German legislature passed the LkSG in June 2021. The GSCA (German Supply Chain Act) features new rules to make sure companies in Germany meet the standards set up by the OECD Guidelines of Multinational Enterprises and the UN (United Nations) Guiding Principles for Business and Human Rights.
The new law imposes specific due diligence obligations on companies with a principal place of business, branch office, statutory seat, or administrative headquarters in Germany. They must comply with environmental standards and human rights. This law also requires stiff liabilities for violations.
Overall, the German Supply Chain Act offers a comprehensive list of requirements, including the company to establish a risk management system to be compliant. It then outlines various remedial and preventative measures, makes complaint procedures necessary, and promotes regular reporting and documentation.
We will help you learn about the GSCA and what it means for German businesses.
What’s Supply Chain in the GSCA?
The meaning of the term supply chain for the GSCA refers to all services and products of an organization. It features the steps in Germany and abroad, which are necessary to produce items and offer services. This starts with extracting raw materials and ends with the customer. Overall, it includes the action of:
- Indirect suppliers
- Direct suppliers
- The enterprise in its business area
What Is the Scope of the GSCA?
The scope of the German Supply Chain Act includes:
- From 2023 – German-based companies with over 3,000 employees and German-registered foreign company branches with over 3,000 employees (this includes about 600 organizations)
- From 2024 –German-based companies with over 1,000 employees and German-registered foreign company branches with over 1,000 employees (this will include about 2,800 companies)
If your company doesn’t reach the mentioned thresholds, you can still expect SMEs (small and medium-sized enterprises) to be affected. Many large companies addressed are sure to pass those due diligence obligations onto the suppliers. Smaller companies might be covered by the GSCA’s sphere of influence act, even if they’re not an in-scope business.
Direct and Indirect Suppliers
In the GSCA, companies are required to monitor and act on any violations within their own operations. However, they must also do so for the operations of direct suppliers throughout the world. This starts with extracting raw materials and delivery to the customer.
Likewise, companies that obtain substantiated knowledge about a potential violation of environmental standards or human rights by an indirect supplier must conduct a risk analysis concerning those violations.
What’s the GSCA Apply To?
The German Supply Chain Act defines two protected legal positions: environmental standards and human rights.
An environment-related risk in this Act is a condition when there’s a sufficient probability that one of the prohibitions below could or is being violated (with facts):
- The Minamata Convention on Mercury
- Use of mercury compounds or mercury for manufacturing processes
- Manufacturing mercury-added products
- Insufficient treatment of the mercury waste
- The Stockholm Convention (POPs) Persistent Organic Pollutants
- Handling, storage, collection, and disposal of the waste in a way that’s not environmentally sound
- Production or use of any prohibited chemicals
- Basel Convention (Control of Transboundary Movements for Hazardous Waste and Disposal)
- Exporting and handling the hazardous waste incorrectly
Human Rights Risks
A human rights risk in this Act is any situation where there’s a reasonable probability that one of the below-mentioned prohibitions is violated (based on fact):
- Child labor
- Forced labor
- Worst forms of child labor
- Freedom of association
- Occupational safety and health obligations
- Adequate living wage
- Unequal treatment or discrimination
- Inappropriate use of the security forces
- Unlawful eviction or taking of water, forest, and land
- Excessive water consumption or environmental damage
- Act or omission of the breach of duty to act going beyond those 11 points and an unlawfulness that’s obvious upon a reasonable assessment of the circumstances questioned
Complying with the GSCA Due Diligence Obligations
The highlight for the GSCA is to obligate companies to conduct due diligence for environmental standards and human rights. There are nine requirements to consider:
- Establishing a Risk Management System – Companies have to create a risk management system that complies with the GSCA obligations set forth in the act. As part of this, entities must analyze their environmental and human rights risks and those of the direct suppliers.
- Defining In-house Responsibilities for Compliance – Companies must appoint a human rights officer, and they are responsible for monitoring risk management within the supply chains. This doesn’t have to involve hiring new employees or creating new jobs. Risk management tasks can be handled by existing departments, such as sustainability or compliance officers. Additionally, all senior management has to be informed about the responsible person’s work once a year or more.
- Performing Routine Risk Analyses –Risk analysis should be carried out by companies once a year and through an ad hoc basis, such as when introducing new projects, business fields, and products.
- Issuing a Policy Statement –In-scope organizations should issue a policy statement including the description of the procedures for how it fulfills the GSCA obligations, a description of company priorities that relate to environmental and human rights risks, and share expectations that are put onto the enterprise by its suppliers and employees. This statement ensures that the management and board are committed to the human rights agenda.
- Establishing Preventative Measures for the Business and Direct Suppliers –Companies have to implement appropriate purchasing and procurement practices, establish control measures to determine compliance with the strategies outlined in their policy statements, and deliver training in appropriate business areas.
- Taking Remedial Action –If companies determine a violation of a protected position occurs or might happen, they must take remedial action immediately to stop, minimize, or prevent it. Failure to do this could result in fines and civil actions by the harmed parties, competitors, and NGOs. When the violation can’t be stopped in the near future, the company should outline a concept to minimize/end the breach and carry it out. To do that, they must draft a timetable, minimize the violation, and temporarily suspend relationships with suppliers violating the terms while reducing the risk. However, termination of relationships is a last resort used when serious violations by suppliers can’t be remedied in any other ways. The effectiveness of the corrective and preventative measures are to be reviewed each year and through an ad hoc basis if significant changes occur to the risk exposure profile.
- Establishing a Procedure for Complaints –In-scope organizations require a complaints procedure to allow people to report violations relating to environmental and human rights risks. It must be publicly available, and the person who submits a complaint should be informed that it was received.
- Implementing Due Diligence Obligations for Indirect Suppliers –If companies have knowledge of misconduct by an indirect supplier, they must address the risks immediately, outline and incorporate preventative measures, and update the policy statement.
- Documenting and Reporting for Due Diligence Activities –Companies must report that they’re fulfilling their due diligence obligations each year. The report should be publicly available on the company website free of charge four months after the financial year’s end.
What This Means for You
If you own a business in Germany, you must adhere to the German Supply Chain Act and follow recommendations for due diligence obligations. It’s often difficult to know where to start, but Transparency Gate can assist.
Create a portal that handles compliance with the GSCA, international laws, and the OECD. Make assessments for due diligence easily and map out risks throughout the supply chain! Book a free demo today to get started!