The EU Corporate Sustainability Due Diligence Directive (CSDDD) refers to an EU regulation that requires EU and non-EU companies to conduct environmental and human rights due diligence across their operations, subsidiaries and value chains.

In this article, we will discuss how CSDDD may impact your business and society, what should companies do to prepare for compliance and other more important aspects under CSDDD's scope.

What is the EU's proposed Corporate Sustainability Due Diligence Directive (CSDDD)?

The CSDDD is a piece of major EU legislation designed to enforce the protection for human rights and the environment throughout the EU and globally supply chain of businesses.

On 23 February 2022, the CSDDD was first adopted by the European Commission. In December 2023, a  provisional deal  outlined the directive's scope, clarified liabilities for non-compliant companies, defined penalties, and completed the list of rights and prohibitions that companies should respect .

On April 24th, 2024, the European Parliament formally adopted the Corporate Sustainability Due Diligence Directive (CSDDD), setting into law obligations for large companies with significant activities in the EU to conduct human rights and environmental due diligence in their own operations and across their chains of activities.

By 2027, companies should be ready to comply with the directive, with larger corporations likely to be the first to adhere.

Learn more about CSDDD:  Corporate sustainability due diligence: Council and Parliament strike deal to protect environment and human rights

What are the obligations for companies?

The due diligence directive lays down rules on obligations for large companies regarding impacts actual and potential adverse on the environment and human rights for their business chain of activities which covers the upstream business partners of the company and partially the downstream activities, such as distribution or recycling .

The directive also lays down rules on penalties and civil liability for infringing those obligations; it requires companies to adopt a plan ensuring that their business model and strategy are compatible with the Paris agreement on climate change.

The CSDDD establishes a corporate due diligence duty. To comply with the CSDDD, companies must identify, end, prevent, mitigate, and account for negative human rights and environmental impacts in the company's own operations, subsidiaries and value chains.

The proposed legislation gives business directors specific obligations to integrate due diligence into corporate strategy and consider the human rights, climate change, and environmental consequences of their decisions.

Large companies will also be required to align their business strategies with the  Paris Agreement  goal of limiting global warming to 1.5 °C – meaning that these large companies must have a plan for reaching net zero.

Which companies need to comply with CSDDD?

The agreement fixes the scope of the directive on large companies that have more than 500 employees and a net worldwide turnover over €150 million. For non-EU companies it will apply if they have over €150 million net turnover generated in the EU, three years from the entry into force of the directive. The Commission will have to publish a list of non-EU companies that fall under the scope of the directive.

The CSDDD will directly apply to both EU and non-EU companies.

• EU companies:
  • With more than 500 employees and a net worldwide turnover of more than EUR 150 million in the last financial year.
  • With more than 250 employees and a net worldwide turnover of more than EUR 40 million, provided at least 50% of this turnover was generated in a high-impact sector.
• Non-EU companies:
  • Generate a net turnover of more than EUR 150 million in the EU in the last financial year.
  • Generate a net turnover of more than EUR 40 million in the EU, providing at least 50% of worldwide turnover was generated in a high-impact sector.

Small and medium enterprises (SMEs) are not directly in the scope of this proposal.

When to Implement CSDDD?

The CSDDD will be enforced with a phased-in approach based on company size and turnover, starting three years from entry into force, and grouped as follows:

• 3-year period for companies with over 5000 employees and EUR 1500 million turnover  (from 2027)
• 4-year period for those with over 3000 employees EUR 900 million turnover  (from 2028)
• 5-year period for companies with over 1,000 employees and EUR 450 million turnover, and for companies having entered into franchising or licensing agreements with over EUR 80 million turnover in the EU and EUR 22.5 million in royalties  (from 2029) .

What actions should the companies take to comply with due diligence?

Source: CSDDD compromise 15 March 2024 ( https://data.consilium.europa.eu/doc/document/ST-6145-2024-INIT/en/pdf )

The CSDDD sets requirements on companies to conduct risk-based human rights and environmental due diligence by carrying out the following actions:

(a) Integrating due diligence into companies policies and risk management systems

• Companies integrate due diligence into all their relevant policies and risk management systems and have in place a due diligence policy that ensures a risk-based due diligence.
• Companies update their due diligence policy without undue delay after a significant change occurs, and review and, where necessary, update it at least every 24 months.

