The EU's upcoming Corporate Sustainability Due Diligence Directive (CSDD) requires companies of substantial size to respect human rights and the environment both in their own activities and in their value chains. Read here what CSDD means for your company, and what you need to have in place to be ready for the new rules.
In February 2022, the European Commission presented a proposal for a Directive on corporate sustainability due diligence. It requires large companies to conduct value chain due diligence to prevent adverse impacts on human rights. In December 2022, the Council of the European Union presented a compromise proposal, which is still being considered. The Directive is therefore expected to be adopted at the end of 2023 at the earliest.
The Due Diligence Directive requires certain large companies to conduct due diligence procedures to identify, prevent, mitigate and assume responsibility for actual and potential adverse impacts on human rights and the environment in the companies’ own activities, their subsidiaries and value chains.
The proposed Directive also lays down rules on sanctions and liability for failure to comply with the duties. The largest companies are also obligated to have a plan to ensure that their business model and strategy are compatible with limiting global warming to 1.5 °C in line with the Paris Agreement.
Companies covered by the Due Diligence Directive
The rules of the Due Diligence Directive will generally apply to large EU companies and non-EU companies which are active in the EU. In its compromise proposal, the Council has proposed a phasing-in model based on the companies’ turnover and number of employees where the threshold values must be met in two consecutive financial years.
Phasing-in of the Due Diligence Directive:
Three years after the entry into force of the Directive
- EU companies with more than 1,000 employees and a net turnover worldwide in excess of EUR 300 million; and
- Third-country undertakings with a net turnover in the EU in excess of EUR 300 million.
|Four years after the entry into force of the Directive
- EU companies with more than 500 employees and a net turnover worldwide in excess of EUR 150 million; and
- Third-country undertakings with a net turnover in the EU in excess of EUR 150 million.
|Five years after the entry into force of the Directive
If at least 50 % of the turnover is generated in the following high-risk sectors:
- EU companies with more than 250 employees and a net turnover worldwide in excess of EUR 40 million; and
- Third-country undertakings with a net turnover in the EU in excess of EUR 40 million.
- Clothes and footwear etc.
- Agriculture, food, forestry, fishery, etc.
- Mineral resources, including oil, gas and metal.
Draft changes of threshold values and high-risk sectors
The Committee of Legal Affairs of the European Parliament has prepared draft amendments to the Directive aiming at substantially reducing the threshold values and expanding the number of high-risk sectors.
The Council has also proposed to leave it to the individual Member States to decide whether the Directive shall apply to financial undertakings.
In addition to the companies that will be covered directly by the final Due Diligence Directive, a large number of other companies are expected to be affected indirectly. This is due to the fact that reporting and data from sub-suppliers and other links of the value chain will be a prerequisite for the ability of the companies covered by the regulation to live up to their due diligence duty.
The Due Diligence duty in seven steps
The Due Diligence Directive does not require the companies covered to guarantee that there will be no adverse impact. However, the companies must take appropriate steps that may be reasonably expected to prevent or minimise adverse impact in the given circumstances in a specific case. The content of the due diligence duty in the Council’s compromise proposal may be outlined by the following (non-chronological) steps for the companies covered.
1. Integration of due diligence in all the company’s policies and risk management systems,
including adoption of a due diligence policy to be updated annually. The due diligence policy must include:
- A description of the company’s approach to due diligence;
- A code of conduct describing rules and principles to be complied with by the company’s employees, subsidiaries and, if relevant, business partners; and
- A description of the measures introduced for conducting due diligence.
2. Identification of actual or potential adverse impacts
that might occur in the company’s chain of activity, including through mapping of own, subsidiaries’ and business partners’ activities, and on this basis making an in-depth assessment of the areas in which adverse impact will be most likely to be present or be most significant.
3. Prioritisation of identified actual and potential adverse impacts
if not possible to fully handle all identified adverse impacts at the same time. The prioritisation must be based on the probability of and the seriousness of the adverse impacts, including their significance, the number of persons or the scope of the affected environment.
4. Prevent and mitigate potential adverse impacts,
including preparing and implementing a preventive action plan, obtaining contractual guarantees from direct business partners and exploring similar guarantees with indirect business partners to ensure compliance with the company’s code of conduct and the preventive action plan, if any.
