Search
deen

Legal Advice

Duties related to the supply chain - Action guide for small and medium-sized enterprises

Due to the Supply Chain Due Di­li­gence Act (in short LkSG) that has been in ef­fect since 1 Ja­nu­ary 2023, af­fec­ted com­pa­nies must ful­fill new and far-re­aching ob­li­ga­ti­ons. A cen­tral re­qui­re­ment is the per­for­mance of a risk ana­ly­sis and the im­ple­men­ta­tion of an ap­pro­priate and ef­fec­tive risk ma­nage­ment sys­tem with the aim of iden­ti­fy­ing, pre­ven­ting, eli­mi­na­ting, or at least mi­ni­mi­zing the ex­tent of hu­man rights and en­viron­men­tal risks along their supply chains. In ad­di­tion, the Supply Chain Due Di­li­gence Act ef­fec­tively ob­li­ga­tes com­pa­nies to es­ta­blish a whist­leb­lo­wer sys­tem for the pro­tec­ted re­por­ting of risks and le­gal vio­la­ti­ons.

Cur­rently, the ob­li­ga­ti­ons af­fec­ting com­pa­nies are ex­clu­si­vely ba­sed on the na­tio­nal Supply Chain Due Di­li­gence Act - howe­ver, with the so-cal­led Cor­po­rate Sus­tai­na­bi­lity Due Di­li­gence Di­rec­tive (short CSDDD), fur­ther tigh­te­ning at the na­tio­nal le­vel is th­rea­te­ned at the EU le­vel, which me­dium-si­zed com­pa­nies also must pre­pare for at an early stage.

© iStock

Current national regulations: The Supply Chain Due Diligence Act

Which companies are affected by the LkSG?

Since 1 Ja­nu­ary 2024, the re­gu­la­ti­ons of the Supply Chain Due Di­li­gence Act ap­ply di­rectly to all com­pa­nies re­gard­less of their le­gal form, with head­quar­ters or (branch) of­fices in Ger­many, if they em­ploy 1,000 or more em­ployees. This can also af­fect do­mestic com­pa­nies of for­eign groups.

When de­ter­mi­ning the num­ber of em­ployees, a group clause ap­plies, which me­ans that the em­ployees of all group com­pa­nies em­ployed do­mesti­cally as well as those sent ab­road must be ta­ken into ac­count. The at­tri­bu­tion of em­ployee num­bers is done from the bot­tom up to the top group pa­rent. Es­pe­cially in cen­trally or­ga­ni­zed group struc­tures, a com­pany-wide ap­proach to im­ple­men­ting the re­qui­re­ments of the LkSG is re­com­men­ded.

Note: Even if some me­dium-si­zed com­pa­nies are not di­rectly af­fec­ted by the LkSG due to the th­res­hold va­lue for the scope of ap­pli­ca­tion, they may be in­di­rectly af­fec­ted by the fact that they have to ac­count for hu­man rights and en­viron­men­tal due di­li­gence ob­li­ga­ti­ons wi­thin the supply chain to the com­pa­nies ob­li­ged by the LkSG.

The LkSG ap­plies to com­pa­nies ba­sed in Ger­many re­gard­less of their le­gal form. It also ap­plies to non-pro­fit com­pany forms, le­gal en­ti­ties of pri­vate law in pu­blic hands, and le­gal en­ti­ties of pu­blic law, pro­vi­ded they do not ex­clu­si­vely per­form ad­mi­nis­tra­tive tasks of a lo­cal aut­ho­rity and are com­mer­ci­ally ac­tive in the mar­ket.

Note: Lo­cal aut­ho­ri­ties, on the other hand, can­not them­sel­ves be ob­li­ga­ted un­der the LkSG.

What is meant by a supply chain?

The supply chain wi­thin the mea­ning of the LkSG in­clu­des "all steps in Ger­many and ab­road that are ne­cessary to ma­nu­fac­ture the pro­ducts and pro­vide the ser­vices [...]", § 2 para. 5 LkSG.

Note: The term "ne­cessary" is to be un­der­stood broadly: It in­clu­des not only the ac­tual busi­ness ac­tivity but also au­xi­li­ary steps, such as of­fice supplies, buil­ding clea­ning, and can­teen ope­ra­ti­ons.

