Requirements to diligently manage human and environmental risks

Investors, consumers and – most recently regulators – are increasingly expecting companies to practice due diligence in relation to potential violations of human rights and environmental laws in their supply chains.

Functions

Third Parties helps you fulfill your due diligence obligations and manage associated compliance risks – simply and efficiently.

Upload/transfer and manage relevant company/supplier data in the Data Center.

  • Central repository for company-specific data, including subsidiaries and (in)direct suppliers.

 

Prioritize and sort your suppliers based on the country and sector risk ratings​.

  • See which companies require closer examination or specific measures
  • Clear prioritization of further risk management efforts

 

Request a Supplier evaluation directly via Third Parties.

  • Suppliers are invited to join and self-evaluate on the EQS Partner Integrity Hub.

 

The evaluation results are then shared with customers directly in Third Parties and in the form of a company profile via the Partner Integrity Hub.

Partner Integrity Hub evaluation results are shown directly in Third Parties.

 

Complementary manual risk assessment for specific high-risk suppliers​​

  • Implementation and documentation of a focused risk analysis in accordance with the LKSG

 

 

Assignment of potential legal violations to individual suppliers​

  • Supplementing the focused risk analysis by documenting the feared violations of the law with the help of the violations register

 

Organization of measures with integrated task management​

  • Planning of selected preventive measures for the respective company or group of companies​
    Basis: register of measures
  • Pre-filled register of measures serves as a starting point for the assignment of measures​

 

Grievances can be organized, documented and connected to ongoing risk management​ efforts.

  • Automatic transfer of relevant grievances from the EQS Integrity Line​
  • Linking incoming grievances with risk groups, companies and measures

 

Effectiveness of control measures based on the evolution of risk assessments over time​.

  • Regular and event-related risk analyses are documented and, if necessary, archived
  • The traceability of risk development over time makes it possible to monitor the effectiveness of measures

 

All due diligence efforts can be documented and archived on an ongoing basis

The Partner Integrity Hub

The Partner Integrity Hub is a platform where information on responsible business practices can be collected, evaluated, and shared.

The maturity of a company’s Environmental, Social, and Governance (ESG) practices is assessed via a standardized questionnaire, in line with internationally recognized standards and frameworks. The results of which are then showcased via a shareable profile.

The Partner Integrity Hub’s evaluation covers key ESG themes, including:

  • Human & Labour Rights
  • Health & Safety at Work
  • Environmental Responsibility & Climate Impacts
  • Anti-Bribery & Corruption
  • Diversity & Equal Opportunity

EQS Customers get a better understanding of their business partner risks, through

  • Single-click evaluation requests to multiple business partners directly from Third Parties
  • A comprehensive understanding of the compliance & ESG maturities of business partners that may inform partner-specific risk assessments.
  • A partner-specific repository of compliance & ESG related certifications.

Business partners benefit from

  • A straightforward and free registration process
  • The opportunity to self-evaluate on key ESG topics, with scores for overall ESG maturity, as well as sub-scores for various focus areas.
  • An online repository of its compliance & ESG related certifications.
  • A shareable public profile that fosters trust and shows a commitment to transparency

Your benefits

 

Run your risk analysis without additional manual effort and without prior risk assessment knowledge.

 

Get a smart overview of potential measures to mitigate the most prevalent human and environmental risks.

 

Simplify the implementation of risk prevention measures through integrated procedural recommendations.

 

Speed up your reporting with pre-filled report forms.

 

Fulfil your documentation obligation through activity logging and continuous archiving of the measures taken.

 

Control the effectiveness of risk management measures by comparing before and after with the help of archived risk analyses.

Third Parties is part of Compliance COCKPIT – the digital compliance platform for all your workflows.

Find out how this platform can simplify your daily compliance work!

Customers who trust our Compliance COCKPIT solutions:
Reference Puma | EQS Group

You have questions? We have answers!

1. What are the requirements of the German law?

Many European companies have passed regulations to anchor human rights and environmental standards in supply chains. In Germany, the Supply Chain Due Diligence Law (Lieferkettensorgfaltspflichtengesetz) came into force in 2023, the UK Modern Slavery Act has been in place since 2017, and other European countries such as France, Norway and Switzerland have since followed suit with similar regulations. All these laws are to varying degrees based on the United Nation’s Guiding Principles for Business & Human Rights, as first published in 2011.In 2024, the European Corporate Sustainability Due Diligence Directive is expected to be passed, this will further raise requirements from companies.

