A Corporate Sustainability Due Diligence Directive (CSDDD) Explainer - Last Updated: June 25, 2023

What is the EU Corporate Sustainability Due Diligence Directive (CSDDD)?

The Corporate Sustainability Due Diligence Directive (CSDDD) is an EU sustainability and ESG (environmental social governance) standard adopted as a proposal by the European Union Commission on February 23, 2022. The CSDDD is a regulation designed to help companies and businesses identify, prevent, mitigate, and account for environmental impacts and human rights abuses from their supply chains and sourcing operations.

The CSDDD is a companion law to the EU Corporate Sustainability Reporting Directive (CSRD), which bears acronym and intent similarity, but represents a different set of regional sustainability reporting and disclosure requirements.

The CSDDD will apply to the following companies and sectors:

1. Group 1 - EU companies with over 500+ employees and €150 million+ in net annual turnover or revenue
2. Group 2 - Other companies operating in defined high impact sectors who do not meet both Group 1 thresholds, but have more than 250 employees and turnover of €40 million worldwide and more. Rules will start to apply 2 years later than for group one
3. Group 3 (non-EU) - Non-EU, global companies active in the EU who meet turnover thresholds aligned with Group 1, generated within the EU
4. Group 4 (non-EU) - Non-EU, global companies active in the EU who meet turnover thresholds aligned with Group 2, generated within the EU

This proposal applies to a company's direct operations, subsidiaries, and their value chains (direct and indirect established business relationships). Small and medium enterprises (SMEs) are not directly impacted by the disclosure and reporting requirements this proposal, however many of these businesses are suppliers within larger corporate supply chains of companies who do meet the CSDDD's supply chain due diligence reporting criteria.

Corporate Sustainability Due Diligence Directive (CSDDD) Implementation Timeline

The CSDDD was first proposed by the European Commission in February 2022, and is currently being negotiated by the European Parliament and the Council of the European Union. The CSDDD is expected to be adopted by the end of 2023 and come into force in 2024.

Based on the EU's most recent guidance, the timeline for the CSDDD coming into effect is:

• 2023 - Lawmakers in the European Parliament voted 366-225 on June 1 to provisionally approve the CSDDD as a regulatory mandate. From here, official negotiations between the EU Parliament and the European Council on the CSDDD will proceed, with the goal of reaching a final agreement by the end of the year
• 2024 - The Corporate Sustainability Due Diligence Directive (CSDDD) becomes EU law
• 2026 - The CSDDD will be transposed into national law by the Member States by 2026. We expect 2026 will be the first year large, eligible businesses in CSDDD group one will need to comply with the CSDDD, including its reporting and disclosure standards. It's not yet clear if CSDDD reports would be due based on a company's 2025 or 2026 fiscal year and operations. This information and exact timeline should be clarified by the end of 2023, or early 2024
• 2028 - Companies and businesses in group two will need to begin their CSDDD reporting and disclosure. Smaller companies may be able to delay applying the new rules by one additional year
• 2029 - International companies with more than 500 employees and €150 million annual revenue within the EU (group three) will likely be required to start reporting under the EU CSDDD at a consolidated group level. It's not yet clear if this includes non-EU activity as well.
• 2030 - Non-EU companies in group four need to start reporting, disclosure, and compliance under CSDDD

This means companies in group one (EU-based with over 500+ employees and €150 million+ annual revenue) should start planning and preparing to implement their CSDDD compliance approach by 2025 in order to be ready for the 2026 CSDDD reporting cycle to stay compliant. It's not yet known exactly how the EU Commission or specific member states will penalize businesses who fail to comply with the CSDDD, but according to the Commissions’ requirements within the Directive, non-compliant eligible organizations could have their company’s goods taken off the market, face fines as high as 5% of their global revenue, or – for non-EU international companies – be banned being able to sell into the EU.

Why is the EU Introducing the Corporate Sustainability Due Diligence Directive (CSDDD)?

The goal of the EU Corporate Sustainability Due Diligence Directive is to promote full economic transformation towards sustainability, including value chains. Supply chains often represent 60-90% of a company's environmental impacts and carbon emissions, which makes supply chain sustainability and due diligence critical aspects of the region's overall sustainable transition plan. Human rights protections for supply chain workers are also of great importance, falling within the scope of the CSDDD as well. The EU wants to ensure all supply chain workers have access to safe, healthy, and humane work conditions.

