3 Things That Might Surprise You About the German Supply Chain Due Diligence Act
November 14, 2022
Across the globe, a focus on environmental, social and governance (ESG) initiatives is leading many countries to pass legislation targeting supply chain management in the business sector. The goal is to hold companies accountable for meeting human rights standards and protect the environment in locations where they source goods and materials.
On January 1, 2023, Germany joins this global movement when its Supply Chain Due Diligence Act (“SCDDA”) comes into full force. Also known as the ‘Lieferkettengesetz’, the act breaks new ground with strict conditions for compliance. Companies unaware of the SCDDA’s extent might be surprised by how far-reaching the law is, especially in contrast to existing German law.
Surprise #1: The scope of companies is broad.
The SCDDA applies not just to German companies, but also to multinational corporations with a presence in Germany. Specifically, any company with a German headquarters or a main place of business in Germany that typically employs 3,000 employees or more through a contract from abroad, or has a branch with a similar size, falls under the law’s jurisdiction. (On January 1, 2024, the minimum number of employees drops to just 1,000.)
Surprise #2: The due diligence requirements are extensive.
The intent of the SCDDA is to compel companies to adhere to the ESG guidelines stated in the UN Guiding Principles on Business and Human Rights and the OECD Guidelines for Multinational Enterprises. As such, due diligence goes beyond a company’s own business area and extends to contractual business partners’ and suppliers’ actions throughout the entire supply chain.
Surprise #3: The non-compliance penalties are high.
The new law has real teeth: Companies deemed in violation of the SCDDA are liable for substantial fines, with amounts as high as 2% of average annual global turnover (sales) for companies earning more than 400 million €.
To illustrate a scenario encompassing the above, imagine a London-based firm with 500 million € in annual global turnover operating in Frankfurt and sourcing materials from Chile. Under the SCDDA, German government authorities could hold that firm responsible for ESG compliance thousands of kilometers away on another continent, with potential liability as high as 10 million €.
The stipulations of the new law put a great deal of compliance responsibility on the backs of businesses. For instance, companies are required to investigate and take reasonable measures to guarantee that neither their internal business processes nor the supply chain violate any human rights standards. (However, the law states that only an attempt at remediation is expected, not a duty to succeed or a promise of accountability.)
One of the fundamental components of the due diligence requirements is to create a risk management system to identify, avoid or reduce the risks of human rights violations and environmental damage. The law outlines the essential preventive and corrective measures, mandates complaint procedures and calls for routine reporting.
The SCDDA also specifies that companies submit a report annually to Germany’s Federal Office of Economic Affairs and Export Control (“BAFA”) on activities taken to identify risks, due diligence procedures and corrective measures regarding the supply chain. Elsewhere, a stipulation requires companies to set up a complaint mechanism, such as a whistleblower system.
Do You Have the Bandwidth?
Now imagine you are that London-based firm and you have been cited for possible non-compliance violations in Chile by German government authorities. The consequences, and questions, to consider are many:
Do you have the bandwidth to properly address the issues in a timely manner? Do you have a solid relationship with suppliers and vendors on the ground to collect evidence? Are your BAFA reports accurate and clear? (Know that the reports could be used as evidence in a lawsuit from interested third parties such as NGOs, labour unions or even competitors.)
As a matter of good governance, all businesses try to mitigate risks. Companies based in Germany or looking to establish a German presence — whether through a merger, acquisition or expansion — will want to pay close attention to the details of SCDDA and be ready to act appropriately upon implementation. That’s the best way to avoid surprises.
November 14, 2022
Senior Managing Director
Most Popular Insights
- 10 Global Cybersecurity Predictions for 2024
- Global CFO Survey 2024
- Bridging the Gap Between Artificial Intelligence Implementation, Governance, and Democracy: An Operational and Regulatory Perspective
- The Power of Positive Paranoia: A Key Trait for Every CEO and General Counsel in 2024
- A Targeted Approach is Key to Implementing AI