The scope of the supply chain in­clu­des di­rect suppliers (in­clu­ding trans­port ser­vices) as well as all steps of one's own busi­ness ac­tivi­ties in Ger­many and ab­road, whe­reby all group com­pa­nies must also be ta­ken into ac­count here. In­di­rect suppliers are to be in­clu­ded on an ad hoc ba­sis only in the event of sub­stan­tia­ted in­di­ca­ti­ons of vio­la­ti­ons of ob­li­ga­ti­ons or in the case of abusive be­ha­viour.

Integration of requirements into the compliance and risk management system

It is ad­visa­ble to in­te­grate the re­qui­re­ments of the LkSG into an exis­ting Com­pli­ance Ma­nage­ment Sys­tem (CMS) and to supp­le­ment the Risk Ma­nage­ment Sys­tem (RMS) with

  • the iden­ti­fi­ca­tion (risk ana­ly­sis),
  • the pre­ven­tion, and
  • the mit­iga­tion (re­me­dial mea­su­res)

of risks of vio­la­ting hu­man rights or en­viron­men­tal ob­li­ga­ti­ons.

Risk analysis

Star­ting point is the risk ana­ly­sis of re­le­vant hu­man rights and en­viron­men­tal risks in one's own busi­ness area and in the supply chain. When con­side­ring the Group's own busi­ness area, those af­fi­lia­ted com­pa­nies must also be in­clu­ded over which the pa­rent com­pany ex­erts a de­ter­mi­ning in­flu­ence. This can also af­fect for­eign com­pa­nies. The re­sults of the risk ana­ly­sis shape the ba­sic un­der­stan­ding of the com­pany's own risk dis­po­si­tion, the ne­cessary re­sour­ces to mi­ni­mize risk and the de­sign of the re­le­vant due di­li­gence pro­ces­ses and pre­ven­tive mea­su­res.

An­nual risk ana­ly­sis in one's own busi­ness area and with di­rect suppliers

An ana­ly­sis of the risks in the com­pany’s own busi­ness area and with di­rect suppliers must be car­ried out at least once a year. The fo­cus is in par­ti­cu­lar on endea­vou­ring to achieve in­cre­asing trans­pa­rency re­gar­ding the com­pany's own busi­ness re­la­ti­ons­hips. The more com­plex the struc­ture of the own busi­ness ac­tivi­ties and the supply chain are, the more time and re­sour­ces should be plan­ned for the risk ana­ly­sis. The ap­proach should fol­low a con­sis­tent me­tho­do­logy that is al­re­ady to be do­cu­men­ted in a com­pre­hen­si­ble man­ner re­gar­ding the an­nually ob­li­gatory re­por­ting.

Re­le­vant hu­man rights and en­viron­men­tal risks can be ap­proa­ched by com­pa­nies in­iti­ally th­rough an ab­stract con­side­ra­tion of the in­dus­try- and coun­try-spe­ci­fic risks in their own busi­ness area and with re­gard to busi­ness part­ners. In a se­cond step, con­crete risks with re­gard to busi­ness part­ners and com­pa­nies are then to be iden­ti­fied, eva­lua­ted in terms of the se­ve­rity of the vio­la­tion and the pro­ba­bi­lity of oc­cur­rence, and prio­ri­ti­zed. In this way, par­ti­cu­larly risky lo­ca­ti­ons or com­pa­nies in the com­pany's own busi­ness area and high-risk suppliers among the di­rect busi­ness part­ners can be iden­ti­fied. Ac­cor­ding to the LkSG, no suppliers are to be au­to­ma­ti­cally ex­clu­ded from the risk ana­ly­sis from the out­set; howe­ver, cer­tain lee­ways exist th­rough the ap­pro­priate weighting and prio­ri­tiza­tion of risks. If the com­pany's contri­bu­tion to po­ten­tial hu­man rights and en­viron­men­tal vio­la­ti­ons is to be as­ses­sed as low or com­ple­tely ab­sent, the risk can be as­ses­sed as low in the con­text of the busi­ness part­ner risk ana­ly­sis.

Ad hoc risk ana­ly­sis for in­di­rect suppliers

For in­di­rect suppliers, the risk ana­ly­sis must be car­ried out on an ad hoc ba­sis if there is sub­stan­tia­ted know­ledge of in­di­ca­ti­ons of vio­la­ti­ons of hu­man rights or en­viron­men­tal ob­li­ga­ti­ons (§ 9 para. 3 LkSG). In this case, it is suf­fi­ci­ent if the com­pany has con­crete in­di­ca­ti­ons of vio­la­ti­ons that have be­come known, for ex­am­ple, th­rough the com­plaint me­cha­nism or th­rough re­pu­ta­ble pu­bli­ca­ti­ons or me­dia re­ports.