If not possible to prevent or mitigate potential adverse impacts, the company may seek to enter into a contract with an indirect business partner. As a last resort, the company must refrain from entering into new or expanding existing connections with the business partner in the chain of activity where the impact occurred.
5. In case of actual adverse impacts,
the company must take appropriate measures to bring them to an end. If this is not possible, the company must take measures to eliminate or minimise the scope thereof, including, for example, by contractual guarantees and providing remedial measures to the affected persons and society.
6. Establishment and maintenance of complaints procedure
where certain persons and organisations can complain to the company if they have legitimate concerns regarding actual or potential adverse impacts on human rights or the environment in the company’s own subsidiaries or business partners’ activities and chains. This implies, among other things, that claimants are entitled to request appropriate follow-up on a complaint and meet with representatives of the company at an appropriate level to discuss the matters that are the subject to the complaint.
7. Publicly communicate about the company’s due diligence efforts,
including any identified problems and actual adverse impacts, and how they are handled.
Draft amendments - “chain of activity” instead of “value chain”
As something new, the Council’s compromise text opens up the possibility of companies complying with parts of the due diligence duty on group level.In the original proposed Directive, the due diligence duty applied throughout the company’s value chain, i.e. both the upstream and downstream sector. In the Council’s compromise text, the term value chain has been replaced by “chain of activity” to reflect the Member States’ diverging opinions on the question as to whether the entire “value chain” is to be included, or whether the scope is to be limited to the “supply chain”. The term "chain of activity" includes a company’s business partners on the upstream market and to a limited extent also on the downstream market. The phase where the company’s products are used, or where services are provided, is left out.
In addition to the seven steps of the Due Diligence duty, EU companies with more than 500 employees and a net turnover worldwide in excess of EUR 150 million and third-country companies with a net turnover in the EU in excess of EUR 150 million must have a climate plan to ensure that the business model and strategy are compatible with the transition to a sustainable economy and to limit global warning to 1.5 °C in line with the Paris Agreement.
Enforcement through regulatory supervision
The rules of the Due Diligence Directive must be enforced through regulatory supervision. According to the Directive, a violation may be sanctioned by fines based on the turnover or an order to comply with the due diligence duty, e.g. through an injunction. The Due Diligence Directive also requires publication of decisions to impose sanctions.
Companies’ failure to comply with the rules of the Due Diligence Directive may also result in civil liability if the company intentionally or negligently violates duties under the Directive, thereby causing damage to a natural or legal person (e.g. a company or an association).
The Commission's original proposed Directive regulated management members’ s duty to exercise due care and lay down a duty for managerial members to establish and supervise the due diligence measures and to adapt the corporate strategy to take into consideration the identified adverse impacts and adopted due diligence measures.
These duties concerning managerial liability have given rise to substantial criticism from a large number of Member States, including Denmark, which considered the regulation an inappropriate intervention in national law, potentially undermining managerial members’ duty to act in the company’s best interest. The provisions have therefore been deleted in the Council’s compromise text.
The link between the Due Diligence Directive and the Reporting Directive and the Taxonomy Regulation
The Due Diligence Directive supplements the Corporate Sustainability Reporting Directive (CSRD). The Reporting Directive requires that processes are established which are closely connected to identifying adverse impacts in accordance with the due diligence duty. In addition, the Reporting Directive covers the seventh and last step of the due diligence duty on public communication about the company's due diligence efforts. Finally, the Due Diligence Directive lays down duties for the companies to have a plan to ensure that the business model and strategy are compatible with the transition to a sustainable economy and to limit global warning to 1.5 °C in line with the Paris Agreement, reportable under the Reporting Directive.
The Due Diligence Directive also supports the Taxonomy Regulation by demanding that the companies identify their adverse risks in all their activities and chains of activity. This may contribute to giving the investors more detailed information and a potential to further help investors invest capital in responsible and sustainable companies.
We follow the development
The proposal is now being negotiated at the EU’s institutions. There is far from agreement among the institutions, and there are conflicting opinions - also on key issues. Horten’s ESG specialists follow the development closely.
We advise on all aspects from the scope of the regulation, how the expected requirements may be implemented and generally how companies may adapt to the new sustainability agenda.