Using the Sustainability Code to report on corporate due diligence obligations

Companies can use the Sustainability Code to report on the core elements of the corporate due diligence obligations of the National Action Plan (NAP).

The National Action Plan for Business and Human Rights:

  • Was adopted by the German Federal Government in 2016 in order to implement the UN Guiding Principles on Business and Human Rights
  • Applies to companies with more than 500 employees
  • Includes core elements of corporate due diligence obligations for the upholding of human rights

The Code can be used to report on the core elements. The Code Office checks a declaration for formal completeness.

The Sustainability Code incorporates the individual aspects of corporate due diligence obligations into the existing human rights criterion (criterion 17) with the aim of offering companies clear guidance regarding reporting in line with the NAP. To submit a Code declaration which also includes the NAP, a company selects the desired application level in the database. The Code Office then checks this information for formal completeness, in addition to the Code requirements.


The United Nations adopted the Guiding Principles on Business and Human Rights in 2011. They comprise the first international framework of reference for this topic. The federal government pledged to implement the UN Guiding Principles in its 2013 coalition agreement and published its National Action Plan in 2016. The aim is to initiate a process within companies and to thereby guarantee policy coherence.

The Federal Government expects at least 50% of all companies with over 500 employees to have integrated human rights due diligence obligations into their processes and to be reporting on this by 2020. The aim is to improve the human rights situation throughout supply and value chains around the world. This is stipulated in the National Action Plan for Implementation of the UN Guiding Principles on Business and Human Rights as adopted by the German Federal Government in December 2016. This requires enterprises to produce reporting in order to demonstrate that they are aware of the actual and potential impact of their corporate activity on human rights and are taking appropriate steps to address the situation.
The federal government expects all companies to introduce corporate due diligence processes for the upholding of human rights in a manner commensurate with their size, industry and position within the supply and value chains. There is no legal obligation to report on such matters. However, the federal government has announced further steps going as far as statutory measures should less than 50% of the companies in Germany with more than 500 employees implement these processes by 2020. The basis for this is the Federal Statistical Office’s “Companies by industry sector with 500 or more employees subject to social insurance contributions” table within its statistical business register (as at 30 September 2017: 6,475 companies). A review is scheduled for in or after 2018.
In addition, the coalition agreement for the 19th legislative period signed in March 2018 states the following: “Should an effective and comprehensive review of the NAP come to the conclusion that a voluntary commitment on the part of companies is not sufficient, we shall introduce legislation at the national level and will advocate an EU-wide rule.”
The National Action Plan outlines the five core elements to be integrated into a business’s activities:
  1. Human rights policy statement
  2. Procedures for the identification of actual or potential adverse impact on human rights
  3. Measures to prevent potential negative impacts and reviewing the effectiveness of the measures
  4. Reporting
  5. Grievance mechanism

The Sustainability Code allows for the reporting of the core elements within the Code database. To do so, a company selects the appropriate application level under “General information” within their company profile. Questions are then posed regarding the individual elements in addition to the Code information within criterion 17. Enterprises not directly within the group of NAP users likewise have the option of voluntarily having their declarations of conformity checked for compliance with the more stringent requirements. This can make sense if, as part of the supply chain, they are required to disclose their information to this detailed degree.
The following information is to be reported:
  • Does the enterprise have its own corporate guidelines?
  • Do the guidelines include the ILO’s core labour standards?
  • Has the company management approved the policy statement? How does the enterprise provide information about this internally and externally?
  • At which level is responsibility for human rights concerns enshrined?
  • What reach do the guidelines have (which sites, including subsidiaries etc.)?
  • Does the enterprise analyse human rights risks (within its business divisions, caused by its products and services, at its locations, relating to underlying political conditions)? If yes, how?
  • Are especially vulnerable groups of people incorporated into the risk assessment?
  • What is the enterprise’s assessment of the human rights risks and its ability to counter these itself?
  • How are human rights risks incorporated into risk management?
  • Is there training for employees in the area of human rights?
  • Is the upholding of human rights checked? If yes, how is it checked?
  • Are there grievance mechanisms and clearly assigned responsibilities within the enterprise or do you use an external grievance process? Please describe this process and how you guarantee access to it.
  • Do whistle-blowing mechanisms also apply to suppliers?
  • Is there a suppliers’ code of conduct that comprises the four ILO core labour standards?
  • Are human rights risks reviewed before a business partnership is entered into? If yes, how are they checked?
  • Are suppliers given training on human rights?
  • What processes does the enterprise use to guarantee that its suppliers uphold human rights?
  • Do you implement measures (jointly with suppliers) in the event of a conflict or do you work with other stakeholders? If so, which ones?
  • What redress policies are there? Were there instances in the reporting period?
The Code Office checks these items for formal completeness, however does not assume any liability for the quality, completeness, currentness or correctness of the information contained in the declarations of conformity. Responsibility for the correctness and quality of the declarations lies exclusively with the companies.
The Code Office recommends that users factor in sufficient time for the review stage. The Code Office generally provides users with initial feedback within two to three weeks. In some cases, however, the company may need to make content corrections, meaning declaration preparation may take up to six weeks.
The Code Office recommends that Code declarations of conformity be published on a company’s website. It may also make sense to incorporate such a declaration into the company’s sustainability, annual and/or management report.

Code Criteria

You can find the Sustainability Code criteria and information on applying and checking them here.

More information


Learn more about the support services offered by the Sustainability Code office, training partners and mentors. More information