What Germany's Due Diligence Law Means for Supply Chain

Germany’s Supply Chain Due Diligence Act has been effective since 1^st January 2023. The new law requires large companies operating in Germany to carry out human rights and environmental due diligence on their business and its suppliers. Now, many countries are considering following Germany’s lead with similar regulations. In this blog, we look at how all companies can improve their compliance and due diligence processes to respond to this trend–with support from Nexis® Solutions.

A step forward for mandatory human rights due diligence legislation

Germany’s Supply Chain Due Diligence Act requires companies with at least 3,000 employees–whether they are headquartered in Germany or have a branch there–to have in place a process for carrying out supply chain human rights due diligence. This means screening prospective and current suppliers against risks including:

• Forced labor and child labor
• Environmental impact
• Discrimination or unethical employment
• Unsafe working conditions 

The law requires these companies not only to identify and assess third parties’ impact on human rights and the environment, but to prevent and remedy any adverse impacts. Eligible companies must therefore publish an annual report which spells out their approach to identifying and mitigating risks.

Failure to comply could bring significant costs to companies. A company could be fined up to 2% of their average yearly global revenue, or up to €800,000. They could also be temporarily excluded from applying for public contracts. What’s more, the Act’s scope will be extended in January 2024 to include companies with at least 1,000 employees in Germany.

Germany’s Act points the way for a global trend in due diligence

The Act does not only apply to German-headquartered companies. It covers any company with a large branch in Germany and German subsidiaries of foreign companies who exceed the employee thresholds. In fact, all companies would be wise to take note of the law because the emergence of mandatory human rights and environmental due diligence legislation is among the main trends in modern global compliance.

Several countries and bodies have introduced similar regulations, including:

• European Union: A Corporate Sustainability Due Diligence Directive was approved by the European Council in November 2022. It will require companies operating in EU states to ensure their activities–and those of their suppliers–comply with human rights and environmental sustainability criteria.
• Netherlands: The Child Labour Due Diligence Act of 2019 mandates companies selling or supplying to Dutch consumers to investigate whether child labor has been involved in the production process.
• France: The Duty of Vigilance Law of 2017 requires large French companies or French-based subsidiaries to identify risks and prevent severe impacts on human rights and the environment from the company and its suppliers.

Many others are considering introducing human rights due diligence requirements on companies in the near future, including:

• United States: The Slave-Free Business Certification Act, which has been proposed in the US Senate, would require businesses earning above a certain revenue to carry out annual audits to detect any use of forced labor in their supply chain.
• Hong Kong: There have been recent discussion of introducing mandatory climate reporting for financial institutions and listed companies by 2025.
• All EU member states: Every EU country will have to adapt or adopt laws like Germany’s when the Corporate Sustainability Due Diligence Directive comes into force.

There are other good reasons for companies to implement human rights and environmental due diligence, beyond the legal and financial risk of breaching legislation. Consumers, employees and investors increasingly expect companies to demonstrate that they are tackling ESG risks, and those companies who cannot do this will suffer significant reputational damage. All companies should therefore understand the requirements of Germany’s law and consider how they could reorient their compliance process to comply with similar legislation.

MORE: 6 Actions to Support Sustainable Development Goals

Data and technology: the best tools to tackle expanding due diligence obligations

Becoming compliant with human rights and environmental due diligence is not a straightforward task. Many companies still take a traditional approach to compliance which focuses on financial and legal risks, rather than reputational, human rights or environmental risks.

An additional complication is that supply chains are becoming ever more complex which means a company needs to expand its due diligence to screen more entities. Moreover, the amount of data available online can make it difficult to find the most relevant information on a third party amid the noise.

So how can companies meet the challenge of mandatory human rights and environmental due diligence legislation? The best approach is to ensure they have access to reliable data on their suppliers and third parties. This data should cover a wide range of sources, including:

• ESG data, which indicates a company’s impact on the environment, its reputation for social issues, and any failures in governance.
• Legal data including court cases involving a company, and any mention of them on sanctions lists, PEP lists and other watch lists.
• News data, which can flag risks around a company that might never reach a courtroom. An archive going back decades is preferable because a company’s reputation can still suffer for human rights and environmental violations which happened in the past.

In today’s data-driven world with ever-growing volumes of information available, it is not easy to surface data which is most relevant for assessing a supplier’s human rights and environmental impact. The best compliance operations leverage technologies which instantly screen multiple entities against high volumes of authoritative data in all the areas outlined above. 

Given regulators’ expectations that companies carry out ongoing monitoring, these systems should also flag any changes to a risk assessment of an entity when new information arises. That is where Nexis Solutions comes in.

Nexis Solutions: cutting through the noise to surface supply chain risks and insights

Nexis Solutions help firms to implement a more efficient and effective due diligence process to identify and mitigate third party risk by providing companies with authoritative data from the most relevant sources, including:

• News data to identify reputational risk of third parties.
• PEPs and sanctions data to identify third parties which may require enhanced due diligence.
• ESG data to assess third parties’ compliance with growing expectations from regulators and the public around human rights and environmental due diligence.
• Company data to help to build a picture of a company’s structure, directors and beneficial owners.

We support firms to deploy technology across these sources to improve their approach to due diligence and risk management. For example:

• Nexis Diligence+™ supports an effective due diligence process with our extensive archives and news searches going back more than 40 years.
• Nexis® Data as a Service delivers an unrivalled collection of licensed and web content, deep archives and data, through our flexible data APIs.