In this blog, we examine which businesses will be affected by the German Supply Chain Due Diligence Act (SCDDA) and what they need to do in order to comply with this far-reaching piece of legislation.

In recent years, human rights violations across supply chains have been increasingly exposed, leading to more jurisdictions taking regulatory action. As a direct result, 2023 will see the introduction of a swathe of new legislation aimed at increasing transparency on human rights offences.

In December 2022, the European Council adopted a draft of the European Supply Chain Act, which will go before the European parliament in May of 2023. Once the Act has been passed, it is widely expected that member states will have two years to bring it into law.

Meanwhile, Germany has stolen the march on this wider EU legislation by introducing the Gesetz über die unternehmerischen Sorgfaltspflichten in Lieferketten (LkSG) or German Supply Chain Due Diligence Act (SCDDA), which came into full force on January 1, 2023.

What the German Supply Chain Due Diligence Act entails

This is a major step forward in environmental, social, and governance (ESG) accountability as all German companies will now be held legally responsible for respecting human rights across their global supply chains.

While the act has a strong emphasis on social aspects of ESG, it also takes into account environmental risks and their impact on health. So, the SCDDA also requires companies to comply with international agreements aimed at limiting the harm caused by pollutants, toxic chemicals, and hazardous waste, such as the Minamata and Basel Conventions.

If your business operates in Germany, below is a summation of what you need to know, so that you can strengthen your compliance processes and procedures to meet the new due diligence obligations covered by this Act.

Even if you do not operate in Germany, it is important to note that the Act will have a cascading effect. SMEs not currently in-scope are likely to be affected in due course, as larger enterprises pass on the due diligence obligations imposed on them to their suppliers.

Furthermore, with the European Supply Chain Act just around the corner and other major jurisdictions likely to follow suit, it will be far easier for your business to comply if it has already fulfilled the obligations set out by the SCDDA.

Who will be affected by the Act? 

The SCDDA applies to all enterprises that have their central administration, principal place of business, administrative headquarters, statutory seat, or main branch office located in Germany.

The Act is being rolled out in two distinct phases.

From January 01, 2023  the Act applies to enterprises based in Germany with over 3,000 employees, or German-registered branches of foreign enterprises with more than 3,000 employees. The total employee count also includes personnel posted abroad for domestic companies, while group companies are included in the calculation of the number of employees of the parent company. The Act considers employees to be any worker with an employment contract for longer than six months. This criterion applies to around 600 companies.

From January 01, 2024 the scope will broaden to enterprises based in Germany that employ more than 1,000 employees, or German-registered branches of foreign companies with more than 1,000 employees. This criterion will apply to approximately 2,900 companies.

What enterprises will need to do to comply 

The supply chain covers all the products and services that an enterprise provides, both in Germany and abroad, that are necessary to produce a product or provide a service.

The SCDDA specifically categorises three separate actions every enterprise is responsible for:

  1. The actions of an enterprise in its own area of operations.
  2. The actions of direct suppliers.
  3. The action of indirect suppliers.

Any business that is covered by these criteria will be required to comply with a wide range of environmental and human rights standards in their supply chains.

They will be required to monitor and act on violations both within their own operations, as well as those of their suppliers. From the extraction of raw materials right through to the delivery of the goods to the customer, regardless of whether it was performed in Germany or abroad.

This also includes the development of a risk management process for compliance, taking preventive as well as remedial measures, and establishing a grievance mechanism. Furthermore, the law requires ongoing documentation and reporting, while violations will be subject to punitive fines.

It means that as the pressure increases on companies to be fully aware of what is happening upstream, supply chains will now demand the same attention as financial transactions. And like financial regulations, failure to comply can result in punitive fines, investor backlash, and damage to an organisation’s reputation.

The key dates in the implementation of the Act

  • June 2021 – the German parliament passes the Gesetz über die unternehmerischen Sorgfaltspflichten in Lieferketten (LkSG) or the German Supply Chain Due Diligence Act (SCDDA), requiring large enterprises to carry out supply chain due diligence
  • February 2022 – The European Commission adopts the proposal for a Directive on corporate sustainability due diligence
  • October 2022 – the EU adopts the Corporate Sustainability Reporting Directive (CSRD)
  • January 2023 – SCDDA regulations come into force for enterprises with more than 3,000 employees
  • January 2024 – SCDDA regulations will come into force for enterprises with more than 1,000 employees
  • 2024 – Enterprises must report under the Corporate Sustainability Reporting Directive (CSRD) in line with the mandatory EU sustainability reporting standards
  • 2026 -The German government will carry out an evaluation of the SCDDA’s effectiveness

The scope of the Act 

Risks related to human rights.

