EU Due Diligence Directive on Human Rights and Environmental Impacts

The EU Corporate Sustainability Due Diligence Directive took effect on July 25, 2024. This new law changes how EU businesses handle their Human Rights and Environmental Impacts. The directive, Directive (EU) 2024/1760, received approval on June 13, 2024. Companies must now support sustainable development by finding and fixing any negative impacts on human rights and the environment throughout their operations.

The directive creates rules that make businesses set up detailed mandatory due diligence policies beyond just their own operations. These new rules will affect about 6,000 large EU companies and 900 large non-EU companies. Companies that must comply include EU businesses with more than 1,000 employees and net worldwide turnover exceeding €450 million. The CSDD Directive also lets affected parties claim damages if companies fail to meet their obligations through intent or negligence. This legislation brings a fundamental change to corporate accountability in European markets.

Legal Foundations of the EU Due Diligence Directive

The Corporate Sustainability Due Diligence Directive marks a major step forward in EU’s regulatory framework. It sets binding rules for businesses about human rights and environmental practices. This piece explores the legal pillars that support this groundbreaking legislation.

Treaty on the Functioning of the European Union (TFEU) Basis

Directive (EU) 2024/1760 came into effect on July 25, 2024. Companies must now include human rights and environmental considerations in their internal policies and risk management frameworks. This directive shows a vital shift from voluntary corporate responsibility initiatives to legally binding regulations across the European Union.

The directive creates a detailed regulatory approach that promotes responsible business conduct in human rights and environmental protection throughout global value chains. It also has a structured timeline for implementation that gives Member States time to add the directive’s rules to their national laws. Businesses get adequate time to adjust to these changes.

Alignment with UN Guiding Principles and OECD Guidelines

The corporate sustainability due diligence directive’s alignment with international standards is vital. It turns voluntary international standards into binding EU law, drawing from:

• The UN Guiding Principles on Business and Human Rights (UNGPs)
• The OECD Guidelines for Multinational Enterprises
• The OECD Guidance on Responsible Business Conduct
• Various sectoral guidance documents

These international standards went through substantial development processes. The OECD Guidelines’ update took three years of multi-stakeholder work with 51 states (including 25 EU members), businesses, unions, and civil society. The updated Guidelines stay fully aligned with the UNGPs and got unanimous support from the OECD Council on June 8, 2023.

EU policymakers stress the need to harmonize national due diligence laws with these international standards. Yet, studies show the CSDDD compliance requirements for companies only partly aligns with these international frameworks. While it takes big steps toward matching international norms, the directive’s scope of covered companies, business relationships, and material impacts falls nowhere near complete alignment.

Connection to the European Green Deal and Sustainable Development Goals (SDGs)

The EU due diligence directive serves as the lifeblood of Europe’s broader sustainability agenda. It works among other key regulations like the Corporate Sustainability Reporting Directive (CSRD), Sustainable Finance Disclosure Regulation, Regulation on Deforestation-free Products, Conflicts Minerals Regulation, Batteries Regulation, and Forced Labour Ban Regulation.

The corporate sustainability due diligence directive pairs with CSRD to create a coherent regulatory framework. Together they redefine corporate responsibility in the Anthropocene era. Companies must now look beyond financial performance and shareholder value. They’re accountable for actual and potential negative effects on people, society, and the environment.

Companies must also develop and implement climate transition plans that match the Paris Agreement. This includes setting specific targets for both 2030 and 2050. These plans help the EU move toward a sustainable economy by preventing and reducing adverse human rights and environmental impacts across global supply chains.

The EU supply chain due diligence legislation helps advance sustainable development goals (SDGs) while creating clear legal duties for businesses. The CSDD directive’s mandatory due diligence requirements create fair competition for responsible business conduct across sectors and jurisdictions.

Scope of Application: Which Companies Are Affected

The corporate sustainability due diligence directive sets specific criteria that determine which businesses need to follow its rules. Companies need to know these thresholds to understand their responsibilities under the new framework.

EU Companies: >1000 Employees and >€450M Turnover

EU-based companies must follow the directive if they meet two main requirements at the same time. They need more than 1,000 employees on average and must generate over €450 million in net worldwide turnover. About 6,000 large EU limited liability companies and partnerships will need to follow these regulations.

