Supply Chain Act (LkSG and CSDDD)

The German Supply Chain Due Diligence Act (Lieferkettensorgfaltspflichtengesetz, LkSG) — in force since January 2023 — obliges large German companies to identify, prevent and mitigate human-rights and environmental risks across their supply chains. The EU Corporate Sustainability Due Diligence Directive (CSDDD), formally adopted in 2024 with national transposition by 2026, will extend similar obligations EU-wide with broader scope and stronger enforcement. Together, LkSG and CSDDD transform supply-chain transparency from a voluntary CSR practice to a binding legal obligation with material ERP implications.

Scope

LkSG applies in escalating steps. From 1 January 2023, companies with 3,000+ employees in Germany. From 1 January 2024, companies with 1,000+ employees. The act covers German-domiciled companies plus foreign companies with German subsidiaries above the threshold. Indirectly, LkSG flows down to suppliers through contractual due-diligence obligations — smaller mid-market suppliers find themselves obligated to comply with their large customers' LkSG requirements regardless of their own headcount. CSDDD will extend scope: EU companies with 1,000+ employees and 450 million EUR turnover from 2027, broadening progressively. EU non-resident companies trading into the EU above thresholds also fall in scope.

Core obligations

• Risk analysis — annual systematic assessment of human-rights and environmental risks in own operations and supply chain
• Preventive measures — supplier contracts include risk-mitigation clauses, training, monitoring
• Remedy mechanisms — complaint channels accessible to affected parties (workers in supply chain, local communities)
• Documentation — comprehensive records of risk assessments, mitigation activities, complaints received and handled
• Annual report — structured public report on due-diligence activities and outcomes, submitted to BAFA (German Federal Office for Economic Affairs and Export Control)
• Direct supplier scope (LkSG) — Tier-1 suppliers covered comprehensively; indirect suppliers (Tier-2+) covered only on substantiated knowledge of issues

ERP-side support

LkSG and CSDDD compliance is information-heavy. ERP plays a central role through several capabilities. Supplier master data: country of origin, sub-supplier visibility, certifications (BSCI, SA8000, amfori), risk classifications. Spend visibility: which suppliers represent what percentage of spend in which risk categories. Audit trail: documentation of due-diligence activities by supplier, date and outcome. Contract data: due-diligence clauses present, renewal dates, breach notifications. Complaint tracking: integration with complaint-portal platforms for case management and reporting. Specialist tools (IntegrityNext, EcoVadis, Sphera Supply Chain Risk Management, Achilles, IntegrityNext) supplement ERP-side data with supplier-questionnaire collection, on-site audits and AI-based open-source risk monitoring.

Sanctions

LkSG sanctions include fines up to 8 million EUR or up to 2% of annual global turnover for companies with over 400 million EUR turnover. Repeated violations can trigger exclusion from public-procurement contracts for up to three years — material consequence for many B2B-and-government suppliers. CSDDD sanctions are aligned in scale, with the EU framework adding civil liability for damages caused by failure to meet due-diligence obligations — a significant expansion beyond LkSG's administrative-only penalty regime. Reputational risk often exceeds direct financial penalties: NGO and media exposure of due-diligence failures has driven business losses far larger than the formal sanctions for several major companies.

Related Topics

• CSRD
• ERP
• ERP for textile