• EQS Cockpit
  • Whistleblowing
  • Insider Management
  • Policy manager
  • Investor Targeting
  • Disclosure
  • Webcast
  • Career
Back to overview

EU Corporate Sustainability Due Diligence Directive (CSDDD) Obliges Companies to Operate in a Fair and Sustainable Manner 

CSDDD requires companies to respect human rights and environmental protection along their supply chains. In this blog article we cover all you need to know about the new legal directive.

by EQS Editorial Team 7 min

    The EU Parliament has approved the EU supply chain law, otherwise known as the Corporate Sustainability Due Diligence Directive (CSDDD). In a staged application approach, the law will eventually oblige EU companies with 1,000 employees or more and a turnover of at least €450 million to identify human rights and certain environmental risks in their value chains, take preventive and remedial measures and report on such measures. In some areas, the CSDDD goes beyond the German Supply Chain Act (LkSG), which has been in force since January 2023.  

    In this article, find out all about the EU law and what it means for your company.  

    What is the CSDDD?

    The CSDDD, also called the CS3D, obliges companies to carefully manage social and environmental impacts along their entire value chain, including direct and indirect suppliers and their own operations. 

    The obligation to implement climate plans has been amended so that relevant measures must be taken, but there is no obligation to achieve specific results. 

    The aim is to ensure compliance with applicable human rights standards and environmental protection in order to  promote a fairer and more sustainable global economy  as well as responsible corporate governance. Introducing the draft, EU Justice Commissioner Didier Reynders remarked that “only companies that do not harm the environment and fully respect human rights should operate in the EU”. 

    Current status and next steps:  

    The EU Parliament approved the directive on April 24, 2024.  

    In May, the directive is expected to receive final political approval of EU ministers.  

    The CSDDD can then be published initially at COREPER (May 15) and subsequently at a COMPET meeting (May 23). At the end of May and the process of national transposition and implementation can begin. 

    Member states will then have two years to transpose the directive into national law and submit the relevant legislation to the Commission. 

    The national laws will then come into force, staggered according to company size. The full scope of application will be enforced five years after adoption. 

    Germany must then amend its Supply Chain Act (LkSG), which has been in force since January 2023. 

    Which companies are in scope?

    • European companies with limited liability, more than 1,000 employees and more than €450 million in turnover worldwide.  
    • Although small and medium-sized enterprises (SMEs) are not directly affected by the law, they may be indirectly affected, e.g. as suppliers to larger in-scope companies.  

    Depending on company size and turnover, different timeframes apply for the application of the directive, namely  

    • a three-year grace period for companies with more than 5,000 employees and a turnover of €1.500 million;  
    • a four-year grace period for companies with more than 3,000 employees and a turnover of €900 million; and  
    • a five-year grace period for companies with more than 1,000 employees and a turnover of €450 million. 

    What are companies required to do under the law?

    Affected companies must fulfil their corporate due diligence obligations along the supply chain with regard to human rights and the environment. In order to do so, the following steps must be followed: 

    • Identify actual or potential negative impacts on human rights and the environment. Then take appropriate measures to prevent, mitigate and remedy them. (For high-risk industries, this should only apply to serious human rights and environmental violations within the respective industry). 
    • Due diligence must be integrated into company policies and management systems. 
    • Companies must establish  a procedure for complaints  and ensure everyone along the supply chain can access it. 
    • Transparent and public information on the fulfilment of a company’s due diligence obligations must be provided, including an annual report. 
    • Companies are obliged to control and monitor the effectiveness of these measures. 
    • Companies with an annual turnover of more than €150 million must set out how they intend to contribute to the emission reduction targets of the Paris Climate Agreement through a transformation plan. 
    • Supervisory and administrative boards are also required to pay attention to compliance and due diligence obligations and to obtain appropriate information from management. 

    While the German law primarily relates to the company’s own operations and direct suppliers (indirect suppliers based on substantial knowledge), the European law goes beyond this to cover both upstream and downstream activities. This means that indirect suppliers are also affected.  

    What violations are covered by the law?

    European companies have a responsibility to ensure that they themselves, users of their products and their suppliers  do not violate human rights, biodiversity and the environment, for example by respecting:

    • Respect for fundamental workers’ rights, as set out in the core labour standards of the International Labor Organization (ILO), such as freedom of association, prohibition of child and forced labour, equal pay, discrimination in employment and occupation, etc.  
    • Respect for human rights, such as freedom and security of the person, physical integrity, legal capacity and equality before the law, privacy, spatial freedom, food and basic services as well as recreation and leisure  
    • Protection of biodiversity and ecosystems  
    • Protection of water bodies and air quality  
    • Combating climate change  
    • Environmental violations, such as greenhouse gas emissions, pollution or the destruction of biodiversity and ecosystems  

    How CSDDD differs from LkSG?

    Europe’s largest economy passed its Supply Chain Duty Act or  Lieferkettensorgfaltspflichtengesetz  on June 11, 2021 but the EU law goes far beyond it: 

    • The EU directive applies the due diligence obligations to both the upstream and downstream supply chain. The upstream value chain includes all company supply chain activities relating to the manufacture of a product (e.g. extraction of raw materials) and the provision of services. The downstream chain includes all supply chain activities regarding transportation, storage or disposal. Customers and consumers are not included.
    • The CSDDD therefore requires checking the whole value chain, while the German Supply Chain Act only requires checking direct suppliers proactively and reacting to substantiated reports for indirect ones.
    • The new EU regulation will include civil liability for companies. A time limit of at least five years for making claims has been set for this. Trade unions and non-governmental organizations can, under certain conditions, make claims beyond this, irrespective of the national civil procedure code. 

