What is the corporate sustainability due diligence directive (CSDDD)?

The European Union has officially enacted the Corporate Sustainability Due Diligence Directive (CSDDD), which was published in the EU Official Journal on 5 July 2024. The directive will be implemented gradually over the coming years, introducing mandatory checks for human rights and environmental concerns. These requirements will affect large companies both within the EU and those based outside but operating within the Union.

The CSDDD will require companies to identify, prevent, stop, or reduce the actual and potential impacts of their operations on the environment and human rights. Companies must conduct these checks not only on their own activities but also on those of their subsidiaries and other entities in their supply chains with which they have established business relationships, whether direct or indirect. Firms will need to create and implement 'prevention action plans', obtain contractual agreements from their business partners to follow these plans, and then verify their compliance.

This directive aims to encourage sustainable and responsible corporate behaviour, ensuring that affected companies recognise and address negative impacts on human rights and the environment, both within Europe and beyond. The new rules will apply to large EU companies and non-EU companies that meet specific turnover thresholds.

CSDDD timeline

 

 

Which companies are impacted by CSDDD?

The criteria for companies covered by the Corporate Sustainability Due Diligence Directive (CSDDD) have been significantly updated from the initial draft. The directive will be introduced gradually and will apply to:

  • EU companies (those established under the laws of a Member State) with more than 1,000 employees and a net worldwide turnover exceeding €450 million in the last financial year.
  • Non-EU companies (those established outside the EU) with a net turnover exceeding €450 million within the EU in the financial year before the last one.

The CSDDD will only apply to EU and non-EU companies that meet these criteria for two consecutive financial years.

Additionally, the CSDDD covers parent companies of groups comprising EU and/or non-EU companies that collectively meet the above thresholds. However, a parent company may be exempt if its main activity is owning shares in operational subsidiaries without involvement in the group's or any subsidiary's management, operational, or financial decisions. This exemption is possible if one of its EU subsidiaries is appointed to fulfil the parent's responsibilities under the CSDDD, and the parent has obtained approval from the relevant regulatory authority. This approach ensures that the directive's requirements are met while acknowledging the various structures of corporate groups.

What are the core obligations of the CSDDD?

The CSDDD's main requirements for affected companies include:

  • Adopting a careful approach to human rights and environmental checks.
  • Incorporating these checks into all relevant policies and risk management systems.
  • Identifying and assessing actual or potential negative impacts, prioritising them where necessary, based on severity and likelihood of the adverse impact, as well as how critical it is to the company's operations and value chain.
  • Preventing and (where not immediately possible) reducing potential negative impacts; stopping actual negative impacts and minimising their extent.
  • Providing compensation for actual negative impacts.
  • Engaging meaningfully with stakeholders to establish open, two-way communication channels, actively listening to their concerns, providing relevant and comprehensive information, and incorporating their input into decision-making processes.
  • Setting up and maintaining a system for notifications and complaints.
  • Monitoring how well their policies and measures are working.
  • Communicating publicly about their checks.
  • Creating and implementing a plan for climate change adaptation.
  • Appointing an authorised representative, typically a senior executive or designated officer within the company, who is responsible for ensuring compliance with due diligence obligations, communicating with supervisory authorities, and serving as the official point of contact for CSDDD-related matters.

The main obligations under the CSDDD require companies to take appropriate steps, rather than guarantee specific outcomes. Companies are not expected to ensure that negative impacts never occur or are always prevented. However, they are expected to take suitable measures that can achieve the aims of these checks.

Such measures may include:

  • Developing and implementing a prevention plan.
  • Seeking assurances from business partners and verifying compliance.
  • Making necessary financial or operational changes.
  • Adjusting the company's business plans, strategies and practices.
  • Providing targeted support to smaller business partners.
  • Offering compensation where appropriate.

If negative impacts cannot be prevented or adequately reduced, as a last resort, the company must:

  • Avoid starting new relationships or extending existing ones with the relevant business partner.
  • Quickly implement an improved prevention plan by using the company's influence to temporarily pause the business relationship by leveraging the company's influence.
  • End the business relationship if there is no reasonable expectation of success.

What should businesses do about CSDDD?

It is clear that the European Commission, Council and Parliament all agree that companies' responsibility to check their practices carefully has an important role in sustainability. Businesses may find it helpful to anticipate any required actions and consider how some of their existing practices could be improved to align with the overall direction of the Corporate Sustainability Due Diligence Directive (CSDDD). Examples could include:

  • Reviewing how responsibilities at the director level are currently assigned, and whether there is room for more clarity in their management structures regarding who is responsible for sustainability.
  • Identifying any existing business practices that could be improved to show thorough checks are being conducted.

General insurance companies, in particular, should take note and review how they manage their exposure across multiple sectors, given their role in providing liability cover. Asset management firms may wish to consider how their existing checks on the companies they invest in might need to be strengthened.

Frequently asked questions

The directive aims to encourage sustainable and responsible corporate behaviour by requiring companies to identify, prevent, reduce, and account for negative impacts on human rights and the environment in their operations and supply chains.

The directive applies to large EU companies and certain non-EU companies operating in the EU, based on employee numbers and turnover thresholds.

Companies must assess human rights and environmental impacts, develop prevention plans, and verify compliance throughout their supply chains.

The directive will be introduced gradually, with different application dates for companies based on their size and turnover, starting from July 2027.

The directive builds on existing expectations from international frameworks like the UN Guiding Principles on Business and Human Rights and OECD Guidelines.

Companies will need to publish annual statements on their websites regarding matters covered by the directive.

The CSDDD will operate alongside other EU initiatives, such as the Corporate Sustainability Reporting Directive (CSRD), though they have different applicability thresholds.

Companies are advised to familiarise themselves with existing guidance, invest in internal sustainability capacity, and participate in credible initiatives.

Large companies will be required to adopt plans ensuring their business models and strategies are compatible with the transition to a sustainable economy and limiting global warming to 1.5°C.

The European Commission will issue guidelines to help companies conduct assessments and comply with the new rules.

Contact us

Complete this form and an RSM representative will be in touch.

One file only.
100 MB limit.
Allowed types: , pdf, doc, docx, ppt, pptx, xls, xlsx, zip.
One file only.
100 MB limit.
Allowed types: , pdf, doc, docx, ppt, pptx, xls, xlsx, zip.