LkSG Risk Analysis
The LkSG risk analysis is the systematic process by which companies identify, weigh and prioritise human rights and environmental risks within their own operations and at their direct suppliers.
The risk analysis is the centrepiece of the due diligence obligations under the German Supply Chain Due Diligence Act (Lieferkettensorgfaltspflichtengesetz, LkSG). Obligated companies must determine, once a year and on an ad-hoc basis, which human rights and environmental risks exist within their own business operations and at their direct suppliers. For indirect suppliers, the obligation is triggered on a case-by-case basis, for example when the company gains substantiated knowledge of a possible violation. The goal is to make abstract and concrete risks transparent before they materialise into actual violations.
Methodologically, the analysis is carried out in two steps. First, an abstract risk analysis identifies the relevant risk fields based on country, sector and product risks (risk mapping). This is followed by a concrete risk analysis that examines the prioritised suppliers and sites in depth, often drawing on self-assessments, questionnaires, audits or external data sources. The identified risks must be weighed and prioritised according to the criteria of Section 3(2) LkSG, in particular the severity of the potential violation, the likelihood of occurrence, the nature of the company's contribution to the cause and its ability to exert influence.
The results of the risk analysis directly drive action: they form the basis for defining preventive and, where necessary, remedial measures, feed into the policy statement on respect for human rights, and must be communicated internally to the relevant decision-makers. The procedure, findings and prioritisation must be documented in accordance with Section 10 LkSG and form part of the annual report to the Federal Office for Economic Affairs and Export Control (BAFA). A carefully conducted and traceably documented risk analysis is therefore a central prerequisite for fulfilling all further due diligence obligations.
Legal Basis
Section 5 LkSG (risk analysis), Section 3(2) LkSG (appropriateness criteria), Sections 4(1), 6 and 10 LkSG
Practical Example
A compliance officer at a mid-sized machinery manufacturer carries out the annual LkSG risk analysis. In the first step, she maps all direct suppliers by sourcing country and product category and, using a sector index, identifies elevated risks at an electronics supplier in a high-risk country. In the second step, she sends out a detailed self-assessment questionnaire, evaluates the responses and arranges an on-site audit for the flagged location. She documents the prioritised risks, the criteria applied and the resulting preventive measures in an audit-proof manner and presents them to management and for the BAFA report.