With official enforcement of the Lieferkettengesetz German Supply Chain Due Diligence Act (Act) beginning on 1 January 2023, organisations will need to work quickly to align their due diligence practices with the new legislation. These developments include establishing the right risk management solution, appointing the individual responsible for overseeing the risk management including in particular the supply chain due diligence within the organisation, creating methods by which whistleblowers can file complaints, performing ongoing risk analysis, and more. As companies adjust to compliance protocols, they will inevitably be running into specific pain points and obstacles with Lieferkettengesetz implementation, including:
- The challenge of setting up and optimising a comprehensive risk management system that meets regulatory requirements
- The time and energy of ongoing supply chain risk analysis without a solution to decipher what data is relevant and what data is not
- The difficulty of performing accurate and consistent due diligence reporting and annual publication under Lieferkettengesetz requirements
In this blog, we’ll discuss how businesses are impacted by these challenges, as well as how to address them to make supply chain due diligence compliance easier and more efficient.
Lieferkettengesetz Compliance Challenges
The Act outlines important guidance for applicable organisations, including the establishment or optimisation of a risk management system and the annual publication of specific due diligence data. The Lieferkettengesetz compliance requirements can pose challenges for companies without the proper measures and tools in place to maintain compliance.
Establishing and optimising a risk management system
Challenge: The Lieferkettengesetz specifically outlines requirements for organisations to set up an effective risk management system. Selecting the right risk management solution and integrating it throughout company operations is an extensive and important process that can support the creation or optimisation of an existing risk management programme. The most effective risk management solutions are equipped with features for efficiency and longevity, including task automation, industry and legislative intelligence, and the storage and reference of past collected data. If an organisation already has a solution in place, the challenge is to know how to optimise company processes and system features to ensure the solution is incorporated into all operations.
Consequences: Without the right solution in place, it can be easy to miss potential risks in your own operations and on your supply chain, leaving your company vulnerable to legislative sanctions. Additionally, a system that is not thoroughly integrated into every aspect of company operations and supply chain management can overlook risks and leave companies vulnerable to non-compliance. In fact, 89% of companies have experienced supply chain risks in the last five years, and the data is showing that the organisational systems in place to mitigate them lack maturity. Companies and systems that are more proactive in supply chain management efforts experience two-thirds fewer high-impact supply chain disruptions annually compared to more response-focused peers.
Solution: The Lieferkettengesetz Supply Chain Due Diligence Questionnaire offered through ethiXbase, which helps identify human rights and environment-related risks violations, provides you with the tools to identify and resolve hidden risks in your own operations and within your supply chains, including those of your affiliated group companies in a truly holistic manner. Rather than only examining what will satisfy check-the-box compliance, the Lieferkettengesetz Questionnaire evaluates the big picture of where your company and your supply chains stand. By taking this methodical and proactive approach, organisations can perform comprehensive compliance initiatives that impact every element of their supply chain operations.
Performing ongoing risk analysis
Challenge: Lieferkettengesetz implementation also requires organisations to carry out risk analyses on a regular basis. If not done properly, ongoing risk analysis can be energy and time inefficient. Manually collecting and deciphering extensive amounts of potentially irrelevant data can be time-consuming, but can also be dangerously subject to human error, adding the risk of missing important information.
Consequences: Constant supply chain risk analysis, without the right system in place to accurately and efficiently sift through data, can result in collecting copious amounts of irrelevant information, wasting time and energy, and creating opportunities to overlook genuine threats.
Solution: Starting with a human rights and environment-related risk identifying questionnaire, like the Lieferkettengesetz Questionnaire offered through the ethiXbase 360 platform, is an effective way to understand the extent to which your company currently complies with the requirements of the Act and other global mandatory human rights and environmental due diligence legislation, and determine what data is relevant for analysis in your own operations and for your supply chain.
Compiling data for annual reporting
Challenge: The Act also requires companies to document their due diligence procedures, identified risks, and measures taken, and then publish an annual report on its website, which must be free of charge and publicly available, within four months of the end of the fiscal year. The challenges lie in understanding exactly which data is essential for inclusion in reports, ensuring that they are published in a timely manner, and coinciding with reporting requirements from many other legislations — other laws may request different data to not only be published publicly but also delivered directly to reporting agencies.
Consequences: Waiting until the last minute to begin organising relevant data or failing to fulfil accurate, timely reporting requirements can result in noncompliance designations, leading to legal sanctions and fines against your organisation.
Solution: ethiXbase’s Advanced Perceived Risk Indicator™ (APRI™) not only analyses supply chain partners against specific legislation, but also thoroughly organises reporting requirements, delivering reports to relevant governing agencies and publishing them in a timely manner.
Get Ahead of Lieferkettengesetz Compliance Requirements
New human rights and environmental due diligence legislation inevitably results in challenges within an organisation’s operations as they work to align their protocols. Having the right risk management solution in place can eliminate many of the pain points in aligning with the Lieferkettengesetz Act by performing internal assessments, efficient risk analysis, and accurate reporting processes. To learn more about how the Lieferkettengesetz assessment programme from ethiXbase can help alleviate the challenges of due diligence compliance, request a demo today.
Find more about the Questionnaire and Risk Assessment Programme