Supply Chain Due Diligence - Scope

The Supply Chain Due Diligence, is intended to enforce the UN Guiding Principles on Business and Human Rights adopted by the UN Human Rights Council in 2011. According to OECD Guiding Principles, companies are now under obligation to conduct their business with respect for people and the environment.

As of January 1, 2023, the Supply Chain Due Diligence, or Supply Chain Act for short, will apply to companies with their headquarters or branch office in Germany that employ at least 3,000 people in Germany. From January 2024, the threshold will drop to 1,000 employees.

Companies that fall under the reporting obligation must then prove, that applicable human and environmental rights are complied with in their supply chains, both directly and indirectly.

employees in 2023
employees in 2024

It is highly likely that many manufacturers will shift this monitoring obligation to their suppliers. This has happened in the past with the quality management system according to DIN EN ISO 9000ff. Anyone who wants to remain in business as a supplier must therefore prepare and provide appropriate evidence.

The supply chain according to Supply Chain refers to all products and services of a company. It includes all steps at home and abroad that are necessary to manufacture the products and provide the services It is starting with the extraction of the raw materials and ending with the delivery to the end customer.


A current draft shows that the planned EU directive on Supply Chain Act protection law will be stricter than the German Supply Chain. It is to apply to companies with 500 or more employees, and to companies with 250 or more employees if half of their sales come from particularly critical areas. Downstream areas of the supply chain such as use, disposal and recycling are also to be included. As soon as the EU directive has been adopted, the member states will have to transpose it into national law. The Supply Chain will then presumably be tightened up once again.

Supply Chain Due Diligence - Penalties

The Federal Office of Economics and Export Control (BAFA) is responsible for enforcing the Supply Chain Act. If a company fails to comply with its obligations, sanctions and fines are possible. No legal action is required to punish violations. A complaint to the authority is sufficient.

For intentional or negligent non-compliance with the Supply Chain Act, a penalty payment (§23 LkSG) of up to 50,000 euros can be imposed. In addition, fines (§22 (2), §24 LkSG) of up to two percent of the annual turnover (for companies with an annual turnover of more than 400 million Euros) are possible in the absence of corrective measures. The amount is depending on the size and turnover of the company. In addition, there is the threat of exclusion from public tenders. However, there is no civil liability.

In addition to the coercive penalties and fines, there is a risk of serious damage to the image of the company concerned. This could result in a real competitive disadvantage for the company.

Duties of care under the Supply Chain Due Diligence

Human rights due diligence (§2 (2) LkSG)

  • Child labor, forced labor, slavery
  • Disregard of labor protection & safety precautions
  • Disregard of freedom of association
  • Discrimination
  • Withholding of adequate wages
  • Illegal eviction, deprivation of land, forests and waters
  • Hiring and use of private as well as public security forces in violation of human rights
  • Other conduct that seriously impairs protected legal positions

Duties of care and prohibitions for environmental protection (§ 2 (3) LkSG)

  • Harmful pollution of soil, water and air as well as harmful noise emissions and excessive water consumption
  • Ban on the production, use and treatment of mercury (Minamata Convention)
  • Ban on the production and use of persistent organic pollutants (Stockholm Convention, POP Convention)
  • Prohibition of non-environmentally sound handling, collection, storage and disposal of waste (POPs Convention)
  • Prohibition of export and import of hazardous wastes (Basel Convention)

Key contents of the Supply Chain Due Diligence

With the aim of identifying and eliminating risks, the Supply Chain Act prescribes various duties of care in its § 3 (1) Sentence 2 prescribes various duties of care.

  1. Establishment of a risk management system (§ 4 ( 1)

  2. Definition of an in-house responsibility (§ 4 (3)

  3. Performance of regular risk analyses (§ 5)

  4. Issuance of a policy statement (§ 6 (2)

  5. Anchoring preventive measures in the company’s own business area (§ 6  (1)( 3) and immediate direct suppliers (§ 6 (4)

  6. Taking corrective action (§ 7  (1) to (3)

  7. Establishment of a complaints procedure (§ 8)

  8. Implementation of due diligence with regard to risks at indirect suppliers (§ 9); and

  9. Documentation (§ 10 ( 1) and reporting (§ 10 (2).

8 steps to implement the essential requirements of the Supply Chain Due Diligence

1. Establishment of risk management (§ 4 (1)).

The central element of the Supply Chain Actis to establish a risk management system that ensures that potential negative impacts of supply chains on human rights and the environment can be prevented or mitigated. Specifically, the company must conduct a risk assessment of the supply chains at least once a year.

