German Supply Chain Act

The foundation for the law was laid in 2016 by the National Action Plan for Business and Human Rights (NAP). The NAP refers to the United Nations Guiding Principles for socially just globalisation. As adherence to the NAP is voluntary, only around a fifth of German companies have so far complied with it. The Supply Chain Act now provides guidance and legal certainty in order to make corporate due diligence obligations binding.

The law has applied since January 2023 to companies in Germany with at least 3,000 employees, and since the beginning of 2024 to companies with at least 1,000 employees. The Supply Chain Due Diligence Act ('Lieferkettensorgfaltspflichtengesetz', LkSG) obliges companies with their head office, principal place of business, administrative headquarters, registered office or branch office in Germany to respect human rights by implementing defined due diligence obligations.

According to the LkSG, companies establish appropriate and effective risk management to identify, prevent, minimise or eliminate risks to human rights and the environment.

The law prescribes various duties of care:

• Establishment of risk management
• Definition of internal responsibilities
• Carrying out regular risk analyses
• Submission of a declaration of principle
• Establishment of prevention measures in the company's own business area, vis-à-vis direct suppliers and - if there are indications of possible violations - vis-à-vis indirect suppliers
• Taking remedial action
• Establishment of a complaints procedure
• Documentation and reporting

The following measures ensure the implementation of due diligence obligations:

Identify risks

Companies must define responsibilities within their organisation and carry out a risk analysis. A systematic approach makes a decisive contribution to respecting human rights by working closely with suppliers in their supply chain, engaging in joint industry initiatives or supporting projects in the respective sourcing countries (e.g. in the extraction of raw materials).

Minimising risks

Contractual agreements with partner companies, the provision of training or responsible purchasing practices and corresponding control measures contribute to risk prevention. Large companies rely on their own sustainability advisory boards to critically evaluate and further develop their corporate practices.

The effectiveness of the measures is scrutinised at least once a year. If human rights violations nevertheless occur, companies must initiate corrective measures. To do so, the company must define specific responsibilities and measurable targets, enter into an open dialogue with stakeholders and maintain a regular exchange with potentially affected parties.

Enable complaints

Affected parties or persons who learn of grievances are given the opportunity to assert their rights in an open, fair and confidential complaints procedure. A corresponding complaints mechanism along the entire supply chain (e.g. in the form of a whistleblower system) helps to remedy the situation. It is helpful - especially in the SME sector - to create cross-company grievance mechanisms.

Recognising responsibility

The duty of due diligence requires companies to set out their human rights strategy in a policy statement, which is adopted by the management and communicated internally and externally. The strategy should formulate the company's human rights-related expectations of employees and suppliers, identify the prioritised human rights and environmental risks and name potentially affected groups of people based on the risk analysis. The responsibilities within the company must be disclosed. If the framework conditions change, the declaration can be adapted.

Report

The companies covered by the law must prepare an annual report on the fulfilment of due diligence obligations in the previous financial year. This report, in the form of a predefined catalogue of questions, can be submitted electronically to the Federal Office of Economics and Export Control (BAFA).

There are no civil penalties. Fines of up to 50,000 euros may be issued for offences. Fines can be imposed depending on the size and turnover of the company and can amount to up to 8 million euros or up to 2 per cent of turnover. Exclusion from public tenders for up to three years may also follow.

The EU law (CSDDD) will scrutinise the environmental protection of companies much more closely. The German law is also limited to direct suppliers, whereas the EU regulation takes entire supply chains into consideration. When implementing responsibilities and risk management, we therefore recommend including the future requirements of the EU law in the company strategy in order to be prepared for the respective national implementation of the EU directive.

On 14 December 2023, the European Parliament and the representatives of the EU member states agreed on the provisions of the Corporate Sustainability Due Diligence Directive. This agreement still requires confirmation by the Parliament and the Council, but this is considered a formality. As a result, the German LkSG must be adapted to the requirments of the European Directive by 2016.

We support our customers in setting up a suitable risk management system with the associated responsibilities. Large companies can quickly reach capacity, especially when analysing suppliers in complex supply networks. For example, if many different raw materials are used in production, it makes sense to first determine their social and environmental sustainability risks. A corresponding risk filter which utilises country and product group-specific databases can then evaluate supplier locations in terms of their criticality.

inloop provides support from analysis and documentation through to the implementation of organisational requirements.