Internal responsibilities

The law pre­scri­bes the es­ta­blish­ment of an in­ter­nal mo­ni­to­ring func­tion, § 4 para. 3 LkSG, for ex­am­ple, by ap­poin­ting a hu­man rights of­fi­cer. The ma­nage­ment must in­form its­elf at least an­nually about the work of this func­tion.

Note: The ob­li­ga­tion to ob­tain in­for­ma­tion and the ob­li­ga­tion to is­sue a po­licy state­ment by the com­pany ma­nage­ment ac­cor­ding to § 6 para.2 LkSG ex­clu­des the com­plete de­le­ga­tion of the ob­li­ga­ti­ons un­der the LkSG from the com­pany ma­nage­ment to this mo­ni­to­ring func­tion.

The mo­ni­to­ring func­tion can be per­for­med by a per­son or a com­mit­tee. If the re­spon­si­bi­lity is dis­tri­bu­ted among se­veral per­sons, such as a hu­man rights and an en­viron­men­tal of­fi­cer, this must be ac­com­pa­nied by a clear dem­ar­ca­tion of areas of re­spon­si­bi­lity. When ap­poin­ting, at­ten­tion must also be paid to suf­fi­ci­ent com­pe­ten­cies, aut­ho­rity, in­de­pen­dence, and ca­pa­ci­ties for the ex­er­cise of the task.

Note: A com­plete trans­fer of the re­spon­si­bi­lity for risk ma­nage­ment to an ex­ter­nal body is not pos­si­ble, § 4 para. 3 LkSG.

Preventive and remedial measures

In the com­pany's own busi­ness area and vis-à-vis di­rect suppliers, ap­pro­priate pre­ven­tive mea­su­res must be an­cho­red, § 6 para. 3 and 4 LkSG.

If hu­man rights-re­la­ted or en­viron­men­tal vio­la­ti­ons are iden­ti­fied in the own com­pany or with a di­rect supplier, or if such are im­mi­nent, ap­pro­priate re­me­dial mea­su­res must be ta­ken im­me­dia­tely, § 7 para. 1 LkSG. The ef­fec­tiv­en­ess of these re­me­dial mea­su­res must be re­viewed on an ad hoc ba­sis, but at least once a year. The re­le­vant suc­cess of such a re­me­dial mea­sure de­pends on the le­gal and fac­tual pos­si­bi­li­ties of in­flu­ence of the com­pany.

If the com­pany can­not stop a hu­man rights or en­viron­men­tal vio­la­tion with a di­rect supplier in the short term, a con­cept for cor­rec­tive mea­su­res must be drawn up and im­ple­men­ted. As a last re­sort, if the vio­la­tion per­sists, the com­plete ter­mi­na­tion of the busi­ness re­la­ti­ons­hip must be con­side­red.

Due di­li­gence ob­li­ga­ti­ons also exist to a cer­tain ex­tent with re­gard to in­di­rect suppliers. Here, the com­pany must take mea­su­res if there are ac­tual in­di­ca­ti­ons that sug­gest a cor­re­spon­ding vio­la­tion of ob­li­ga­ti­ons by in­di­rect suppliers, § 9 para. 3 LkSG. This re­qui­res a su­spi­cion de­si­gna­ted as sub­stan­tia­ted know­ledge. If such is gi­ven, the com­pany must carry out a risk ana­ly­sis and an­chor ap­pro­priate pre­ven­tive mea­su­res against the per­pe­tra­tor. In ad­di­tion, a con­cept for pre­ven­ting, ending, or mi­ni­mi­zing and avo­iding the vio­la­tion must be drawn up and im­ple­men­ted ac­cor­din­gly.

Documentation and reporting

Com­pli­ance with due di­li­gence ob­li­ga­ti­ons must be do­cu­men­ted in­ter­nally. The do­cu­men­ta­tion must be kept for at least se­ven years from its crea­tion, § 10 para. 1 LkSG.