Part-time and temporary workers count as full employees when calculating these numbers. Companies must maintain these figures for two consecutive financial years before they need to comply.

The corporate sustainability due diligence directive rolls out in phases based on company size:

• From July 26, 2027: Companies with more than 5,000 employees and over €1.5 billion net turnover
• From July 26, 2028: Companies with more than 3,000 employees and over €900 million net turnover
• From July 26, 2029: Companies with more than 1,000 employees and over €450 million net turnover

Companies close to these thresholds should keep track of their employee numbers and financial results to prepare for EU Due Diligence compliance.

Non-EU Companies with Significant EU Turnover

The EU Due Diligence directive reaches beyond EU borders. Non-EU companies must comply if they make more than €450 million in net turnover within the European Union market. Official estimates show that about 900 non-EU companies will need to follow these requirements.

Non-EU organizations follow the same timeline but based only on EU-generated revenue:

• From July 26, 2027: Companies with EU turnover over €1.5 billion
• From July 26, 2028: Companies with EU turnover over €900 million
• From July 26, 2029: Companies with EU turnover over €450 million

These rules create fair competition regardless of where companies have their headquarters. Non-EU companies must look at their EU turnover from “the financial year preceding the last financial year”. This creates a slight timing difference compared to EU-based companies.

Franchise and Licensing Models in Scope

The directive also covers businesses that use franchise or licensing arrangements, with different thresholds for these business models. EU and non-EU companies using franchising or licensing agreements that create a common corporate identity must follow the directive if their worldwide turnover exceeded €80 million last year, with at least €22.5 million coming from royalties.

EU companies must meet both thresholds worldwide, while non-EU companies only need to meet them for EU-generated amounts. This rule makes sure the directive covers business models that might otherwise avoid regulation despite their market presence.

The EU due diligence legislation also applies to corporate groups. Ultimate parent companies that reach the relevant thresholds based on their consolidated annual financial statements must comply. But holding companies gets an exemption. If the ultimate parent company’s “main activity is holding shares in operational subsidiaries and does not participate in management, operational or financial decisions affecting the group or its subsidiaries,” it might not need to comply if one of its EU subsidiaries takes on the parent’s obligations.

The CSDD directive sets clear rules for businesses while making sure it covers all economic activities that might affect human rights and the environment.

Understanding the Chain of Activities

The corporate sustainability due diligence directive centers around the “chain of activities”: a concept that sets the boundaries for companies’ due diligence obligations. This term is different from traditional supply chain concepts and helps businesses understand their responsibilities clearly.

Upstream and Downstream Business Partner Coverage

The chain of activities covers both direct and indirect business relationships. Companies need to perform due diligence across their upstream activities that relate to making goods or providing services. These activities include design, extraction, sourcing, manufacturing, transport, storage, and supply of raw materials and products. Product and service development also fall under this umbrella.

The scope narrows down for downstream activities to just:

• Distribution of the company’s products
• Transport of products for or on behalf of the company
• Storage of products by business partners

The EU Due Diligence Directive takes a unique approach to downstream partners based on whether they handle products or services. Service-related downstream activities don’t fit into the chain of activities definitions. This means service providers don’t need to track how their clients use their services.

Companies must look at both their direct business partners with commercial agreements and indirect partners who work without direct contracts. The EU due diligence directive treats both types of suppliers equally and extends responsibility through the entire activity chain.

Exclusions: Disposal and Certain Financial Services

Some activities stay outside the directive’s scope. Companies don’t have to worry about their products’ disposal or end-of-life management. Customer product use also falls outside these due diligence requirements.

Financial institutions work under special rules. The EU Due Diligence Directive asks regulated financial companies to check only their upstream business partners. Their downstream activities stay out of the scope. Banks, insurers, and investment firms won’t be responsible for the activities of parties they finance or invest in under the CSDD directive.

This partial exclusion came after long negotiations. The European Commission’s 2022 proposal originally included downstream financial services. The Commission will look at this exclusion again in two years and might suggest new sustainability requirements for financial institutions.

Definition vs. Supply Chain Terminology

The “chain of activities” concept is different from what we know as “supply chain” or “value chain.” It has a smaller scope than a complete value chain, which usually covers all activities, resources, and relationships throughout a product’s life.

