Global menu

Our global pages


The new German law on Corporate Due Diligence in Supply Chains - the "Supply Chain Act"

  • Germany


    What are the direct and indirect obligations of companies?

    Meaning of the Supply Chain Act and companies' obligations to act

    On 16 July 2021, a new law came into force in Germany: the Act on Corporate Due Diligence in Supply Chains (in short: Supply Chain Act or Due Diligence Act).

    All companies with 3,000 or more employees in Germany will be subject to the law from January 2023 and all companies with 1,000 or more employees in Germany from January 2024 onwards.

    However, even smaller companies cannot ignore the law if it applies to their customers. The customers will (and are obligated to) hand down the corresponding obligations to their suppliers. In addition, the EU is in the process of enacting a similar law that will likely also cover small and medium-sized enterprises in high-risk sectors and those that are publicly listed.

    The purpose of the law is to protect human rights and the environment. Since the voluntary protection of these goods has proven unsuccessful, the lawmakers felt it was necessary to pass a law to make this duty of care mandatory. Violations can be punished with hefty fines.

    To comply with the Supply Chain Act, companies do not have to guarantee that no human rights or environmental obligations are violated in their supply chains, but they must be able to prove that they comply with the due diligence obligations set out in the law.

    These due diligence obligations are:

    1. establishing a risk management system,

    2. defining internal responsibilities,

    3. performing regular risk analyses,

    4. issuing a policy statement

    5. establishing preventive measures within the own business unit and towards direct suppliers,

    6. taking corrective action,

    7. establishing a complaints procedure,

    8. implementing risk due diligence with indirect suppliers, and

    9. initiating an ongoing documentation; and

    10. establishing a regular reporting.

    Roadmap for the implementation of the obligations

    The following measures should be taken to make your company compliant with the Supply Chain Act:

    1. Get an overview of any similar processes that may already exist in you company and which can be used to implement the following measures

    2. Create a first draft or make amendments of your existing

    • Supplier Policy
    • Code of Conduct
    • Policy for Employees

    in compliance with the basic obligations of the Supply Chain Act

    3. Incorporate the new or amended policies and guidelines into new supplier contracts and new employment contracts

    4. Perform a risk analysis

    5. While performing the risk analysis: Establish a risk management, including

    • Define in-house responsibilities in the relevant departments (e.g. executive board, purchasing, compliance); possibly create the position of a human rights officer;
    • Establish a complaints procedure
    • Initiate ongoing documentation
    • Establish a reporting procedure

    6. Based on the risk analysis:

    • Adapt the Supplier Policy /Code of Conduct/Policy for Employees
    • Include the most current version of the policies in the future contracts with suppliers and employees and amend already concluded contracts;
    • Implement preventive measures in your own business and that of your immediate suppliers to avoid a violation of the obligations arising from the Supply Chain Law;
    • Take corrective actions;
    • Implement risk due diligences with indirect suppliers

    7. Draft a policy statement which addresses the steps set out above

    8. Potentially further adapt the policies (Supplier Policy, Code of Conduct, Policy for Employees)