    How do companies best prepare for the CSDDD?

    Companies must ensure compliance with the legal requirements not only for themselves and their subsidiaries, but also for their suppliers along the entire value chain, i.e., all activities related to the production of goods or the provision of services, including all upstream and downstream business relationships. 

    Affected companies must therefore check exactly where the supplied goods come from, how they were produced and what consequences this had for the environment and climate. In the case of imports from third-world countries, checking the entire supply chain may well prove a greater challenge. 

    In order to prepare for all the requirements of the new regulation in a legally secure manner, companies should conduct a continuous and  comprehensive risk assessment. With the help of a flexible  business partner audit  as an integral part of the  Compliance Management System (CMS), companies can simultaneously fulfil and document their due diligence obligations. 

    Another proven component of the CMS is  a digital whistleblower system  which fulfils the requirements of the new regulation for implementing a complaint system. With both tools, the responsible departments are adequately and legally prepared for the requirements of the EU Supply Chain Act. 

    What does the law mean for SMEs?

    Small and medium-sized enterprises are indirectly affected by the CSDDD, because in the medium term, large companies will also oblige their suppliers to comply with due diligence obligations. 

    However, this may well represent an opportunity for SMEs because the organisations clearly positioning and preparing themselves at an early stage will benefit from competitive advantages over their rivals. Nevertheless, this requires not only resources but also extensive know-how. Therefore, it makes sense, especially for SMEs, to rely on holistic solutions that digitally map these processes and support them in complying with all requirements. 

    In order to relieve the burden on SMEs, the law includes various support measures. For example, if necessary, the costs of complying with the requirements can be subsidised with state aid. 

    The road to the EU Corporate Sustainability Due Diligence Directive

    The signs were green from the beginning. In December 2020, all 27 EU member states spoke out in favour of a European supply chain law. In March 2021, MEPs adopted a legislative proposal on corporate accountability and due diligence. The EU Commission then prepared a draft and presented it in February 2022. 

    On June 2, 2023, the European Parliament voted by a majority in favour of the EU Supply Chain Act.  

    On December 14, 2023, the EU Council Presidency and the European Parliament reached a provisional agreement on the directive. This agreement only needed to be confirmed by Parliament and the Council, which was considered a formality.  

    But things turned out differently: the legislative proposal failed to receive a majority at the EU Council meeting at the end of February 2024.  

    In mid-March 2024, a renewed attempt was finally successful with the majority of EU countries voting in favour of the joint legislative proposal at the European Council.  

    On April 24, 2024, the European Parliament approved the law.  

    Formal adoption of the legislation by EU ambassadors and political approval by EU ministers is expected in May 2024.  

    At the end of May, the CS3D would then be ready for publication in the EU Official Journal, paving the way for the process of national transposition and implementation. The EU member states would then have two years to transpose the directive into national law. 

    Germany introduced a supply chain law in 2021. The German government would have to subsequently adapt this to the requirements of the directive. The German Supply Chain Duty of Care Act has been in force since January 1, 2023. 

    Does the CSDDD go too far or not far enough?

    One general criticism voiced by supporters of the EU Supply Chain Directive is that the requirements of the directive do not go far enough and still contain gaps. Some feel, for example, that many companies fall far below the threshold value and will therefore not be affected by the EU regulation.  

    Others fear an increasing burden on the companies affected, which have already suffered from the consequences of the coronavirus pandemic in recent years, as well as an enormous control and bureaucratic burden resulting from the directive’s documentation and reporting obligations. Industry and business circles have also voiced concerns about international competitive disadvantages caused by increasing regulation. 

    However, one major advantage within the EU is that the CSDDD will ensure uniformity. Without the EU law, there would have been a risk that every country would have enacted similar but different legislation in this regard, such as the LkSG in Germany. 

    Why do we need a European supply chain law?

    To protect human rights and the environment, because millions of people around the world work under inhumane conditions. Forced labour and child labour are commonplace. Wages below the minimum subsistence level are not uncommon. Many people work under life-threatening safety conditions and suffer the health consequences for the rest of their lives. The environment also suffers along global supply chains, with devastating consequences for the future and the livelihoods of millions of people.   

    The trend towards inhumane working conditions is growing according to the European Centre of Human Rights, particularly in China, where the problem is becoming increasingly widespread, according to Amnesty International. 

      • “25 million people are victims of forced labour” (Global Estimates of Modern Slavery) 
      • “79 million girls and boys are affected by exploitative child labour” (BMZ) 
      • “The wage share of a seamstress of a branded t-shirt is 0.6%”. (FairWear) 
    The ultimate guide: optimising compliance risk assessment

    Utilising an integrated compliance solution offers a fundamental advantage in obtaining in-depth insights.

    Download now
    EQS Editorial Team
    EQS Editorial Team

    Praise, criticism or topic suggestions? The editorial team of EQS Group is looking forward to your message.