Whether consumers, employees or investors: More and more people expect companies to ensure compliance with labor and environmental standards - both internally and with their suppliers. Many brands have long since responded to these demands and are committed to complying with a Code of Conduct (CoC) and making Corporate Social Responsibility (CSR) the basis of business relationships with suppliers. The Supply Chain Duty of Care Act (LkSG) is basically the logical consequence and clearly commits companies to social responsibility and greater transparency. The LkSG initially only applies to companies with 3,000 or more employees and the responsibility only applies to direct suppliers. For organizations with international supply chains in particular, the structured evaluation of suppliers will be a real challenge - even if they only have to check their direct partners for the time being.

Update for risk management

The implementation of the LkSG requires one thing above all on the part of companies: the expansion of existing risk management to include CSR risks. In the event of breaches, measures and processes must also be defined that enable the purchasing department to act quickly. This sounds simple, but in practice it is more complex: a wide range of different information is required to assess CSR risks. In contrast to performance data such as quality and delivery reliability, this cannot be obtained from in-house ERP systems. Information provided by suppliers is also hardly suitable for a CSR assessment. It stands to reason that, due to their own business interests, they report violations by sub-suppliers to their clients late or not at all. Buyers must therefore consult external information for a serious assessment. The integration of external data into their own decision-making processes is by no means new: buyers have long been obtaining information from various rating providers about the creditworthiness of their future partners, using weather and climate data and are usually very well informed about the political conditions at their suppliers' locations. In the area of CSR, providers such as EcoVadis, Riskmethods and Tealbook provide organizations with the necessary information. However, for a quick, efficient and comprehensive risk assessment, their data must be aggregated, evaluated and converted into concrete recommendations for action for purchasing.

Technical support required

The assessment of supplier risks is a very complex process. The number of risk parameters to be assessed alone is now so high that it is no longer possible without technical support. This is particularly true for companies with many suppliers and globally ramified supply chains. In addition, most external data suppliers have their own software. As a result, manual steps are almost always necessary for purchasing to carry out individual risk assessments and make reliable decisions. The lack of integration options for external risk information means that measures such as approvals, blocks or warning messages in existing ERP software can only be activated with a time delay. In addition, the underlying processes have to be adapted regularly - often even manually. This leads to delays and slows down the sourcing process as well as supplier selection and risk management enormously. In addition, buyers can only react to known human rights violations or crisis events with a delay. The digitalization of the source-to-pay process (S2P) and the creation of integration options for risk data help to solve these challenges. As the LkSG provides for severe penalties, companies should consider modernizing their purchasing solutions as soon as possible.

Digitization: The freestyle becomes a duty

A digital source-to-pay process accelerates the handling of purchasing processes - from sourcing and supplier selection to ordering, contract management and the processing of incoming invoices. In addition, there is a gain in transparency regarding collaboration with suppliers and the assessment of risks. Despite the obvious advantages, corresponding modernization projects have often only been pursued half-heartedly. To this day, this is often due to the feared complexity and financial efficiency gains that are difficult to predict. Even for international corporations, it takes an enormous amount of effort to successfully complete digitization projects that have already begun.

With the Supply Chain Due Diligence Act coming into force, the pressure is increasing: purchasing decision-makers need to expand their risk management, integrate and evaluate external data and give purchasing more flexibility. Without a fully digitalized procurement process and a fully integrated risk assessment, the practical implementation of the Supply Chain Due Diligence Act is not feasible. There is therefore an urgent need for purchasing decision-makers to take action: they must adapt tools and process landscapes to the new requirements and put them into operation by 2023 at the latest.

Supply Chain Act 2.0: Complete supply chain transparency is a vision for the future

The implementation of the current Supply Chain Due Diligence Act is possible in principle according to the current state of technology and is also practically feasible for most companies. However, both the effort and the actual costs are difficult to quantify and depend heavily on the business area and digital maturity level of the respective organization.

If the responsibility of companies is extended to sub-suppliers and their partners in the future, companies with low vertical integration and branched supply chains in particular will face an almost unsolvable problem: they will have to take responsibility for the business practices of partners that they do not (or cannot) know. The reason: many sub-suppliers are contractually obliged to maintain confidentiality. This means that they are not allowed to talk about customer relationships and certainly not to document them in writing for third parties. In this situation, neither digital processes nor modern purchasing solutions can help, as the required information is simply not available. This fact makes a cross-supply chain assessment of CSR risks almost impossible, meaning that complete supply chain transparency is currently a vision of the future. Even if companies from Germany demand immediate transparency from their partners, this will not be possible without genuine partnerships. This is particularly true if other laws apply in the supplier's region and there are only a few manufacturers for certain products.

I firmly believe that fair working conditions and transparency across entire supply chains cannot be achieved through government regulations or software solutions alone. Instead, companies should set themselves the strategic goal of redefining and improving their relationships with their suppliers, working in partnership and cooperating much more closely than before. Above all, companies should establish a consensus on changing customer requirements, accept the need for significantly greater transparency and agree this contractually with their partners. The challenge lies particularly in creating a mindset that accepts and actively promotes the need for change at local and international level.

This process will be a great deal of work for everyone involved - especially if they work with international partners where CSR rules were previously different or not enforced at all. Above all, it is important to hold positive discussions and communicate the new customer requirements and the purpose of a supply chain law. With the right solutions and a willingness to change on all sides, clients, suppliers and partners can be successful together.

Risk management and technology are not a panacea

Despite fears that the Supply Chain Due Diligence Act could lead to competitive disadvantages for German companies in addition to the existing supply bottlenecks and logistics problems, public and political pressure to tighten the law remains unbroken - particularly at EU level. Similar plans are also being discussed in Austria and Switzerland. There is an increasing likelihood that organizations will be held responsible for complying with fair working conditions and stricter environmental regulations throughout their supply chains in the near future. As a result, no company can avoid improving its supplier relationships and modernizing existing purchasing solutions and processes. Purchasing should therefore take urgent action - be it to secure an edge over competitors or to prepare for the tightening of legal regulations.

Jan-Hendrik Sohn, Regional Director DACH and CEE at Ivalua