Commencement of the Lieferkettengesetz German Supply Chain Due Diligence Act (Act) is fast approaching. Impacted organisations are assessing their current systems and processes for supply chain due diligence to ensure their compliance with the Act. Companies to which the Act applies include those which have their central administration, principal place of business, administrative headquarters, statutory seat, or branch oﬃce in Germany and have 3,000 or more employees in Germany.
Seasoned compliance professionals are utilising this legislation as a new lens through which to view their existing supply chain due diligence processes and technology platforms to analyse gaps in their compliance protocols and needed efficiencies to aid in their compliance. The experts at ethiXbase help organisations evaluate their current technology and systems to align them with regulatory requirements set forth by the Lieferkettengesetz. Let’s take a look at how the solutions, technology, and expertise with ethiXbase can help companies manage Lieferkettengesetz requirements.
ethiXbase and Norton Rose Fulbright collaborate to provide Lieferkettengesetz Solution
Organisations from across the globe partner with ethiXbase in order to be able to manage, mitigate and report on supply chain risk. Our market leading Third-Party Risk Management Platform ethiXbase 360 empowers the digitisation, automation, and simplification of your third-party compliance lifecycle, drawing information from across the globe to deliver instant intelligence. The platform includes modules that address multiple forms of risk in key areas: Human Rights, Environment, Supply Chain Risk Management, Anti-Bribery and Corruption, and more. Norton Rose Fulbright, a global top ten law firm*, have leveraged their extensive experience in Germany, and around the globe, to design a questionnaire to facilitate Lieferkettengesetz compliance and reporting. The questionnaire is offered by ethiXbase via their 360 Third-Party risk management platform.
Available via the end-to-end ethiXbase 360 platform, the supply chain risk assessment module is a third-party risk management solution that prioritises combating human rights and environment-related risks within global supply chains in accordance with Lieferkettengesetz requirements and other global human rights legislation. It is designed to help organisations elevate sustainability, ensure resilience, and deliver a positive impact within their network of partners, suppliers and third parties, all while maintaining regulatory compliance with relevant legislation and governing agencies. While there are a number of programmes that assist in identifying potential risks, the module provides a comprehensive analysis of risk data to offer insights for actionable remediation decisions and facilitate regulatory reporting requirements.
Perhaps the most essential element of the Lieferkettengesetz risk management process is the identification of potential human rights and environment-related risks through a comprehensive questionnaire. ethiXbase has entered into an exclusive licence and collaboration agreement with Norton Rose Fulbright to develop a modern slavery risk assessment questionnaire for third parties, initially developed for compliance with the legislation of the United Kingdom and Australia, which has been extended to the requirements of the Lieferkettengesetz. The questionnaire applies know-how developed by Norton Rose Fulbright using its global expertise in identifying and assessing human rights risks, to provide an indicative risk rating. The rating can be used to assist organisations in managing supply chain reporting obligations in multiple jurisdictions. Other components of the ethiXbase Human Rights Module include Advanced Predictive Risk Assessment, Risk-Based Due Diligence, Policy and Code Management and Third-Party Training. *2020 Acritas Global Elite Law Firm Brand Index.
How it works
The ethiXbase 360 Third Party Risk Management platform is a modular system that allows clients to take one or many third party risk management solutions. Working in collaboration with Norton Rose Fulbright ethiXbase has designed and implemented a purpose built questionnaire and risk assessment for Lieferkettengesetz compliance complete with full analytics functionality. Additionally this service can be taken in combination with other ethiXbase modules for due diligence, automated workflows, policy attestations and more.
- Supply Chain Due Diligence Questionnaire and Risk Assessment: the ethiXbase 360 platform can distribute and grade suppliers based on our specifically designed questionnaire for Lieferkettengesetz risk exposure. This immediately flags uncovered risks to your business and provides a breakdown of the risk type for relevant remediation measures.
- Supplier Portal for Completion and Information Exchange: Suppliers are able to access a streamlined compliance portal for submission of questionnaires to assess their risk. The questionnaire is specifically designed to be as easy as possible for suppliers to complete and dynamically presents additional questions only where potential risk exposure is identified.
