Effective January 1, 2023, the German Act on Corporate Due Diligence Obligations in Supply Chains requires companies to identify, prevent, and address human rights and environmental risks across their global supply chains.

The Supply Chain Act lists nine specific due diligence obligations that a company must comply with:

• Risk Management: companies must establish an appropriate and eBective risk management system to comply with the due diligence obligations under the act in all relevant business processes;
• Human Rights OBicer: companies must determine who is responsible for monitoring risk management, for example by appointing a human rights oBicer;
• Risk Analysis and Assessment: companies must conduct an annual risk analysis in its own business area and towards direct suppliers, and further risks analysis on an ad hoc basis, if the company expects a significant change in the risk level of the supply chain. As part of each risk analysis, it must evaluate and prioritize the identified risks;
• Policy Statement: companies must issue a policy statement by the company’s senior management which describes the procedure for fulfilling the due diligence obligations under the Act, and lists the risks identified in the course of the risk analysis as well as the human rights-related and environment-related expectations placed by the company on its employees and suppliers;
• Preventive Measures: if the company has identified a risk in the course of its risk analysis, it must take, without undue delay, appropriate preventive measures in its own business area (e.g. through training) and towards direct suppliers (e.g. by seeking contractual assurances with respect to human rights-related and environment-related expectations);
• Remedial Action: companies must take appropriate remedial action if the violation of a human rights-related or environment-related obligation in the company’s own business area or at a direct suppliers has already occurred or is imminent. The termination of a business relationship is only required if the company has no less severe means at its disposal (based on the principle: “stay and change instead of cut and run”);
• Complaints Procedure: companies must establish an appropriate internal complaints procedure or participate in an external procedure to receive reports on human rights-related and environment-related risks;
• Indirect Suppliers: companies must also comply with the due diligence obligations under the Act (but in less strict form) in relation to their indirect suppliers; and
• Documentation and Reporting: companies must continuously document the fulfilment of the due diligence obligations within the company and prepare an annual report on this which must be made publicly available on the company’s website and be submitted electronically to the German Federal OBice for Economic ABairs and Export Control (“BAFA”).