Jan. 16, 2024 • Reading time: 12 Min
The Supply Chain Due Diligence Act (LkSG) for companies came into force in Germany on January 1, 2023. Since January 1, 2024, it has already applied to companies with at least 1,000 employees. The law on corporate due diligence obligations in supply chains obliges companies to take human rights and environmental standards within their value chain into account. The due diligence obligations defined in the law apply to both the business activities of companies and their suppliers. The law presents companies with the challenge of ensuring ethical standards in their supply chains. Nevertheless, implementing the law can not only improve a company's image, but also its competitiveness. In our article, we have summarized the most important points and background information on the law.
The law on corporate due diligence obligations in supply chains was passed back in June 2021. It officially came into force in Germany on January 1, 2023 and is intended to regulate the due diligence obligations of companies in a binding manner. The law also aims to oblige companies to protect human rights and environmental standards in the global economy.
The Supply Chain Act is an important step in the global economy. It aims to implement the UN Guiding Principles on Business and Human Rights in a binding manner. The term "supply chain" refers to all of a company's products and services. This includes all steps, both in Germany and abroad, that are required to manufacture a product or provide a service.
To protect the environment and human rights, companies must now pay greater attention to the following points:
In order to identify, avoid or minimize the risks of human rights violations and environmental damage, the establishment of a risk management system is one of the core elements of the 9 due diligence obligations. It also sets out preventive and remedial measures and obliges companies to set up complaints procedures and regular reporting. The due diligence obligations extend to the company's own business areas, the conduct of contractual partners and the activities of other, indirect suppliers. The Supply Chain Act now obliges companies to assume responsibility along the entire supply chain.
In 2023, the Supply Chain Due Diligence Act initially came into force for companies with at least 3,000 employees. Since 2024, it has been extended to companies with at least 1,000 employees in Germany. The Act obliges all companies that have their head office, principal place of business, administrative headquarters or registered office in Germany to implement the due diligence obligations
In addition, all companies that have a branch office in accordance with Section 13d of the German Commercial Code are affected. Both private companies and publicly owned companies are affected. In addition to these companies, direct suppliers are also affected. Direct suppliers include all companies that are located upstream or downstream of the affected companies in the supply chain.
Direct suppliers, i.e. those upstream or downstream of a company in the supply chain, are also affected by the Supply Chain Act. In most cases, companies that are subject to the law will contractually oblige at least some of their direct suppliers to comply with the rules of the law. These suppliers must then also ensure that their own suppliers comply with the rules. This means that the law is also important for many small and medium-sized enterprises (SMEs).
The LkSG set two timeframes for implementation:
The scope of application is to be reviewed again after 2024.
In the event of violations of the Supply Chain Act, the companies concerned must expect the following penalties:
Supplier management at a glance: Manage all your suppliers and assess risks in just one place.
The following 9 due diligence obligations are defined therein and must be observed by companies both in their own business area and by their suppliers:
The protected legal positions or violations of human and environmental rights arising from § 2 may include, among other things
The due diligence obligations require companies to introduce a complaints procedure and risk management. If they identify violations in their business or supply chain, remedial action must be taken. With this law, companies must now themselves ensure that international human rights are respected both in their own business operations and throughout their supply chain.
The German law on supply chain due diligence is not a novelty. It is based on various global initiatives and laws, such as the UN Guiding Principles on Business and Human Rights and the OECD Guidelines for Multinational Enterprises. The discussion about a regulation on supply chain responsibility was triggered by scandals in which companies were linked to human rights violations or environmental damage. Pressure from civil society, NGOs and global developments contributed to the adoption of the law.
Small and medium-sized enterprises are often part of larger supply chains. Even if they do not export directly, they can act as suppliers for large corporations. Dealing with the law not only protects against legal consequences, but also strengthens the company's image and enables more sustainable and ethical business practices.
Small and medium-sized companies with fewer than 3,000 or 1,000 employees should also deal with the law in good time. Companies that act early have the opportunity to set standards and gain a head start.
The law in Germany has led to the introduction of a similar law in Europe called the Corporate Sustainability Due Diligence Directive (CSDDD).
To ensure that companies meet their human rights obligations, they must first carry out a risk analysis. In doing so, they should identify which parts of their production and supply chain pose a particularly high risk of human rights violations and environmental damage. This also includes the business areas of suppliers.
