New due diligence law causes headaches of the sustainable kind (luckily there’s a remedy)

© Unsplash | Cameron Venti

On 11 June 2021, the German Bundestag (parliament) passed the so-called Supply Chain Act. It will apply from 1 January 2023 and is intended to better protect human rights and the environment in the global economy. Failure to comply with the due diligence obligation will result in sanctions in the form of coercive penalties and fines. Currently, only companies with more than 3,000 employees are covered by the law. But the EU is already working on an extension to smaller companies. Therefore, every company should put this topic on its agenda for 2022. We explain how the law works, who it affects or will affect and what steps you should take.


As a result of the adoption in June 2021 of the “Law on Corporate Due Diligence to Prevent Human Rights Violations in Supply Chains”, companies will have new obligations from 1 January 2023 that must be reflected in their compliance organisation.

The Due Diligence Act, also known as the Supply Chain Act, is intended to improve the international human rights situation by setting requirements for responsible management of supply chains.

Monitoring compliance with the law will in future fall to the Federal Office of Economics and Export Control. It is to carry out on-site inspections at the companies. In addition, complaints from those affected can be reported directly to the Federal Office.


Who will be affected from when?

  • From 1 January 2023, only partnerships and corporations under German and foreign law that are based in Germany and employ more than 3,000 workers in the entire group will be directly affected.
  • From 2024, however, the Supply Chain Act will also apply to smaller companies with more than 1,000 employees.
  • As early as 2022, the EU wants to adopt a European due diligence regulation that includes the same due diligence requirements, but already applies to companies with 500 or more employees. The planned regulation will most likely also contain liability rules.


It is safe to assume that the due diligence obligation will be passed through the supply chain. That is: the reporting company will be directly responsible for its T1 suppliers and will oblige them to in turn monitor the T1 suppliers and so on. As a result, you can expect that sooner or later an enquiry will also land on your desk as to how your company safeguards compliance in terms of the Supply Chain Act.


What is at stake?

  • If due diligence obligations are disregarded, the Supply Chain Act provides for sanctions in the form of coercive and administrative fines. The amount is to be up to ten percent of a company’s turnover.
  • In addition, companies that have already been fined a large amount can be excluded from public contracts for up to three years.
  • A new civil liability rule for German companies for damages caused by their suppliers is not part of the law. However, trade unions and NGOs can support individuals in bringing claims under national law.


Relevant risk areas

The Act on Corporate Due Diligence in Supply Chains identifies as relevant risk areas in particular:

  • Forced labour
  • Child labour
  • Discrimination
  • Violations of freedom of association
  • Problematic employment and working conditions
  • Environmental damage.


What should be done?

In response to the introduction of the Supply Chain Act, your company’s compliance organisation should be expanded to include the aspects of sustainability and human rights in the supply chain.


Step 1: Risk analysis + screening

  • As a first step, companies should assess the risk of potential violations in their supply chain based on country and industry-specific factors. For starters, focus on direct suppliers.
    • The UN Guiding Principles on Business and Human Rights (Global Compact) can serve as a guide for implementing such compliance management systems. Alternatively, one can refer to the OECD Guidelines for Multinational Enterprises.
    • For SMEs, there are certainly helpful guides on the implementation of due diligence at the Federal Ministry of Labour and Social Affairs (BMAS).
  • Screening existing and future suppliers with regard to their ability to comply with due diligence makes perfect sense.


Step 2: Act on suspicion

If a company discovers that risks exist within its T1 suppliers, it must take preventive measures. Possible options include:

  • Agreements with suppliers that impose the relevant due diligence requirements (comply with human rights, labour concerns, environmental standards, etc.).
  • Supplier agreements that refer to a “code of conduct” with which the company describes its expectations of the cooperation in a binding manner.
  • Contractual sanctions can include termination rights, claims for indemnification and claims for damages.
  • Corresponding audit rights and proof from the supplier of the training carried out are also required.
  • Periodic, random checks of the corresponding specifications should be part of supplier management.


The supplier should be obliged to ensure that the compliance standards are also adhered to in its supply chain.


Basic steps to take immediately

Do not put the issue on the back burner. Subject your supply chain management to a critical review and take the following steps:

  • Establish a risk management system and conduct a risk analysis.
  • Adopt a policy statement on corporate human rights strategy
  • Establish preventive measures in your own business and towards direct suppliers
  • Take immediate corrective action in the event of identified violations of the law
  • Establishment of a complaints procedure in the event of legal violations
  • Internal documentation and reporting requirements for the fulfilment of due diligence obligations

The time required for ongoing control after implementation of the basic control system is estimated at 0.5 to 2 FTE (full-time equivalent).


Conclusion – and aspirin for supply chain headaches

What the implementation of the Supply Chain Act means for the individual company is difficult to estimate across the board. It depends, among other things, on whether you

  1. are part of a high-risk supply chain, such as Pulp & Paper,
  2. whether you are already directly or (initially only) indirectly affected by the law due to the size of your company, and
  3. what position within the supply chain your company occupies.


Our recommendation:

Conduct a gap analysis to see what your requirements are and where you may already be prepared and to what extent. Based on this, you should find a pragmatic approach to implementing your supply chain law compliance. No matter what point in the supply chain or your compliance work you are currently at: we’re gladly at your disposal should you have any additional questions on how to approach the subject.

    You have questions about this article?

    Avatar photo

    Your contact person

    Jenny Walther-Thoß