- Configurable Analytics Dashboard: Streamline stakeholder and regulatory risk reporting with instant access to information regarding the breadth of your supply chain, average supplier risk score and distribution along with key risk measures and metrics/
- Comprehensive Third Party Data Repository with full referenceable Event Log to evidence compliance
How ethiXbase Manages Lieferkettengesetz Requirements
There are a number of specific requirements designated by the Lieferkettengesetz which can be effectively managed based on the ethiXbase risk assessment programme. The programme was developed and has been successfully applied by numerous companies for Modern Slavery Legislation in other jurisdictions and has been extended to the additional comprehensive human rights and environment-related risks of the Lieferkettengesetz.
Establishing a risk management system
According to Lieferkettengesetz, applicable organisations have an “obligation to implement an appropriate and effective risk management, which is to be anchored in all relevant business processes through appropriate measures.” The first step in the adoption of a risk management programme is to understand the risks that exist within a business’s operations and supply chains.
To assist with the risk assessment, companies can utilise the full coverage of the ethiXbase 360 risk management solution. It meets the compliance needs of the Act by establishing a thorough risk management system that is strategically integrated throughout internal operations, while equipping end-to-end automation that simplifies the processes for compliance professionals and reduces opportunities for human error.
Once the risks are defined, then a programme can be developed and embedded throughout the business to manage that risk.
Performing regular risk analysis
Another Lieferkettengesetz requirement includes an “obligation to carry out an appropriate risk analysis in order to assess the risks in the own business and with direct suppliers.” The ethixbase 360 platform allows clients to set and compare risk reporting periods and complete regular reviews of suppliers using the questionnaire. This allows clients to track changes over time at both a macro and micro level facilitation reporting on the effectiveness of their measures within their supply chain. In addition to the questionnaire, organisations can satisfy ongoing monitoring requirement by utilising the analytics dashboard of the ethiXbase 360 platform. The dashboard continuously monitors your third parties and those of your affiliated group companies and alerts you to any status changes as soon as they arise while displaying critical data in a comprehensive, user-friendly interface. The ethiXbase platform is unique in that it not only collects and analyses relevant data, but it also uses that analysis to develop useful insights for next steps and risk remediation.
Development of preventive measures
A third requirement under the Act is the “obligation to take appropriate preventive measures without delay in the event of risks identified.” Germany, among other countries that have enacted national human rights and environmental due diligence legislation, has embarked on a shift toward prioritising proactive measures rather than only reactionary ones. Utilising our Communication module, organisations can comply with this requirement by delivering questionnaire content, communications, policies and training based on identified risk and improvement areas with third parties. This helps to provide third parties with clarity around what steps to take if they witness misconduct through training, policies, and a process to report.
Documentation and reporting
Finally, the Lieferkettengesetz requires companies to “publish an annual report on the company’s website.” The ethiXbase 360 platform satisfies this compliance requirement by thoroughly collecting relevant data, organising the information required for reporting, and publishing timely reports on supply chain due diligence initiatives.
The ethiXbase 360 platform has demonstrated success in helping organisations meet the requirements of numerous Environmental, Social and Governance focused legislation across the globe. One recent example is in regards to human rights legislation such as modern slavery. Anglicare, a renowned Australian community service organisation, needed a comprehensive risk management system to establish compliance with Australia’s Modern Slavery Act. In collaboration with Norton Rose Fulbright, ethiXbase provided a solution for Anglicare that developed criteria for screening suppliers in compliance with the Australian Modern Slavery Act, created a compliant and meaningful Modern Slavery Statement, and facilitated stakeholder and supplier buy-in for the modern slavery supply chain risk assessment questionnaire. It is worthy of note that the ethiXbase Modern Slavery solution has also been designed in conjunction with Norton Rose Fulbright and the methodology for this solution has provided the basis for the Lieferkettengesetz solution which has been further expanded to cover environmental and other risks.
Exceed Lieferkettengesetz Requirements with ethiXbase
With the looming deadline for enforcement of the Act on January 1, 2023, applicable organisations have no time to waste. ethiXbase is equipped with the technology, solutions, and industry expertise to help companies establish risk management processes and align their protocols with Lieferkettengesetz requirements. Partner with ethixbase to navigate the compliance requirements of Lieferkettengesetz with confidence.