Lieferkettensorgfaltspflichtengesetz – implementation challenges, criticism, international comparison, tips and outlook

Mr. Bechhofer, in 2011, a framework for respecting human rights in companies was created with the UN Guiding Principles on Business and Human Rights. What has happened in practice since then??

As a result of the publication of the UN Guiding Principles, in September 2017 the German Federal Government published a so-called National Action Plan (NAP) for “a more comprehensive application of internationally recognized labor, social and environmental standards, principles and obligations (in particular UN, OECD and of the ILO and applicable environmental agreements) in global supply chains”. In the years that followed, attempts were made on a national and international level to implement and apply these principles. However, a nationwide survey, whose results were published in July 2020, showed that only between 13 % and 17 % of all German companies met the requirements of the NAP and only around 20 % of all companies with more than 500 employees had taken action to meet the NAP requirements by including human rights issues in their discussions with the tier one suppliers in their respective supply chains. This was well below the expectations of the State. This is why the German Supply Chain Due Diligence Act (LkSG) was passed in June 2021 and will now come into force at the beginning of 2023.

The German Lieferkettensorgfaltspflichtengesetz (LkSG) now defines binding standards of care for large companies. Where do you see the greatest challenges in implementation?

The major challenges lie on the one hand in creating an organizational structure that is equipped to meet the legal requirements, but also in an effective implementation. The principle is simple: know your business and your suppliers and ensure that human rights – e. g. the ban on child labor – are observed. The challenges arise when you realize what the law requires in terms of structural and process organization and the establishment of constant monitoring. This includes:

• Establishment of a risk management system which defines adequate measures for all significant business processes (Lieferkettensorgfaltspflichtengesetz § 4)
• Determining an internal responsible person; the management needs to seek information on the work of this person at least once a year (Lieferkettensorgfaltspflichtengesetz § 4)
• Conducting regular risk analyses regarding risks in one’s own company or risks relating to direct suppliers, and whenever there are significant changes but at least once a year (Lieferkettensorgfaltspflichtengesetz § 5)
• Creating a policy statement on the company’s sustainability strategy, adopted by the management (Lieferkettensorgfaltspflichtengesetz § 6)
• Taking preventive measures in one’s own company and in regards to direct suppliers, including the implementation of a sustainability strategy and risk-based control strategies, establishing appropriate sourcing strategies and conducting trainings, as well as ensuring that suppliers and business partners ensure the relevant issues are being observed and acted upon within their own supply chains; checking the effectiveness of the measures whenever there are significant changes but at least once a year (Lieferkettensorgfaltspflichtengesetz § 6)
• Undertaking remedial measures in one’s own company and in the relationship with direct suppliers, but also towards other (sub-)suppliers in the value chain if there are any indications or substantial knowledge about existing social or environmental issues (Lieferkettensorgfaltspflichtengesetz § 7)
• Conducting due diligence with indirect (sub-) suppliers if there is substantial knowledge about social or environmental issues (Lieferkettensorgfaltspflichtengesetz § 9)
• Establish complaints procedures where risks in the supply chain can be reported bythose individuals who may be effected; checking the effectiveness of the procedures whenever there are significant changes but at least once a year (Lieferkettensorgfaltspflichtengesetz § 8)
• Assuring regular documentation and reporting; keep all related documents for 7 years; publishing an annual report on the company website 4 months after the end of the fiscal year (Lieferkettensorgfaltspflichtengesetz § 10)

What criticism is there of the Lieferkettensorgfaltspflichtengesetz?

The criticisms of the LkSG are diverse. On the one hand it is about effective implementation, on the other hand it is about the effort that has to be made to meet the requirements of the law. There are uncertainties among the companies affected, which unfortunately are only partially answered by the so-called "FAQ" and the "Guide to Complaint Procedures" published by BAFA –Bundesamt für Wirtschaft und Ausfuhrkontrolle (Federal Office of Economics and Export Control) – in October 2022.

One of the central topics of the LkSG may serve as an example: the establishment of an effective risk management system to record human rights risks (§ 4 LkSG). In § 4, the establishment of an appropriate and effective risk management is required in order for the Company to comply with its obligations that fall under the headline “duty of care”. Although many German companies have developed and implemented a substantial number of risk management systems in the last two and a half decades since the law on control and transparency in companies (Gesetz zur Kontrolle und Transparenz im Unternehmen = KonTraG) went into effect, the new law calls for a paradigm shift – namely to take the perspective of those who may be affected by human rights issues – as opposed to the previous perspective on risks which looked at how certain risks may effect the company or its goals. Because some of the conventional systems have shown major weaknesses in identifying risk, it remains to be seen whether effective new systems for identifying human rights risks in the value-chain will emerge, or whether new systems now being put into effect will only be equipped to provide a “fig leaf function”.

The law also points out that risk management must be anchored in all relevant business processes through appropriate measures. To do this, the processes for which this requirement is important must first be identified and efforts must be made to ensure that the relevant employees are informed and – if necessary – trained. This training requires both time and resources that the companies have to invest in order to focus on the core issues in the different functions, such as e. g. Purchasing, Human Resources (HR) but also in the areas of occupational safety and environmental protection; furthermore the full scope of human rights issues needs to be brought to the attention of Management and the Supervisory Board.