Fur­ther­more, an­nual re­por­ting must be made avail­able on­line in Ger­man no la­ter than four months af­ter the end of the fis­cal year and in a se­pa­rate re­port to the Fe­deral Of­fice for Eco­no­mic Af­fairs and Ex­port Con­trol (BAFA). The re­port to the BAFA is ge­ne­ra­ted from the an­swers to a struc­tu­red ques­ti­onn­aire, which the BAFA now pro­vi­des di­gi­tally and ana­lo­gously. The re­ports must be sub­mit­ted an­nually af­ter re­gis­tra­tion via the elec­tro­nic re­por­ting ques­ti­onn­aire at the BAFA, § 12 para. 1 LkSG.

While duly main­tai­ning trade and busi­ness se­crets, com­pa­nies must pro­vide in­for­ma­tion in this re­port on

  • whe­ther and which hu­man rights and en­viron­men­tal risks have been iden­ti­fied,
  • how the ful­fill­ment of due di­li­gence ob­li­ga­ti­ons has been en­su­red,
  • how the ef­fects and ef­fec­tiv­en­ess of mea­su­res ba­sed on com­plaints are as­ses­sed, and
  • what con­clu­si­ons have been drawn from the as­sess­ment for fu­ture mea­su­res.

BAFA ques­ti­onn­aire:

Company master data

 

Shortened reporting obligation

 

Complete reporting questionnaire

 

 

The company plausibly demonstrates that no risks or violations exist.

 

The company has identified human rights or environmental risks or violations.

 

 

-        Monitoring of risk management,

-        Responsibility of the management,

-        Identified risks and/or identified violations, and

-        Information on the company and procurement structure.

In addition to the shortened reporting obligations

-        Strategy & Anchoring,

-        Risk analysis and preventive measures,

-        Communication of results,

-        Identification of violations and remedial measures,

-        Complaint procedures, and

-        Review of risk management.

Note: Com­pa­nies with a dif­fe­rent fis­cal year in 2024 must al­re­ady sub­mit the first re­port on the im­ple­men­ta­tion of due di­li­gence ob­li­ga­ti­ons for the past fis­cal year to the aut­ho­rity four months af­ter the end of the fis­cal year and publish it on­line. The re­por­ting co­vers only in­for­ma­tion re­gar­ding the short fis­cal year 2024 but must co­ver all re­por­ting re­qui­re­ments in terms of con­tent.

Controls and sanctions

With the LkSG, the re­spon­si­ble aut­ho­ri­ties (Fe­deral Of­fice for Eco­no­mic Af­fairs and Ex­port Con­trol) are gran­ted the power to carry out on-site in­spec­tions and to im­pose fi­nes and pe­nal­ties, so­me­ti­mes dras­tic sanc­tions.

In ad­di­tion, com­pa­nies against which a high fine has been im­po­sed can be ex­clu­ded from pu­blic ten­ders for up to th­ree years. De­pen­ding on the in­dus­try, pos­si­ble da­mage to the re­pu­ta­tion of the af­fec­ted com­pany should not be un­de­re­sti­ma­ted.

Note: In con­trast, the Ger­man Supply Chain Due Di­li­gence Act does not pro­vide for di­rect ci­vil lia­bi­lity.

Forecast: EU requirements for sustainable corporate governance - the Corporate Sustainability Due Diligence Directive

Eu­ro­pean de­ve­lop­ments

Re­gu­la­ti­ons on sus­tai­nable cor­po­rate go­ver­nance have also been un­der dis­cus­sion at EU le­vel for some time. On 23 Fe­bru­ary 2022, the Eu­ro­pean Com­mis­sion pre­sen­ted the Eu­ro­pean Par­lia­ment and the Coun­cil with a draft di­rec­tive on sus­tai­nable cor­po­rate go­ver­nance: the Cor­po­rate Sus­tai­na­bi­lity Due Di­li­gence Di­rec­tive (her­ein­af­ter re­fer­red to as "CSDDD"). In a "Ge­ne­ral Ap­proach," the Coun­cil then publis­hed its ne­go­tia­ting po­si­tion on 1 De­cem­ber 2022, and the Eu­ro­pean Par­lia­ment an­noun­ced its po­si­tion on 1 June 2023.

As there were con­side­ra­ble dif­fe­ren­ces bet­ween the drafts of the th­ree par­ties, the par­ties en­te­red into the so-cal­led "tri­lo­gue" to de­ve­lop a uni­form com­pro­mise on the struc­ture of the di­rec­tive th­rough ne­go­tia­ti­ons.

