Skip to main content
All
June 3, 2024

The EU’s Corporate Sustainability Due Diligence Directive

Advisory

Introduction and Background

On May 24, 2024, the Council of the European Union gave its final approval to the Corporate Sustainability Due Diligence Directive (CSDDD or directive) that was proposed by the European Commission in February 2022.1 This milestone marks the completion of the legislative process to establish a uniform standard for sustainable and responsible business practices across the EU.

The directive introduces obligations for large EU and non-EU companies related to compliance with human rights and the impact on the environment in their operations and supply chains. Consequently, the CSDDD represents a landmark shift from voluntary and varied standards2 on corporate responsibility to EU-wide mandatory obligations for corporations to prevent and address human rights abuses and environmental harm. 

The CSDDD seeks to mandate companies’ compliance with existing international standards on responsible business conduct (RBC), namely the UN Guiding Principles on Business and Human Rights, which recognize the responsibility of companies to exercise human rights due diligence (HRDD), and the Organisation for Economic Co-operation and Development Guidelines for Multinational Enterprises, which recognize the concept of HRDD and extend the application of due diligence to environmental and governance topics. Its ultimate aim is to create a more level playing field for companies engaged in RBC.

The CSDDD will officially enter into force 20 days after its publication in the Official Journal of the European Union.3 All EU member states will have two years to incorporate the CSDDD into national legislation and comply with the directive.

For U.S. businesses with a presence in the EU, understanding and preparing for these new obligations is crucial to ensure smooth operations and adherence to the new regulatory landscape. The new due diligence requirements apply not only to the direct actions of a company, but also to their subsidiaries and “chain of activities.” Thus, a U.S. company that conducts a certain level of business in the EU could become liable for the actions of its business partners.

Main Features of the CSDDD

Scope of Application

The directive applies to large EU companies and non-EU companies that meet specific turnover thresholds, respectively, worldwide or within the EU market. The directive will affect companies with over 1,000 employees and a net turnover exceeding €450 million. This scope was substantially narrowed from the initial proposal through various phases of negotiations by the EU Council.4 It is estimated that 5,300 companies will be covered by the current scope.

Due Diligence Requirements

  • Risk Identification and Assessment: Companies must continuously identify and assess actual and potential adverse impacts on human rights and the environment throughout their operations, chains of activities, and business relationships. This involves mapping out entire value chains to highlight areas prone to risks. The identification of adverse impacts as well as updates to the climate transition plans should take place every 12 months.
  • Preventive and Mitigative Measures: Once risks are identified, companies must implement measures to prevent and mitigate these adverse impacts. This includes setting up robust policies, practices, and management systems to address identified risks effectively.
  • Monitoring and Reporting: Companies are required to regularly monitor the effectiveness of their due diligence processes and provide annual public reports detailing their findings and actions taken. This transparency is designed to allow stakeholders, including investors, consumers, and regulators, to assess the company’s commitment to sustainability.
  • Stakeholder Engagement: Engaging with stakeholders is a critical component of the CSDDD. Companies must consult with affected parties, including employees, communities, and civil society organizations, to ensure their voices are considered in the due diligence process.
  • Remediation Mechanisms: Companies must establish or participate in effective remediation processes to address any adverse impacts that occur. This includes setting up grievance mechanisms to provide affected individuals and communities with access to remedies.

Enforcement and Sanctions

  • National Supervisory Authorities: Each EU member state will appoint authorities responsible for overseeing compliance with the directive.
  • Sanctions: Companies that fail to comply with the CSDDD may face significant fines, potentially up to 5% of their global turnover. Additionally, the directive introduces civil liability for damages caused by failure to meet due diligence obligations.
  • Public Procurement Exclusion: Noncompliant companies might also be excluded from public tenders and procurement processes within the EU.

Impact on U.S. Businesses: Key Takeaways

Compliance Obligations

U.S. companies operating in the EU, or with significant business activities in the EU, will need to align their practices with the CSDDD. This includes a thorough review and potentially significant restructuring of their supply chain management and business practices to identify and mitigate risks related to human rights and environmental impacts.

Businesses must integrate comprehensive due diligence processes into their operations. This includes conducting regular risk assessments, establishing new policies and procedures, and engaging in continuous monitoring and reporting. Companies will also need to foster closer relationships with suppliers and business partners to ensure compliance throughout the value chain.

Financial Implications

Implementing the required due diligence measures will involve considerable costs. These costs may include investments in new technologies, hiring additional staff for compliance roles, and conducting extensive training programs. However, the potential financial penalties for noncompliance are significant, making the investment in compliance measures essential.

Legal Exposure

The civil liability provisions of the CSDDD mean that U.S. companies could face lawsuits in EU member states if they fail to adequately prevent or mitigate adverse impacts. This legal risk necessitates a proactive approach to compliance, including detailed documentation and robust internal controls to demonstrate due diligence efforts.

Conclusion

The CSDDD represents a significant regulatory shift aimed at promoting sustainable and responsible business conduct. While the CSDDD presents compliance challenges, it also offers opportunities for U.S. businesses to enhance their reputation and competitive edge. Companies that effectively implement these due diligence measures can position themselves as leaders in sustainability and corporate responsibility, potentially attracting more socially-conscious investors and customers.

Preparing for, and adapting to, these requirements will be essential for maintaining market access and ensuring long-term business success in the EU. U.S. companies should start by conducting a thorough review of their current practices and supply chains, engaging with stakeholders, and developing robust compliance frameworks. Legal and strategic advice from experts will be invaluable in navigating these complex requirements and leveraging them for competitive advantage.

For more information about how the EU’s CSDDD may impact your business, please contact any of the authors of this Advisory or your usual Arnold & Porter contact.

© Arnold & Porter Kaye Scholer LLP 2024 All Rights Reserved. This Advisory is intended to be a general summary of the law and does not constitute legal advice. You should consult with counsel to determine applicable legal requirements in a specific fact situation.

  1. Council of the European Union, Corporate sustainability due diligence: Council gives its final approval (May 24, 2024). Of the 27 EU states, 17 voted in favor while 10 abstained from the vote. Due to the nature of the voting requirements, an abstention has the same effect as voting against the directive. The following EU countries abstained: Austria, Belgium, Bulgaria, Czech Republic, Estonia, Germany, Hungary, Lithuania, Malta, and Slovakia. In favor: Croatia, Cyprus, Denmark, Finland, France, Greece, Ireland, Italy, Latvia, Luxembourg, Netherlands, Poland, Portugal, Romania, Slovenia, Spain, and Sweden.

  2. In recent years, several European countries have enacted value chain due diligence laws, mandating corporations to address human rights, labor rights, and environmental risks within their operations and those of their business partners. Notable examples include France’s Duty of Vigilance Law, Germany’s Supply Chain Due Diligence Law, and Norway's Transparency Act. Other efforts in countries like the Netherlands, Belgium, and Austria have been underway.

  3. The law is expected to enter into force around mid-June 2024.

  4.  Originally, the draft version of the CSDDD (released on January 30, 2024) impacted approximately 16,800 companies with 500 employees and a turnover of €150 million.