Recent sustainability legislations and regulations make due diligence a business imperative for effective supply chain management. Increasingly, regulations and local government bodies are regulating how enterprises must approach, operate, and report on their supply chain operations, both directly and within their extended value chain. While our earlier blog post on ESG initiatives discussed sustainability of the supply chain in general, in this article, we'll delve into the German Supply Chain Due Diligence Act (SCDDA, and in German, Lieferkettensorgfaltspflichtengesetz or LkSG) and explore:
While this discussion primarily focuses on the manufacturing industry, including hi-tech, retail, and CPG sectors, it offers valuable insights for any businesses that need to comply with the German Supply Chain Due Diligence Act. The content draws from Grid Dynamics' expertise in supply chain, custom development, and digital transformation, highlighting the role of technology in response to the act's implications.
The German Supply Chain Due Diligence Act (SCDDA) broadens the scope of corporate responsibility beyond their immediate business operations to encompass both their direct and indirect suppliers. Companies are required to demonstrate that they have taken appropriate measures and made every effort to prevent human rights violations within their supply chain.
Starting on January 1, 2023, the act applies to companies with a workforce of at least 3000 employees, and as of January 1, 2024, it will also impact companies with 1000 or more employees operating in Germany. These obligations extend to various categories of employees, including those posted abroad, part-time employees, senior staff, and special groups such as individuals on probation or maternity leave. Furthermore, the act encompasses all forms of affiliated enterprises as defined by the Stock Corporation Act, section 15, thereby making its obligations relevant for companies indirectly falling under this purview.
This leads us to consider a series of changes that enterprises and multinational companies with branches registered in Germany must incorporate to ensure compliance. Let's explore these changes in more detail.
The SCDDA necessitates companies to enact updates in three primary areas to mitigate or prevent human rights-related and environment-related risks. These areas of change are as follows:
Table 1: Changes introduced by the German Supply Chain Due Diligence Act, categorized by areas
The act delineates various risks that may arise within the supply chain while fulfilling obligations related to the protection and respect for human rights. These risks encompass the prohibition of child labor, slavery, forced labor, occupational safety, freedom from discrimination, and more. Additionally, the act addresses certain environmental risks that can lead to human rights violations, as outlined in international agreements such as:
Companies are mandated to submit an annual report documenting their compliance with due diligence obligations. It is likely that a majority of affected enterprises are already in the process of implementing these changes. Let's now discuss potential challenges that may hinder timely fulfillment of these obligations.
When considering the extensive data collection required across various channels, it becomes evident that technology represents the most vulnerable aspect of the implementation plan. But why is this the case?
Risk analysis relies heavily on data, and accurate decision-making necessitates precise inputs. Reporting, too, depends on verifiable and trustworthy information. It's important to recognize that the majority, if not all, of the obligations associated with the SCDDA require comprehensive data analysis and increased digitization to ensure their fulfillment
Companies are indeed taking steps to implement necessary changes. However, due to the timeline involved, the technology domain proves to be the most challenging in terms of both ensuring that all required updates are in place and allowing sufficient time for testing and the rollout of new technology and integrations.
Therefore, let's delve into the essential technological solutions required to effectively track, analyze, and report compliance with the SCDDA.
From a technical perspective, cloud modernization, data lakes, analytics and risk assessment can be used as enablers of SCDDA compliance. As previously discussed in the redesigning supply chain for resilience article, some practices are widely acknowledged as best-in-class. However, there exists a certain reluctance when it comes to investing in these practices. Consequently, this hesitance can impact both the scope and timeliness of implementation, leading to delayed responses and missed opportunities.
This hesitation is, nonetheless, understandable, given the constant competitive pressures and the need to allocate operational and financial resources across conflicting priorities. Therefore, the following sections will delve into specific technological applications that not only empower compliance with regulations but also contribute to strengthening overall operations.
Digital transformation plays a pivotal role in transitioning away from paper-based processes, implementing supplier self-service tools, and establishing automation to identify gaps and risks within the supply chain. Shifting towards cloud-based solutions and advanced technologies not only addresses the requirements of the SCDDA but also enhances overall business efficiency.
Here are several areas where digital transformation is particularly relevant for achieving compliance with SCDDA regulations:
It's important to note that each of these areas serves as a pillar for optimizing overall operations. For instance, consider the case study, Loss prevention with AI-powered IoT analytics platform, which uncovered projected revenue opportunities totaling $250 million. This underscores the significant potential benefits of digital transformation across various facets of the supply chain.