(b) Identifying and assessing actual or potential adverse impacts

• Companies take appropriate measures to identify and assess actual and potential adverse impacts arising from their own operations or those of their subsidiaries and, where related to their chains of activities, those of their business partners.
• Member States shall ensure that, where it is not feasible to prevent, mitigate, bring to an end or minimize all identified adverse impacts at the same time to their full extent, companies prioritise adverse impacts identified pursuant to Article 6 for fulfilling the obligations
• For the purposes of identifying and assessing the adverse impacts, where appropriate, quantitative and qualitative information, companies are entitled to make use of appropriate resources, including independent reports and information gathered through the notification mechanism and complaints procedure.

(c) Preventing and mitigating potential adverse impacts

• Companies take appropriate measures to prevent, or where prevention is not possible or not immediately possible, adequately mitigate potential adverse impacts that have been, or should have been;
• Companies shall be required to take the following appropriate measures, where relevant:
  • Where necessary, due to the nature or complexity of the measures required for prevention, without undue delay develop and implement a prevention action plan, with reasonable and clearly defined timelines for the implementation of appropriate measures and qualitative and quantitative indicators for measuring improvement;
  • Seek contractual assurances from a direct business partner that it will ensure compliance with the company's code of conduct and, as necessary, a prevention action plan;
  • Make necessary financial or non-financial investments, adjustments or upgrades, such as into facilities, production or other operational processes and infrastructures
  • Provide targeted and proportionate support for an SME which is a business partner of the company;
  • To increase the company's ability to prevent or mitigate the adverse impact, in particular where no other measure is suitable or effective.
• As regards potential adverse impacts that could not be prevented or adequately mitigated by the appropriate measures, the company may seek contractual assurances with an indirect business partner;
• The contractual assurances shall be accompanied by the appropriate measures to verify compliance. For the purposes of verifying compliance, the company may refer to independent third-party verification, including through industry or multi-stakeholder initiatives.
• Bringing actual adverse impacts to an end.
  • Companies take appropriate measures to bring actual adverse impacts that have been, or should have been;
  • Where the adverse impact cannot immediately be brought to an end, Member States shall ensure that companies minimize the extent of such an impact;

(d) Notification mechanism and complaints procedure

• Companies provide the possibility for people and organizations to submit complaints to them where these people or organizations have legitimate concerns regarding actual or potential adverse impacts with respect to the companies' own operations, the operations of their subsidiaries or the operations of their business partners in the companies' chains of activities.
• Member States shall ensure that the complaints may be submitted by:
  • Natural or legal persons who are affected or have reasonable grounds to believe that they might be affected by an adverse impact, and the legitimate representatives of such persons on behalf of them;
  • Trade unions and other workers' representatives representing individuals working in the chain of activities concerned;
  • Civil society organizations active and experienced in the areas related to the environmental adverse impact that is the subject matter of the complaint.
• Member States shall ensure that companies establish a fair, publicly available, accessible, predictable and transparent procedure for dealing with complaints;
• Member States shall ensure that companies establish an accessible mechanism for the submission of notifications by persons and organizations.

(e)Monitoring

Member States shall ensure that companies carry out periodic assessments of their own operations and measures, those of their subsidiaries and, where related to the chains of activities of the company, those of their business partners, to assess the implementation and to monitor the adequacy and effectiveness of the identification, prevention, mitigation, bringing to an end and minimization of the extent of adverse impacts.

(f) Communicating

Member States shall ensure that companies report on the matters covered by CSDDD.

Large companies and listed SMEs will have to report on:

• Environmental matters
• Human rights
• Anti-corruption measures
• Diversity issues

They will be required to publish detailed information on how their business affects society and the economy and vice versa.

The new rules will:

• Equip investors to take decisions that benefit both people and the environment
• Increase companies' accountability
• Ease the transition to a sustainable economy

Conclusion

The Corporate Sustainability Due Diligence Directive (CSDDD) represents a significant step towards sustainable and responsible business practices. By ensuring compliance with this directive, companies can mitigate risks, enhance their reputation, and contribute to a more sustainable and equitable global economy.

As businesses navigate the complexities of CSDDD, proactive measures, stakeholder engagement, and transparent reporting will be key to not only meeting regulatory requirements but also achieving long-term success in a rapidly evolving business landscape.

By prioritizing sustainability and ethical practices, companies can position themselves as leaders in the market and build a resilient foundation for the future.

The Directive will come into force from the 20th day after it has been published in the Official Journal of the European Union (expected end of May 2024). As a result, the 2027 implementation date is relatively tight for those large companies with extensive, multi -national value chain that span multiple countries. Companies should therefore start to prepare their regulatory responses if they have not already done so. 

Check out our Sustainability and Supply Chain Assurance services or contact us for more support.???????