The Supply Chain Act will take effect in 14 months – Everyone, including mid-sized companies, needs to start preparing now!

 Seven core elements to consider.

The Supply Chain Act will take effect in 14 months – Everyone, including mid-sized companies, needs to start preparing now!

The Supply Chain Due Diligence Act (LkSG), better known as the Supply Chain Act, will enter into force on January 1, 2023. There is not much time left for compliance officers to examine the situation at their company, and implement the necessary due diligence requirements. Nevertheless, the situation also creates opportunities. How should companies proceed?

The Supply Chain Act states that all companies with more than 3,000 employees that have their head office, administrative office, registered office or a branch in Germany are required to comply with the human rights and environmental due diligence obligations, and prevent or at least minimize violations. This applies to both their own business and also their supply chains. As of 2024, the Supply Chain Act will be expanded to include companies with at least 1,000 employees.

Violations could result in fines of up to two percent of a company’s annual revenue, as well as exclusion from public tenders for three years. The Supply Chain Act itself does not establish civil liability. However, existing liability claims remain unaffected.

Seven core elements

The Supply Chain Act specifies seven key points for responsible supply chain management to comply with fundamental human rights standards, such as the prohibition of child and forced labor, as well as environmental protection standards:

  1. Declaration of Principles (Section 6 Supply Chain Act):
    Companies must publish a Declaration of Principles regarding their human rights strategy. Which strategy does the company utilize? What procedures does the company’s risk management employ to ensure that human rights or environmental risks are identified, minimized and prevented? What preventive measures are implemented within the relevant business processes, such as in purchasing or HR, to prevent violations and risks?
  2. Risk management (Section 4 Supply Chain Act):
    Companies must implement a risk management system with the aim of identifying, preventing and ending, or at least minimizing risks and violations of human rights and environmental obligations throughout their supply chains. Section 2 (2) Supply Chain Act defines the human rights risks: For example, are there indications of forced labor, child labor or discrimination? Is there a risk of work-related health hazards? Or is there a risk of environmental damage due to the use of chemicals (Section 2 (3) Supply Chain Act)? The following must also be defined: Who is responsible for monitoring the risk management?
  3. Risk analysis (Section 5 Supply Chain Act):
    A risk analysis must be carried out once per year as part of the risk management procedure. More frequent risk analyses may also be necessary as the situation requires; for example, if an expanded risk situation can be expected. The analysis must not only focus on the company’s own business, but must also examine the risks at direct suppliers.
  4. Preventive measures (Section 6 Supply Chain Act):
    As soon as a risk has been identified within the company’s own business or at a direct supplier, preventive measures must be implemented to prevent and minimize risks.
  5. Remedial measures (Section 7 Supply Chain Act):
    If the violation of protected legal areas is identified within the company’s own business or at a direct supplier, remedial measures must be taken immediately pursuant to Section 7 of the Supply Chain Act. The effectiveness of these measures must be reviewed as the situation requires, and at least once per year. The success of a remedial measure depends on the company’s legal options and its de facto ability to influence the situation.
    However, what does the company have to do if it cannot promptly remedy a violation of occupational safety or health protection at a direct supplier? In this case, a concept with countermeasures has to be developed and implemented. The complete termination of the business relationship even needs to be considered as a last resort.
  6. Complaints procedure (Section 8 Supply Chain Act):
    Companies are required to establish a suitable internal or external complaints procedure. It is important to ensure that both the affected parties and other third parties have the ability to report violations of protected legal areas throughout the entire supply chain.
    This process differs from the legal assertion of the rights of data subjects, who according to Section 11 Supply Chain Act, now have the option of authorizing a domestic trade union or nongovernmental organization to assert these claims on their behalf as a party to the proceedings.
  7. Documentation and reporting obligations (Section 10 Supply Chain Act):
    A continuously updated annual report regarding the fulfillment of due diligence obligations in the previous business year is mandatory. This report must be provided free of charge on the company’s website.

Graduated procedure

The new due diligence requirements apply as a graduated process, covering the entire supply chain from raw material to the product sold. The core elements pertain to the company’s own business and its immediate suppliers, namely direct business partners and the first stage of the supply chain. However, the company is also obligated to take action if it becomes aware of violations at indirect suppliers further down the supply chain. Actions in this regard include carrying out a risk analysis, establishing appropriate preventive measures, along with creating and implementing a concept to prevent, stop, or minimize these violations.

SMEs not exempt

One can safely assume that large companies will make the compliance with these legal obligations a contractual obligation for their suppliers. As a consequence, the Supply Chain Act will likely also affect smaller companies, even if it does not apply to them directly.

Furthermore, the EU is already working on a proposed draft for a directive on corporate due diligence, which will stipulate even stricter requirements. It may also apply to smaller companies, and will include even more extensive audit obligations. Some countries, such as the Netherlands, have already implemented even stricter legislation.

Labor law compliance: The perennial issue of pseudo self-employment

The Supply Chain Act also makes pseudo self-employment a focal issue for HR managers. The law extends the corporate responsibility for maintaining fair labor standards throughout the supply chain. As a consequence, it is also essential to examine supplier companies to determine how that supplier handles the use of external personnel.

As already reported, the Supply Chain Act will also involve changes to the Works Constitution Act (BetrVG). According to the new Section 106 (3) No. 5b BetrVG, the economic committee must be consulted in future with regard to the questions concerning due diligence in the supply chain.

Opportunities to enhance reputation and image

It is vital to keep in mind the fact that the complex requirements of the Supply Chain Act also create opportunities to boost the company’s own reputation and image on the market. For example, a mid-sized supplier that integrates these legal obligations into its compliance management system then has good arguments on hand when bidding for orders. Collaboration in implementing these legal aspects can also serve to strengthen business relationships. Furthermore, consumers are also increasingly demanding products produced in a fair and environmentally friendly manner. In view of the trend toward greater sustainability, the Supply Chain Act also creates opportunities to future-proof the company’s own business model.

Although the Supply Chain Act will initially only apply to companies with more than 3,000 employees as of 2023 and to companies with more than 1,000 employees as of 2024, it will also have a major albeit indirect impact on smaller companies. Suppliers will likely also be contractually obligated to comply with the legal requirements, and may face delisting or blacklisting in the event of violations if they supply larger business partners which are subject to the law.

As such, no matter their size, companies need to start their implementation now. Compliance, sustainability, purchasing and HR managers have to work with the departments to establish the processes ahead of time in order to:

  • Classify suppliers and producers into risk groups,
  • Efficiently implement the reporting and documentation obligations, and to avoid duplication and redundancy given the expanded non-financial reporting obligations pursuant to the Corporate Social Responsibility Directive,
  • Train employees,
  • Amend contracts and, above all, establish rules governing the obligation to comply with employment standards and production conditions.

Given that small businesses are frequently unable to track production conditions down to the final link, cooperative groups and purchasing groups or even foreign chambers of commerce could provide support when it comes to monitoring the supply chains.