On 24 April 2024, the European Parliament plenary formally adopted the proposal for a Directive on Corporate Sustainability Due Diligence (CSDDD or the Directive). This note summarises ten key issues enterprises active in the EU should know about the Directive.

1. Aim of the CSDDD

The CSDDD will serve a number of purposes. First, the CSDDD should improve corporate governance practices to better integrate risk management and mitigation processes of human rights and environmental risks and impacts, including those risks that stem from value chains, into corporate strategies. Second, the CSDDD is aimed at increasing corporate accountability for adverse impacts, and ensuring coherence for companies with regard to obligations under existing and proposed EU legislation as well as policies on responsible business conduct. Finally, the CSDDD should improve access to remedies for persons affected by adverse human rights and environmental impacts of corporate behaviour.

2. Scope

Article 2 sets out the scope of the CSDDD. Initially, the European Commission (Commission) proposed to make the CSDDD applicable to EU companies with more than 500 employees and a net worldwide turnover of more than EUR 150 million. In addition, EU companies with more than 250 employees and a net worldwide turnover of more than EUR 40 million would also fall within the scope of the Directive, if at least half of their net turnover was generated in a high-risk sector. The Directive defines what sectors are high-risk and these are: the manufacturing of textiles, leather and related products; agriculture, forestry and fisheries; and the extraction and manufacturing of mineral products.

However, following extensive negotiations, the scope of the Directive has been adjusted in the sense that it applies to EU companies with 1,000 employees or more and with a net worldwide turnover of more than EUR 450 million, as well as companies of which the ultimate parent company of the group reached those thresholds. It is also important to note that the CSDDD extends to third-country companies that generate a net turnover of more than EUR 450 million in the EU. In addition, third-country companies that are part of a group of which the ultimate parent company generates a net turnover of more than EUR 450 million in the EU, also fall within the scope of the Directive. In-scope third-country companies must designate an authorised representative located within the Member State in which it operates. An authorised representative is a natural or legal person resident or established in the EU that is mandated by the company to act on its behalf in compliance with the CSDDD.

3. Interaction with other pieces of legislation

The CSDDD is an important component of the general EU policy on environmental, social and governance (ESG) issues. In particular, it interacts with the following EU initiatives and legislation:

  • On 16 December 2022, The Corporate Sustainability Reporting Directive (CSRD) was published in the EU Official Journal. The CSRD amends the existing reporting requirements under the Non-Financial Reporting Directive (Directive 2014/95/EU) (NFRD) to introduce, among others, more detailed non-financial reporting requirements as well as a requirement to report according to mandatory EU sustainability reporting standards. The CSDDD is closely interlinked with the CSRD, as the CSRD requires setting up processes that are closely related to identifying adverse impacts in accordance with the due diligence duty introduced by the CSDDD (see point 5 below). The CSRD also covers the reporting phase of the CSDDD due diligence duty for companies that are within scope of both pieces of legislation.
  • For financial market participants, Article 4 of the Sustainable Finance Disclosures Regulation ((EU) 2019/2088) (SFDR) requires in-scope entities to publish a statement on their due diligence policies with respect to the principal adverse impacts of their investment decisions on sustainability factors on a comply-or-explain basis. This requirement is, however, mandatory for financial market participants with more than 500 employees. The CSDDD will apply to a smaller group of companies (see point 2 above).

4. Due diligence obligations

Under Articles 5 to 7 of the CSDDD, Member States must ensure that in-scope companies, including the in-scope third country companies that operate within the Member State, integrate risk-based human rights and environmental due diligence into all their corporate policies and that they have a due diligence policy in place. The due diligence policy must contain a description of the company’s approach to due diligence as well as a code of conduct. The due diligence policy must also provide a description of the processes put in place to implement due diligence in the company’s processes, including the measures taken to verify compliance with the code of conduct and the extension of its application to established business relationships. The due diligence policy must be updated every 24 months. Generally, in-scope companies must apply the CSDDD for their upstream activities as well as for a subset of their downstream activities (this includes activities related to the sale, distribution, transport, storage and waste management of the company’s products or services).

