Acting ethically and responsibly is a matter of course for most entrepreneurs. The concept of the “honourable merchant” goes back to the Middle Ages and still has an important meaning for German companies. However, Germany is very much involved in global divisions of labour and along the supply chains there are always grievances in the economic, ecological, and humanitarian spheres. This should change. With the Supply Chain Due Diligence Act, or Supply Chain Act for short, a law was passed that obliges companies based in Germany to implement defined due diligence obligations. It came into force on 1 January 2023 and aims to protect human rights along supply chains, improve working conditions and protect nature from harmful impacts. In concrete terms, companies should ensure that human rights and minimum standards such as the prohibition of child and forced labour are observed through responsible management of supply chains.
On 16 December 2022, the Whistleblower Protection Act (HinSchG) was passed in the Federal Parliament. Based on the Whistleblower Directive, it guarantees whistleblowers better protection in their professional environment against reprisals such as dismissal or defamation. The next plenary session of the Bundesrat is on 10 February 2023. If it approves the HinSchG, the law can be promulgated in February. Since a law comes into force three months after promulgation, in this case it would probably be the end of May. In the first stage, the law will apply to all companies with 250 or more employees and, from 17 December 2023 to all companies with at least 50 employees.
The whistleblower directive is coming. But very few companies have taken care of it yet. This is shown by a recent PWC study. And it also confirms our impression in practice. But time is pressing: if the law is finally passed by parliament, all companies with 50 or more employees will be obliged to install a corresponding system. And the number of employees here is based on the European concept of employees – and this differs from the usual way of counting. Employees include everyone employed by the company without exception, including interns, mini-jobbers, and the management itself. This is important for determining whether thresholds are reached or not.
Since August 1, 2022, the new regulation in the Verification Act obliges German employers to record and archive further contractual terms in writing in addition to the information regulated in Section 2 (1) of the NachwG. And this in paper form. The new regulation leads to considerable additional bureaucratic work, and many companies have hardly been able to prepare for the new Verification Act due to the short transition period. Therefore, the question arises: How can medium-sized companies implement the requirements resulting from the Verification Act in a compliance-compliant and yet company-specific manner?
Strategy, liquidity, earnings: a company crisis can have various causes. Well-established crisis compliance shows the right steps to take in the individual situation. The risk of a crisis has increased significantly in recent years and more recently against the backdrop of the pandemic and the Ukraine war – even for seasoned companies. Moreover, in times of numerous high-profile corporate scandals, the liability claims of boards for misconduct have come into focus. Against this background, crisis compliance management is currently experiencing a strong upswing.
Well-managed compliance protects companies from criminal offenses, breaches of rules, unethical behavior and the associated financial losses and reputational damage. But even the most sophisticated compliance organization can only be effective if communication is right. It builds the bridge between the rules and regulations and acceptance within the company with transparent information and an exchange based on trust. Compliance management can only be successful if everyone is informed about the regulations, duties, codes of conduct and responsibilities, can understand all the rules and supports the associated goals.
“Organizations do not commit violations of the law or misconduct. These are committed by people in the organizations.”
Compliance combines goals and functions to comply with laws and rules in the company and to create the framework that misconduct is avoided. In practice, compliance looks different for every company: Of course, every company has to adhere to the legal provisions, thus acts “compliantly” per se. But for a craft business, other laws and internal rules are important than for an IT company or a logistics company. All internal rules that go beyond the law are formed from industry practices, stakeholder expectations and corporate values.
Courageous? Disloyal? Whistleblowers are people who blow the whistle on other people or organizations. For these people, it is usually important that existing regulations and laws are observed and that misconduct to the detriment of organizations and society is stopped. Thus, they open up many opportunities with their tips: If critical information about wrongdoings in the company is not made public, but is received through internal reporting channels, the management level can deal with it proactively.
In this way, financial damage can be averted, grievances can be uncovered at an early stage and company departments can be optimized. A positive reporting culture that signals that critical knowledge is welcome and does not fall on deaf ears increases employee satisfaction and improves the image. In this respect, the whistleblower system, which the EU Whistleblower Directive prescribes for all companies with more than 50 employees, is a good way to make one’s own company more transparent.
The new year marks the beginning of the annual financial reporting season. All companies that prepare financial reports have to deal with the issues surrounding the preparation of their annual financial statements. Even if many of those responsible are not aware of it: accounting compliance forms the foundation here. It ensures that all relevant accounting rules are recognized and applied, and that the company’s assets and liabilities are valued correctly, so that the annual financial report is prepared in accordance with the rules.
The implementation of the EU Whistleblower Directive is on the agenda of many small and medium-sized companies. Managing directors and compliance officers immediately think of lawyers and software, but it takes a lot more to implement the guideline not only in a legally secure way, but also in a motivating and profitable way.
Our expert Karin Scherer puts it in a nutshell: “Many managing directors would like to receive information from the staff when the company is damaged, whether negligently or intentionally, internally by employees or by external persons. Our experiences range from reaching into the till, theft of goods to sexual harassment at the workplace. All incidents in which those in the know or affected did not know how to act, looked a way as a precaution – and in which the management would have liked to have been informed at an early stage, to protect the employees affected and the company.”