"Lessons learned from Germany with impressions from Norway: Recommendations regarding the risk-based approach, SME suppliers, and civil liability for the Omnibus based on experiences from the implementation of the LkSG"

[...] For this paper, however, the focus is on some of the challenges faced in the implementation of the LkSG and lessons to be learned from these challenges. In summary, the current Omnibus package and subsequent implementation by member states should:

1. Avoid diluting the risk-based approach by imposing a focus on tier-1 suppliers
2. Strengthen the principle of fair engagement with SME suppliers
3. Harmonize civil liability rules

These lessons reflect the most relevant concerns voiced in Germany: bureaucratic implementation tendencies that overwhelm small and medium-sized enterprises (SMEs) with excessive questionnaires and attempts to shift responsibility onto them. The focus of the regular risk analysis on direct suppliers incentivizes large-scale but superficial tickboxing practices, instead of an efficient implementation approach focused on the highest risks. The approach of risk-based HREDD across the supply chain, as established by the CSDDD and by the Norwegian Transparency Act (2021), was also positively perceived by companies in Norway. Nevertheless, and against the view of important business actors that perceive it as bureaucratic, the direct supplier approach was proposed to be replicated through the omnibus proposal for the CSDDD by the European Commission. Rightfully, relevant voices among the member states prefer to leave the risk-based approach untouched. This paper was prepared by a lawyer who advises and trains companies on implementing HREDD. Additional experts from German and European corporate practice were involved in its development, particularly regarding the implementation of due diligence obligations. [...]