New diligence requirements as of January 2023 for companies doing business in Germany
Written by Dr. Matthias Schwenke
New Due Diligence in Supply Chains Act in Germany
As of January 2023, the Supply Chain Due Diligence Act will apply in Germany. It joins the ranks of national and international laws on due diligence obligations of companies following the adoption of the UN Guiding Principles on Business and Human Rights.
Who is affected?
All Companies that fulfill the following two criteria are covered by the scope of the law: (1) head office, principal place of business or an administrative headquarter in Germany and (2) more than 3,000 employees in Germany. From 2024, the threshold is lowered to 1,000.
What does the law cover and what needs to be done?
The LkSG protects human rights, such as the prohibition of child labour and the observance of work breaks for employees. It also covers environmental protection, e.g. by prohibiting the use of mercury in production processes and the avoidance of drinking water pollution.
The due diligence obligations include, in particular:
- the establishment of a risk analysis and risk management system
- the definition of internal responsibilities to fulfill the law’s obligations
- the implementation of preventive and remedial measures
- the establishment of a complaint’s procedure
- documentation and reporting regarding the above obligations.
These rules must be obeyed along all steps of the supply chain. This means the law covers all steps upstream and, where applicable, also downstream that are necessary to manufacture and sell a product or provide a service, starting from the extraction of raw materials up to the delivery to the end customer. Companies which are in scope will be required to ensure compliance through their own operations and those of their direct and indirect suppliers.
With regards to their own operations, companies must ensure that a risk analysis is carried out. This may include local sites as well as subsidiaries abroad. Based on the risk analysis, preventive measures must be defined, which must be documented in detail in a policy statement.
In relation to their direct suppliers or their contractual partners, companies must identify potential risks and initiate appropriate preventive measures. Agreements and control mechanisms (i.e. audits) to verify compliance with contractual obligations need to be established.
With regards to indirect suppliers, as a minimum, there is an obligation to conduct a risk analysis and define suitable remedial measures in case there’s a reasonable suspicion of a breach.
What does this mean in practice?
While it’s fairly easy to grasp the meaning and impact of the law in traditional business models where a tangible product is created and then sold through stationary distribution channels, it can be more difficult to determine its actual meaning in the online world. This is especially true for business models where the seller merely sets up a website and sells products that aren’t kept in stock but that are delivered from a third party directly to the end customer (called “drop shipping”). At first glance, sellers who operate this way, would not be covered by the scope of the law.
Obviously, this would contradict the purpose of the law. Therefore, e-commerce platform providers are obliged to comply with the law as well and do everything they could reasonably be expected to do along the entire upstream and downstream of their supply chains.
The same applies to financial service providers. Again, these companies are not at first glance a prime example of involvement in a supply chain, however, providing and securing loans can be essential in most steps of the supply chain - for example, when a supplier that supplies a manufacturer takes out a loan to cover production cost.
These examples show that under the law the definition of supply chain is to be understood in a very broad and comprehensive sense. Depending on the business model of the individual company, obviously the cost to ensure complete compliance could lead to an immense additional financial and organisational burden.
Consequences of non-compliance
Failure to comply with the above-mentioned due diligence requirements could result in severe consequences:
- Fines/penalties of up to 8 million Euros or up to 2 percent of annual sales
- Reputational damage
- Lowered sustainability rating (thus, higher interest rates when raising capital from banks)
- Exclusion from public contracts/tenders.
Non-compliant companies don’t only have to fear the authorities but also private persons and NGOs: a new feature of the law is that affected persons will in future be able to authorize domestic trade unions and non-governmental organizations (NGOs) to act as litigants in civil proceedings.
However, the law itself states that companies merely need to try their best and take adequate measures to reach compliance. To determine what this means in practise can however prove to be quite challenging.
PwC is here to help
PwC has assembled a multi-disciplinary “Centre of Excellence” to advise clients in getting ready for the due date. We combine legal expertise with operational know-how, data analytics along the supply chain, sustainability expertise as well as many other specific know-how and skills that may be necessary to design a specific compliance system, analyse risks and implement measures.
Contact us