Currently, Germany has already passed its own national Supply Chain Due Diligence Act, known in German as Lieferkettensorgfaltspflichtengesetz (LkSG). LkSG went into effect on January 1, 2023 for organizations with over 3,000 employees currently doing business in Germany. Other EU countries like the Netherlands have also proposed similar supply chain due diligence and human rights laws.

How to Comply with the Corporate Sustainability Due Diligence Directive (CSDDD)'s Reporting Requirements?

In order to comply with the EU CSDDD regulations, eligible companies will need to:

Companies that are subject to the CSDDD will be required to report on their due diligence findings. The reports must be published on the company's website and made available to the public. The CSDDD also includes a number of other, yet-to-be-finalized compliance requirements.

Two notable compliance points about the CSDDD are that, first, under the EU's current CSDDD position, eligible businesses will be required to calculate and report of their Scope 3 greenhouse gas emissions. Second, CSDDD rules also require companies with more than 1,000 employees to tie performance on their plan’s targets to directors’ variable compensation.

It's not yet known if and to what extent the CSDDD will apply to financial services companies. Currently, the EU Council plans to give Member States the right to choose whether to apply the CSDDD to domestic financial services organizations when they enact the Directive into national law, as well as which types of financial institutions and activities need to be covered. An additional open question is if and how EU CSDDD reporting will be integrated with the EU's sustainability taxonomy. Like the EU CSRD, CSDDD reporting may also require third party assurance in the future.

A Few Helpful Recommendations

Your Next Steps With CSDDD Sustainability Due Diligence and Reporting

As you're likely already aware, the EU is implementing several new, major sustainability rules, laws, and disclosure requirements in 2023 and beyond, including the CSDDD. For organizations in the early stages of their sustainability reporting and supply chain due diligence roadmap(s), we have a few general recommendations, additional reading, and suggested next steps:

Sustainability leadership attention and structure - Ultimately, the board and senior management have a responsibility to oversee sustainability issues, and to assess the potential sustainability and climate risks to a company’s overall strategy. The CSDDD in particular carries specific clear requirements for corporate director oversight among larger entities. Clarify the board and senior management's role(s), structure, and processes around sustainability and supply chain due diligence, including which committee(s) will review and decide on sustainability matters, resources, and disclosure. Your company will likely also want to set up one or more sustainability working groups or committees (as well as formal departments), comprising management and staff, to implement action plans, collect data, track sustainability KPIs, and report to the board and senior management.

Materiality assessment - Before collecting data or thinking about preparing your first report, you need to conduct a “Materiality Assessment” to help determine what your sustainability risk exposure areas and priorities should be in order to stay compliant with and get ready for the CSDDD. A materiality assessment is a project which determines and ranks the most material themes for your business based on market data, stakeholder interviews, and surveys. For example, a healthcare company might focus on healthcare access, affordability, innovation, and its supply chain. A technology company could focus on data privacy, security, data center emissions, and STEM education access. Pick and rank the right sustainability themes depending on your organization’s mission, sector, model, value chain, and ESG maturity.

Map, engage, and prioritize your top supply chain relationships - While most organizations already have a clear picture of their largest Tier 1 suppliers, it's important to start with a good data baseline across your supply chain. Who are your most strategic suppliers? Who are the highest risk? Whic suppliers have and haven't been audited? Who's responsible for sustainability and ESG due diligence at each supplier? What social compliance, ESG, or sustainability risk assessments and audits have you conducted so far (if any)? Whether your organization works with dozens of suppliers and vendors or thousands, value chain engagement on sustainability is a prioritization exercise, and also a diplomatic one. Start with your most important relationships, build capacity, momentum, and proofs-of-concept with those top partners, then scale those best practices to your other relationships through programs, policies, and standards.

Sustainability and supply chain data systems and process - While this might go without saying, in order to report your organization's sustainability performance, you need to know what it is - with a high degree of accuracy. Your materiality process can help guide you toward the main sustainability themes you may need to focus on and collect data around. Many organizations start their sustainability reporting and supply chain due diligence with relatively simple spreadsheets, surveys, and documents, but things can get complex fast - particularly for larger companies. If you're an organization with a medium-to-large or complex environmental footprint, you likely need dedicated sustainability reporting and data management software, like the kind we design here at Brightest to help organizations stay ESG compliant. Ongoing report archiving, version control, and governance are also important to think about, since you'll be reporting every year.

Further reading - Our free guide to ESG reporting provides additional, detailed guidance and insights on how to report your sustainability performance.