Skip to main content

Supply Chain Risk Assessments:
improving your ESG risk overview over your supply chain 

Conducting supply chain risk assessments is a critical step for companies to improve their ESG performance and ensure compliance with evolving international regulations. These assessments thoroughly identify potential risks related to human rights abuses and negative environmental impacts, allowing companies to prioritise due diligence efforts and take proactive measures to prevent or mitigate risks. 

Not surprisingly, due to the quality of risk overview that supply chain risk assessments provide, some of today’s most critical regulations require companies to conduct them as a mandatory requirement for compliance. These include the German Supply Chain Due Diligence Act (LkSG), the EU Battery Regulation (EUBR), the EU Corporate Sustainability Due Diligence Directive (CSDDD), and the Critical Raw Materials Act (CRMA). 

    Supply chain risk assessments and regulatory compliance  

    The LkSG, the EU Battery Regulation, the CSDDD and the CRMA have a critical impact on the due diligence practices of companies operating within and outside the European Union, be they in scope (direct impact) or because they are in the supply chain of a company in scope (indirect impact). 

    These regulations impose stringent due diligence and reporting requirements to ensure that companies are actively managing risks associated with their supply chains. Here is how each include supply chain risk assessments as a means for compliance:  

    LkSG
    • The German Supply Chain Due Diligence Act requires companies to conduct a risk analysis (assessment) of their own operations and of direct suppliers to identify human rights and environmental risks on an annual basis. This analysis must be used to weigh and prioritise risks, with enhanced risk analysis in high-risk areas. The risk analysis is also required when a significant change or expansion of a risk in the supply chain is expected.

    • This obligation is already applicable to companies with more than 1,000 employees in Germany. Failing to comply with due diligence obligations can result in a fine of up to 2% of annual global turnover. 

     
    EUBR
    • The EU Battery Regulation requires companies in scope to identify and assess social and environmental risks in their supply chain, and to assess the likelihood of these risks occurring in the supply chain. 

    • This obligation is part of the due diligence requirements that will apply from August 2025 to companies placing or putting into service batteries in the EU with an annual turnover of more than €40 million. Failure to comply could result in a ban on selling the batteries or products containing them in the EU. 

     
    CSDDD
    • The EU Corporate Sustainability Due Diligence Directive requires large companies to identify and assess ESG risks in their own operations and those of their direct and indirect suppliers. This assessment includes identifying common areas where adverse impacts are most likely to occur and where they are most severe. 

    • EU member states are required to make this mandatory for large companies from July 2027, with the scope increasing over time. Smaller companies will be indirectly affected and may be required by customers to meet similar standards in their supply chains. Failure to comply could result in a fine of up to 5% of global net turnover. 

     
    CRMA
    • The European Critical Raw Materials Act requires large manufacturers in strategic sectors to conduct a risk assessment every 3 years in their strategic raw materials supply chain, including mapping, analysis of the factors that might affect their supply of strategic raw materials and assessing the vulnerabilities and disruptions. 

    • CRMA is already applicable. This specific obligation will become mandatory for large manufacturers identified by the authorities as soon as the first list of companies is established, which will happen by 24 May 2025. Penalties for non-compliance have not yet been defined. 

    How can companies benefit from conducting supply chain risk assessments? 

    Beyond regulatory compliance, supply chain risk assessments can provide organisations with valuable information about their supply chain. 

    Some of the further benefits and practical value risk assessments bring to companies are because they also serve as:  

    A risk-based overview of the supply chain
    • This is of particular interest to companies whose traceability efforts are not yet fully developed. In this sense, it serves to inform a company about the ESG hot spots in the supply chain per product, or about the probability of finding certain risks in the supply chain based on country risk. This data can then be used to inform preventive or mitigating measures. 

    A resource prioritisation tool
    • A supply chain risk assessment equips companies with the knowledge required to understand where to allocate further resources for a more in-depth due diligence analysis and where to focus risk management strategies.  

    A guide for stakeholder engagement and for making informed sourcing decisions
    • Knowing where potential ESG risks are most likely to occur in your supply chain will also help your company make decisions about stakeholder engagement and sourcing prospects. 

    A provider of data and of demonstrable due diligence efforts for corporate reporting
    • The conduction of supply chain risk assessments allows companies to report on their improved due diligence efforts and provides the necessary data to be disclosed in responsible sourcing reports. 

    A source of intelligence to improve supply chain resilience 
    • Having more knowledge about suppliers beyond tier-1 increases supply chain resilience, for example, by knowing which commodities are most vulnerable to geopolitical disturbance or natural disasters, enabling companies to prepare ahead. It can also benefit operational efficiency and competitiveness thanks to the intelligence it provides. 

    Conclusion 

    In conclusion, the obligation to conduct annual supply chain risk assessments has become a fundamental aspect of due diligence regulations in the EU, both at the national and EU levels. Furthermore, the impact of these regulations is already being felt by companies operating beyond the EU’s geographical scope. 

    Even if not directly affected by the LkSG, CSDDD, EUBR or other due diligence regulations, the implementation of supply chain risk assessments represents a fundamental and indispensable element of any company’s due diligence practices and can easily be used as a baseline for improving a company’s ESG performance, contributing to sustainable and responsible business operations and fostering a positive impact on the industry landscape. 
     



    RCS Global supports your ESG journey


        • Supply chain ESG risk assessments


        • ESG risk assessments of specific suppliers 


        • Mapping and auditing companies’ raw material supply chain


        • Staff and supplier training on ESG Risk Management


        • Responsible Sourcing Strategy and Governance Advisory 


        • Interpretation of due diligence legislation

        • Development of comprehensive Due Diligence Management Systems aligned with internationally recognised good practice frameworks


        • Meeting disclosure and reporting requirements

      Author:

      Javier Sánchez Muñoz
      Project Manager