On 14 De­cem­ber 2023, a po­li­ti­cal com­pro­mise on the CSDDD was an­noun­ced wi­thin the frame­work of the tri­lo­gue pro­ce­dure. On 15 March 2024, a suf­fi­ci­ent ma­jo­rity of EU mem­ber sta­tes in the Com­mit­tee of Per­ma­nent Re­pre­sen­ta­ti­ves, a sub-or­gan of the Coun­cil of the Eu­ro­pean Union, then ap­pro­ved the wea­ke­ned draft of the Cor­po­rate Sus­tai­na­bi­lity Due Di­li­gence Di­rec­tive (CSDDD). Ger­many had ab­stai­ned from the vote. The draft now ad­op­ted dif­fers from the ori­gi­nal po­li­ti­cal agree­ment re­ached in the tri­lo­gue. It has been for­mally ad­op­ted by the EU Coun­cil and by the EU Par­lia­ment.

Overview of the CSDDD

Re­view of the supply chain for en­viron­men­tal and hu­man rights con­cerns

Like the LkSG the CSDDD re­qui­res com­pa­nies in Eu­rope to re­view their supply chains for en­viron­men­tal and, in par­ti­cu­lar, la­bor prac­tices to im­prove the hu­man rights si­tua­tion, pro­tect en­viron­men­tal con­cerns, and ad­vance in­ter­na­tio­nal cli­mate pro­tec­tion goals. The aim is to pre­vent com­pa­nies in the in­ter­nal mar­ket from ha­ving to com­ply mul­ti­ple, pos­si­bly in­com­pa­ti­ble, na­tio­nal re­gu­la­ti­ons.

Scope of ap­pli­ca­tion of the CSDDD

The re­vi­sed scope of ap­pli­ca­tion of the Di­rec­tive now in­clu­des EU com­pa­nies with more than 1,000 em­ployees (in­stead of 500 in­iti­ally) and a world­wide net an­nual tur­no­ver of more than 450 mil­lion eu­ros (in­stead of 150 mil­lion eu­ros in­iti­ally).

Note: Like the Ger­man LkSG, the scope of ap­pli­ca­tion of the CSDDD is also di­rec­ted at com­pa­nies with more than 1,000 em­ployees - howe­ver, the na­tio­nal LkSG is not ad­di­tio­nally lin­ked to tur­no­ver fi­gu­res.

Ap­pli­ca­tion is to be gra­dual: com­pa­nies with more than 5,000 em­ployees and a glo­bal net tur­no­ver of more than 1.5 bil­lion eu­ros are in­iti­ally af­fec­ted du­ring a tran­si­tio­nal pe­riod of th­ree years. Af­ter four years, the th­res­hold falls to 3,000 em­ployees and 900 mil­lion eu­ros in tur­no­ver un­til the sta­tutory th­res­hold is re­ached af­ter five years.

Note: The in­iti­ally en­vi­sa­ged high-risk sec­tor ap­proach (i. e., the gra­dual in­clu­sion of com­pa­nies that do not meet the cri­te­ria for the scope of ap­pli­ca­tion but are ac­tive in high-risk in­dus­tries) was aban­do­ned.

Due di­li­gence ob­li­ga­ti­ons un­der CSDDD

The hu­man rights and en­viron­men­tal due di­li­gence ob­li­ga­ti­ons to be com­plied with by the com­pa­nies con­cer­ned re­late to the "chain of ac­tivi­ties," i. e., to the com­pany’s own busi­ness area, up­stream busi­ness part­ners (suppliers), and to some ex­tent also to busi­ness part­ners with down­stream ac­tivi­ties, such as sa­les, trans­port, sto­rage, and dis­po­sal of the pro­duct.

Ob­li­ga­ted com­pa­nies must keep do­cu­men­ta­tion on com­pli­ance with due di­li­gence ob­li­ga­ti­ons un­der the di­rec­tive for at least five years from the crea­tion or re­ce­ipt of the do­cu­ments.

The ob­li­ga­ted com­pa­nies must also de­sign and im­ple­ment a cli­mate plan ("tran­si­tion plan") for mit­iga­ting cli­mate change. This plan should show the busi­ness mo­del and stra­tegy with which the com­pany contri­bu­tes to achie­ving the 1.5°C tar­get by 2050.

