Before preparing the report, if you need to carry out a risk analysis in accordance with the LkSG and define measures, the following article explains how: Conducting a risk analysis according to LkSG and defining measures
How to prepare the BAFA report:
- Within the due diligence dashboard, you will find the button "Generate report".
1. Select "LKSG" or "CSRD".
Note: For now, you can only select "LKSG". The "CSRD" button is already implemented in the platform, but the functionality is still to be launched. Stay tuned, it's coming soon!
2. In the next window, you can use the filters to scope the relevant suppliers for reporting, e.g. exclude suppliers with the tag "inactive".
3. Click "Continue".
In the next window, you will set parameters for the report:
1. Set the reporting period according to your financial reporting cycle.
2. Define whether a risk has been identified. In most cases, the answer will be "Yes". Depending on your answer here, different types of reports will be created as defined by the BAFA:
- "No": Shortened report. The report contains fewer questions, but you will be required to describe your processes in more details to explain why you came to the conclusion that no human rights risks have been identified.
- "Yes": Extended report. The report contains more questions, especially on the types of risks identified, prioritized and the respective preventive action taken. However, the answers required contain more "tick-the-box" answers.
3. Define whether an actual violation of human rights environmental obligation has been identified, e.g. via the grievance mechanism.
If you have selected the answer "Yes" for question 2., three more answering options occur:
1. Questions 4 covers your own business area, please read the note carefully as well as the related article: Can I also analyze my own business processes (eigener Geschäftsbereich) with sustainabill according to LkSG.
2. Question 5 covers your direct suppliers.
3. Question 6 covers your indirect suppliers.
You have the following answering options for these questions:
- Not applicable: I haven't analyzed this scope via the platform.
- High Risk Only: Allows you to prioritize risks. You can decide to only have high risk results included as identified and prioritized risks in the relevant reporting sections.
- Medium risk & High risk: Allows you to prioritize risks. You can decide to have both medium & high risk results included as identified and prioritized risks in the relevant reporting sections.
According to your selection, the following information will be prefilled in the reporting template:
- Identified and prioritized risk categories based on the DD dashboard results (will be the same, you can adapt that manually, if desired) - e.g., if you have selected "Not applicable" for own business area and indirect suppliers and "High risk only" for direct suppliers, any risk category where any direct supplier has a high risk will be marked with an "x" in the relevant reporting section
- Action and request types for preventive or remedial measures
- Preventive action types considered: Training, Additional risk information, Desk audit, On-site audit, Contractual Guarantee
- Preventive requests considered: Maturity Assessment
4. Once you have selected all answers, click on "Generate report".
The report will be directly downloaded and a link will be generated where you can download it manually.
You will find the most prefilled information in the sheet "Vollb. B Risikoanalyse, Präv." and "Vollb. C Verletz., Abhilfe" (in case you have identified any violation). In the sheet, all questions with all answering possibilities of the BAFA report questionnaire have been transferred to Excel (see here for further information from the BAFA).
Please read the notes in the column "Anweisungen und Hinweise" in the export. You will need to check, complement and possibly adapt the prefilled answers. Please note that only information will be prefilled that has been analyzed in the platform and selected by you in the report editor.
The section "Vollb. B Risikoanalyse, Präv." is structured as follows:
- Lines 1-19: Questions about your risk analysis (process)
- Lines 20-24: Identified risks in your own business area
- Lines 25-49: Identified risks for your direct suppliers
- Lines 50-64: Identified risks for your indirect suppliers
- Lines 65-74: Questions about your risk prioritization process according to the "Angemessenheitskriterien"
- Lines 75-116: Prioritized risks in the own business area
- Lines 117-127: Implemented preventive measures in the own business area
- Lines 128-169: Prioritized risks for direct suppliers
- Lines 170-182: Implemented preventive measures for direct suppliers
- Lines 183-224: Prioritized risks for indirect suppliers
- Lines 225-235: Implemented preventive measures for indirect suppliers
- Lines 236-243: Questions on internal communications and changes compared to previous reporting period
Note: If you want to use data from the platform for your own reporting (internal/external), pull an export on the reporting date. The supplier profiles are updated in real time and are not historicized.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article