It is helpful to understand the current status of legal requirements. On the one hand, it is important to clarify which parts of the company the law applies to and which rules apply to different departments. Secondly, the company should check whether the existing processes and measures already meet the requirements or whether adjustments still need to be made.
To ensure that a company respects human rights and minimizes environmental risks, it must review various areas. These include risk management, supply chains, human resources, dealing with affected parties and information and data management. By analyzing procurement processes, IT systems and other aspects such as objectives, policies and risk assessments, the company gains a clear overview of the current situation. On this basis, suitable measures can then be taken to clarify tasks and minimize potential risks.
If risks are found, measures must be taken to prevent the problems. To this end, contracts can be concluded with direct suppliers in which clear rules for human rights are defined. It is also important to use appropriate purchasing strategies and carry out training and checks. This ensures that everything is in order and violations are avoided.
If the risk of a violation of human rights is identified at the company's own site or in the supply chain, appropriate measures must be taken to end or minimize this. This applies in particular if the human rights violation has already taken place.
It is important to also check indirect suppliers for human rights risks. If there are indications of possible violations, measures should be taken to eliminate the risks. Information from authorities or reports of poor working conditions in the production area are also important. It also plays a role whether an indirect supplier belongs to sectors with particular human rights risks.
Once an overview has been obtained, a risk management method should be introduced. This includes analyzing the risks and implementing measures to prevent or resolve problems. How comprehensive these measures can be depends on whether the company only fulfills the basic requirements or whether it wants to take on a pioneering role. It has been shown that clear commitments, training, the use of new technologies and adjustments to existing processes have an impact on how well these concepts can be implemented.
Next, the company should issue a clear statement. This should describe the risks to people and the environment. It also makes sense to explain how these risks are to be avoided. This can be set out in a human rights strategy. To ensure that the due diligence obligations are fulfilled, it is important to document everything carefully and report on it.
According to Section 4 para. 3 sentence 1 LkSG, every company with more than 3,000 employees must ensure that a person is appointed within the company who is responsible for monitoring risk management, such as a human rights officer. This person must be appointed internally and cannot be appointed externally.
The law requires companies to set up a complaints procedure. This allows people to report indications of violations in the supply chain. The aim of the complaints procedure is to uncover, rectify or directly prevent problems in the supply chain. This enables the company to avoid fines and damage to its image. Anonymous reporting channels in particular are an effective means of preventing these risks and damage.
With our Hintbox and the form we have developed, you can implement these requirements quickly, securely and easily. The Hintbox is ISO 27001 certified and GDPR-compliant. It is also permanently accessible to all suppliers worldwide via a link.
The management must issue a declaration known as the Code of Conduct. This sets out how the company fulfills its obligations. This joint declaration of principles must fulfill all requirements in accordance with Section 6 (2) sentence 3 LkSG and identify the most important risks in the area of human rights and the environment for all affected groups.
It also documents the company's expectations of its employees and suppliers in the supply chain. This plays a major role in managing negative impacts on human rights.
If the risk analysis reveals a risk that would result in a violation of the law, the company must take preventive measures in its own business area. These are defined as implementation tactics and control measures resulting from the Code of Conduct. They can take the form of training or the development of strategies to minimize risk, for example.
This also includes preventive measures vis-à-vis a direct supplier in order to cover the entire scope of business activities. It also includes taking human rights and environmental expectations into account when selecting such suppliers. Further measures are described in Section 6 of the Act.
It is important that companies constantly document their internal due diligence obligations. Every year, they must submit a report to the Federal Office of Economics and Export Control (BAFA). This report should provide clear information on the following points:
The report must be submitted to BAFA no later than four months after the end of the financial year. Companies are also obliged to prepare a report on the fulfillment of their legal obligations in the previous financial year and publish it on their website. It should be available there for seven years.
An electronic reporting format is being developed to minimize the effort for companies. The information provided there can also be used to fulfill the CSR reporting obligation.
The German Supply Chain Act already presents major obstacles for many companies. However, the EU Supply Chain Directive (CSDDD) sets even stricter requirements. This directive tightens the existing law by making more companies responsible and extending the monitoring obligations. It is already clear that significantly more companies will have to comply with the due diligence obligations in future and that monitoring will be extended to the entire supply chain.
Stricter liability rules are also being introduced. Companies should therefore act quickly now. It is advisable to keep an eye on the development of the EU directive now when designing processes. Find out more about the EU Supply Chain Act and the legislative process.
