Skip to content.

German Supply Chain Act summary

On January 1, 2023, Germany’s Supply Chain Due Diligence Act (abbreviated LkSG in German) entered into force, imposing extensive due diligence obligations on companies to identify, prevent, or address human rights or environmental violations in their global supply chains. Already, the law is creating legal and reputational woes for companies not in compliance.

The law’s scope is broad, applying to companies that have their headquarters, principal place of business, registered office, or a branch office in Germany, including German subsidiaries of multinational companies. Currently, the law applies to companies with at least 3,000 employees, but on January 1, 2024, the law will sweep in companies with more than 1,000 employees.

The German Supply Chain Act broadly defines “supply chain” to encompass all steps required in producing a company’s products and providing its services – from extraction of raw materials to delivery to the end customers. The human rights and environmental areas the LkSG provides protections for are equally extensive.

Protected human rights areas include child labor, forced labor, slavery, torture, discrimination, wage withholding, and occupational health and safety violations, while protected environmental harms include the use of mercury and the handling of certain types of hazardous waste.

For more analysis of the German Supply Chain Due Diligence Act and latest developments, check out our recent webinar:

Watch Now


German Supply Chain Due Diligence Act requirements

The central part of the German Supply Chain Act is the due diligence obligations it places upon companies, including:

Establishment of a risk management system

Section 4 of the German Supply Chain Due Diligence Act requires companies to establish an “appropriate and effective risk management system” to identify, prevent, mitigate, and eliminate human rights or environment-related risks and violations. It also directs companies to appoint a human rights officer, or equivalent role, to monitor risk management.

Performance of regular risk analyses

Section 5 of the LkSG requires that companies conduct an “appropriate risk analysis” to identify human rights or environment-related risks in its own business and at its direct suppliers. The law directs that such risks be “appropriately” weighted and prioritized, the legislation states. Further, the legislation requires that the risk analysis be carried out at least once a year, as well as on an ad hoc basis upon any significant change in the supply chain – such as the “introduction of new products, projects, or a new business field.”

Issuance of a policy statement

Section 6, in part, requires companies to issue a policy statement on its human rights strategy, including defining human rights-related and environmental-related expectations placed upon employees and suppliers. Additionally, companies must adopt appropriate preventive measures, like the “development and implementation of appropriate procurement strategies and purchasing practices that prevent or minimize identified risks,” the “delivery of training in the relevant business areas,” and “risk-based control measures to verify compliance with the human rights strategy.”

Remedial action

Section 7 of the German Supply Chain Act states, if the company discovers a violation, it must “without undue delay take appropriate remedial action to prevent, end, or to minimize the extent of the violation.” Termination of a business relationship may be required in certain circumstances, as outlined in the law.

Establishment of a complaint mechanism

Section 8 states that companies must have in place a complaint mechanism for the reporting of human rights or environmental violations. It states that an external complaint procedure is allowed, provided the external service provider can guarantee impartiality; accessibility and implementation of the complaints procedure is publicly available; the identity of those who report violations remains confidential; and effective protections are ensured against “disadvantage or punishment as a result of a complaint.”

Due diligence for indirect suppliers

Section 9 of the LkSG states that the complaints procedure must allow for the reporting of violations related to the actions of an indirect supplier as well. A company must carry out a risk analysis and preventative measures on an indirect supplier if it has “substantiated knowledge” of a human rights or environmental-related violation.

Documentation and reporting

Section 10 states that companies must annually submit a report to BAFA on the fulfillment of their due diligence obligations no later than four months after the end of the fiscal year. According to BAFA, to comply with this reporting obligation, companies must answer “completely and truthfully” an extensive questionnaire, which contains open and closed questions and multiple-choice options. Additionally, the report must be published on the company’s website for a period of seven years.

German Supply Chain Act liability risks

The German Supply Chain Act’s investigative and enforcement powers fall under Germany’s Federal Office of Economic Affairs and Export Control (BAFA). “BAFA has far-reaching supervisory powers,” the agency stated, adding that it can “enter business premises, demand information, and inspect documents.”

Failure to comply with the due diligence obligations could result in steep administrative fines – up to eight million euros or up to 2% of annual global turnover for enterprises with an annual turnover of more than 400 million euros. Exclusion from the awarding of public contracts may also result in some cases.

Legal and reputational damage can result as well. On April 18, 2023, the National Garment Workers Federation (NGWF), in collaboration with ECCHR and FEMNET, filed the first-ever legal complaint with BAFA against the garment industry for violations of the LkSG. The complaint cited a continued lack of safety inspections and labor rights violations in Bangladesh clothing factories, a decade after the collapse of the Rana Plaza textile factory that killed more than 1,100 people.

“Now is the time to use the German law to finally oblige such companies that do not want to voluntarily take responsibility for the people in their supply chains to do so,” said FEMNET Chair Dr. Gisela Burckhardt.

Do not be jaded or misguided by regulatory obligations when it comes to protecting other human beings and the environment. At the heart of it, supply chain due diligence is a moral and ethical obligation, not a regulatory one.

An ethical roadmap

BAFA has issued several resources for companies seeking guidance on meeting the LkSG’s due diligence obligations, including guidance on how to prepare for and conduct a risk analysis. This guidance is a good starting point for chief compliance officers.  

Additionally, the LkSG’s due diligence obligations should be viewed holistically in conjunction with the human rights laws of other jurisdictions – such as France’s Duty of Vigilance Law, the United Kingdom’s Modern Slavery Act, and California’s Transparency in Supply Chains Act in the United States.

But the most important message of all for chief ethics and compliance officers, chief risk officers, and senior management teams is this: Do not be jaded or misguided by regulatory obligations when it comes to protecting other human beings and the environment. At the heart of it, supply chain due diligence is a moral and ethical obligation, not a regulatory one.  

For an in-depth analysis and expert commentary on this legislation, watch the webinar, “LkSG: Latest News and Learnings on the German Supply Chain Act”

Watch On-Demand Now