The Corporate Sustainability Reporting Directive (CSRD) requires companies to report on their entire “value chain,” which goes beyond what the CSDDD covers downstream. The CSDD directive’s chain of activities is broader than supply chain terms used in other rules like Germany’s Supply Chain Act (LkSG), which mainly focuses on upstream relationships.

Companies should match their business relationships against the EU corporate sustainability due to diligence directive’s specific definition rather than using existing supply chain frameworks. They should also prepare for possible changes, especially in finance, as regulations move toward greater downstream accountability.

Core Due Diligence Obligations Under the CSDDD

The EU Corporate Sustainability Due Diligence Directive sets clear rules for companies. These rules help them spot and tackle negative effects on human rights and the environment in their operations. The directive follows a six-step process from the OECD Guidelines for Responsible Business Conduct. This creates a well-laid-out system to hold companies accountable.

Integration into Policies and Risk Management

Companies need to weave due diligence into their core by adding these processes to their policies and risk management systems. They must create a detailed due diligence policy that shows their approach and methods. The Due Diligence Policy needs input from employees and their representatives, and should include:

• The company’s long-term due diligence strategy
• Rules and principles for the company, its subsidiaries, and business partners in a code of conduct
• A full description of how due diligence blends with business operations

This Due Diligence Policy needs updates when big changes happen or at least every 24 months. This will give companies relevant working policies as their operations and risks change.

Identification and Assessment of Adverse Impacts

The corporate sustainability due diligence directive requires companies to take the right steps. They must find and review actual and possible negative effects from their work, subsidiaries, and business relationships. Companies should:

1. Map their operations to find where negative effects are most likely and serious
2. Take a deep look at known risks and how severe they are
3. Study value chains by looking at audit reports and using independent reports

Companies must focus their actions on the most likely and serious risks. This helps them use their resources where they matter most and manage risks better.

Prevention, Mitigation, and Remediation Measures

After finding risks, companies must take steps to prevent, alleviate, or stop negative effects. They can:

• Create prevention or correction plans with clear deadlines
• Get contract promises from direct business partners
• Invest money and resources in processes and infrastructure
• Change business plans, buying practices, and distribution methods
• Help SME partners build skills and give financial support
• Work with others to tackle problems

Sometimes companies can’t prevent or reduce enough impacts. In these cases, they should think about stopping business relationships as a last option. Companies must also fix actual negative effects by giving proper compensation or making things right.

Monitoring and Public Communication Requirements

Good implementation needs regular checks of due diligence measures. Companies should review how well their due diligence processes work. These reviews must happen yearly or after major operational changes.

The EU due diligence directive requires two main ways to communicate:

1. External Reporting – Companies must share their due diligence work in yearly statements on their websites. These reports should match broader EU sustainability reporting standards, especially the Corporate Sustainability Reporting Directive (CSRD).
2. Complaint Mechanisms – Companies must set up available and clear ways for stakeholders to report possible or actual negative effects. These systems must keep complaints private and stop any payback.

The EU Due Diligence Directive makes it clear that companies have an “obligation of means” not an “obligation of results”. Companies don’t need to guarantee zero negative effects. They just need to show they’ve taken all the right steps to find and address risks effectively. This approach creates a balance between holding companies responsible and being practical, since removing all negative effects right away might not be possible.

Climate Transition Plan Requirements

The EU’s corporate sustainability due diligence directive goes beyond basic due diligence. Companies must now create and put into action specific climate-related plans. These plans are vital to the EU’s climate strategy and make businesses responsible for their environmental effects.

Alignment with Paris Agreement and EU Climate Law

Companies need to create and implement climate change mitigation transition plans that arrange their business strategies with global climate goals. These climate–change plans must show they match the Paris Agreement’s goal to limit global warming to 1.5°C. This doesn’t guarantee results but asks companies to make their “best efforts” toward this goal.

The plans must support what the EU Climate Law wants to achieve. The law, (Regulation (EU) 2021/1119), aims for climate neutrality by 2050. Companies must also meet the intermediate targets in European Climate Law. This creates a complete roadmap for businesses.

Climate planning has changed from voluntary promises to legal requirements. This shift makes Climate Transition Plans a core business requirement with real consequences, not just a corporate social responsibility initiative.

