EU rules on sustainability due diligence marks a new age of corporate accountability
On 24 May 2024, in what was the final step in the EU legislative process, the Council of the EU officially adopted the Corporate Sustainability Due Diligence Directive, also known as the CSDDD or CS3D. The directive is expected to be a game changer in how companies value and address risks related to adverse impacts on human rights or environmental protection.
Obligations under the new rules
The CS3D, which is the result of lengthy negotiations and significant political compromise, introduces obligations for large companies to avoid and mitigate adverse impacts on human rights and environmental protection. The CS3D will eventually affect companies of more than 1,000 employees with a turnover of more than €450 million and their activities ranging from the upstream production of goods or the provision of services, to the downstream distribution, transport, or storage of products. Companies targeted by the CS3D will have to introduce procedures to monitor, prevent or remedy human rights or environmental damages, and will also have to adopt a climate plan to align their operations with the transition to a sustainable economy.
While the new rules only target companies of a certain size, they are likely to have a huge impact also on other businesses in Europe and elsewhere as targeted companies are not only required to adhere to the new rules themselves, but also to audit their supply chains to identify issues such as forced labour and environmental damage. The CS3D thus requires companies to ensure that human rights and environmental obligations are respected along their chain of activities, irrespective of where their suppliers are located.
If a company covered by the CS3D identifies a violation, it will have to take the appropriate measures to prevent, mitigate, end or minimise the adverse impacts arising from its own operations, those of its subsidiaries as well as those of its upstream business partners. The CS3D thus places a heavy burden on targeted companies and further weight is added by the fact that they can be held liable for any damage caused and will then also have to provide full compensation for such damage.
The timetable
The CS3D will enter into force this summer and the EU Member States then have two years to incorporate the new rules into their national legislation. When doing so, they will have to ensure that the rules take effect in three steps depending on the size of the companies following this timeline:
- Mid 2027 for companies with more than 5,000 employees and €1.5 billion turnover
- Mid 2028 for companies with more than 3,000 employees and €900 million turnover
- Mid 2029 for companies with more than 1,000 employees and €450 million turnover
While 2029 is five years away, all companies eventually targeted will have to start adjusting their operations already now to ensure compliance by that date as major adjustments may be required, and the risks associated with non-compliance are considerable.
Non-compliance may result in tough sanctions
Under the new rules, companies will have to develop preventative action plans and get their business partners to contractually agree to comply with the obligations imposed through the new rules. Once these agreements are in place, they will also have to ensure that their suppliers meet the requirements set out. Failure to comply with the new rules comes at a risk.
EU Member States are required to appoint national supervisory authorities and to provide these authorities with far-reaching investigatory and sanctioning powers. Companies suspected of wrongdoing thus risk intrusive investigations and tough sanctions, including ‘naming and shaming’ and fines of up to 5 percent of their worldwide turnover.
Adequate implementation strategies are key
With the CS3D pushing active legal obligations on companies to monitor, prevent, mitigate, manage and remediate adverse human rights and environmental impacts in their operations and supply chains as well as imposing new lines of civil liability for targeted companies, it is more important than ever to understand and adapt to this new legislative framework.
For companies caught by the new rules, identifying compliance and implementation strategies is vital. Targeted companies will need to clearly outline their due diligence policies and carry out risk assessments to prioritize the most significant human rights and environmental risks in their supply chains. These risks must then be addressed through a variety of means, including integrating codes of conduct into supplier contracts, as well as establishing a complaint mechanism.
Companies falling below the thresholds and therefore not directly covered by the new rules will also have to start adjusting their operations as larger customers will be prevented from purchasing goods or services from suppliers that are unable to ensure compliance. The CS3D is therefore expected to have repercussions far beyond its immediate scope of application.