Lia­bi­lity risks for com­pa­nies

Un­like the Ger­man LkSG, the Di­rec­tive pro­vi­des for di­rect ci­vil lia­bi­lity of com­pa­nies. If an ob­li­ga­ted com­pany vio­la­tes the due di­li­gence ob­li­ga­ti­ons, na­tu­ral or le­gal per­sons in na­tio­nal law should have at least five years (li­mi­ta­tion pe­riod) to as­sert their claim for full com­pen­sa­tion for the da­mage cau­sed by the bre­ach of duty. Fur­ther­more, the Di­rec­tive pro­vi­des for fi­nes of up to five per­cent of the world­wide net tur­no­ver.

First-time ap­pli­ca­tion

Af­ter the ap­pro­val of EU Par­lia­ment and EU Coun­cil on 24 May 2024, the fi­nal CSDDD was publis­hed and came into force 20 days la­ter. The­reaf­ter, the EU mem­ber sta­tes must trans­pose the di­rec­tive into na­tio­nal law wi­thin two years.

It is to be ex­pec­ted that there will be an ad­just­ment to the Ger­man LkSG.

Comparison of LkSG and CSDDD

 

Supply Chain Due Diligence Act (LkSG)

Corporate Sustainability Due Diligence Directive (CSDDD)

Scope of application

 

For companies with more than 1,000 employees.

 

EU companies with more than 1,000 employees and a worldwide net annual turnover of over 450 million euros.

Reporting and due diligence obligations

 

Companies must observe human rights and environmental due diligence obligations in their supply chain.

 

Companies must identify, end, prevent, mitigate, and account for negative impacts on human rights and the environment in their operations and value chains. Additionally, design and implementation of a climate plan ("transition plan") for mitigating climate change.

Type of publication

 

Companies must publish an annual report on their due diligence obligations at the BAFA and on their website.

Companies must regularly report on their due diligence obligations and make these reports publicly accessible.

Control and sanctioning

 

Fines can be imposed for violations of the law.

Sanctions can be imposed for violations of the directive, which are determined by the individual EU member states.

Additionally: Implementation of civil corporate liability

First-time application

The law came into force on 1 January 2023.

The directive was adopted in May 2024 and is to be transposed into national law within two years.

Conclusion

The com­pli­ance ob­li­ga­ti­ons of com­pa­nies are in­cre­asing year by year - not least due to the Ger­man LkSG. With the CSDDD com­ing from the Eu­ro­pean side, the re­qui­re­ments are li­kely to in­crease again. In ad­di­tion to re­por­ting ob­li­ga­ti­ons on en­viron­men­tal and hu­man rights is­sues, com­pa­nies are to be re­qui­red to create and im­ple­ment a cli­mate pro­tec­tion plan, not to men­tion the as­sump­tion of ci­vil lia­bi­lity for com­pa­nies.

For com­pa­nies, the maze of com­pli­ance re­qui­re­ments is hardly ma­na­ge­able - all the more so as nu­me­rous large com­pa­nies are also con­fron­ted with sus­tai­na­bi­lity re­por­ting for the first time. There is a small glim­mer of hope in the draft bill of the CSRD Im­ple­men­ta­tion Act. Ac­cor­ding to this, com­pa­nies that pre­pare a sus­tai­na­bi­lity re­port should also ful­fill their re­por­ting ob­li­ga­ti­ons un­der the Supply Chain Due Di­li­gence Act. It re­mains to be ho­ped that this re­gu­la­tion will be im­ple­men­ted as such and that com­pa­nies will at least be re­lie­ved in this re­spect.

06.06.2024 back to top

Related Topics

In­ter­nal com­pany in­ves­ti­ga­ti­ons are be­com­ing in­cre­asin­gly re­le­vant!

Even in suc­cess­ful and very well-ma­na­ged com­pa­nies, em­ployees or board mem­bers may be sus­pec­ted of com­mit­ting cri­mi­nal of­fen­ses. This is all the more true since such of­fen­ses can be re­por­ted more ea­sily un­der the Whist­leb­lo­wer Pro­tec­tion Act or the Supply Chain Due Di­li­gence Act. In such sus­pec­ted ca­ses, ma­na­gers or the su­per­vi­sory body are ob­li­ged to com­pre­hen­si­vely in­ves­ti­gate the al­le­ga­tion while main­tai­ning the ne­cessary con­fi­den­tia­lity. Nu­me­rous le­gal and or­ga­ni­sa­tio­nal pit­falls of­ten re­quire the in­vol­ve­ment of ex­ter­nal con­sul­tants.  ...read more