Time-bound Targets for 2030 and 2050

Every climate transition plan needs specific time-bound targets about climate change:

1. Clear targets for 2030 and every five years after (2035, 2040, 2045) until 2050
2. Targets that use “conclusive scientific evidence”
3. Absolute emission reduction targets that cover greenhouse gas emissions across scopes 1, 2, and 3 for each significant category when needed

Companies must describe how they reach these targets through decarbonization. This means changes to products and services, and new technologies when needed.

Companies must update their plans yearly. Each update shows the progress toward meeting targets, which creates ongoing responsibility for climate action.

Role of Management and Investment Disclosure

Management’s role in climate transition plans is significant. Companies must explain how their administrative, management, and supervisory teams will watch over the plan’s implementation. This creates clear accountability in organizations.

Before starting, companies must explain and calculate investments and funding for their climate transition work. This financial openness helps ensure companies put enough resources into meeting climate goals. It also lets stakeholders assess how credible these transition plans are.

Companies that follow the Corporate Sustainability Reporting Directive (CSRD) will meet the CSDDD’s transition plan requirements automatically. This stops duplicate reporting while keeping high standards.

The EU corporate sustainability due diligence directive’s climate transition plan requirements create a practical approach to climate action. They combine ambitious goals with real-world implementation paths and turn abstract climate promises into actual business planning requirements.

Stakeholder Engagement and Complaint Mechanisms

The success of the corporate sustainability due diligence directive depends on two key elements. Companies must involve people in their business activities and give them ways to report their concerns to ensure Corporate Accountability. These elements make sure companies stay accountable to stakeholders during their due diligence process.

Meaningful Involvement with Affected Parties

A company’s ability to work with stakeholders is crucial for effective due diligence approaches. Businesses can better spot potential human rights issues and create proper solutions when they talk to affected parties throughout the process.

The CSDDD’s definition of “stakeholders” covers:

• Employees of the company and its subsidiaries
• Trade unions and workers’ representatives
• Consumers and other affected individuals
• Groups, communities, or entities whose rights or interests are affected
• National human rights institutions and environmental organizations
• Civil society organizations focused on human rights or environmental protection

The EU Corporate Sustainability Due Diligence Directive requires companies to talk to stakeholders at specific stages. These include identifying impacts, creating prevention plans, deciding about business relationships, fixing problems, and checking if solutions work.

The EU corporate sustainability due diligence directive makes it clear that involvement must be “meaningful.” Stakeholders should get relevant and detailed information. They need ongoing consultation and freedom from retaliation. Companies must remove barriers that prevent people from speaking up. Different groups need different approaches to make sure communication works for everyone.

Companies can work through industry groups or multi-stakeholder initiatives. However, the directive makes it clear that these group approaches can’t replace direct talks with a company’s employees.

Setting Up Notification and Complaint Channels

Companies must create formal ways for people to complain if they might face harm. These systems help spot risks before they damage people or the environment.

Member states must let these groups submit complaints:

• People who are affected or think they might be
• Trade unions and workers’ representatives
• Civil society organizations working in relevant areas

Companies also need systems where people can report problems without revealing their identity. These channels protect people who speak up by keeping their information private and stopping any pushbacks.

Companies must handle complaints fairly and openly. They need a clear process that everyone can see. If a complaint seems valid, the company must address it through due diligence. People who complain can ask about next steps, talk to company representatives, and learn what the company did to fix the problem.

Many businesses already have complaint systems because of other rules like the EU Whistleblowing Directive (2019/1937) or French anti-corruption law (Sapin II).

They can adapt these systems to meet new requirements. Still, companies must make sure everyone can use these systems and stay protected.

These mechanisms complete the EU due diligence cycle. They let affected people share their concerns and make sure companies fix any problems they find.

Enforcement, Supervision, and Penalties

The corporate sustainability due diligence directive sets up resilient enforcement mechanisms that make companies follow their obligations. Multiple layers of supervision combine with serious consequences if companies fail to comply with.

National Supervisory Authorities and EU Coordination

EU member states must pick one or more supervisory authorities by July 26, 2026, to monitor CSDDD compliance. These national bodies will receive extensive investigative powers. They can demand companies provide information, launch their own investigations, and respond when individuals and organizations validate concerns.

