Quite recently, the EU legislative institutions (the EU Commission, the EU Council and the EU Parliament) agreed about extending the concept of the German Supply Chain Act (Lieferketten-Sorgfaltspflichten-Gesetz - “LkSG”) over the entire EU – and, hence, also the EEA.
Now, all companies seated in Germany and employing 1,000 associates have to undertake due diligence procedures and measures in regard to their entire supply chain. The threshold of 1,000 employees, however, does not apply vis-á-vis the direct or indirect suppliers. So, the implementation of measures to avoid human rights and environmental risks within the supply chain concerns all entities throughout the chain – and also very small companies in and outside Germany may have to comply.
The German supervisory authority for supply chains, the Federal Office for Economic Affairs and Export Control (Bundesamt für Wirtschaft und Ausfuhrkontrolle – “BAFA”) has now started its monitoring activities. The BAFA looks at webpages of relevant companies and checks their Grundsatzerklärung (basic declaration or supplier code) as well as the description and processes of the whistleblower hotline dedicated to supply chain matters. If they identify gaps or inconsistencies, the BAFA will address this towards the companies in question. Within the next months, the first compulsory reports will be handed over to the BAFA, which quite certainly will cause a rise of monitoring activities.
As the EU aims to avoid distortions of the EU market like a national supply chain law with effects on the EU economy, the EU decided to take over this topic and form its own supply chain standard: the EU Corporate Sustainability and Due Diligence Directive (“EU CS3D”). This new EU Directive will be most likely enacted in May 2024 before the elections for the new EU Parliament will start in June. An EU Directive will have to be implemented into the national laws of the EU Member States by their legislators. The transposition period will be two to five years (the major obligations to be enacted within two years). Only with effective transposition, the EU CS3D requirements will come into force. However, the German LkSG will continue to apply but will have to be adapted to the EU CS3D within the next two years.
Partner and Co-Head German Compliance Group, Dentons Europe (Germany)
At the recent TRACE Forum in Annapolis, I moderated a panel on the topic of compliance training – where to begin, who to involve, what works and what doesn’t. I’ve summarized below a few key takeaways from that discussion.
Look for opportunities to partner: Create a network of content contributors comprised of department leaders across the organization. Can you borrow materials from a recent marketing promotion or sales demo? Can a pre-existing module be condensed into several micro learnings? Can you get a local site leader or well-recognized manager to record a short video? No need to reinvent the wheel each time.
Meet people where they are: Training on the same topic year after year? Consider implementing a competency component that allows trainees to test out of material that should be familiar. Incorporate “experience” level training – more basic, broader training for those new to your organization and more condensed and targeted training for senior employees. Ensuring training relevance is key.
Less lecture, more practical: Your trainees are more likely to retain information that is relevant and true to life. Whenever possible endeavour to keep your training concise and crisp. Incorporate both live and asynchronous components. Survey your target audience to learn more about specific risk areas and then highlight them in your course.
Understand your organization’s culture and what it will support: To be most effective your training must be responsive to the needs of the business.
Remember people learn in different ways: Although easier on the front end, a one-size-fits-all approach will ultimately lead to long term training gaps as discrete teachable moments fall through the cracks.
Senior Director II, Compliance Training, TRACE
At the end of March, I attended the now traditional OECD Global Anti-Corruption and Integrity Forum (GACIF - https://www.oecd.org/corruption-integrity/forum/home/ ) in Paris. More than 3000 people registered and a large number attended the meetings in person.
There were a few interesting trends:
an increased and visible participation of the private sector
a rebalance of the policy discussion towards the need to push for public sector integrity at least as much as business integrity
an understanding that anticorruption compliance is to be seen in a more holistic way at company, national and international level
a strong belief that AI will be a powerful tool for more effective compliance
Aside from these general trends, two other points caught my attention:
First, the admitted difficulty to assess the effectiveness of compliance programs beyond the use of purely quantitative indicators. In this respect several CCOs also pointed out the desirability to harmonise the expectations from public authorities.
Second, the absence of any open discussion on the persistence (or not) of an international consensus over the fight against corruption in light of an increasingly fragmented world. This was really the “Mammoth in the Room”!
In corridor discussions, there was a discernible concern on the political use of the fight against corruption, as well as on the difficulty to garner consensus in international bodies.
International Lawyer, Former Director for Legal Affairs, OECD