The CSDDD includes an exemption for financial undertakings. Financial undertakings that are in-scope to the CSDDD only need to apply the CSDDD for their upstream activities. The Directive does not apply to downstream business partners that receive services and products.

5. Adverse impacts

In-scope companies will be required to identify actual and potential adverse human rights impacts as well as actual and potential adverse environmental impacts arising from their own business operations or the business operations of their subsidiaries (see Article 8). If related to their value chain, companies must also identify these impacts (potentially) arising from their business partners.

Article 5 of the CSDDD requires in-scope companies to take appropriate measures to prevent or mitigate identified potential adverse human rights or environmental impacts. Where it is not feasible to prevent, mitigate, bring to an end or minimise all identified adverse impacts at the same time and to their full extent, companies should prioritise their actions based on the severity and likelihood of the adverse impacts. If it is not possible to bring the identified actual adverse impacts to an end, companies must minimise the extent of such an impact.

6. Complaints

Under Article 14 CSDDD, in-scope companies must have a complaints procedure in place that provides natural and legal persons with the possibility to submit complaints in the event of legitimate concerns regarding actual or potential adverse human rights or environmental impacts in connection with their own operations or value chains. Affected persons or persons that have reasonable grounds that they might be affected by an adverse impact could submit complaints. The complaints procedure must also be open to trade unions and other workers’ representatives representing individuals working in the value chain concerned and civil society organisations that are active in the areas related to the value chain concerned. If a complaint is well founded, the adverse impact that was the subject of the complaint is deemed to be identified, which means that it must be prevented, mitigated or brought to an end in line with the CSDDD.

7. Climate transition plans

The CSDDD contains an obligation for in-scope companies to adopt a climate transition plan. The plan must ensure that the company’s business model and strategy are compatible with the transition to a sustainable economy and with the limiting of global warming to 1.5 ⁰C in line with the Paris Agreement  and the EU’s objective of achieving climate neutrality by 2050. Companies that report a transition plan in line with the CSRD framework are deemed to have complied with the CSDDD requirement as well. The climate transition plan needs to be updated every 12 months and contain a description of the progress the company has made towards achieving the Paris Agreement and climate neutrality targets.

8. Reporting

The CSDDD introduces due diligence requirements for which a reporting obligation exists under the CSRD. Companies that fall within the scope of the CSDDD but are not caught by the CSRD and NFRD are required to publish an annual statement on their websites describing their due diligence, potential and actual adverse impacts and actions taken on those. The Commission is required to adopt detailed rules on the content and form of the report by 31 March 2026.

9.  Supervision, sanctions and civil liability

Supervision will take place at Member State level. Each Member State must appoint one or more supervisory authorities to assess compliance with the obligations described in points 4 to 8 above. Financial undertaking supervisors can also be designated as the supervisory authority for the purposes of the CSDDD with regard to in-scope financial undertakings. The supervisory authority will have investigatory powers and can impose pecuniary sanctions where the rules have been infringed. Pecuniary sanctions must be based on the sanctioned company’s turnover. The Directive does not lay down an upper limit to the pecuniary sanction, so Member States are free to set it themselves.

The CSDDD also introduces civil liability for companies that fail to take appropriate measures to prevent or mitigate identified potential adverse human rights or environmental impacts, or that fail to end identified actual adverse impacts (see point 5 above). The company will in principle be liable for damages if the adverse impact occurred and led to damage.

10. Application and next steps

The European Parliament’s formal adoption of the CSDDD marks one of the final stages of the EU legislative process. The CSDDD is expected to be published in the EU Official Journal in the coming weeks and enter into force 20 days later. Following its entry into force, Member States have two years to transpose the Directive into their respective national legal systems.

Significantly, the application of the Directive is staggered. The Directive will start to apply three years after its entry into force for EU companies with more than 5,000 employees on average and generated a net worldwide turnover of more than EUR 1.5 billion and third-country companies with a net EU turnover of more than EUR 1.5 billion. EU companies with more than 3,000 employees on average and generated a net worldwide turnover of more than EUR 900 million and third-country companies with a net EU turnover of more than EUR 900 million will become subject to the framework four years following its entry into force. All other in-scope companies will become subject to the CSDDD framework five years following its entry into force.