EU companies will answer to authorities in member states where they maintain registered offices. Authorities in member states with branches will supervise non-EU companies. Companies with multiple branches will report to authorities where they generate most EU turnover.

The European Commission plans to create a European Network of Supervisory Authorities. This network will help authorities line up their approaches across member states. Member states will share information and make their sanctioning practices consistent throughout the EU.

Penalties: Up to 5% of Global Turnover

National Supervisory Authorities can impose heavy financial penalties when companies don’t comply. Maximum fines must equal at least 5% of a company’s net worldwide turnover from the previous financial year. Parent companies face penalties based on their consolidated turnover.

Authorities must publish their decisions about violations. These decisions remain public for at least five years. Companies face both financial and reputation risks through this “naming and shaming” approach.

Several factors guide authorities when they set penalties:

1. Nature, gravity, and duration of the violation
2. Previous company violations
3. Financial benefits from the violation
4. Company’s remedial actions

Interim Measures and Product Market Restrictions

National Supervisory Authorities can take interim measures before completing their full investigations if they see imminent risk of severe, irreparable harm. This power lets authorities prevent damage while they get a full picture.

Authorities wield significant enforcement tools. They can order companies to:

1. Stop violations right away
2. Avoid repeating problematic behavior
3. Fix issues with proportionate measures

Member states have the power to pull products from the market. They can ban placement, which stops sales and exports. These product restrictions hit non-compliant businesses where it hurts – their commercial interests.

Civil Liability and Legal Remedies

The corporate sustainability due diligence directive creates a complete civil liability system. This system lets affected parties seek legal action when companies don’t fulfill their obligations.

Conditions for Civil Liability: Intent or Negligence

Companies become liable if they intentionally or negligently fail to meet due diligence obligations under Articles 10 and 11 of the Due Diligence directive. Legal action requires proof that the company’s failure damaged a natural or legal person’s interests protected by national law. Claimants must prove three key elements: actual damage, a breach of due diligence obligations, and a direct link between the breach and damage. Parties can bring such actions within at least five years.

Joint and Several Liability with Subsidiaries or Partners

The EU corporate sustainability due diligence directive includes provisions for shared responsibility. Damage from joint actions of a company and its subsidiaries or business partners leads to joint and several liability. Companies avoid liability if their business partners in the chain of activities caused the damage exclusively. This difference recognizes various levels of control in business relationships while ensuring accountability for direct actions.

Collective Redress Mechanisms and Limitations

The CSDD directive makes justice more accessible through collective action provisions. Member States need to set reasonable conditions that let injured parties authorize representatives to take legal action on their behalf. These representatives include trade unions or non-governmental organizations. Courts can order companies to share relevant information when claimants present reasonable claims. The Corporate Sustainability Due Diligence Directive wants to make sure judicial proceedings remain affordable for claimants.

EU Corporate Sustainability Due Diligence Directive

The Corporate Sustainability Due Diligence Directive marks a turning point for business accountability in the European Union. Companies must now follow strict requirements that go beyond their immediate operations to cover their entire activity chain. These organizations will face major operational changes as they set up detailed due diligence systems.

EU businesses that have more than 1,000 employees and €450 million turnover must get ready for compliance. This rule also applies to non-EU companies that make substantial revenue from European markets. They need to map out their business relationships, assess risks, and create solid ways to fix problems based on the timeline for implementation.

The EU Corporate Sustainability Due Diligence Directive is part of Europe’s broader push to address sustainability issues. Plans for climate transition that line up with Paris Agreement goals show the EU’s steadfast dedication to protecting the environment. The rules also make sure affected communities can provide meaningful input into corporate decisions.

Strong enforcement gives these rules real power. National supervisory authorities can investigate and impose penalties up to 5% of global turnover. On top of that, civil liability rules let affected parties seek compensation when companies don’t meet their due diligence duties.

Smart companies see this directive as more than just another rule to follow. It gives them a chance to improve risk management, become more resilient, and build trust with stakeholders. Companies that make climate-aligned supply chain ecosystem part of their core business strategy will gain an edge as regulatory standards keep evolving worldwide. The CSDDD changes legal frameworks to make corporate success depend on responsible business practices throughout global value chains.

Read more: Material Passports Explained: The Missing Link in Supply Chain Traceability