to maintain attorney-client privilege, the company should work with the auditor to provide enough non-privileged details to enable stakeholders to assess whether the audit met its objectives and if there is a plan to address the identified issues.

7. Timeliness 

Generally, the civil rights audit should be completed within one year from the auditor's retention unless the scope of the audit or availability of resources necessitates more time. If exceptional circumstances arise, the company, auditor, and requesting party, if any, may mutually agree that additional time beyond the one-year or other agreed-upon timeline is required to complete the audit. If a party has not requested the civil rights audit, the auditor and company agree on a timeline for the audit process and completion of the audit.

8. Regular Frequency

Civil rights audits provide an image of an organization's appearance and functioning at a given time. The initial audit is often comprehensive and far-reaching, while subsequent audits should be performed periodically to ensure progress toward goals and implementation of proposed recommendations. When determining the appropriate frequency, the parties must consider (1) the scope of the previous audit, (2) the nature of the recommendations, and (3) the company’s progress in implementing those recommendations. More frequent audits may be required if recommended by the auditor if the severity of issues justifies it, if remedies have not been successfully implemented if significant new problems arise, or if the business presents a high level of risk or harm.

9. Board Oversight and Accountability

Active involvement from the board and senior leadership is crucial for a successful audit. Auditors emphasize that active engagement from the board and senior executives, including the CEO, ensures the audit has the necessary support and cooperation. As auditor Laura Murphy stated, the CEO and board should sponsor the audit to foster a sense of ownership and commitment to implementing its recommendations. Auditors should conduct at least one interview with the board of directors as part of the assessment and maintain regular communication with the board or its designated committee. Companies should agree to have an independent, third-party auditor returning to assess whether the recommendations from the audit have been successfully implemented. Finally, the independent, third-party auditor reviews and evaluates the company's progress in implementing these recommendations. 

Potential Implications of Having Standards 

The publication of the Standards has the potential to transform how civil rights and equity are managed across various sectors. Application of these principles in federal government settings could help to shape federal policies and promote consistency in civil rights practices among government agencies and departments. As public policy evolves, they could lead to mandatory civil rights audits, establishing new norms in global business practices and heightening the focus on accountability and compliance. Additionally, these principles may serve as benchmarks for organizations, driving industry-wide standardization and encouraging businesses to adopt best practices for mitigating discrimination and enhancing equity. Adoption of these principles could also boost organizational transparency perspectives, increase strengthen trust with stakeholders, and demonstrate a commitment to ethical business practices. 

The Standards highlight the need for consistency in civil rights audits, and there is considerable work ahead. This is a significant and challenging effort that will take time. Achieving uniformity in the types, formats, and styles of data reported is essential for effective benchmarking and accurate comparisons across organizations and sectors. This involves agreeing on relevant data, standardizing presentation structures and conventions, and adopting uniform styles for clarity and comparability. Realizing these goals will improve performance benchmarking and drive positive changes, but it will require sustained effort and dedication. 

Conclusion 

In accordance with its operating charter, the Committee plans to periodically review the Standards to ensure they remain relevant and effective in facilitating credible, comprehensive, and effective civil rights audits. This regular review process aims to maintain the relevance and efficacy of the Standards, ensuring they adapt to evolving legal, social, and business landscapes. In the near future, it will be possible to assess reactions from industries and business leaders to the new Standards. This assessment will provide insights into how the guidance may enhance the ease of conducting audits and increase interest in adopting this best practice.  

DCI will continue to monitor developments.