Another point of criticism relates to the need for companies to take preventive action on the respective risks. According to the law, those measures that make it possible to identify and minimize human rights and environmental risks and to prevent, stop or minimize the extent of violations of human rights or environmental obligations are effective when the company who causes these risks or violations within the supply chain or have in some way contributed to these violations takes an active position on all relevant issues. In practice, establishing when a human rights and / or environment-related risk actually exists is anything but a simple question and certainly not trivial – especially against the background of different cultural understandings within given labor markets. In practice, it is not and easy process to determine which measures are appropriate in individual cases. Here, the new law does not necessarily provide adequate guidance but on the contrary contributes to further uncertainty through the vagueness of some of the terms used.

How is the Lieferkettensorgfaltspflichtengesetz (LkSG) to be classified in an international comparison?

In an international comparison, the German LkSG is not unique. There have already been laws such as the “UK Modern Slavery Act” 2015, which implemented the protection of human rights in the supply chain into national law. Australia, France, the Netherlands and USA have also enacted laws aimed at ensuring that human rights are respected in the supply chain. However, the German law makes comparatively high demands on implementation, which will result in a new quality in the consideration of human rights – both within the Federal Republic of Germany and within international locations of German corporations. The latest American law, the "Uyghur Forced Labor Prevention Act" (UFLPA), which came into force last year, which also has a geopolitical dimension, is already having a strong impact because it makes a rebuttable assumption that all goods from a certain district in People's Republic of China – the Xingjiang Uyghur Autonomous Region (XUAR) – were manufactured using slave labor. Manufacturers from this area must therefore provide positive proof (among other things by disclosing the complete supply chain, a list of all workers involved in their own company and further proof that their products were manufactured without exploiting slavery) that no slave labor was used in supply chain before their products are allowed to enter the United States. This currently affects at least three major Chinese manufacturers of photovoltaic panels and their customers. Such mechanisms send strong signals, but it remains to be seen whether this law will remain of purely geopolitical importance – i. e. only in the bilateral relationship between the USA and China – or whether other states and sectors of the economy will now also come into focus.

The core of the fulfillment of the LkSG is the risk analysis to prioritize the possible human rights risks. What tip can you give companies for a successful implementation?

My tip is: deal with the topic of “human rights risks” at an early stage. As just mentioned, determining when a risk specifically exists is non-trivial and not easy. Especially when it comes to prioritizing risks (which human rights issues are important and / or most significant for the group of people affected). How these are then discussed in your own company or even with suppliers and treated with preventive measures can create a level of complexity that requires time to deal with. Depending on the situation, the process can be time-consuming and extensive. Companies for which the LkSG will only apply from 2024 (companies with at least 1,000 employees) would be well advised to start immediately, despite the apparently convenient time span, and not wait until the second half of the year or the end of 2023 to think about how they want to implement the requirements of the law.

A supply chain law is also currently being worked on at EU level. It recently became public that there was a hard struggle behind the scenes over the content of the law. What should companies be prepared for in the long term? Can we expect the requirements to increase further in the future?

Yes, the EU is currently working on its own supply chain directive (“Directive on Corporate Sustainability Due Diligence”). This was presented for the first time on February 23, 2022. It is similar to German law in many respects, e. g. with regard to the requirements for a policy statement, the introduction of a complaints mechanism and an obligation for extensive annual reporting. In other respects, however, the draft regulation goes much further, e. g. all suppliers in the "value chain" should be in focus and not – as in the German LkSG – only the direct suppliers or known sub-suppliers who are associated with human rights violations. In addition, the focus there is not only on classic human rights, but also on the duty of care to avoid negative effects on people through the environment and the climate along the entire value chain. A plan to combat climate change is therefore an additional obligation of this directive. This draft is now being consolidated as a position by the European Council and the European Parliament which should be complete by the end of 2022 to mid-2023 and made ready for adoption by the end of 2023 through the conclusion of the trialogue, with the aim of bringing the regulation into force in 2026 and 2028. Recently there has been controversy about the applicability of the new regulation in terms of the size of the companies that are to be covered by the directive and whether entire sectors – such as the financial sector for example – should be exempt from regulation, which now appears to be off the table. It remains to be seen what the consultations will result in and what impact the discussions will have on the final version of the directive.

For companies that are already subject to the German LkSG, it is reasonable to establish procedures and processes to meet the requirements of the LkSG and to assure that these processes are as robust as possible so that the requirements can one day be extended to include other (sub-) suppliers in the supply chain and to be prepared to include the newly added topics (protection of biodiversity and climate) in their respective risk assessments and reporting.

For companies that are not (yet) subject to the LkSG, but could possibly be subject to the new European directive, the draft directive already provides indications on some of the new requirements and how companies may need to deal with the issues going forward. The implementation of the LkSG in other companies provides some insights into what this may look like in the months and years to come.