Moody’s Advises Extreme Caution to Organizations Concerning Recently Extended German Supply Chain Law

The German supply chain due diligence act (SCDDA) was passed a year ago, and as far-reaching as it was last year it has become even more so with the start of this year. The SCDDA, called Lieferkettengesetz (LkSG) in German, requires that companies operating in Germany exercise due diligence in supply chain when it comes to all aspects of environmental, social, and governance (ESG), which includes everything from human rights violations to compliance with environmental standards.

Over the course of 2023 these regulations only applied to firms who have either a branch or an office in Germany of 3000 plus employees. These firms would be subject to fines of up to 2% of their global annual turnover if they were found to be in violation. At the start of this year, however, that expanded to now include companies with at least 1000 employees, an increase going from approximately 900 corporations to a little fewer than 4000.

Those who fail to comply now could be handed out fines as high as €8M based upon the level of the violation, and companies with annual turnover greater than €400M could face sanctions as heavy as 2% of that annual turnover. Corporations could also be at risk of being excluded from procurement of domestic public contracts for as much as 3 years for failure to comply, which should motivate companies from outside of Germany to comply if they want to maintain relationships with German customers.

Moody’s, a global integrated risk assessment firm, reports that this law has made Germany something of a forerunner in this legislative space. The SCDDA, or LkSG, sparked a trend across the globe as governments have been passing laws that focus on corporate transparency and due diligence in regard to ESG. Particular ESG offenses, among others, include:

·      Modern Slavery

·      Forced Labor

·      Human Trafficking

·      Environmental Abuse

This act has already shown to have affected organizations, with numerous complaints already having been filed, with a majority of these cases in response to shortcomings in supplier due diligence. In June of last year the European Center for Constitutional and Human Rights (ECCHR) filed a legal case under the new German law against three large German auto manufacturers, stating that these companies were not properly reporting how they had been addressing human rights. The filing was with the Federal Office for Economics and Export Control (BAFA) who is the regulator for the SCDDA.

How effective the SCDDA will be in promoting more transparent and responsible behavior is dependent upon how businesses choose to apply it. Corporate teams in either procurement, compliance, or risk are still grappling with how they are to deal with due diligence in supply chain effectively, as there are some processes that must be adapted to comply with the new regulations.

BAFA will now be responsible for monitoring several thousand companies, making sure they understand their responsibilities and are complying with the SCDDA across the board. They will give the final verdict on what actions will be taken with those companies in violation, which could range from simply giving recommendations on proper due diligence processes to doling out sanctions for those they find did not take the necessary measures. Organizations who fall under the jurisdiction of BAFA will be required to:

·      Have a transparent, robust, and holistic risk analysis framework in place

·      Begin using best practices when it comes to supplier due diligence

·      Be ready to address any potential violations as well as correcting them

·      Become flexible enough to adapt to any future legal amendments

The Director of Financial Crime Compliance Industry Practice Lead covering DACH, BeNeLux and CEE, Enrico Aresu made it a point of emphasis that “…companies have a duty of care, not a duty of success under this law. While the aim is to minimize human rights and environmental violations within supply chains, the regulator understands the complexities and challenges of completely eradicating these crimes. For the first year, the regulator wanted to focus on two main areas of implementation: the complaint mechanism or process and how a company’s responsibilities were mirrored throughout the organization.
      

“What's crucial for businesses now is to have a good risk analysis framework in place, to understand the law, to implement strategies to comply with it, to act swiftly when issues need to be reported, and to bridge gaps when violations occur.”

There are laws similar to the SCDDA that are in place in the US, UK, France, Norway, and Australia. These types of laws make it necessary for companies to have the correct due diligence framework in place in their supply chains to prevent and avoid:

·      Human rights violations

·      Environmental violations

·      Fines

·      Damaged reputation

Businesses in response to and preparation for these new regulations need to:

·      Integrate their risk policy with their risk analysis,

·      Have policies that take into consideration what types of risks they might face,

·      Consider what measures are available to mitigate those risks, and then

·      Have analysis that is able to effectively target the areas of risk they should.

The global supplier network is already vast and complex, which is liable to become even more complex with all these new legislations being passed. Companies will have to evolve a human rights strategy policy statement that is transparent, clearly define and delegate the responsibilities within the organization, and then execute adequate due diligence or broad and deep risk analysis.

The GRC Report is the first word in governance, risk, and compliance news. As your trusted source for comprehensive coverage, the GRC Report keeps you informed and equipped to navigate the evolving landscape of governance, risk, and compliance. And remember, the GRC Report isn't just a news source; it's a community of professionals who share your passion for GRC excellence. Don't miss out on our insightful articles and breaking news – join the conversation and empower your GRC journey.