The Supply Chain Due Diligence Act

The German Supply Chain Due Diligence Act (LkSG) obligates companies above a certain size to systematically identify, assess, and minimize human rights and environmental risks within their supply chains. In effect since January 2023 for companies with over 3,000 employees, the threshold was lowered to 1,000 employees in January 2024.

Parallel to this, the EU's Corporate Sustainability Due Diligence Directive (CSDDD) is coming into force, harmonizing these requirements across Europe and eventually expanding upon the LkSG.

Who is Affected by the LkSG?

The law directly applies to companies based in Germany with at least 1,000 employees. The obligations cover:

• Own business operations.
• Direct suppliers (Tier 1).
• Indirect suppliers (Tier 2 and beyond), but only if there is substantiated evidence of a violation.

For Small and Medium-Sized Enterprises (SMEs), the pressure is indirect. Suppliers to large corporations increasingly face questionnaires, self-disclosure mandates, and strict contractual clauses. In industries like Automotive, where Tier-1 suppliers are often directly bound by the LkSG, this is already standard operational reality.

Key Requirements of the LkSG

The act defines a "due diligence cycle" consisting of several core elements:

1. Risk Analysis: Companies must conduct annual and event-driven analyses of human rights and environmental risks (e.g., child labor, forced labor, unsafe working conditions, environmental destruction).
2. Preventive Measures: Based on the analysis, companies must implement supplier evaluations, contractual safeguards, training, and codes of conduct.
3. Remedial Actions: If a violation is detected, immediate action is required, ranging from escalation to the termination of the business relationship.
4. Complaints Procedure: An internal or external channel must be established for whistleblowers to report risks or violations.
5. Documentation & Reporting: All measures must be documented. Obligated companies must submit an annual report to the Federal Office for Economic Affairs and Export Control (BAFA).

Why Traceability is the Foundation of Compliance

For manufacturers, the critical challenge is this: If you do not know the origin of your materials, you cannot evaluate risks or prove that you have done so.

Seamless batch and material tracking is the technical prerequisite for a resilient risk analysis. This means being able to answer: Which material from which supplier was processed in which batch, for which product, and delivered to which customer?

Companies still relying on paper or isolated Excel sheets face a structural hurdle. An MES (Manufacturing Execution System) that links batches, material origins, and suppliers to production orders provides the operational "Single Source of Truth" needed for LkSG-compliant reporting.

Sanctions: What’s at Stake?

The BAFA monitors compliance and can impose significant penalties:

• Fines: Up to €8 million or, for companies with an annual turnover exceeding €400 million, up to 2% of global annual turnover.
• Exclusion from Public Tenders: For up to three years in cases of serious violations.
• Civil Litigation: Fines over €175,000 allow foreign victims to authorize NGOs or trade unions to file claims in German courts—a significant shift in German legal tradition.

LkSG vs. CSDDD: What’s Next?

The EU CSDDD (passed in 2024) goes further than the LkSG. It includes stronger mandates for indirect suppliers and introduces civil liability. Companies that are already LkSG-compliant have a solid foundation for the upcoming CSDDD requirements.

FAQ

Does the LkSG apply to foreign companies? It applies to companies with their head office or a major branch in Germany. Foreign companies are not directly affected unless they meet the employee threshold through their German operations.

What is the difference between LkSG and CSRD? The LkSG focuses on due diligence and action (identifying and stopping risks). The CSRD focuses on reporting and transparency (disclosing sustainability data). They are complementary; LkSG actions provide much of the content for CSRD reports.

How deep must the risk analysis go? Proactive analysis is required for direct suppliers. For indirect suppliers, the obligation only triggers "upon knowledge" of a potential violation. However, a risk-based approach is expected throughout the chain.

How long must documentation be kept? All records regarding risk analyses and measures must be kept for seven years. The BAFA can request these documents at any time.