In June 2021, the German legislature passed the “Gesetz über die unternehmerischen “Sorgfaltspflichten zur Vermeidung von Menschenrechtsverletzungen in Lieferketten” (LkSG). The German Supply Chain Act (GSCA) carries new rules to ensure companies doing business in Germany meet the standards set out in United Nations (UN) Guiding Principles on Business and Human Rights and the OECD Guidelines for Multinational Enterprises.1
The law imposes due diligence obligations on companies that have a principal place of business, administrative headquarters, statutory seat, or branch office in Germany to comply with human rights and environmental standards. It also exposes them to serious liabilities upon violations.
The German Supply Chain Act provides a comprehensive list of obligations including the establishment of a risk management system for compliance. It also outlines the necessary preventive and remedial measures, makes complaint procedures mandatory and requires regular documentation and reports.
In this article, you will learn about the German Supply Chain Act and what it means for businesses in Germany and around the world.
The supply chain within the meaning of the German Supply Chain Act refers to all products and services of an enterprise. It includes all steps in Germany and abroad that are necessary to produce the products and provide the services, starting from the extraction of the raw materials to the delivery to the end customer and includes:
However, even if your own company does not reach the thresholds mentioned, you can expect small and medium-sized enterprises (SMEs) to be affected as well, since the large companies addressed will likely pass on the due diligence obligations imposed on them by law to their suppliers. In future, smaller companies will also be covered by the "sphere of influence" of the German Supply Chain Act without themselves being in-scope companies.3
Under the German Supply Chain Act, companies must monitor and act upon violations in their own operations, as well as operations of their direct suppliers worldwide starting from the extraction of the raw materials to the delivery to the end customer.
In addition, if companies obtain substantiated knowledge of a possible violation of human rights or environmental standards by one of their indirect suppliers, they must immediately conduct a risk analysis for these violations.
The regulation defines two major protected legal positions: the environment and human rights.4
An environment-related risk within the meaning of this Act is a condition in which, on the basis of factual circumstances, there is a sufficient probability that one of the following prohibitions will be violated:
Minamata Convention on Mercury
Stockholm Convention on Persistent Organic Pollutants (POPs Convention)
Basel Convention of the Control of Transboundary Movements of Hazardous Wastes and their Disposal
A human rights risk, as defined by this Act, is a situation in which, based on factual circumstances, there is a reasonable probability that one of the following prohibitions is violated:
The highlight of the new German Supply Chain Act is the obligation for companies to conduct human rights and environmental due diligence. The due diligence obligations include nine high-level requirements:
Companies must create an appropriate risk management system to comply with the German Supply Chain Act obligations. As part of their risk management, companies must first analyse their own human rights and environmental risks and the identical risks of their direct suppliers.
Companies are required to appoint a “human rights officer” who is responsible for monitoring the risk management within their supply chains. This does not necessarily have to involve creating a new job or hiring new employees, as risk management tasks can be integrated into existing departments (e.g. compliance officer, sustainability department, etc.). Additionally, senior management must also be informed about the work of the responsible person at least once a year.5
The risk analysis must be carried out by companies at least once a year and on an ad hoc basis, for example due to the introduction of new products, projects or a new business field.6
In-scope companies must issue a policy statement that includes the following elements of a human rights strategy:
The statement assures that the company's board and management are fully committed to its human rights agenda.
Companies must implement appropriate procurement and purchasing practices, deliver training in relevant business areas, and establish control measures to verify compliance with the human rights strategy outlined in the policy statement.
If the company determines that a violation of a protected legal position has occurred or is imminent, it must immediately take appropriate remedial action to prevent, stop or minimise the violation. Failure to do so may result in not just fines, but also civil action by harmed parties, NGOs, and even competitors.7
If the violation cannot be stopped in the foreseeable future, the company must outline and carry out a concept to end or minimise the violation without delay. The company must consider the following measures:
Termination of business relationships is only required as a last resort in the event of serious human rights violations by suppliers that cannot be remedied in any other way.
The effectiveness of the preventive and corrective measures must be reviewed annually and on an ad hoc basis in the event of a significant change in the risk exposure profile such as the introduction of new products, projects or a new field of business.
In-scope companies must establish a complaints procedure to enable people to report violations of human rights- or environmental- related obligations in their own business area or that of a direct supplier. The procedure should be publicly available. A person submitting the complaint should be informed of its reception. The effectiveness of the complaints procedure must be reviewed annually and on an ad hoc basis when necessary.
If a company has substantiated knowledge of its indirect supplier's misconduct, it must immediately address the risks, outline and implement preventative measures, and update its policy statement, if necessary.
A company must report on the fulfilment of its due diligence obligations annually. It must make the report publicly available free of charge on the company’s website no later than four months after the end of the financial year for a period of seven years.
The implementation of the due diligence obligations laid down in the German Supply Chain Act is monitored by the German Federal Office for Economic Affairs and Export Control (Bundesamt für Wirtschafts- und Ausfuhrkontrolle or BAFA). If a company fails to comply with the due diligence obligations pursuant to the German Supply Chain Act, the Act provides the following sanctions:
Mandatory supply chain due diligence and reporting is becoming the norm in Europe.10 In addition to Germany, the Netherlands, France, Switzerland, Norway and other countries now require elements sort of due diligence. These include the:
Next to this, in March 2021, the European Parliament passed a resolution in which it requested the European Commission to submit a legislative proposal on mandatory supply chain due diligence. This will then become a unifying supply chain due diligence process that will take precedence over the national due diligence laws that are already being implemented.
EU Justice Commissioner Reynders stated: "We want to go a long way, a long way down the supply chain and a long way in terms of the number of companies involved."11
Today, supply chains extend around the entire world. For decades, international corporations have been criticised for not complying with human rights and environmental standards along their supply chains and for profiting from poorly enforced national regulations in emerging and developing countries.
The German Supply Chain Act (LkSG) is the first legislative step that obliges companies established in Germany to protect people and the environment harmed by their global supply chain operations.
To avoid liability, companies must comply with the standards outlined in the German Supply Chain Act. The due diligence obligations include nine high-level requirements: establishing a risk management system, assuring in-house responsibility for compliance, performing regular risk analyses, issuing a policy statement, establish preventive measures for their own business and for direct suppliers, taking remedial action when necessary, establishing a complaints procedure, implementing due diligence obligations with regard to risks at indirect suppliers, and documenting and reporting on due diligence activities. These activities should be done on an annual basis or upon request.
Ensuring compliance with the new regulations can be a daunting task. However, with implementation of digital technologies for supply chain traceability you can make it easier. Circularise is one of the solutions that can help you with compliance.
To contact us, simply click the button below!
Circularise is a supply chain traceability provider founded in The Netherlands in 2016. Circularise’s software system helps suppliers in chemicals, plastics, battery materials, metals, and other industries to trace materials and share their environmental footprint without risking their sensitive data. By extension, it helps brands to get visibility into their own Scope 3 emissions and other metrics, which is aligned with the regulatory push around Digital Product Passports, the German Supply Chain Act, and the Corporate Sustainability Reporting Directive.