Effective management of suppliers and direct customers necessitates the use of advanced decision support tools. As an integral component of a compliance strategy for the German Supply Chain Due Diligence Act, it is imperative to develop intelligent tools that harness machine learning (ML) and optimization algorithms. These tools are designed to identify the most efficient sourcing and logistics options, representing a crucial undertaking.
Companies can adopt this approach as they conduct risk due diligence on targeted suppliers within their supply base, categorizing them by country, commodity, and other relevant factors while digitally mapping the supply chain. This comprehensive method ensures that regular risk analyses encompass the diverse landscape, including the parent company and direct suppliers. The primary focus should be on segments that are most susceptible to human rights-related, labor rights-related, or environmental violations or damage.
By collecting data directly from the source, the monitored information should be consolidated into a comprehensive insights dashboard. This dashboard should feature automated alerting mechanisms based on critical event-based signals. Consequently, responsible personnel will have the means to promptly assess risks and devise preventive measures in response.
As companies establish a centralized supplier repository to meet the requirements of SCDDA and integrate it into various enterprise systems, they encounter integration challenges inherent in diverse and heterogeneous corporate IT landscapes.
Consider, for instance, the documentation and reporting obligations stipulated by the SCDDA: "The fulfillment of the due diligence obligations pursuant to section 3 must be continuously documented within the enterprise." Breaking this down into specific areas covered by the act, risk analyses, tracking, and management encompass:
This list is by no means exhaustive, as it does not account for the supplier systems involved.
As mentioned in the "Accelerate digital transformation" section above, such integration efforts serve not only to ensure data accuracy, establish a robust audit trail, and enhance visibility for regulatory reporting but also to drive efficiency, scalability, and the management of supplier relationships within the broader supply chain context.
Explore more in-depth material on this topic in the Supply chain monitoring for proactive supplier risk management article.
To effectively address the risk assessment and due diligence aspects of the source-to-pay process, companies must customize risk views and alerts to align with their specific business needs, individual supplier relationships, and various roles within the organization. These tailored views should be accessible to authorized personnel who may be affected and should provide sufficient contextual information for making informed decisions regarding preventive measures without undue delay. Implementing this functionality would entail the following steps:
The alerting system must be designed to be highly efficient, minimizing the effort required to review false positive cases, particularly given the relative rarity of risk events. The conceptual workings of such a system are depicted in Figure 2:
While this article examines the technology requisites pertaining to the SCDDA regulations, this section gathers some prominent summaries of key questions and answers about the act itself.
The German Supply Chain Due Diligence Act, also referred to as SCDDA and Lieferkettensorgfaltspflichtengesetz (LkSG), aims to reduce environmental impact and prevent human rights violations within the global supply chains of companies. The Act came into effect in January 2023 and currently applies to companies with more than 3,000 employees. However, starting in 2024, it will also encompass companies with more than 1,000 employees, including their direct suppliers. This expansion means that a significant number of global companies and their suppliers will fall under its purview.
Compliance with the German SCDDA is not limited to German companies; it extends to global companies with a substantial presence in terms of the number of employees or branch offices. Subsidiaries of foreign groups must also adhere to the Act's due diligence obligations
The SCDDA mandates that companies implement measures not only within their own business areas but also concerning their direct suppliers and, in certain cases, even their indirect suppliers, particularly if there are indications of violations. In summary, it requires the following:
Noncompliance with SCDDA requirements can result in:
The number of acts, regulations, and government-led initiatives for environmental, social, and governance grows constantly. You can find some overarching lists at Corporate sustainability due diligence (from the European Commission) and Federal Sustainability Requirements and Guidelines. For specific laws or regulations, visit official resources for up-to-date information on requirements.
No two supply chains are identical, and the extent of their impact under SCDDA likely varies from case to case. Consequently, it's highly probable that companies will approach the fulfillment of the Act's obligations with caution.
However, regardless of the unique circumstances, there are several critical points to consider when integrating the regulatory changes introduced by the new supply chain act:
Grid Dynamics offers over 16 years of experience in developing cloud-native applications, a track record of creating effective dashboards and alert systems, and expertise in intelligent AI/ML tools. We are here to assist you in this journey.
Feel free to reach out to our technical and thought leadership teams to discuss your specific business case, explore value-driven solutions, and achieve rapid results. We draw upon our expertise in supply chain excellence and a history of successful implementations, spanning various project sizes.