NTT DATA
Deloitte
Protiviti
Trust Alliance
Eraneos
Grant Thornton

Solution

German Supply Chain Act LkSG

Our cloud-based risk platform is tailored to help you comply with the German Supply Chain Act (LkSG) with efficiency and ease.

German Supply Chain Act LkSG

3 challenges

#1. ESG risks

Keeping an overview of the human right and environmental risks within the supply chain is essential considering evolving threats and the third-party due diligence requirements stated in the German Supply Chain Act (LkSG). Many organisations lack visibility and understanding of their third-party risk landscape.

#2. Stakeholder engagement

Engaging internal teams with risk management and internal control activities, such as risk profiling, control testing or assessment reviews, can be challenging due to a lack of understanding, inadequate communication, resistance to change or tool fatigue.

#3. Compliance workload

Risk professionals are confronted with an unprecedented challenge: the escalating complexity and volume of risk management and compliance tasks in combination with rising compliance costs and a lack of qualified personnel. This makes it difficult to perform all tasks in house, including LkSG due diligence.

Key benefits

  • Align with best-practices
  • Streamline processes
  • Improve stakeholder engagement
  • Standardise reporting
  • Improve decision-making
Solve your challenges

3 common challenges
and our solutions

#1. ESG risks

Keeping an overview of the human right and environmental risks within the supply chain is essential considering evolving threats and the third-party due diligence requirements stated in the German Supply Chain Act (LkSG). Many organisations lack visibility and understanding of their third-party risk landscape.

#2. Stakeholder engagement

Engaging internal teams with risk management and internal control activities, such as risk profiling, control testing or assessment reviews, can be challenging due to a lack of understanding, inadequate communication, resistance to change or tool fatigue.

#3. Compliance workload

Risk professionals are confronted with an unprecedented challenge: the escalating complexity and volume of risk management and compliance tasks in combination with rising compliance costs and a lack of qualified personnel. This makes it difficult to perform all tasks in house, including LkSG due diligence.

Questions? Chat with us

Our features to simplify & automate compliance

Risk management: One integrated risk register for all internal risk disciplines

Register internal and external risks. Link risks to a specific third-party, internal control(s) and/or location within your organisation. Follow the ISO 31000 best-practice workflow containing of risk identification, assessment, treatment and monitoring. Use the interactive risk matrix to easily filter different risk disciplines and scores.

Third-party management: All your third-party information centralised and connected

One integrated register for all your third parties. Register multiple contracts per third-party. Assign risk profiles to segment your landscape, taking into account multiple risk domains such as cybersecurity, sustainability and compliance. Connect with your procurement system to retrieve and enrich your supplier data.

Compliance management: Obtain a full overview of all your internal and external compliance requirements

One integrated register for all your internal & external compliance requirements Use it to manage compliance requirements for security, sustainability, privacy, legal, quality and many others. Define a specific scope & applicability per compliance requirement and link them to one or more assessment questionnaires. Monitor compliance in real-time.

Assessment management: Third-party self-assessment activities streamlined and automated

Integrate the different third-party assessment efforts of all your risk and compliance disciplines. Combine questionnaires from different risk disciplines into one third-party assessment. Suppliers log in to a secure supplier portal in which they can collaborate and provide their evidence. Our AI-powered review module makes an initial analysis.

Real-time monitoring: Instantly receive alerts about your third-parties and follow-up efficiently and effectively

Continuously monitor your third-parties in 2 million news sources and receive instant alerts on negative news articles. Activate our out-of-the-box integrations with BitSight, SecurityScorecard, Ecovadis, Refinitif and many others to retrieve your third-parties' security, sustainability, financial or compliance risks ratings in one central overview.

Action plan management: Assign action plans to internal stakeholders and third-parties and track follow-up

Consolidate remediation actions across all internal teams and third-parties within a unified action plan repository. Assign ownership through our platform and Microsoft Teams. Set and adjust timelines for each action, with reminders to keep progress on track via our platform's virtual officer, e-mail and Teams. Visual indicators offer status updates, simplifying oversight.

