Corporate Sustainability Due Diligence Directive (“CS3D” or also referred to as “CSDDD”), based on Articles 50 and 114 of the Treaty on the Functioning of the European Union, lays down rules on obligations for companies regarding actual and potential human rights adverse impacts and environmental adverse impacts, with respect to their own operations, the operations of their subsidiaries, and the value chain operations carried out by entities with whom the company has an established business relationship.
The Directive aims to set out a horizontal framework to foster the contribution of businesses operating in the single market towards the achievement of the Union’s transition to a climate-neutral and green economy in line with the European Green Deal and the United Nations’ Sustainable Development Goals. The CS3D regulates sustainability due diligence obligations of companies and at the same time covers – to the extent linked to that due diligence – corporate directors’ duties and corporate management systems to implement due diligence, so it concerns processes and measures for the protection of the interests of members and stakeholders of the companies. In particular, the CS3D:
(1) improves corporate governance practices to better integrate risk management and mitigation processes of human rights and environmental risks and impacts, including those stemming from value chains, into corporate strategies;
(2) avoids fragmentation of due diligence requirements in the single market and creates legal certainty for businesses and stakeholders as regards expected behaviour and liability;
(3) increases corporate accountability for adverse impacts, and ensures coherence for companies regarding obligations under existing and proposed EU initiatives on responsible business conduct;
(4) improves access to remedies for those affected by adverse human rights and environmental impacts of corporate behaviour;
(5) being a horizontal instrument focussing on business processes, applying also to the value chain, this Directive complements other measures in force or proposed, which directly address some specific sustainability challenges or apply in some specific sectors, mostly within the Union.
Which companies are in the scope?
Companies formed in accordance with the legislation of a Member State as well as companies formed in accordance with the legislation of third countries should be subject to due diligence requirements when they meet certain conditions, including turnover and, in certain cases, employee thresholds. These criteria need to be fulfilled for two consecutive financial years by both EU and non-EU companies preceding the relevant application dates established according to the rules on the transposition in the article 30 of this Directive. So, under Article 2 the CSDDD applies to: (a) EU-companies established in the Union with more than 1000 employees on average and a net worldwide turnover exceeding EUR 450 million, (b) non-EU companies generated a net turnover of more than EUR 450 million in the Union, (c) the ultimate parent companies of groups of companies that taken together fulfil these conditions, and (d) companies having entered into franchising or licensing agreements in the Union in return for royalties with independent third-party companies, where these royalties amount to more than EUR 22,5 million in the last financial year and provided that the company had a net worldwide turnover of more than EUR 80 million in the last financial year.
For defining the scope of application in relation to non-EU companies, the described turnover criterion creates a territorial connection between the third country companies and the Union territory and justifies the application of EU law to third-country companies. An employee threshold should not be applied to determine which third-country companies fall under this Directive, as the notion of “employees” for the purposes of this Directive is based on EU law and could not be transposed outside of the EU.
The ultimate parent company may be exempted from carrying out the obligations under this Directive when it has as its main activity the holding of shares in operational subsidiaries and does not engage in taking management, operational or financial decisions affecting the group or its subsidiaries. This exemption is subject to the condition that one of the ultimate parent company’s subsidiaries established in the Union is designated to fulfil the obligations set out in the Articles 4a, 5 to 11 and 15 of the CS3D on behalf of the ultimate parent company.
Although SMEs (a micro, small or a medium-sized undertaking, irrespective of its legal form, that is not part of a large group) are not included in the scope of this Directive, they could be impacted by its provisions as contractors or subcontractors to the companies which are in the scope. In order to mitigate financial or administrative burden on SMEs, Member States, with the support of the Commission, should set up and operate dedicated portals/platforms to provide information and support to companies. Member States could also financially support SMEs. Companies whose business partner is an SME, are also encouraged to support them to comply with due diligence measures.
Due diligence obligations: what companies are required to do?
