Human Rights & Supply Chain Due Diligence Laws
Employee threshold triggering LkSG obligations
Maximum fine as percentage of global annual turnover
Potential exclusion from public procurement contracts
Regulation Overview
https://www.csr-in-deutschland.de/EN/Legislation/German-Supply-Chain-Act/german-supply-chain-act.html
The German Supply Chain Due Diligence Act is Germany's landmark mandatory human rights and environmental due diligence law. For supply chain compliance teams, it requires risk management systems that identify, prevent, and remediate human rights and environmental violations across direct and indirect supplier relationships. The LkSG applies to all companies with 1,000 or more employees and a registered presence in Germany—including German subsidiaries and branches of foreign multinationals. Core due diligence obligations remain fully in force as of 2026, including risk analysis, preventive measures, remedial actions, grievance mechanisms, and seven-year documentation retention. BAFA continues risk-based ex officio enforcement. LkSG compliance requires supplier-level evidence—risk assessments, corrective action plans, and grievance records—from every tier of your supply chain. When BAFA initiates a compliance sweep, your documentation must demonstrate a functioning due diligence system.
Key Components / Sub-Frameworks
Companies headquartered in Germany with ≥1,000 employees\nForeign companies with branch offices in Germany employing ≥1,000 staff\nGerman subsidiaries of international corporations meeting the employee threshold\nCompanies assembling supply chains through direct and indirect suppliers globally\nBusinesses supplying to in-scope companies facing contractual due diligence flowdown\nCompanies bidding for German public procurement contracts
Key Thresholds
Your LkSG risk analysis covers 400 direct suppliers. But a substantiated report alleges forced labor at a Tier 3 raw materials supplier. BAFA expects ad hoc due diligence—but you have no visibility, no contact, and no data beyond Tier 1. Your multi-tier supply chain transparency is a spreadsheet with gaps.
BAFA sends a detailed information request with 20+ questions on your risk analysis methodology, policy statement, and preventive measures. Your team has weeks to compile evidence from HR, procurement, legal, and supplier management systems. Documentation is scattered across departments, formats, and languages.
LkSG requires contractual assurances from direct suppliers—including their obligation to flow requirements to their own suppliers. You have 600 suppliers across 40 countries. Half signed generic codes of conduct. The rest have no documented commitment. Proving a functioning supplier risk scoring and due diligence cascade is impossible.
Your risk analysis flags 12 countries as high risk for forced labor. Your procurement team sources from 8 of them. Each requires documented preventive measures—training programs, audit schedules, corrective action tracking. Manual compliance evidence management across these geographies is unsustainable.
Certivo In Action
Certivo in Action — LkSG Workflow
From Manual Evidence Assembly to Automated Due Diligence
CORA collects, parses, and validates supplier due diligence evidence automatically. Your team focuses on risk decisions that need human judgment—not chasing signed codes of conduct.
Compliance Inquiry Acceleration
Generate complete, audit-ready BAFA response packages in hours—not the 4-6 weeks of manual compilation across departments.
Proactive LkSG Due Diligence Monitoring
When country risk profiles change or substantiated knowledge surfaces, Certivo triggers ad hoc risk analysis workflows instantly. Know your exposure before BAFA asks.
Key Statistics
Frequently Asked Questions
Which companies are subject to the German Supply Chain Due Diligence Act?
The LkSG applies to any company with its headquarters, principal place of business, administrative seat, or a branch office in Germany employing 1,000 or more people. This includes German subsidiaries and branches of foreign multinationals. The obligation extends to due diligence across own operations, direct suppliers, and indirect suppliers when substantiated knowledge of violations exists.
What are the penalties for LkSG non-compliance?
BAFA can impose fines up to €8 million, or up to 2% of global annual turnover for companies with more than €400 million in revenue. Serious violations can result in exclusion from German public procurement contracts for up to three years. BAFA's current enforcement focus targets failures in preventive measures, remedial actions, and grievance mechanisms—even with the proposed reporting amendment.
How does Certivo support ongoing LkSG due diligence obligations?
Certivo automates the collection, validation, and documentation of supplier due diligence evidence required under LkSG §§4–10. CORA parses supplier self-assessments and audit reports, scores suppliers by risk category, and maintains continuous audit-ready documentation retained for seven years. When BAFA requests information, Certivo generates a complete response package from centralized evidence.
What supplier evidence formats does Certivo accept for LkSG compliance?
Certivo accepts any format: PDF declarations, signed codes of conduct, audit certifications, Excel self-assessments, XML exports, and freeform responses in any language. CORA extracts risk indicators and due diligence data regardless of format, eliminating the need to standardize inputs across your global supply chain.
How does LkSG compliance relate to the EU CSDDD and other due diligence frameworks?
The LkSG remains in force until Germany transposes the EU CSDDD, now expected by July 2028 with application from 2029. Companies complying with LkSG today are building the evidence foundation for CSDDD readiness. Certivo validates one supplier submission against LkSG, CSDDD, UFLPA, Conflict Minerals, and UK Modern Slavery Act requirements—eliminating duplicate campaigns across human rights due diligence frameworks.