Management level:
In companies, it is up to the management level to organize internal processes. The management must ensure that the company acts in accordance with the law in all processes. It must establish clear rules and strategies to promote an ethical working environment and minimize the risk of violations.
Relationship with suppliers:
Companies must ensure that their supply chains are responsible. This means that their suppliers should also have good standards in terms of working conditions, environmental protection and human rights. By regularly reviewing their supply chains, companies can ensure that they only work with partners who meet their own high sustainability standards.
Control and monitoring tasks:
BAFA monitors and inspects companies to ensure compliance with the law. Through inspections, fines or other penalties, BAFA ensures that violations are detected. This ensures that companies are not allowed to tolerate illegal practices.
Cooperation with companies:
Cooperation between BAFA and companies is important in order to jointly ensure conscientious company management. Government agencies can support companies by helping them to fulfill their responsibilities. This is done by sharing knowledge and working together to develop guidelines. At the same time, they also have the task of supporting companies in implementing these guidelines and providing them with resources.
The points show that both companies and BAFA have important responsibilities under the law. It is important that everyone works together to create an ethical business environment and comply with the law. Only through this cooperation can business be sustainable in the long term.
It is important to ensure that companies comply with ethical standards and that violations are punished appropriately. There are various ways to monitor and ensure compliance with rules.
Self-regulation of companies
An important mechanism is self-regulation by the companies themselves. Companies use internal guidelines and processes to ensure that they comply with all relevant regulations. To this end, a code of conduct or a compliance department is often introduced in order to adhere to the rules. Self-regulation helps companies to review business practices and identify and rectify breaches of the rules at an early stage.
External review
In addition to internal controls, external audits are also important to ensure that companies are complying with the law. Auditors or the BAFA carry out regular inspections to ensure that companies are fulfilling their obligations. These independent assessments provide additional protection against misconduct within the company.
The Federal Ministry for Economic Cooperation and Development (BMZ) and the Federal Ministry of Labor and Social Affairs (BMAS) play an important role in the implementation of the Supply Chain Due Diligence Act. The two federal ministries have extensive expertise, particularly in the areas of international development and social justice. Together, they encourage German companies to act responsibly in their global supply chains.
The BMZ and the BMAS play an important role in shaping the legal requirements and providing support for companies to comply with the directive. They offer a lot of information, workshops and opportunities for advice to facilitate implementation. Small and medium-sized enterprises (SMEs) in particular, which are confronted with the complex requirements, benefit from this support.
However, the role of the BMZ and BMAS goes beyond the mere provision of information. They also help to raise awareness of the importance of sustainable supply chains and promote the development of best practices that go beyond the minimum legal requirements. They educate companies about the importance of sustainable supply chains and thus signal the German government's commitment to respecting human rights and promoting sustainable development in the German economy.
The cooperation between these ministries shows how important it is for government, business and society to work together. This is the only way to create fair and sustainable global supply chains. The BMZ and the BMAS are therefore important partners for companies dealing with the challenges and opportunities of implementing the Supply Chain Due Diligence Act.
Our experts will clarify all questions relating to supply chain due diligence regulations with you.
The German government's position on the Supply Chain Due Diligence Act is extremely important in the current debate on the role of companies in the global economy. Germany has long been committed to corporate social responsibility (CSR). The Supply Chain Act was therefore developed as an important instrument to reduce the violation of human rights and environmental damage in global supply chains.
With the Supply Chain Act, the German government wants to ensure that companies comply with ethical standards along their entire supply chain. This should have a positive impact on human rights and the environment. However, the law can be a challenge for small and medium-sized enterprises (SMEs) in particular, as they may not have enough resources and knowledge to meet the requirements.
In order to implement the law in a compliant manner, it is important that the Federal Government takes measures to provide support. The BAFA plays a central role in this. It offers information, guidelines and personal advice for companies to help them implement their due diligence obligations in accordance with Section 3 LkSG(on the Act).
Sanctions and fines
To ensure that companies comply with the law, the Federal Office of Economics and Export Control can impose fines of up to 50,000 euros if companies do not meet its requirements. Companies that do not prepare a risk analysis, do not set up a complaints procedure or do not effectively terminate identified violations of human rights can be fined between 100,000 and 800,000 euros.
