Balancing ambition and mitigating bureaucracy: Revising the German Supply Chain Duty of Care Act

Today, the German Government adopted a draft bill to reduce bureaucracy while maintaining core due diligence obligations.

The German Supply Chain Duty of Care Act (Lieferkettensorgfaltspflichtengesetz, LkSG) aims to ensure that companies respect internationally recognized human rights and certain environmental standards in their supply chains. To this end, the LkSG, which entered into force on 1 January 2023 (cf. our previous blogpost here), requires companies to identify, prevent, and address human rights and environmental risks in their supply chains. Since its entry into force, the LkSG’s novel and far-reaching compliance obligations have caused significant pushbacks from companies and politicians alike. Therefore, the revision of the LkSG has been one of the priority items on the agenda of the new German government in order to reduce bureaucratic burdens imposed on companies in scope of the LkSG.

This blogpost outlines the key modifications the draft bill would entail and analyses the LkSG in the context of the broader realignment of EU sustainability legislation.

Status Quo: Blueprint and object of criticism

The LkSG currently applies to companies with at least 1,000 employees in Germany that have their (administrative) headquarters or a registered branch office in Germany. Obliged companies must conduct risk analyses, publish a policy statement on their due diligence strategy, implement preventive and remedial measures, establish grievance mechanisms, and file annual reports to the Federal Office for Economic Affairs and Export Control (BAFA).

These features made the LkSG – alongside the French Vigilance Law – a blueprint for supply chain legislation at the EU level, in particular, for the EU Corporate Sustainability Due Diligence Directive (CSDDD) which entered into force on 25 July 2024 (cf. our previous blogpost here). Meanwhile, the political ambitions at the EU-level have significantly scaled back and the CSDDD is subject to revision under the EU Omnibus proposal which aims to narrow the CSDDD’s scope and remove its key liability provisions (cf. our previous blogpost here).

Echoing criticism from business associations and the ongoing discussions at the  EU level, the German coalition government of  the Christian Democratic Union (CDU) / Christian Social Union (CSU) and the Social Democratic Party (SPD) led by Chancellor Friedrich Merz promised in its 2025 political coalition agreement to align national provisions with the forthcoming EU framework and ultimately amend or replace the LkSG when transposing the CSDDD. 

Key proposed changes vs. continuities 

Against this backdrop, the Government’s draft bill aims to reduce administrative burdens by simplifying procedures while retaining the LkSG’s core obligations. To this end, it provides for the following two key modifications.

Removal of the reporting obligation

The most striking change is the complete removal of the statutory reporting obligation:  Companies will no longer be required to submit annual reports to BAFA detailing how they fulfil their due diligence obligations, nor to publish such reports on their websites. This amendment is intended to apply retroactively from 1 January 2023, meaning that companies also do not have to file or publish reports for the years 2023 and 2024 – a period for which BAFA has already suspended enforcement of the reporting requirement. The responsible Federal Ministry of Labour and Social Affairs (BMAS) estimates that the abolition of the reporting requirement under the LkSG alone will reduce annual compliance costs for the private sector by approximately EUR 4.1 million.

Note, however, that companies must still continuously document the fulfilment of due diligence obligations and keep records for at least seven years from the date of their creation. Moreover, BAFA may still request access to a company’s internal records to assess whether it complies with the LkSG.

Narrowing the catalogue of administrative offences

Reflecting the coalition agreement's objective to eliminate sanctions for due diligence obligations except for "massive human rights violations," the draft bill narrows the list of administrative offences, stating that sanctions will apply only to “severe violations”.  In particular, the failure to appoint a responsible function for monitoring risk management and the failure to conduct a risk analysis would no longer be subject to fines as such. Under the draft bill, fines will only apply where a company fails to take the required preventive measures, fails to undertake remedial actions (and accompanying strategies), or fails to establish an effective complaints procedure. In addition, the list of administrative offences is limited to human rights-related failures, meaning that failures concerning environmental risks would no longer be subject to fines under the LkSG.

Note, however, that the remaining administrative offences may still lead to significant fines – up to EUR 8 Mio. or 2% of the average annual global turnover for entities with an annual turnover of more than €400 million – and exclusion from public procurement procedures. While we expect BAFA to continue its enforcement approach of engaging with concerned companies and imposing fines rather at a second stage, companies should nonetheless maintain their compliance efforts to mitigate the risk of administrative fines.

Continuing application of due diligence obligations

At the same time, the catalogue of due diligence obligations under the LkSG continues to apply. This means that companies are still required to establish a risk management system, define internal responsibilities (including appointing a human rights officer or establishing a human rights committee), conduct regular risk analyses, implement preventive measures, issue a policy statement, take remedial actions, and set up a complaints procedure. Although some obligations are no longer subject to punitive fines, BAFA may still issue orders specifying how companies must implement and fulfil their obligations under the LkSG. If companies fail to comply with such orders, BAFA can impose administrative penalty payments to incentivize compliance – an outcome most companies will seek to avoid.

Key takeaways

While the draft bill removes the reporting obligation and narrows the catalogue of administrative offences, it only marginally reduces the overall implementation efforts for companies. From a governance perspective, management boards remain obliged under corporate law to ensure that the company has an adequate organizational framework in place to meet its legal duties – including sufficient staffing and resources. Even if certain breaches will no longer be sanctioned by BAFA, they may still trigger internal accountability, reputational harm, and loss of trust from investors, lenders, suppliers and customers. Moreover, NGOs are likely to continue monitoring companies’ conduct closely and to hold companies publicly accountable in case of non-compliance.

Given that Germany is required to transpose the CSDDD, companies should closely monitor the ongoing developments at both the national as well as the EU-level. As regards the national level, the government’s current timetable envisions deliberations in the German Bundestag and Bundesrat in Q4 2025. If both chambers can reach an agreement in December – potentially in the Bundesrat’s final session on 19 December 2025 – the law could be promulgated before year’s end and enter into force immediately thereafter.