German Supply Chain Act (LkSG): An 8-step guide to compliance

The German Supply Chain Due Diligence Act, or LkSG for short, has been in force for two months and there is a palpable sense of concern as to its requirements from companies within its scope.

While it’s important to acknowledge that the law is technical and demanding, the purpose of this piece is to offer some reassurance and basic guidance on how best to approach compliance with this ground-breaking law.

The LkSG is the first major piece of human rights and environmental due diligence (HREDD) legislation to seriously implement the provisions of the United Nations Guiding Principles on Business and Human Rights (UNGPs) and OECD Guidelines for Multinational Enterprises. It comes with a raft of advisory literature from BAFA, the German government agency charged with overseeing the implementation of the law, and is designed to be ambitious and consequential.

That said, the fact that it is rooted in the UNGPs and OECD Guidelines should offer a degree of comfort. These provisions are generally well-known and follow established methodological pathways. If companies are in doubt as to what they should do and cannot find the necessary guidance in the BAFA literature, they know that they can’t go far wrong by relying on the general due diligence principles in the UNGPs and the technical guidance in the OECD documents.

It is also important to state that while the process for compliance matters and the legal duty is one of effort rather than results, it is ultimately the outcomes, in terms of human rights and environmental protections, that are the real purpose of the law and the ‘north star’ towards which companies should be striving.

There has never been a more critical time for companies to refocus their efforts on sustainability reporting, which – if done right – can actively support corporate strategy and risk management, while also helping to strengthen relations with key stakeholders.

  • So, without delving too deeply into the details of the compliance process, about which we have written previously, here are eight key steps illustrating how best to approach the LkSG.

  • Step 1

    Invest in appropriate internal human and capital resources as part of your HREDD risk management system. Establish an appropriate ‘tone from the top’ and adopt this agenda enthusiastically. The LkSG is happening whether you like it or not - much the better to embrace it and benefit from it. The evidence suggests that businesses who create healthy, fair and efficient operations and supply chains will increasingly attract more capital and talent as well as improving their reputations.

  • Step 2

    Map your operations and supply chains, understand your risk centres, be honest about your weaknesses and areas of improvement. Although the legal reach of the due diligence requirements will often stop at tier 1 suppliers, this will not always be the case and companies should strive to know as much as possible about their complete value chain. Don’t shy away from difficult decisions or topics, this is your chance to get in front of your problems, own them and address them. If you don’t, others will.

  • Step 3

    Use credible third-party country and industry risk data to create your abstract risk heat map, interrogate these datasets and prioritise your actions. This will need to be done at least annually. Credible external partners can provide a great deal of practical internal support and assurance to external parties, including commercial stakeholders and BAFA.

  • Step 4

    Adapt the principles of the UNGP human rights impact assessment (HRIA) process for your concrete risk assessment. Embrace the well-developed methodology of scale, scope, remediability, likelihood and attribution to understand in detail the key salient risks in the parts of your operations and supply chains you have identified as being particularly vulnerable to the human rights and environmental issues in scope. Seek the help of expert advisors with experience of HRIAs and the UNGPs generally - they will help you devise the necessary processes.

  • Step 5

    Make sure you have a system in place to monitor the events that could give rise to the requirement for an ad hoc risk assessment. These events will be either ‘substantiated knowledge’ of a rights violation in your indirect supply chain (tier 2+), which will trigger a discrete risk analysis of that particular issue, or a material change in business activity, which could trigger a full operation and supply chain risk analysis process. Again, a credible third-party data provider will be critical here.

  • Step 6

    Ensure that your due diligence activities are properly documented and recorded. You will need to both ‘know and show’ what you have done in your annual reports, and your data file will help you to demonstrate year-on-year progress.

  • Step 7

    Think about how you want to communicate your LkSG progress. Traditional corporate communications may not be suitable for the complex and delicate messaging that can be required for human rights and environmental matters. Equally, try not to adopt a risk averse stance. Some lawyers may see unnecessary risk in open and honest communication, and there are sensible commercial limits to what you might want to say, but a smart communications approach will find a balance between honesty and caution.

  • Step 8

    Focus on preventing abuses in your own business area, mitigating those in your supply chain and providing remedy wherever possible. Establish robust grievance procedures and whistleblower provisions, encourage a culture of openness and respect for responsible business practices. Remember that employees increasingly want to work for companies with a strong sense of purpose and a commitment to sustainability. Wear this commitment as a badge of pride, not a compliance activity to be endured.

Overall, our key message is to embrace the LkSG. It will be difficult at first, but as companies invest in the people and processes necessary to meet the high bar that has been set, the challenges will be replaced by the rewards that come with improved systems and reputations.

Dr. James Sinclair

Director, Human Rights

Webinar: Risk data and the German Supply Chain Act: Why compliance depends on it

EU & German flag

Webinar: Risk data and the German Supply Chain Act: Why compliance depends on it

We will contextualise the law and explore why it is so challenging to comply with and how our data, platforms, and advisory services can help

German Supply Chain Act solutions

Reichstag building

German Supply Chain Act solutions

World-leading LkSG Risk Analysis Dataset, guidance and expert support for compliance with Supply Chain Act risk analysis and due diligence requirements