Moodys Warning on Extended German Supply Chain ESG law

It has been one year since the far-reaching German Supply Chain Due Diligence act (SCDD) was passed, and from January this year its reach has expanded significantly. 

The Act – known in German as Lieferkettengesetz (LkSG) – forces firms to observe due diligence on every aspect of ESG, from human rights violations to compliance with environmental standards. 

LkSG means German companies face fines of up to 2% of their global turnover if they cannot demonstrate ESG transparency in their supply chain.

Throughout 2023 the legislation applied only to companies with a registered office or branch in Germany 3,000 or more employees but as of January 1, 2024, now extends to companies with more than 1,000 employees. 

This expansion significantly increases the number of corporations under its jurisdiction, from around 900 to just below 4,000 organisations.

Organisations contravening the law face fines of up to 8 million euros, depending on the gravity of the violation. Companies with an annual turnover of more than 400 million euros could be fined up to 2% of their turnover. 

German supply chain law impacting public contracts

German companies that fail to comply with the new law also risk being excluded from domestic public contracts for up to three years. It not only forces large German businesses to take responsibility for ESG risks in their entire supply chain, but businesses outside of Germany also have to comply if they want to keep their German customers.

Global integrated risk assessment firm Moodys says the law has made Germany a forerunner in ESG compliance, and observes that LkSG "forms part of a broader global trend with governments around the world passing corporate transparency and due diligence laws aimed at tackling ESG offences".

Such offences include:

• Modern slavery
• Forced labour
• Human trafficking
• Environmental abuse

The first complaint under the law, writes Moodys, was filed with the German Federal Office of Economic Affairs and Export Control by garment workers, who claimed the factories they worked in were endangering their safety.

High-profile cases filed under LkSG act

There have also been high-profile cases that have caused "significant reputational damage to firms who have been found to have flaws in their supplier due diligence processes", says Moodys. This, it says, leaves them exposed to financial and reputational risk.

It also observes that, in June 2023, a legal case was filed under LkSG by the non-profit organisation, the European Center for Constitutional and Human Rights (ECCHR). 

The case was against three major German automotive companies who, it was alleged, had not adequately explained how they were addressing human rights as part of due diligence. 

The complaint was filed with the Federal Office of Economics and Export Control (BAFA), the regulator for the LkSG act.

BAFA will decide what action should be taken in relation to these and other companies. Action might range from being advisory – making recommendations for improvements to due diligence processes – or punitive: issuing sanctions, if it finds that appropriate preventive and remedial measures were not taken.

Moodys reports that BAFA is actively monitoring “hundreds of organisations”, to ensure they understand – and are complying with – the LkSG law across their entire supply chain.

It points out that many procurement, compliance and risk teams are still working on understanding how to deal with supplier due diligence “in an optimal way while adapting processes to meet the requirements of the law”. It is a matter of record that there is a deal of corporate anxiety around supply chain ESG transgressions.

Moodys advice on LkSG compliance

Moodys advises businesses that, to be compliant with the newly extended LkSG, they must:

• Have a complete understanding of the law
• Put a meaningful risk analysis framework in place
• Implement LkSG compliance strategies
• Act swiftly when issues need to be reported
• Bridge gaps when violations occur

Moodys says:  “This legislation, along with similar laws in the US, UK, France, Norway, and Australia … means organisations need to connect their risk policy to their risk analysis framework. 

“Each company’s policy should consider what risks it is likely to face, and therefore what mitigation measures it should take. Then analysis can be effective at targeting the right areas of risk.

“Businesses need to implement and evolve a human rights strategy policy statement, define organisational responsibilities, and then carry out due diligence or risk analysis that’s broad and deep within what is likely to be a complex, global supplier network.” 

Check out the latest edition of Supply Chain Digital and also sign up to our global conference series: Procurement & Supply Chain 2024

******
Supply Chain Digital is a BizClik brand