What new due diligence obligations for companies would the EU’s CSDDD introduce, and how can companies prepare for it?

On April 24th, 2024, the EU Parliament gave its green light to introduce new obligations for companies regarding adverse impacts on human rights and the environment. The final stages of the legislative process are scheduled for the 15th and 23rd of May, when the EU Council will cast its final votes on the adoption of the Corporate Sustainability Due Diligence Directive (CSDDD or CS3D). Through the Directive, the EU would level the playing field for the sustainability due diligence of large companies. After its formal adoption, EU Member states have two years to transpose (incorporate) the Directive into national law. In the following, we provide an overview of the most important questions and answers for companies.

1)       Which companies are covered by the CSDDD?

Directly in the scope of the CSDDD are:

• EU companies with over 1’000 employees and a net worldwide turnover of more than EUR 450 million

• Non-EU companies (incl. Swiss companies) with a net turnover of more than EUR 450 million generated in the EU

Indirectly affected by the CSDDD are the direct and indirect business partners in the value chain of the companies that are directly covered by the CSDDD. As part of due diligence, these companies will pass on due diligence duties through their value chain and raise their expectations vis-à-vis direct and indirect business partners and suppliers.

Application of the new rules will take a staggered approach between 2027 – 2029 based on the size of the company: the largest companies with more than 5’000 employees and a net worldwide turnover of more than EUR 1500 million will have to start applying the new rules in 2027. As of 2029, companies with more than 1’000 employees and a net worldwide turnover of of EUR 450 million will be in scope of the due diligence obligations.

2)       What is the scope of the due diligence obligations?

Under the CSDDD, the proposed scope of companies’ due diligence obligations covers own operations, the full upstream value chain and parts of the downstream value chain:

3)       What obligations arise from the CSDDD?

Based on the CSDDD, companies will have to conduct risk-based due diligence, covering the following aspects:

• Policies & management systems: integrate due diligence into all relevant policies and risk management systems and adopt a due diligence policy to ensure a risk-based due diligence;

• Risk & impact assessment: identify, assess and prioritize actual and potential adverse impacts on human rights and the environment;

• Measures: take measures to prevent and mitigate potential impacts and minimize or end actual negative impacts;

• Remediation: provide remediation to actual adverse impacts;

• Stakeholder engagement: carry out meaningful engagement with stakeholders such as employees, trade unions, consumers, NGOs, communities or other individuals whose rights or interests could be affected;

• Grievance: establish and maintain a notification mechanism and complaints procedure;

• Monitor the effectiveness of their due diligence policy and measures;

• Report: communicate publicly through an annual statement on the due diligence process. Companies that are subject to the EU Corporate Sustainability Reporting Directive (CSRD) will already meet their reporting obligations via the CSRD (no additional reporting required).

Furthermore, companies have to adopt and implement a transition plan for climate change to ensure compatibility of the business model and strategy with limiting global warming to 1.5° C.

4)       What human rights and environmental impacts are covered by the CSDDD?

The human rights impacts covered by the CSDDD are listed in the Annex – Part I and include:

• The right to life, the prohibition of torture, cruel, inhuman or degrading treatment and the right to liberty and security;

• The prohibition of arbitrary or unlawful interference with a person's privacy, family, home or correspondence and unlawful attacks on their honour or reputation;

• The prohibition of interference with the freedom of thought, conscience and religion;

• The right to enjoy just and favourable conditions of work, including a fair wage and an adequate living wage / income;

• The prohibition to restrict workers’ access to adequate housing and access to adequate food, clothing, and water and sanitation in the workplace;

• The protection of children’s rights and the prohibition of child labour, including the worst forms of child labour;

• The prohibition of forced or compulsory labour and the prohibition of all forms of slavery;

• The right to freedom of association, assembly, the rights to organise and collective bargaining;

• The prohibition of unequal treatment in employment, including the right to equal pay for equal work and to non-discrimination;

• The right of individuals, groups and communities to lands and resources and to not be deprived of means of subsistence, including the prohibition to unlawfully evict or take land, forests and waters when acquiring, developing or otherwise using land, forests and waters, including by deforestation;

• The prohibition of causing any measurable environmental degradation, such as harmful soil change, water or air pollution, harmful emissions, excessive water consumption, degradation of land, or other impact on natural resources, such as deforestation, that affect people’s access to food, drinking water, sanitary facilities, health, safety and use of land, or affect ecosystem services that are relevant for human wellbeing. 

Further environmental impacts covered by the CSDDD are listed in Annex – Part II of the CSDDD.

5)       How will the CSDDD be enforced?

Through investigations by national supervisory authorities and the application of penalties:

Each EU Member State will designate one or more supervisory authorities to supervise companies’ compliance with the obligations defined in national law. The authorities have the power to require companies to provide information and carry out investigations related to the implementation of the national due diligence obligations. Investigations may be initiated by the authorities themselves or as a result of substantiated concerns submitted by individuals or organisations. EU Member States will define the rules on penalties, which shall be “effective, proportionate and dissuasive”. Pecuniary penalties will be based on the company’s net worldwide turnover.

Through civil liability for the damages caused to individuals and organizations:

Under the CSDDD, EU Member States shall ensure that a company can be held liable for damages caused to an individual or organization. Civil liability applies to cases where the company intentionally or negligently failed to comply with the obligations to prevent potential adverse impacts or bring actual adverse impacts to an end. However, a company cannot be held liable if the damage was caused only by its business partners in its value chain activities. The affected individual or organization has the right to full compensation for the damage occurred in accordance with national law (no overcompensation or punitive damages).

6)       How can companies prepare for the implementation of the CSDDD?

The human rights-related obligations of the CSDDD are broadly aligned with international standards on human rights due diligence (HRDD), such as the UN Guiding Principles on Business and Human Rights (UNGPs) or the OECD Guidelines for Multinational Entreprises.  

Companies that implement due diligence according to these standards are well prepared for fulfilling the obligations that arise from the CSDDD. More information on how to implement HRDD can be found in focusright’s practical guide for companies.