ESG Reporting

Corporate Sustainability Due Diligence Directive (CSDDD): What does it mean for your business?

Apr. 12, 2022 (Update: Jun. 1, 2023)

The European Commission submitted a proposal for the Corporate Sustainability Due Diligence Directive (CSDDD) on February 23, 2022. By integrating human rights and environmental concerns into business operations and corporate governance, this directive aims to promote sustainable and responsible business practices along the entire value chain. With the new reporting obligations, firms will be required to address the negative effects of their actions, including those of their direct and indirect suppliers both inside and outside of Europe. The objectives of the CSDDD are similar to those of the German Supply Chain Due Diligence Act (LkSG) – or short Supply Chain Act – but on a European level. However, in contrast to the LkSG, the CSDDD covers the entire value chain and affects a broader range of companies.


Why is a Corporate Sustainability Due Diligence Directive crucial?


According to the ILO’s report on Modern Slavery, 27.6 million people were affected by forced labor per day in 2021. More than 3.3 million of all those in forced labor were children. Alarmingly, there was a 2.7 million increase in the number of people in forced labor between 2016 and 2021.At the same time, less than 20% of companies based in Germany complied with any corporate due diligence requirements in 2020, according to the German Foreign Office.

This signals the urgency of a legally binding EU-wide legislation on corporate due diligence. The CSDDD intends to create a level playing field a corporate due diligence regulation at the European level. The majority of human rights violations and environmental harm by companies occurs at the beginning of the value chain as it can be traced back to their suppliers. As the world's third-largest economy, the EU assumes the responsibility to advance fair supply chains and minimize human rights abuses and environmental degradation in its supply chains.


Who is affected by the CSDDD?


The CSDDD will apply to companies belonging to one of the three following groups:

  1. Large companies: EU companies with (i) 500+ employees and (ii) 150+ million euros net turnover per year

  2. Risk sector companies: EU companies in risk sectors if (i) 20+ million euros net turnover generated in risk sectors*, (ii) 250+ employees, (iii) 40 million euros net turnover per year

  3. Non-EU companies: Third-country companies if (i) they operate in the EU, (ii) generate 150+ million euros net turnover/year in the EU or between 40 and 150 million euros net turnover/year in the EU and thereof 20+ million euros net turnover/year in risk sectors anywhere in the world

*risk sectors refer to the textile industry, agriculture and forestry, fishing, food, chemistry, the exploitation of mineral resources

The scope of the draft includes the company's own operations, its subsidiaries and its entire value chains (procurement, use, and disposal). Therefore, all direct and indirect business relations are affected.

Small and medium-sized enterprises (SMEs) are not directly affected. SMEs that are indirectly affected due to their position in the value chain are to receive support measures.

According to the Council for Sustainable Development, around 17,000 companies will be concerned by the CSDDD, of which around 9,400 will be in Group 1 (large companies), 3,400 in Group 2 (risk sector companies) and 4,000 in Group 3 (non-EU companies).


What are the reporting obligations under the CSDDD?


Due diligence obligations

The due diligence requirements under the CSDDD integrate aspects defined in the OECD Guidelines on Due Diligence for Responsible Business Practices. They include due diligence measures for companies to identify and address negative impacts on human rights and the environment.

Therefore, in order to comply, companies are required to:

  • incorporate due diligence into policies

  • identify existing or possible negative effects on human rights and the environment

  • prevent or mitigate potential impacts and eliminate or minimize actual impacts that have already occurred

  • create and maintain a complaints procedure

  • track the effectiveness of the due diligence policy and practices

  • make due diligence information available to the public


EU climate goals

Moreover, according to article 15 of the CSDDD proposal, affected businesses must align their internal policies with the Paris Agreement's 1.5 degree target.

This applies to Group 1 companies and Group 3 companies with a turnover of 150+ million euros. To achieve this, the companies concerned must define a plan of action that aligns their business strategy and business model with the 1.5 degree target. This plan is also to be included in the variable compensation of the company's Board of Management in order to provide corresponding financial incentives.


What violations are outlined in the Directive?


National administrative authorities chosen by the respective EU member state will be in charge of monitoring these new regulations. These will coordinate with each other throughout the EU and have the authority to apply turnover-related fines and compliance orders in the case of non-compliance. Additionally, individuals who were harmed will have the opportunity to file a lawsuit for losses that could have been prevented with the right due diligence precautions. In addition, Member States must ensure that victims are guaranteed civil compensation.


How does the CSDDD differ from the German Supply Chain Law (LkSG)?


The CSDDD will be the corresponding European directive to the German Supply Chain Act (LkSG), which came into force on January 1, 2023. Although the purposes of the CSDDD and the LkSG are similar, the CSDDD envisages more ambitious disclosure obligations.

  1. This is mainly due to the scope of the CSDDD, which covers a much broader range of companies than the LkSG. The LkSG requires companies with 3,000 (from 2023) or 1,000 (from 2024) employees to disclose. In contrast, the CSDDD affects companies with already 500 or 250 employees which covers a broader set of companies, despite turnover thresholds (see above).

  2. The entire value chain of a company is within the scope of the CSDDD, whereas the LkSG only covers direct and indirect (only in the case of substantiated indications) suppliers.

  3. While both the LkSG and CSDDD impose fines in the case of non-compliance, the LkSG does not provide for civil liability regulations in the event of violations, unlike the CSDDD.

  4. The LkSG covers fewer areas of law, for example, it does not require alignment with the 1.5° target.

As a European directive, the CSDDD obligates the EU states to transpose its contents into national law within a certain period of time. Due to the stricter reporting requirements, the CSDDD will thus probably lead to a tightening of the German Supply Chain Act (LkSG).


The next steps of the CSDDD


On June 1, 2023, the European Parliament adopted the draft CSDDD.

This was preceded by long negotiations between the European Parliament, the Council of the EU and the EU Commission. The EU Parliament – compared to the Council of the EU – is very supportive of a strict supply chain law and aims to significantly tighten the proposal submitted by the EU Commission to extend due diligence requirements in the supply chain. Moreover, various non-governmental organizations have expressed criticism that the draft is not far-reaching enough and still has various loopholes. In parallel, industry associations have criticized the draft as being too far-reaching.

Now the negotiations with the EU member states are pending. These are expected to concentrate on disagreements over the scope of the new rules and when they will come into force.

The EU directive is anticipated to be adopted in 2023. After the directive is enacted, Member States have two years to incorporate it into national legislation.

The envisaged timetable is tight: According to the draft, the EU member states should have transposed the directive into national law by the end of 2024. This would herald the transition phase for Group 1 companies (large companies), which will last until the end of 2026. By then, Group 1 must meet the requirements of the CSDDD. The transition phase for Group 2 (risk sector companies) is scheduled to last until the end of 2028.

Update from February 28, 24: The EU has failed to approve the CSDDD. The planned vote on the directive has been postponed for an uncertain period of time. The legislation failed to secure final approval from the European Council due to objections raised by several countries, including Germany and Italy. This comes despite a provisional agreement reached earlier between the Council and the EU Parliament on the directive. Read more here.

The Supply Chain Act (LkSG) defines corporate due diligence obligations

Read more

The top 3 challenges of the German Supply Chain Act (LkSG) and how to overcome them

Read more

German Supply Chain Act (LkSG): The importance of risk analysis incl. practical tips

Read more