For companies with an annual turnover of over 400 million euros, the penalty can be up to 2% of the average annual turnover. For serious violations, the penalty is at least 175,000 euros.
Exclusion from public contracts
In the event of serious breaches of the rules, companies can be excluded from public procurement. As this has financial implications, it increases the pressure on companies to act in accordance with the rules. Some companies may prefer to pay fines rather than change their supply chain. However, this can lead to them being excluded from public procurement.
Fines under the Supply Chain Act are entered in the competition register and can be queried by awarding authorities. Even if an award process is almost complete, a company can be excluded due to a breach of the law. Competitors could use this to disadvantage other bidders.
Reclaiming subsidies
Further problems are looming in the context of funding law. Companies that apply for or receive funding must expect severe consequences if they violate due diligence obligations. Even if the law does not address this directly, it is to be expected that funding bodies will stipulate compliance as a prerequisite for granting funding. This applies to tenders, contracts and funding decisions.
If companies violate the rules, subsidies could either not be granted or reclaimed. It is not yet clear whether this will only happen in the event of legally binding fines or if there is already suspicion while an application for funding is on hold or approved funds are not paid out.
If a violation occurs in the company, whether at home or abroad, immediate action must be taken to end the violation. If a direct supplier or service provider commits a violation that cannot be stopped immediately, a plan must be drawn up immediately to stop or minimize the violation.
If legal violations are disclosed, business relationships do not have to be terminated immediately. In addition, solutions should be sought together with those affected in the supply chain. A corresponding action plan can help here.
The termination of a business relationship is the last resort. This would have to be a serious breach where no remedial measures have brought about a termination or where no more lenient means are available.
Section 3 (3) sentence 1 clarifies that there is no civil liability in the event of a breach of the duty of care. The applicability of the law depends on the registered office of the company.
Even though the German law has only been in force since the beginning of this year, there is already talk of tightening it up, i.e. a Europe-wide EU supply chain law. This is intended to make smaller companies in particular liable.
Critics are of the opinion that the law does not go far enough, as companies with fewer than 1,000 employees are currently not affected. Environmental associations and human rights groups also criticize the fact that companies are not held legally liable for shortcomings in their supply chain.
Industry associations see it differently: a stricter law causes high costs for the economy. After the entire economy has already suffered enormously during the coronavirus pandemic, the strict implementation of the Supply Chain Due Diligence Act will only further damage Germany as a business location. In particular, it is hardly feasible for small and medium-sized companies to check the entire supply chain accordingly.
The Federation of German Industries (BDI) fears that the law will lead to a withdrawal of German investment in Africa, which in turn would jeopardize independence from Asia. Others are in favor of uniform legislation at EU level. This would prevent locational disadvantages. They are also calling for political support in reviewing global supply chains, for example with the help of the German Chamber of Commerce Abroad (AHK).
Growing awareness of sustainable production conditions
More and more consumers are making sure that products are manufactured under good and fair conditions. The younger population group in particular is becoming increasingly interested in environmental and social issues. Companies therefore need to find innovative business models and safe production methods and establish clean value chains in order to win them over.
Strengthening corporate responsibility
The LkSG promotes the idea of Corporate Social Responsibility (CSR) and forces companies to fulfill their due diligence obligations along the entire supply chain. This leads to increased corporate responsibility and a positive image boost for companies.
Impetus for sustainable business models
The law encourages companies to work on sustainable and ethical business models in the long term. By focusing on this, companies can not only improve their image, but also ensure that their supply chains are better protected against risks.
International orientation and competitive advantages
As similar laws already exist in other countries (such as the UK, France, the Netherlands and Switzerland), the law contributes to global harmonization. This offers the opportunity to establish global standards for companies and promotes fair global competition.
Download the guide to the Supply Chain Due Diligence Act now.
Impairment of competitiveness
Adhering to the requirements can lead to higher compliance costs and restrict the choice of locations, which can affect the competitiveness of companies. In addition, bureaucratic hurdles can slow down operations and affect the confidence of investors and customers.
Shifting the burden of proof to suppliers
Large companies may try to pass on the cost of complying with the LkSG to their suppliers. As a result, the costs may ultimately lie with smaller companies that were previously exempt from the Supply Chain Act for competitive reasons.
Complexity of supply chains
Depending on how complex a company's supply chains are, implementing the regulations can also be easier or more difficult. A fashion brand can influence the working conditions of seamstresses in Bangladesh much more easily than a chemical company, for example, which includes numerous upstream products and suppliers.
