This website uses cookies so that we can provide you with the best user experience possible. Our Cookie Notice is part of our Privacy Policy and explains in detail how and why we use cookies. To take full advantage of our website, we recommend that you click on “Accept All”. You can change these settings at any time via the button “Update Cookie Preferences” in our Cookie Notice.
Technical cookies are required for the site to function properly, to be legally compliant and secure. Session cookies only last for the duration of your visit and are deleted from your device when you close your internet browser. Persistent cookies, however, remain and continue functioning on repeat visits.
CMS does not use any cookie based Analytics or tracking on our websites; see details here.
Personalisation cookies collect information about your website browsing habits and offer you a personalised user experience based on past visits, your location or browser settings. They also allow you to log in to personalised areas and to access third party tools that may be embedded in our website. Some functionality will not work if you don’t accept these cookies.
The Supply Chain Due Diligence Act (Lieferkettensorgfaltspflichtengesetz – LkSG) and the Whistleblower Protection Act (Hinweisgeberschutzgesetz – HinSchG) are now in force, after a lengthy legislative process. They aim to prevent breaches of human rights and environmental protection legislation in supply chains, and to protect whistleblowers who report abuses. Both laws seek to achieve a more sustainable world by imposing a wide range of demands on compliance departments, management teams and companies as a whole. When the new regulations come to the attention of our clients for the first time, the practical question as to how to implement them is a typical response. The legislation stipulates objectives and (minimum) requirements, but how can they best be incorporated into existing structures? What changes are needed in order to comply with the rules?
Against this backdrop, our client initially wanted us to explain the exact implications of these laws. The goal was to be in a position to integrate tailored solutions into the company’s day-to-day operations either alone, or with our aid where necessary.
The aim of our advice was not to draw up a theoretical master plan that defines the “how” in categorical terms, but rather to be guided by the reality of the company’s situation, to respond to the client’s most urgent needs and to arrange the timeline of measures accordingly.
One of the first questions facing our client was: Does the LkSG actually apply to us? Answering this question is more difficult than it seems when you look at the details. The LkSG applies to companies above a certain number of employees, but how are they counted in practice? What does the LkSG mean by a “parent company with determinative influence”? Employees of the subsidiaries must be added to the headcount of such companies. Our case did not involve such a parent company, so subsidiaries were not regarded as falling within the sphere of responsibility of the company’s own business activities but are treated instead as suppliers.
The initial assessment was followed by an internal training course, which we conducted as an in-person event for around 15 employees. This was based on the belief that the more informed employees are about the content and requirements of the law, the easier it will be for the company to implement it. The course was also able to serve as a prototype for further training to be offered to the company’s suppliers. A second training session is planned at a later date to deal with the various questions that arise in the meantime.
The LkSG provides for a clear allocation of responsibilities and suggests that a Human Rights Officer be appointed. The client’s Compliance team and our lawyers put their heads together to formulate the duties of this position with the necessary clarity and precision and to structure them appropriately. The role is now filled by an internal employee who acts independently and benefits from useful previous experience. Drawing on existing expertise is generally preferable as a compliance method, and in a best-case scenario also leads to synergies by connecting different areas of the company.
An integral component of LkSG compliance is carrying out an (annual) risk analysis. Risks and any need for action can only be revealed by carefully observing the status quo. A thorough risk analysis requires time and human resources, but is the starting point for many company-internal measures required under the LkSG. With our support, the client developed a process description that sets out the “roadmap” for the LkSG analysis and will be implemented shortly. Here again, it was possible to draw on existing experience within the organisation. It would be difficult for company management to develop the policy statement required by the LkSG without first carrying out this risk analysis. Model statements that make a vague and general commitment to human rights and environmental protection are not fit for purpose and do little to really embed these values in the corporate culture. Accordingly, we assisted our client with drafting the policy statement based on the identified risks that the company and its industry face.
With a good grounding in the LkSG and a focus on potential risks, the client felt well equipped to ensure compliance with the LkSG by adapting and improving existing compliance tools, such as a business partner checklist. This questionnaire is sent to customers and suppliers, and is part of a balanced LkSG risk management system. A complaints system is also under development to handle reports of LkSG violations. The Compliance and HR departments are now working on raising awareness of LkSG compliance among new employees during the onboarding process. The Code of Conduct for Suppliers is also being adapted with our assistance. CMS acted as advisor in the context of this instruction, responding flexibly to the company’s specific circumstances and needs. We were also able to make several suggestions concerning organisational aspects and wording, as well as reviewing the company’s ideas to ensure they were legally sound. This resulted in a rewarding long-term collaboration that combines legal expertise with practical business aspects.
Alongside gearing up for LkSG compliance, our client was faced with the HinSchG, which guarantees whistleblower protection and requires an internal reporting office to be set up. In this case, CMS took on the role of ombudsman/reporting office. As an independent organisation external to the company and with a professional obligation to maintain confidentiality, it is ideally suited to this role. In addition, our client is deploying a digital reporting tool that makes it easier to receive and structure tip-offs. We used a flow chart to summarise the processes in a clear and easy-to-understand way.
There are an increasing number of (EU) regulations covering the wide field of sustainability compliance. The associated legal environment is also subject to dynamic change (an amendment to the current LkSG, for example, will be triggered at the latest by the EU’s proposed supply chain legislation – the Corporate Sustainability Due Diligence Directive), which will make it necessary to translate (new) legal text into corporate reality on an ongoing basis. This calls for creative solutions from businesses and the law firms that advise them.
CMS Germany is your expert for all corporate compliance issues. We provide support both as an outsourced legal department and to complement your own in-house lawyers.
We advise companies across all industries, sectors and legal forms, developing customised solutions. Our service portfolio:
Write us a message and we will get in contact.
Thank you for contacting us. We will get back to you soon.
Social Media cookies collect information about you sharing information from our website via social media tools, or analytics to understand your browsing between social media tools or our Social Media campaigns and our own websites. We do this to optimise the mix of channels to provide you with our content. Details concerning the tools in use are in our privacy policy.