Germany’s parliament has passed a new corporate due diligence act. The “Act on Corporate Due Diligence in Supply Chains” will take effect in 2023 for companies with 3,000 or more employees and 2024 for companies with 1,000 or more employees.
Watch the webinar: ESG EU Privacy Landscape and German Due Diligence
The German Corporate Due Diligence Act requires due diligence in combating human rights violations throughout business’ supply chains and introduces a shift to mandatory compliance with international norms on labor exploitation.
What are the operational requirements of the Germany Corporate Due Diligence Act?
This new law requires companies to identify risks of human rights violations and environmental destruction at direct suppliers and, if necessary, also at indirect suppliers. Key obligations include:
- Establishment of risk management and implementation of a risk analysis
- Adoption of a declaration of principle for the corporate human rights strategy
- Anchoring preventive measures in your own business area and in relation to direct suppliers
- Immediate taking of remedial measures if legal violations are found
- Establishing a complaint procedure in the event of legal violations
- Documentation and reporting requirements for the fulfillment of due diligence
Companies must take countermeasures and document to the Federal Office for Economic Affairs and Export Control (BAFA) that they have upheld these key obligations. If these are not upheld, companies may face termination by their customers if they cannot implement the appropriate remediation measures.
How is the German Corporate Due Diligence Act enforced?
If companies fail to implement operational requirements or act on violations under the German Corporate Due Diligence Act, BAFA can issue fines up to two percent of the company’s yearly global revenue. Additionally, any company found to be in violation of the act may be excluded from public procurement for up to three years.
Watch the webinar: ESG EU Privacy Landscape and German Due Diligence
How can OneTrust support compliance with the German Corporate Due Diligence Act?
OneTrust’s solutions can help you comply with Germany’s new Corporate Due Diligence Act, including:
- OneTrust GRC: Calculate risk suited to your reporting efforts with customizable risk scoring. Gain a complete, measured view of your risk exposure with threat and vulnerability libraries, and identify and update risk records with auto-risk flagging.
- OneTrust Vendorpedia: Leverage automation workflows to manage every third party, vendor, and supplier engagement, from onboarding to offboarding. Assess any type of third party, using any standard – all while giving you the capabilities to discover, remediate, and monitor granular risks in a single dashboard.
- OneTrust Ethics and Compliance: Create and administer whistleblowing and complaint webforms with a user-friendly, click-to-configure builder. Choose from multiple intake methods, including mobile intake, an automated hotline, and a manned hotline, while leveraging an anonymous, encrypted portal, providing a secure place to communicate with the case handlers. Cases are triaged via intelligent routing rules and workflows to the appropriate investigators, who can then manage the case via the collaborative case management console.
The German Corporate Due Diligence Act will become law in 2023 for companies with 3,000 or more employees and 2024 for companies with 1,000 or more employees. For the latest insight, be sure to register for the webinar on date, or to find out more about how OneTrust can support your organization’s compliance needs request a demo today.
Follow OneTrust on LinkedIn, Twitter, or YouTube for the latest on the German Corporate Due Diligence Act.