A risk related to human rights is defined as a situation in which there is a sufficient degree of probability based on factual indications that a violation of one of the following prohibitions will occur: 

  • Employing a child of 15 years or younger 
  • The worst forms of child labour of children under the age of 18 in accordance with the ILO Convention on Worst Forms of Child Labor, 1999 (No. 182) 
  • Forced labour 
  • All forms of slavery or similar practices of domination or oppression at work 
  • Disregarding the local applicable rules on workplace safety and working conditions if this could lead to workplace accidents or work-related health risks 
  • Disregarding freedom of association 
  • Employment discrimination 
  • Wage discrimination 
  • Acts which cause harmful changes to soil, pollutes water, pollutes air, causes harmful noise emission, the overconsuming of water, severely impairing the natural resources needed to preserve or produce food, denies access to drinking water, destroys or impedes access to hygiene facilities, or has harmful effects on human health 
  • Those who acquire, develop, or otherwise use land, forest, or water from unlawfully evicting persons from or depriving them of the use of such land, forest, or water when those persons are dependent on the land, forest, or water for their livelihood. 
  • Commissioning or using private or public security forces to protect a business project if, due to a lack of control, the security forces will infringe the prohibition on torture, harm life or limb, or interfere with freedom of association and the right to collective bargaining. 
  • An action or inaction that is directly capable of infringing a protected legal interest in a particularly serious manner and whose illegality is obvious, taking into account all circumstances. (§ 2, para. 2.) 

Risks related to the environment.

A risk related to the environment is defined as a situation in which there is a sufficient degree of probability based on factual indications that a violation of one of the following prohibitions will occur: 

  • The manufacture of mercury-added products in accordance with article 4, paragraph 1 of the Minamata Convention. 
  • The use of mercury or mercury compounds in manufacturing processes in accordance with article 5, paragraph 2 of the Minamata Convention after the phaseout date. 
  • The handling of mercury waste contrary to the requirements of article 11, paragraph 3 of the Minamata Convention. 
  • The production and use of chemicals according to article 3, paragraph 1, letter a of the Stockholm Convention on Persistent Organic Pollutions (POPs Convention). 
  • The non-environmentally sound handling, collection, storage, and disposal of chemical waste contrary to the requirements of article 6, paragraph 1, letter d of the POPs Convention. 
  • The export of hazardous wastes and other wastes according to article 1, paragraphs 1 and 2 of the Basel Convention to a state party that prohibits the import of such wastes, to an importing state that does not consent in writing to the specific import, to a nonstate party, or to an importing state where the wastes will not be managed in an environmentally sound manner. 
  • The export of hazardous wastes from states listed in annex VII of the Basel Convention to states not listed therein. 
  • The import of hazardous wastes and other wastes from nonstate parties of the Basel Convention. (§ 2, para. 3.) 

Due diligence procedures.

Enterprises within the scope of the act must set up each of the following due diligence procedures to safeguard human rights and the environment in their global supply chain: 

  • Establish a risk management system. 
  • Define internal responsibility for compliance with the risk management system—for example, by appointing a human rights ombudsperson. 
  • Carry out regular risk analyses. 
  • Adopt a policy statement on the company’s general human rights strategy. 
  • Implement preventive measures in the company’s own business area, which includes the activities of subsidiaries, if the parent company exerts “decisive influence,” and vis-à-vis its direct suppliers. 
  • Take remedial actions if a violation has already occurred or is imminent. 
  • Set up an internal complaints procedure. 
  • Establish due diligence procedures regarding risks associated with indirect suppliers that will be applied when the company has substantiated knowledge of a violation. 
  • Document the company’s due diligence procedures, risks identified, and measures taken, and then publish a yearly report on its website, which must be free of charge and publicly available. (§ 3.) 

Sanctions and Legal Action.

Enterprises that violate the act are not civilly liable. (§ 3, para. 3.) However, they can be fined depending on the severity of the violation. Large enterprises with an annual global turnover of over €400 million (approx. US$475 million) can be required to pay fines of up to 2% of their annual global turnover. (§ 24.) Furthermore, companies that have been fined a minimum of €175,000 (approx. US$208,000) can be excluded from public procurement for up to three years. (§ 22.) 

When a person’s ‘legal interest of paramount importance’ protected in one the international agreements listed in the annex to the Supply Chain Due Diligence Act has been violated, that person may authorise a nongovernmental agency or trade union to sue on his or her behalf. (§ 11.) Such protected legal interests of paramount importance include life and limb. (Explanatory memorandum at 52.) 

Scope of Act content courtesy of The Library of Congress. 

Help is at hand 

If you require assistance complying with any existing or future supply chain regulations, we can take you through the process to ensure you meet your due diligence obligations. 

To find out just how RiskScreen’s onboarding and screening solutions can transform your compliance programme in order to meet both existing and future obligations, request a discovery call today.  


Most Popular

The latest in AML & KYC

Subscribe: Weekly AML Round-up

The latest financial crime and compliance content that matters, direct to your inbox.

More from the Blog

Fintechs: Know your AML vulnerabilities!

As regulators increase their scrutiny of fintechs, not only does this raise the risk of regulatory action and punitive fines, it can also lead to reputational damage and even prevent an otherwise promising early-stage business from fulfilling its potential.

At RiskScreen we work with hundreds of companies around the world from a wide range of sectors – both regulated and unregulated.

Any screening technology is only as good as its underlying data. That’s why we work to find the best providers, ensuring you get screening matches you can trust.


The latest news, commentary and events from RiskScreen. For industry insight, visit our AML insight hub, KYC360.

Used by over 30,000 compliance professionals for AML news & analysis. Free CPD wallet.


RiskScreen was founded by experts in financial crime. It’s because of this unrivalled subject matter expertise that companies choose to partner with us.