2. Who does the German law apply to?

The German Supply Chain Due Diligence Act (LkSG) applies to companies headquartered in Germany with more than 3,000 employees from January 2023. From 2024, the law will apply to companies with more than 1,000 employees. Foreign companies’ subsidiaries in Germany, who exceed these employee numbers, are also covered by the law. Foreign companies that sell to affected German businesses, along with small German businesses, also feel the impact. This is because the larger German firms under this law are asking their suppliers to follow the same rules.

3. What role can Third Parties play in my wider company risk management?

Third Parties plays a crucial role in the overall non-financial risk management of your company, particularly addressing Supply Chain Due Diligence, requirements . As such, it helps you comply with specific regulations such as the German Supply Chain Due Diligence Law (Lieferkettensorgfaltspflichtengesetz or LkSG), or other nationally relevant supply chain due diligence regulations.

4. How much can we customize Third Parties to fit our existing risk management processes?

Third Parties is primarily designed to help users comply with common supply chain due diligence requirements, e.g. those of the German Supply Chain Due Diligence Act, of similar supply chain due due diligence laws in other countries, or of the UN’s and OECD’s related requirements. The user can also customize the types of potential legal violations managed in the system, as well as the measures to manage risks of violations. This opens a broad range of further application possibilities in regards to the management of other compliance risks. However, the tool is not intended for the management of commercial risks.

5. Which industries or sectors can benefit from using Third Parties?

Third Parties can benefit companies across all industries, sectors, and countries. It offers users the flexibility to incorporate industry or sector-specific violations and measures, ensuring wide-ranging applicability. It also contains abstract risk ratings for all major sectors.

6. Does Third Parties provide comprehensive risk management solutions, including financial risk management?

Third Parties is a comprehensive non-financial risk management solution, particularly focused on addressing human rights and environmental risks. It is specifically tailored to prioritizes risks based on criteria such as the potential number of affected individuals, the severity of effects, the probability of occurrence, and the potential for remediation.

7. How can Third Parties help me prioritize my efforts to manage risks?

Third Parties offers several features to assist you in prioritizing your efforts to manage risks effectively:

  • a. Abstract Risk Calculation: The system automatically calculates an abstract risk score for suppliers based on country and sector as soon as they are uploaded to the risk manager.
  • b. Filtering Capabilities: Third Parties allows you to filter suppliers based on various criteria for e.g., abstract risk, spend, number of employees, country, sector, and user tags. This enables you to focus on suppliers that may pose higher risks or are of greater significance to your organization.
  • c. Supplier Evaluation: For additional information on your suppliers, our supplier evaluation feature enables you to efficiently obtain further first-hand information from your suppliers, helping you to assess supplier-specific risks.

 

 

8. How does Third Parties help me report according to the German Supply Chain Due Diligence Act?

Third Parties continuously documents your due diligence efforts, including the risk analysis, its results, and the measures you take in order to manage risks. Based on this, the risk manager can automatically compile most of the answers to the questions which the BAFA (Bundesamt für Wirtschaft und Ausfuhrkontrolle) asks in it’s digital reporting platform.

9. Are there training or support resources available to assist users in maximizing the benefits of Third Parties?

Yes. Third Parties provides a range of training and support resources to assist users in their risk management efforts. This includes a comprehensive library of violations that encompass the protected positions defined by the LksG and a library of measures to effectively manage and prevent these violations. Furthermore, Third Parties includes a selection of templates such as the Declaration of Principles, training materials, and audit checklists.

10. Which languages are supported by Third Parties?

Third Parties is currently available for use in German and English. However, new languages will be added soon.

11. How does Third Parties ensure data security and confidentiality of sensitive information?

EQS Group supports compliance with the European Data Protection Regulation (GDPR) and other data protection regulations worldwide through various measures at the organizational, technical and functional level.

At the organizational level, through measures taken for information security and data protection in the form of a proper and certified ISMS according to ISO 27001 standards. This is subject to regular internal and independent audits.

Customers have the option to use both private or public clouds, with private clouds being offered in France, Germany and Switzerland.

 

12. How quickly can you get me started with Third Parties?!

The estimated timeline for implementing Third Parties, including supplier data upload and integration, typically ranges from 2 to 6 weeks.

Contact us

Marco Goldberg
Marco Goldberg

Managing Director, North America
+1 929 593 1101

Always stay up to date

Our newsletter “EQS Compliance Compass” brings you informative and thought-provoking articles from the world of Compliance (e.g. noteworthy articles, white papers & more).

Subscribe to our free newsletter