Managed service: Outsource TPRM to one of our partners and benefit from their scale, expertise and global reach

For organisations with limited time or resources for third-party risk management, we have formed partnerships with esteemed experts in the field. These partners can fully manage the entire third-party risk management process for you, encompassing risk profiling, due diligence, and real-time monitoring, by using our fit-for-purpose platform. Schedule a conversation.

Schedule a free demo
Some of our
German Supply Chain Act LkSG
clients and partners

Related resources

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Blog

German Supply Chain Act: Key takeaways for compliance

Read more
News

NTT DATA and 3rdRisk forge strategic alliance

Read more
Blog

Starting with third-party risk management (1): How to set up your capability?

Read more
Blog

European regulations on third-party risk management

Read more

Customer stories

Nick de Freitas
,
Schoeller Allibert
“The implementation felt like a true partnership. It seemed as if we extended our team to include you, and you took on the majority of the work, guiding us every step of the way. Your support was invaluable in helping us succeed”
Janneke Coopmans
,
Jumbo
"Thanks to 3rdRisk's technology, risk management and the execution of controls have become something for the entire organisation. Our stakeholders in the business are now much more involved in executing and testing controls. Risk awareness has improved. That's a huge gain."
Farida Fouad
,
de Bijenkorf
"You don’t need any training to understand the 3rdRisk platform. It operates intuitively and smoothly – appearing as though it was developed specifically for de Bijenkorf."
Nick DeFreitas
,
Brookfield
"The implementation felt like a true partnership. It seemed as if we extended our team to include you, and you took on the majority of the work, guiding us every step of the way. Your support was invaluable in helping us succeed”
Sem J. de Spa
,
Deloitte
"Our strategic partnership combines Deloitte's expertise with 3rdRisk's technological strengths. We offer advisory and managed services with flexible outsourcing options. This approach allows us to extend our capabilities directly into your operations, optimising resource allocation and compliance adherence."
Berry Kok
,
HEMA
"The usage of the 3rdRisk platform has saved a significant amount of time in both operations and the second and third lines. In addition, risk management and internal control are adopted by the entire organisation and part of everyone's task."
Dennis vd Meer
,
Grant Thornton
"3rdRisk is really a platform that integrates seamlessly, combines different data sources and provides new insights."
Maarten Schreuder
,
Protiviti
“3rdRisk's technology stands out in user-friendliness, the numerous integrations, and the way it involves stakeholders in the organisation in third-party risk management and internal control."
Dave van Gulik
,
Trust Alliance
"3rdRisk is our go-to platform for risk and compliance management. Why? Because it's based on the latest standards in our field, highly flexible, intuitive, and pleasant to work with, and very accessible to our clients, from multinationals to large SMEs."

FAQ

In the overview below, we have listed the most frequently asked questions and answers. Do you still have questions? Just reach out to one of our experts.

Does the 3rdRisk platform support compliance with the German Supply Chain Act (LkSG)?

Absolutely. Our vendor risk management platform is designed with the German Supply Chain Act requirements in mind. It also comes with several best-practice assessment templates (questionnaires) which can be completely customised to your specific situation.

Can I effectively manage third-party risks with 3rdRisk without a dedicated team?

Yes. By using our third-party risk platform, you can already assess and monitor up to 100 third parties with only a few hours a week. In addition, you can also decide to outsource third-party risk management activities. For organisations that are inclined to outsource these tasks, we have established partnerships with renowned partners who are well-versed in leveraging our platform’s capabilities allowing them to deliver excellent quality at a competitive price.

Do I need training to operate the 3rdRisk platform?

No. No training or certification is required to operate the 3rdRisk platform. For organisations that choose to manage their third-party risk management program in-house, our platform acts as an intuitive platform, streamlining processes and making follow-up and monitoring straightforward. Its design ensures that teams can quickly familiarise themselves with its features, reducing the learning curve and allowing for immediate implementation.

Still have a question?

Our experts are always here to help you out.

Request demo