With the German Supply Chain Due Diligence Act (Lieferkettensorgfaltspflichtengesetz, or LkSG) set to take effect in January 2023, the final implementing regulations released in December 2022 offer long-awaited clarity for firms grappling with compliance preparations. These rules, issued after months of consultation and revision, provide more precise direction on risk-assessment thresholds, reporting requirements, and documentation expectations. Yet, even with this guidance, there remains a palpable sense of uncertainty in some quarters of German industry. Companies know what they are supposed to aim for, broadly speaking, but the practical steps? The day-to-day mechanics of building defensible due-diligence systems? That’s where many are still working things out.
Perhaps nowhere is this tension more visible than in the chemical sector. German chemical manufacturers, with their often sprawling and multi-tiered supply chains, face a particularly intricate compliance challenge. The LkSG’s obligations to identify, assess, and address human rights and environmental risks extend well beyond Tier 1 suppliers, touching even the more remote actors involved in producing raw materials. And yet mapping these Tier 3 suppliers—those companies two or more steps removed from the buyer—can quickly become a tangled exercise, especially when those upstream firms are located in jurisdictions with limited disclosure traditions.
The final regulations help, at least to a degree, by refining the thresholds that trigger enhanced due-diligence duties. The Federal Office for Economic Affairs and Export Control (BAFA), which oversees enforcement, will expect firms to prioritize suppliers based on specific risk indicators rather than blanket coverage. The text makes it clear that firms aren’t required to trace every gram of raw material back to its source immediately. Instead, they must focus their efforts on suppliers linked to regions, sectors, or products known for heightened human rights or environmental risks. This risk-based approach, while welcomed by many, still leaves open the difficult task of defining what, exactly, constitutes sufficient inquiry.
In this context, open chemical registry data has emerged as a potentially valuable resource—if, of course, it’s used with care. German chemical firms, or indeed any firm subject to LkSG, might start by cross-referencing their procurement lists against registries maintained by entities such as the European Chemicals Agency (ECHA) or national-level databases. These registries, while primarily designed for regulatory oversight of chemical safety, often contain clues about production origins and intermediary handlers. By overlaying procurement records with registry data, firms can sometimes identify previously obscured Tier 3 actors, or at least narrow down the list of entities warranting deeper review.
But, as with most things in this space, the utility of such data depends heavily on context. For some raw materials—think basic commodities like sodium hydroxide or sulfuric acid—the supply chains may prove too diffuse or commoditized for registry data to yield actionable supplier identities. In these cases, firms may find themselves leaning more heavily on supplier questionnaires, declarations, or, where possible, third-party audits that penetrate beyond Tier 1. The final LkSG rules acknowledge these practical constraints, encouraging firms to demonstrate that they’ve made reasonable efforts rather than demanding impossible perfection. Still, drawing the line between reasonable and insufficient effort is bound to remain a matter of judgment, at least for now.
On the reporting front, the regulations specify in more detail what BAFA expects in annual due-diligence reports. Firms must describe not just their policies and risk assessments but also the concrete steps they’ve taken to mitigate identified risks, the effectiveness of those measures, and any updates to their risk-management systems. For chemical firms, this will likely mean documenting, in plain terms, how they used registry data, supplier engagement, or other tools to fulfill their obligations. The reporting format isn’t rigid; firms have some latitude in structuring their narratives. But they must ensure that their submissions are coherent, substantiated, and responsive to the law’s core expectations.
A practical workflow for reporting to BAFA might look, in broad outline, as follows. The compliance team begins by consolidating internal risk assessments, mapping supplier risks using registry data, internal records, and external sources such as NGO reports or industry benchmarks. They document their prioritization rationale: why certain suppliers or materials were flagged for enhanced review. They then compile records of mitigation actions—whether that involved revising supplier contracts, conducting audits, providing training, or in some cases, disengaging from a supplier altogether. All this is written up in a report submitted via BAFA’s designated online portal, typically in the first half of the year following the reporting period.
For many firms, the first reporting cycle will undoubtedly feel like a learning exercise as much as a compliance duty. Questions will arise—about data reliability, about what constitutes a meaningful mitigation step, about how much documentation is enough. And while BAFA has pledged to provide further guidance as practice evolves, the onus remains on companies to make good-faith efforts and to show their work, so to speak. Some compliance officers have expressed the view, quietly perhaps, that the LkSG’s true test will come not in the first reports filed but in how firms respond to BAFA’s feedback and adjust their systems in subsequent cycles. That, more than any checklist or template, may determine whether this ambitious law achieves its intended impact on supply chain transparency and accountability.