Unattractive investments in certain countries
The law could lead to companies no longer relocating their production sites to countries with lower labor costs. This could be the case if it is too costly to check suppliers or the political conditions preclude compliance with the Supply Chain Act. These production sites are often located in poorer countries. The supply chain directive could prevent investment and therefore economic growth in these countries.
Many German companies have been directly or indirectly involved in disasters in other countries in the past. For example, in 2019 when a dam burst in Brazil, killing more than 250 people, or in 2012 when a fire broke out in a textile factory in Pakistan.
According to the law, German companies will also have to take responsibility for incidents of this kind in future. This primarily affects companies in the textile, electronics and automotive industries. The same applies to the pharmaceutical and food industries, as Germany imports many foodstuffs, chemicals and medicines from abroad.
The Supply Chain Due Diligence Act is particularly important for companies in Germany and at EU level. It aims to ensure that human rights and environmental standards are observed along global supply chains. Both the German LkSG and the European CSDDD oblige companies to fulfill their due diligence obligations along the entire supply chain. They are intended to ensure that companies take responsibility for the impact of their activities on people and the environment.
The EU-wide law on corporate sustainability due diligence affects companies of different sizes and activities. In comparison to the German Supply Chain Act, the scope of application extends to EU and foreign companies with more than 500 employees and an annual turnover of more than 150 million euros worldwide. Alternatively, companies with more than 250 employees and a turnover of more than 40 million euros are also covered by the directive, provided that 50% of their revenue (at least 20 million euros) comes from high-risk sectors such as the textile, agricultural or raw materials industries.
Companies outside the EU must also comply with the law if they generate more than 300 million euros in turnover in the EU within three years of the directive coming into force. EU companies and non-EU companies are equally covered if they meet the defined turnover thresholds, regardless of the existence of branches or subsidiaries in the EU.
The specific scope of the directive depends on the number of employees and the turnover of the company. In the first phase, this applies to companies with at least 500 employees and a turnover of at least 150 million euros. At a later stage, companies with at least 250 employees will also be included.
Overall, both the EU Supply Chain Act and the German Supply Chain Act offer opportunities for companies to assume their corporate responsibility and drive positive change along their supply chains.
The collapse of the Rana Plaza building in Bangladesh in 2013 was a terrible tragedy. Clothing for many well-known brands was manufactured there. Over 1,100 people died in the collapse and thousands were injured. This showed that working conditions in the garment industry are often very poor and that workers had no job security.
A supply chain law would have put pressure on garment manufacturers to provide better conditions in the factories where they produce. The law would have provided clear rules for companies to abide by and introduced penalties for those who do not. This would have made manufacturers scrutinize their supply chains more closely and ensure that everything is fair.
Such a law would not only have helped the workers in Bangladesh, but also in other countries where similar problems exist. It would have been an important step towards better working conditions and a more sustainable textile industry.
Child labor in the cocoa industry, especially in West Africa, has been a major problem for many years. It is estimated that millions of children work in hazardous conditions on cocoa plantations to meet the growing global demand for cocoa. The Supply Chain Act would have required chocolate manufacturers to ensure that their cocoa is not sourced through child labor.
They should have closely monitored their supply chains to ensure that no child labor is involved. Manufacturers would be responsible for only sourcing cocoa from ethical sources and regularly checking that no child labor is taking place. The law would also have provided for penalties for companies that break the rules, such as fines or exclusion from the market.
Oil palm plantations in South East Asia have a terrible impact on the environment. Due to the high demand for palm oil, large areas of rainforest are being cut down to make room for the plantations. This not only leads to the loss of valuable habitats and endangers many animal and plant species, but also to large amounts of CO₂ emissions, which exacerbate climate change.
In addition, cultivation damages the soil through the use of pesticides and fertilizers, which has a long-term negative impact on agriculture. A supply chain law could help to reduce environmental damage here. Companies that use palm oil would have to comply with strict environmental regulations and ensure that their palm oil comes from sustainable sources.
This would force them to look for more sustainable cultivation methods. Such laws should also ensure the protection of the indigenous population, who are often displaced from the plantations. It is important that governments and consumers become more aware of the issue of palm oil and support sustainable alternatives. By buying products without palm oil or with certified sustainable palm oil, we can all help to protect the environment and the rainforest.