2. Definition of an in-house responsibility (§ 4 (3)).

The internal responsibility for the protection of human rights can be assigned either to a single person or to a department or an interdepartmental team. It makes sense to consider employees who already have contact with similar issues and processes.

3. Performance of regular risk analyses (§ 5).

As part of risk management, companies are required to conduct at least one annual risk analysis. This is intended to identify those parts of the production and supply chain that entail particularly high human rights and environmental risks. A systematic approach can achieve end-to-end transparency in the supply chain. Close exchange with suppliers, voluntary involvement in sustainability initiatives, or support for projects in the sourcing countries are suitable measures for this. The practical implementation of the risk analysis can be done, for example, using a so-called risk matrix, which is also used in other management and compliance systems.

4. Issuance of a policy statement (§ 6 (2)).

The policy statement shall reflect the corporate strategy for the protection of human and environmental rights in the company’s supply chains. In principle, it is to be adopted by the company management. The statement of principles to be drawn up must identify the risks relating to the environment and human rights violations identified with the help of the risk analysis, as well as their measures for prevention and remediation.

Recommended elements in the policy statement are:

  • The description of the risk management
  • The high-priority human rights and environmental risks identified
  • The corresponding expectations the company has for its employees and suppliers in the supply chain

5. Anchoring preventive measures in the company's own business area (§ 6 (1) and (3) and immediate suppliers (§ 6 (4)).

The legal requirements in the context of risk management include clear responsibilities, a regularly conducted risk analysis, and the definition of preventive and remedial measures.

If companies have identified human rights and environmental risks in their own business operations or at direct suppliers as part of their risk analysis, appropriate preventive measures must be taken without delay.

Possible preventive measures in the company’s own business area include:

  • Risk-reducing measures and necessary process adjustments
  • Consideration of risk factors in purchasing and procurement processes
  • Training of employees in affected functions
  • Monitoring and reviewing the application of the processes introduced for preventive measures.

Preventive measures at suppliers can include:

  • Consideration of human rights and environmental impacts when selecting suppliers.
  • Contractual agreements with suppliers on these issues with the requirement to carry them further down the supply chain
  • Training
  • Contractual agreements to authorize risk-based controls (audits, certifications, etc.)

6. Taking remedial action (Section 7 (1) to (3)

If the company determines that a violation of a human rights or environmental obligation has already occurred or is imminent in its own business area or at a direct supplier, corrective action must be taken immediately. If the violations occur in the business unit, they must be stopped immediately and measures taken to prevent them in the future. In the case of supplier violations, an improvement plan, including a timetable, must be developed to eliminate the current violations and prevent future risks. If no solution is possible, companies may want to pause business relations for the time being.

7. Establishment of a complaints procedure (§ 8)

The establishment of a complaints procedure is intended to help companies become aware of possible violations of human rights or environmental obligations.  The way it works is similar to a classic compliance whistleblower system, which has already been implemented at many companies and is now mandatory for companies with 50 or more employees in accordance with the Whistleblower Protection Act (HinschG).

For example, the complaints procedure is intended to give affected parties who have experienced a human rights violation by a supplier the opportunity to anonymously report the facts to the supplied company.

Implementation of due diligence with regard to risks at indirect suppliers (§9)

The established complaints procedure must enable anyone to lodge a complaint in the event of legal violations by indirect suppliers. If such violations have occurred, a risk analysis, corrective measures with a concept for minimizing and avoiding these violations and an update of the policy statement on the part of the company must also be implemented there.

8. Documentation (Section 10(1) and reporting 10(2)).

An important component of the Supply Chain Act is ongoing documentation on the fulfillment of due diligence obligations. This requires that all processes, risk analyses, preventive measures, violations, remedial actions and incoming information must be documented in an audit-proof manner.

Furthermore, companies are required to prepare an annual report on the fulfillment of due diligence obligations in the past fiscal year. The report must be submitted to the Federal Office of Economics and Export Control (BAFA) no later than four months after the end of the fiscal year and must be made publicly available.

The crises of recent years have shown that it is important to have a 360-degree view of suppliers in order to be able to identify supply bottlenecks in good time and ensure business continuity. It therefore pays off in two ways to establish an efficient risk management system, not only to meet legal obligations but also to strengthen competitiveness in the long term.

Are you looking for an experienced sustainability expert to help you implement the Supply Chain Due Diligence Act?

I support you in implementing an effective supply chain management. Which will increase your business resilience, minimize business risks and achieve competitive advantages.