The German Supply Chain Due Diligence Act (SCDDA) – known in Germany as Lieferkettensorgfaltspflichtengesetz or LkSG – will come into force on 1 Jan 2023. It champions sustainable business practices and sets the course for the next generation of responsibility along the supply chain.
The law focuses on protecting human rights and ensuring environmental sustainability in supply chains by requiring companies to produce publicly available due diligence reports. The SCDDA/LkSG is binding for all companies with a registered office or subsidiary in Germany and at least 3,000 employees. In 2024, the scope will be extended to companies with more than 1,000 employees.
Companies that fail to meet their due diligence and reporting obligations with regard to human rights and environmental standards in their supply chains face fines of up to €8 million, depending on the type and severity of the violation. Violators also face reputational damage and could be excluded from being awarded public contracts for up to three years.
Where to Start
Although the German supply chain act will begin rolling out in 2023, many companies still do not know how to comply, where to start, or how to assess whether their suppliers comply with ESG standards. According to a recent survey, 18 out of 20 of the largest German companies do not provide evidence of whether they sufficiently manage human rights risks or how it’s done, making them unable to fulfill their due diligence obligations.
A transparent supply chain plays a crucial role in improving environmental and social footprints and ensuring compliance with the supply chain act. And collaboration with direct and indirect suppliers is essential for ensuring that appropriate due diligence measures are taken and documented throughout the supply chain.
However, an SCDDA/LkSG-compliant supply chain does not happen by itself. Supply-chain analysis, risk identification and management, monitoring, documentation, and reporting is a multistep, resource-intensive process. Manual work steps, Excel files, email, and other desktop applications offer only limited help. What’s needed is a workflow-enabled digital platform that uses automation to capture all the data that’s required.
Many companies, consequently, are in the process of improving their governance and compliance management capacities and investing in technologies that collect data on suppliers’ environmental and social practices.
7 Essential Capabilities for Compliance with the German Supply Chain Act
Look for supply-chain risk management software solution that can analyze environmental and social risks in the extended enterprise with a high degree of automation. Here are seven must-have capabilities:
1. Integrate master data from other business systems.
A common problem in large businesses is multiple records for one supplier, as in the case when a supplier has relationships with more than one of your business units or locations. Tying data together from different systems and enabling collaboration across the organization is critical to enabling supply-chain diligence.
Look for a solution that easily brings together financial and nonfinancial data from external and internal systems, including master data on vendors and purchase orders.
2. Collaborate with internal and external partners.
Obtaining data from suppliers is a challenge because large organizations have thousands or tens of thousands of suppliers. Email and spreadsheets don’t provide the efficiencies needed for collecting and analyzing data. These means also increase the risk of gaps in information.
Look for software that facilitates collaboration across multiple internal departments and functions to organize suppliers and contractors by type and location.
3. Manage compliance throughout the end-to-end supplier lifecycle.
Look for platform-based software that analyzes third-party risks, including:
- Upfront risk assessment
- Detailed supplier audit
- Sanctions checklist
- Structured internet research
- Automated risk assessment of suppliers
- Continuous screening and monitoring to identify new risks
4. Track corporate policies and attestations.
Centralize your policy statements defining human rights and environmental diligence expectations for easy management and distribution. You also will want to maintain records of communications with supply-chain partners and their attestations to your policies.
Your software should produce reports that show which communications have been sent, which suppliers have responded, and which have not. The system should automatically follow up with those that are not compliant and send an alert to managers in your organization when an escalation is required.
5. Manage findings and follow-up on corrective & preventative actions (CAPA).
When issues are identified, the system should automatically the send the supplier a corrective action plan and track the schedule and milestones for CAPA fulfillment.
6. Maintain robust reporting and whistleblower processes.
To comply with the LkSG’s complaints procedure, companies must ensure that a robust reporting mechanism – whistleblowing process – is in place for their own employees, employees of direct suppliers, and employees of indirect suppliers further down the supply chain to report human rights and environmental violations through a confidential and secure portal.
7. Increase transparency with automated reporting.
Another benefit of technology-based supply-chain due diligence is the ability to generate audit-ready ESG reporting that efficiently document all risk management activities, which can be exported for publication and shared with business stakeholders.
Germany may be one of the first countries to champion sustainable business practices and require corporations and suppliers to take responsibility for the consequences their corporate actions have on the world, but it won’t be the last. Make sure you have integrated technology to efficiently connect your data, processes, and people for supply-chain transparency, and you will be well-prepared for any future requirements.
For more on ESG and supply-chain transparency, download our e-book, Taking a Stand on ESG, and check out Riskonnect’s ESG software solution.