On 22 July 2021, the “Act on Corporate Due Diligence in Supply Chains”, adopted by the German Bundestag, was published in the Federal Law Gazette.[1] The adoption of the Act is extremely significant in a continuously evolving European legislative framework on ESG and Human Rights issues.

It is therefore necessary, first, to consider the general regulatory context, particularly in Europe, and then to understand, based on a brief analysis of the Act, what the prospects are, under a legal point of view, for market players in this area.

general overview: how the legal landscape is evolving

There is growing momentum worldwide among governments to require companies to undertake human rights due diligence. 

Glancing at the EU single jurisdictions, numerous proposals and legislative initiatives are already in place. One may refer, for instance, to the French law on the duty of vigilance of parent and outsourcing companies[2], the Norwegian law on business transparency and human rights and decent working conditions[3], the Dutch parliamentary proposal on responsible and sustainable international business conduct[4], the Austrian parliamentary proposal for a supply chain law[5], or, lastly, to the Belgian parliamentary proposal on the corporate duty of vigilance and care in value chains[6].

One step above, at EU level, on March 10th 2021, the European Parliament published the draft Directive on “Corporate due diligence and accountability, followed, on April 21st 2021, by the European Commission draft Directive on “Corporate Sustainability Reporting.[7] A further draft Directive on “Sustainable governance is expected by the second quarter of 2021 and on the 29th July 2021 the European Commissioners Didier Reynders and Thierry Breton, who are jointly working on the legislative proposal, received an open letter from Bangladeshi human rights defender Kalpona Akter calling for strong protections against violations and access to justice for victims[8].  These measures follow the 2014/95 "NFRD" Directive on non-financial reporting and complement and extent the ESG regulatory framework through on specific ESG topics.

Human rights due diligence: a focus on tools and provisions

The adoption of the Act by the German Bundestag represents therefore an opportunity to clarify what could be, outside the Germany case, the regulatory profiles and the mechanisms that, once the regulatory process underway at European level is concluded, could affect market players, as well as the numerous international organizations devoted to human rights protection and, more importantly, the workers and citizens, of Europe and beyond.

As we pointed out in a previous article, in general there is a growing relevance of “widespread risk-driven approach focused on ESG factors, a reinforced attention on companies’ liability mechanisms and a full centrality of human rights”.[9] In this context, due diligence tools becomes essential.

Regarding the scope, there is the tendency to impose due diligence requirements well beyond the companies incorporated in the State, i.e. targeting large companies that simply operate in the territory, often referring to size criteria. For example, the German Act extends the application to “enterprises regardless to their legal form that:

  1. Have their central administration, their principal place of business, their administration headquarters or their statutory seat in Germany and
  2. That normally have at least 3,000 employees in Germany; employees posted abroad included”.

Companies that 'have a domestic branch office' are also added. Finally, it is also specified that from January 2024 the thresholds for employees will be reduced to 1,000.

As regards the tools for effective due diligence, German legislation identifies them as a risk management system, the designation of a responsible person within the enterprise, regular risk analysis, policy statement, preventive measures (also vis-à-vis suppliers), remedial actions, complaints procedures, due diligence obligations with regard to risks at indirect suppliers, documenting and reporting. Each of these aspects is regulated in detail by the Act.

Another key issue is liability and access to remedy, given that  companies should be held liable for their actions and be fined for causing harm or contributing to it, unless they can prove that they have acted in line with due diligence obligations and taken measures to prevent such harm.

In this sense, the Act introduce a special capacity to sue, providing that “any person to have been violated […] may authorize a domestic trade union or non-governmental organization to bring proceedings to enforce his or her rights in its own capacity”.

To make the system complete and effective, provisions are included to ensure public enforcement. The German Act provides, for example, for monitoring by a specific authority of the published reports, specific powers of control, including powers to inspect, to summon people, to request and examine documentation, and a general powers to “request the enterprise to take specific actions to fulfil its obligations”. In addition, sanctioning powers are provided by the Act.

Absolutely innovative is the provision on public procurement, on an “exclusion from the award of public contracts” (section 22) for enterprises that have been fineduntil they have proved that they have cleared themselves“ (up to three years).

The role of impact measurement and the dilemma: who audits the auditor?

As we pointed out in a previous article, “due diligence becomes the fundamental mean to carry out responsible business activities (also enforcing the adoption of best practices through the supply chain) as a qualifying and distinctive element that gives an advantage over competitors”.[10]

It shall also be noted that the issue of human rights due diligence is fundamentally connected to the broader European regulatory framework on sustainability (see for instance the latest developments regarding sustainable finance[11]).

In this sense, there are constant features, such as the connection between human rights, social and environmental profiles and the central role of uniform and strict transparency rules. In this context, the issue of ESG and impact measurement becomes crucial, also with a view to protecting companies from reputational and litigation risks and to achieve better efficiency and competitiveness.

As already evident, there are also important loopholes, which may then bring to green and social washing risks. For example, considering the tendency to outsource sensitive control and disclosure activities to external companies offering auditing services, one wonders who audits the auditor.

For this reason, there is a perceived need to cover also the auditing and certification industry by human rights and ESG due diligence laws, as well as, more generally, to intervene with regulation and State oversight of the auditing and certification sector. The liability of these entities also should be addressed, as their accountability in the event of violations of human rights and ESG safeguards in connection to their services could certainly be another useful tool for tackling this critical regulatory gap.