The New Year dawns with a few clouds on the horizon for U.S. business. Economic uncertainty continues and the workforce transforms, but topping business challenges is supply chain security and sustainability. U.S. federal and state regulatory efforts in these areas are substantial. Several recent supply chain security acts target use of conflict minerals, human trafficking and forced labor, while decades-old and new conservation laws sweep a broad range of environmental issues. US enterprises are mindful that these regulations can pose significant compliance risk, but they should also be aware that the greatest risk exposure may be overseas.
Effective January 1, 2023, the German Supply Chain Due Diligence Act (or Lieferkettengesetz) aims to protect human rights and associated environmental concerns with Europe’s strongest legislation to date. Global supply chains are specifically targeted because human rights violations are most likely to occur downstream. US companies may assume that SCDDA (or LkSG) won’t directly affect business on this side of the pond, but there are specific immediate and long-term implications. Misconceptions about the law can result in costly fines and damaged reputation.
Six Compliance Misconceptions Corrected
Companies should be clear on the requirements of SCDDA and should not assume that the law doesn’t apply to them. Consider these misconceptions:
“The regulations only pertain to large German companies.” SCDDA mandates that German companies with 3,000 or more employees (1,000 on January 1, 2024), take responsibility for their own business operations but also those of their supply chains. It requires these businesses to proactively take “appropriate measures” globally and impose the same due diligence on direct suppliers of German companies regardless of where they operate in the world. Small and medium-sized organizations that work with German companies must also be in compliance or risk losing these relationships.
“The law only applies to companies that sell directly to German consumers, not those that supply German companies.” SCDDA applies not only to companies that sell their products in Germany, but also those that directly supply any company that operates in Germany (soon the entire European Union), or any company that is part of a German company’s complex and multi-tiered global supply chain. It applies to the whole value chain, from extraction of raw materials to marketing of products.
“Companies that have branch offices in Germany but not production facilities are not affected.” SCDDA applies to any company that operates in Germany with administrative headquarters or branch offices not only those companies with production, central administration or principal place of business in Germany. These organizations are required to present reports no later than four months after the 2023 financial year, but there is no reporting date for SME suppliers at this point.
“The regulations are only guidelines for conduct.” Germany found that voluntary standards and non-binding commitments did not promote ethical responsibility. The government’s 2020 survey found less than 17% of German companies were in compliance, as news media amplified accusations of child labor exploitation and rainforest destruction. The government enacted SCDDA laws to compel companies to implement stringent risk management systems, detailing accountability and responsibility and documenting procedures and actions. Rigorous oversight is demanded. Non-compliance can result in fines as much as €8 million and companies can be excluded from public contracts. Companies also face litigation by German trade unions and NGOs.
“The law only applies to businesses in high-risk sectors.” SCDDA mandates complete oversight and risk analysis for all indirect suppliers of German companies where there is “substantiated knowledge” of human rights violations. Consequently, if an indirect supplier of a US company is flagged for heightened risk, all parties may be required to work with the German company to develop appropriate measures. (“De-rising” or terminating relationships is discouraged in favor of improving third-party environments.)
“Existing human rights standards should cover any compliance issues.” While existing standards may be sufficient, companies need to conduct a gap analysis of their compliance process and SCDDA. Furthermore, the German authorities published a questionnaire with 38 detailed questions, with a total of 437 multiple-choice and open-ended queries, as a tool to help with a company’s assessment of current policies.
Thousands of U.S. Companies Impacted
SCDDA impacts the complete supply chains of 600 of the largest German companies, and [the U.S. exports to Germany](https://www.trade.gov/country-commercial-guides/germany-market-overview) more than any other European nation. The law potentially affects the thousands of U.S. companies that sent $65 billion in goods and services to German companies last year, covering a broad range of products that include components, technological and industrial materials.
In the future, SCDDA will focus on comprehensive preventive measures and best practices that promote awareness and respect for human rights. The law may also impose more obligations on German global supply chains, including the thorough review of all supplies, procurement and purchasing practices. Suppliers will also be compelled to continuously examine their own value chain and comply with training and contractual requirements.
And SCDDA’s mission will undoubtedly expand. Other European countries, Australia and Canada have similar due diligence acts, and this year the EU issued its Directive on Corporate Sustainability Due Diligence. Once formalized, it will “foster sustainable and responsible corporate behavior throughout global value chains,” and U.S. companies will need to adapt to the global effort.
One Resource for Comprehensive Compliance Response
The Ethixbase360 third-party risk management platform can inform U.S. companies about their SCDDA obligations, ensure compliance controls and produce documentation. Human rights impact and environmental risk is identified and monitored with a comprehensive three-staged process.
First, our assessment explores risk exposure in complete value chains and configures assessments tailored to industry and regulatory criteria. Second, third parties identified as high risk are elevated to enhanced due diligence case management. At this level, suppliers are subjected to detailed inquiry and survey based on our Modern Slavery Questionnaire developed in partnership with Norton Rose Fulbright. Third, the platform enables companies to engage with third parties with education and training that raises awareness and standards of sustainability. Finally, Ethixbase360 integrates mandatory compliance functions into compliance procedures and business operations, allowing companies to track and monitor compliance. For Germany’s SCDDA and compliance in other jurisdictions, contact Ethixbase360 for a demonstration of our supplier risk management program.