There is a major problem with conflict minerals in the Congo. People work under dangerous conditions in the mines. The money earned from the sale of these minerals is often used to finance armed conflicts. To change this, a law was proposed that would have obliged companies to monitor the origin of their minerals.
This was to ensure that they did not originate from conflict areas. This measure would have been an important step towards reducing the demand for conflict minerals.
However, despite global efforts, such laws have so far only been implemented in isolated cases. Many companies are reluctant to disclose their supply chains transparently or find it difficult to trace the actual origin of their minerals. This makes it difficult for consumers to make ethically responsible decisions when purchasing electronic devices, as coltan is used in many electronic products such as cell phones.
It is important that governments and companies show more initiative and take action to stop the trade in minerals. This could mean, for example, that companies have to comply with stricter rules or that alternative jobs are created in the areas where the minerals are mined.
The electronics industry in China is known for repeated violations of labor laws and poor working conditions in factories. Workers are often confronted with unfair wages, excessive working hours and a lack of protective measures. These abuses have led to public outrage and increased calls for a supply chain law.
Such a law would oblige companies to ensure that their suppliers respect workers' rights. It would hold them accountable and give them clear guidelines on how to ensure that their products are manufactured under humane conditions.
A supply chain law would force companies to scrutinize their supply chains more closely and ensure that these social standards are met. This could be done through regular on-site inspections or cooperation with independent organizations. Otherwise, such a law would also increase the pressure on companies to be more transparent and disclose information about their supply chains. This would enable consumers to make informed purchasing decisions and opt for more ethical products.
The Supply Chain Due Diligence Act imposes comprehensive due diligence obligations on companies to prevent violations of human rights and environmental pollution in their supply chains. In order to fulfill these obligations, companies must analyze risks, take preventive measures and set up a complaints procedure. In addition, they must make a declaration, document measures and publish regular reports.
Responsibility lies both with management and in relationships with suppliers. Companies must establish clear rules to promote ethical business behavior and ensure that their suppliers comply with the standards. Compliance with these rules is monitored both by internal company controls and external audits by independent auditors and government agencies.
Various penalties can be imposed if the due diligence obligations are not met. Although the Supply Chain Act may entail bureaucratic hurdles and competitive disadvantages, long-term benefits such as an improved reputation and customer confidence in ethically produced goods outweigh these.
Overall, the Supply Chain Duty of Care Act is an important measure to protect human rights and promote sustainable business practices. Companies must ensure that their supply chains are transparent and ethical in order to act responsibly and make a positive contribution to global society.
Complaint management system, risk identification, public documentation and reporting in a single tool.
The law does not stipulate any specific requirements. However, the company is obliged to introduce effective risk management. The department, competence and position of the person in question must be assessed accordingly by the company. The person responsible may also be based outside Germany.
Responsibility must be defined within the company and cannot be determined externally. However, companies can call on external help to support the internal officers. However, this external assistance may only provide support and may not assume independent responsibility.
Companies must carry out the first risk analysis as part of appropriate and effective risk management from the date the law comes into force (2023 or 2024). This analysis should take place every year, including in the first financial year, and be carried out additionally if necessary.
If a company expects major changes in the supply chain, situation-based analyses are necessary. Information from complaints procedures must also be taken into account. Several incident-related analyses may be required in the first financial year. The exact timing for completing the first risk analysis depends on the specific company circumstances and the risk potential.
If a company identifies risks during this analysis, it must immediately take appropriate preventive measures, including a policy statement in accordance with Section 6 (2) LkSG.
According to Section 5 (1) LkSG, risk analyses must take into account both the company's own business risks and the risks of its direct suppliers. However, this does not mean that risk management and preventive measures can be limited to these risks.
Rather, the law requires that the overall risk management must be appropriate and effective in order to avoid all prioritized risks that the company has caused or contributed to in the supply chain (Section 4 (1) and (2) LkSG). It is therefore necessary that the preventive measures also address the risks at the suppliers in the supply chain.
The risk analysis helps companies to identify, assess and prioritize potential problems in the area of human rights and the environment. To do this, it is important that companies clearly map their supply chains and procurement processes and thus have a clear overview of their relationships with their suppliers. The risks are then assessed and, if necessary, sorted. Companies have a certain amount of freedom of choice here, but must be able to explain clearly why certain risks are more important than others.
