New due diligence obligations under the German Supply Chain Due Diligence Act

Anna Wolf-Posch
Agnes Lackenberger, LL.M.


New due diligence obligations under the German Supply Chain Due Diligence Act

The "Act on Corporate Due Diligence Obligations in Supply Chains" (Gesetz über die unternehmerischen Sorgfaltsverpflichtungen in Lieferketten; hereafter "Supply Chain Due Diligence Act") entered into force in Germany on 1 January 2023. The Supply Chain Due Diligence Act obliges companies that have their head office, principal place of business, administrative headquarters, registered office or a branch office in Germany to respect certain human rights and environmental due diligence obligations. Due to strong trade relations with Germany and in light of the EU Supply Chain Directive currently being negotiated, Austrian companies are urged to scrutinise and, as far as possible, adhere to these obligations.

Scope of application

The Supply Chain Due Diligence Act applies to companies that have their head office, principal place of business, administrative headquarters, registered office or a branch office in Germany.

As of 1 January 2023, the law applies to companies employing at least 3,000 people in Germany. From 2024, the threshold will be lowered to include companies with at least 1,000 employees in Germany.

In the case of group companies, the employees of all group companies are to be included and temporary workers must also be taken into account if their period of employment exceeds six months.

The thresholds are high compared to the current proposal at the EU level. However, it can be assumed that many Austrian companies will be indirectly impacted by the German initiative, as even smaller suppliers in the supply chain will have no choice but to comply with the requirements applicable to German customers.

The due diligence obligations

The Supply Chain Due Diligence Act obliges companies to meet human rights and certain environmental due diligence obligations adequately within their supply chain. The due diligence obligations to be met are ranked based on the actual possibilities to exert influence, depending on whether it concerns the company's own business area, an indirect supplier or a direct contractual partner.

Specifically, the due diligence obligations for companies include:

  • establishing a risk management system and conducting a risk analysis;
  • adopting a declaration of principles regarding the corporate strategy on environmental protection and human rights;
  • establishing preventive measures;
  • taking remedial action when infringements are identified;
  • establishing a complaints procedure; and
  • introducing documentation and reporting obligations regarding the fulfilment of due diligence obligations.

The purpose of risk management is to detect and identify human rights violations and environmental damage at an early stage and to place companies under an obligation to take remedial action. The German Federal Office for Economic Affairs and Export Control is responsible for enforcing the law.

Complaints procedure

The Supply Chain Due Diligence Act provides for the mandatory introduction of a complaints system. The complaints system is intended to enable third parties who become aware of a violation of a protected legal position to draw attention to that same violation. The complaints system must respect the requirements of confidentiality and the principles of data protection.


Under the legislation, fines of up to two percent of annual group turnover can be imposed for violations of the obligations.

Furthermore, companies can be temporarily excluded from public contracts. However, unlike the draft EU directive, the German legislation does not provide special rules for civil law damage claims.


Although the Supply Chain Due Diligence Act is aimed primarily at German companies, many Austrian companies are also affected because of their contractual relationships to German companies within the scope of the Act. It is now advisable for companies to divide responsibilities and tasks clearly and carry out a systematic audit of the manufacturing of products, the individual suppliers and the use of services.

It should be noted that at present a new compliance pillar is developing around the topic of supply chains. This is in keeping with the increasing regulatory enforcement of ESG aspects (see, for example, the regulatory enforcement of rules to avoid "greenwashing" in EU member states such as the Netherlands, Hungary and in the former EU member state the United Kingdom). The demands placed on corporate compliance systems to help avoid fines, reputational damage and other negative effects of regulatory proceedings, as well as civil law claims, will therefore continue to increase.

CERHA HEMPEL advice: Ensure compliance with existing supply chain regulation and prepare for compliance with upcoming supply chain regulation!

Please do not hesitate to contact us should you have any queries.