Companies, in accordance with Articles 5 to 11 and 15 of the CS3D, should address potential adverse human rights and environmental impacts across their value chain operations and integrate due diligence into following steps:
- policy: companies should integrate due diligence into their relevant policies and risk management systems at all relevant levels of operation and have in place a due diligence policy, developed in prior consultation with the company’s employees and their representatives, that should contain a (i) description of the company’s approach to due diligence, (ii) a code of conduct describing the rules and principles to be followed throughout the company, its subsidiaries, the company’s direct/indirect business partners and (iii) a description of the processes put in place to integrate due diligence into the relevant policies and to implement due diligence;
- identification: identify and asses actual or potential adverse human rights and environmental impacts, arising from companies’ operations, subsidiaries and direct/indirect business relationships within their value chain – when identifying and assessing adverse impacts, companies should map and carry out an in-depth assessment of their own operations, those of their subsidiaries and, where related to their chains of activities, those of their business partners;
- prevent and end: companies should prevent or mitigate potential adverse human rights and environmental impacts, and bring to an end or minimise real adverse impacts, taking appropriate measures – to develop and implement a prevention action plan, seek contractual assurances from business partners, make necessary financial or non-financial investments/adjustments/upgrades, temporarily suspend terminate business relationships if required;
- complaints procedure: companies should provide the possibility for affected natural or legal persons to submit complaints related to actual or potential adverse human rights and environmental impacts directly to them – Member States shall ensure that companies establish a fair, publicly available, accessible, predictable and transparent procedure for dealing with complaints, including a procedure when the company considers the complaint to be unfounded, and inform the relevant workers representatives and trade unions of that procedure;
- monitoring: evaluate the adequacy, effectiveness and implementation of the due diligence measures by carrying out periodic assessment of companies’ operations, subsidiaries and direct/indirect business relationships within their value chain – to ensure that such assessments are up-to-date, they should be carried out without undue delay after a significant change occurs, but at least every 12 months and be revised in-between if there are reasonable grounds to believe that new risks of adverse impact could have arisen;
- communication: companies should publish on their website an annual statement in at least one of the official languages of the Union, within a reasonable period of time, but no later than 12 months after the balance sheet date of the financial year for which the statement is drawn up, unless the company is subject to the sustainability reporting requirements of the Directive 2013/34/EU – in this case, the annual statement should be published by the date of publication of the annual financial statements.
The Directive 2013/34/EU sets out relevant reporting obligations for the companies covered by the CS3D. Also, Regulation (EU) 2019/2088 sets out further reporting obligations on sustainability-related disclosures in the financial services sector. In order to avoid duplicating, the CS3D does not introduce any new reporting obligations in addition to those under the Directive 2013/34/EU. The requirement on companies which are under the scope of the CS3D and at the same time are subject to reporting requirements under Articles 19a, 29a and 40a of the Directive 2013/34/EU are understood as a requirement for companies to describe how they implement due diligence as provided for in the CS3D. But it should be noted that companies are not required to publicly disclose intellectual capital, intellectual property, know-how or the results of innovation that would qualify as trade secrets as defined in the article 2(1) of the Directive (EU) 2016/943. So, no later than 31 March 2027, the Commission shall adopt delegated acts in accordance with Article 28 of the CS3D concerning the content and criteria for the reporting under article 11(1) of the CS3D, specifying, in particular, sufficiently detailed information on the description of due diligence, potential and actual adverse impacts, identified and appropriate measures taken with respect to those impacts.
The CSDDD is the first EU legislation which obliges parties to adopt a climate transition plan. Article 15 provides that Member States shall ensure that companies adopt, put into effect and update every 12 months a transition plan for climate change mitigation which aims to ensure, through best efforts, that the business model and strategy of companies are compatible with the transition to a sustainable economy and with the limiting of global warming to 1.5 °C in line with the Paris Agreement and the objective of achieving climate neutrality, including its intermediate and 2050 climate neutrality targets. The design of the transition shall contain: (a) time-bound targets related to climate change for 2030 and in five-year steps up to 2050 based on conclusive scientific evidence; (b) a description of decarbonisation levers identified and key actions planned to reach targets referred to under point (a), including changes in the undertaking’s product and service portfolio and the adoption of new technologies; (c) an explanation and quantification of the investments and funding supporting the implementation of the transition plan; (d) a description of the role of the administrative, management and supervisory bodies with regard to the plan. Companies that report a transition plan for climate change mitigation in accordance with Directive 2013/34/EU shall be deemed to have complied with the adoption obligation set out in Article 15(1) of the CSDDD.
In the conclusion
It is possible to evaluate some positive aspects of the CSDDD as a legal instrument that provides a harmonised legal framework for the EU internal market and creates greater legal certainty. Companies can no longer rely on legal loopholes claiming that violation occurred was not caused by company’s activities since due diligence measures under the CSDDD provisions extend throughout companies’ subsidiaries, upstream and downstream business partners within their chain of activities. The text of the Directive sets a risk-based approach which aims at prioritisation of the adverse impacts and ensuring that measures to address those impacts are feasible and effective. On the other hand, a compromised text of the CSDDD establishes such conditions with regard to employee threshold and net turnover that eliminates almost 70% of companies of its scope. Impacts arising from the use of products or services are not taken into consideration within the text of the Directive, even though, in some sectors, the most significant negative impacts occur in this part of the chain of activities, for example, banks’ investment and lending activities. Articles 7 and 8 require companies to terminate their contractual obligations where it has not been possible to effectively mitigate or remedy occurred adverse impacts, which might lead companies to determine that they are better off not entering into the business relationships at all.
Companies covered by the CSDDD face a substantial compliance problem. Due to the complexity of global supply chains, it is may be difficult to determine the origins of materials and evaluate the risks involved. In these situations, putting in place efficient due diligence procedures could call for a large investment of time and cooperation across stakeholders. SMEs will be inevitably affected by the provision of the Directive. The financial burden associated with compliance may be significant. There is also a need for standardisation, since achieving consistency in the implementation of the Directive across different geographical areas and sectors may be challenging.