If more information is required, for example to take action, a more detailed assessment of the risk must be carried out. The law refers to helpful instructions and guidelines to help companies with their obligations. The risk analysis should be carried out annually and as required in order to be able to react to changes in the supply networks.
The due diligence obligations oblige companies to make continuous and appropriate efforts to fulfill them. This also includes transparency in the supply chain. If this is not possible for plausible reasons, you are still acting in accordance with the Supply Chain Act if you document the reasons. The risk analysis must be updated at least once a year and whenever necessary.
The policy statement must contain all legally required elements in a clear document. It is permitted to refer to additional documents in order to explain certain parts of the policy statement in more detail. The declaration is deemed to have been made as soon as the company management makes it publicly available, for example on the company website. In order to implement the prevention measures in accordance with Section 6 LkSG, the policy statement must also be communicated to employees and possibly the works council.
The same applies to direct suppliers in accordance with the obligations in Section 6 (4) LkSG. A purely passive provision, such as the storage of documents in systems or on the intranet, is not sufficient to be considered "communication" within the meaning of the law. In the case of direct suppliers, however, it is sufficient if a link to the company's website is included in the general terms and conditions of supply on which the policy statement is published.
According to Section 6 (1) LkSG, companies must take immediate action if they identify risks in their own business area and with direct suppliers through regular analyses. These measures should also address other risks in the supply chain to which the company contributes and which must be prioritized accordingly. In addition, the company should strive for transparency in the supply chain and define appropriate measures vis-à-vis direct suppliers. Finally, the company must have accurate knowledge of specific risks.
A company focuses its prevention measures on specific risks and does not apply them to the entire product range. Suppliers may be required to provide evidence. However, the law does not specify exactly what evidence is required. A signed supplier self-disclosure alone does not automatically fulfill the duty of care. Other obligations such as risk analysis and measures for prevention and remediation must also be fulfilled.
In accordance with Section 7 (2) and (3) LkSG, companies are encouraged to seek solutions to complex problems together with suppliers or within their industry before withdrawing from a business area. The principle here is "empowerment before withdrawal". Termination of the business relationship is only justified if there is a serious violation of rights or environmental obligations and other measures cannot remedy the situation.
It does not automatically lead to the termination of cooperation because a state has not ratified or implemented certain agreements. The responsibility for approval lies with the states and not with the companies. However, state deficits in the area of human rights can increase the risks for companies. Companies should therefore include non-approval or non-implementation in their risk analysis and examine its impact.
An internal complaints procedure within the company is sufficient as long as it complies with the legal requirements.
Every year, companies must submit a report on their due diligence obligations to the Federal Office of Economics and Export Control (BAFA) and publish it online. This should be done no later than four months after the end of the financial year. The report must clearly state what risks the company sees for human rights and the environment, what measures it has taken and how effective these are.
It must also show what conclusions will be drawn for the future. A company's secrets must be protected. Information on how the report is to be submitted to BAFA and published on the company's website is also included.
Companies must submit their first report to the competent authority no later than four months after the end of the financial year. For companies with more than 3,000 employees, the financial year ends in 2023, while for companies with more than 1,000 employees it ends in 2024. The reporting period begins on January 1 of the corresponding year. The following applies to all reports to be submitted to BAFA between January 1, 2023 and June 1, 2024 and published on the company's website: BAFA will verify the existence of the reports and their publication for the first time on the reporting date of January 1, 2025.
If a report was due before this date but is not submitted to BAFA until January 1, 2025, no sanction will be imposed. However, if such a report is submitted after January 1, 2025, BAFA may issue a reminder and impose a sanction if necessary. No special provisions apply to reports whose submission deadline ends on or after January 1, 2025; BAFA may take immediate action and impose sanctions if necessary.
Companies reporting before January 1, 2025 will only receive instructions from BAFA on how to comply with the requirements in future reports in accordance with Section 10 (2) and (3) LkSG. Reports submitted from January 1, 2025 onwards may be requested by BAFA to be rectified if the requirements under Section 10 (2) and (3) LkSG are not met, and sanctions may be imposed in the event of violations. The other due diligence obligations pursuant to Sections 4 to 10 (1) LkSG and their monitoring and sanctioning by BAFA remain unaffected by this deadline regulation.
If seals, certificates or audits clearly show that they meet the legal requirements, they can serve as important indications that due diligence obligations are being fulfilled.
Do not wait too long.