The AI Act is not the only legislative news to come out of the European Union so far this month. On Thursday, the Council for the European Union and the European Parliament announced that they reached “a provisional deal” on the Corporate Sustainability Due Diligence Directive (CSDDD), which aims to “enhance the protection of the environment and human rights in the EU and globally.” Due to its scope and its aim to harmonize corporate sustainability due diligence requirements across the EU, which up until now have been addressed through various pieces of separate legislation (such as Germany’s Act on Corporate Due Diligence Obligations in Supply Chains and France’s Law of Vigilance), the regulation is being characterized as “a pivotal moment” in shaping how companies navigate their environmental and human rights responsibilities.
The high-level view: First introduced by the European Commission in February 2022, the CSDDD will require companies to conduct environmental and human rights due diligence across their operations, subsidiaries, and value chains. At the same time, companies will be required to take measures to prevent or mitigate any potential impacts they identify, as well as end or minimize any real impacts.
The scope: The CSDDD’s rules will apply to both EU and non-EU companies. Generally, companies in the EU that have more than 500 employees and a net worldwide turnover of 150 million euros ($163.25 million) will fall within the bounds of the new rule. There is a notable caveat here, of court, which brings in companies that fall below that threshold but that operate in certain risk/impact sectors. Companies operating in any of these sectors will fall within the scope of the directive if: (1) they have more than 250 employees and with a turnover of more than 40 million euros, and (2) at least 20 million euros are generated in one of the sectors mentioned above.
What are the “high impact” sectors? Textile manufacture and wholesale; agriculture, forestry, fisheries and food product manufacture and wholesale; and extraction and wholesale of mineral resources, and manufacture of metal and non-metal products.
Not limited to EU-headquartered entities, the CSDDD targets all companies active in the EU market, even if their headquarters are outside the EU. For non-EU companies the law will apply if they have 300 million euros of net turnover generated in EU member states, three years from the rules coming into effect.
>> The broad applicability of the CSDDD has garnered pushback from non-EU-headquartered companies, with Reuters reporting this week that the law has “raised corporate hackles as far afield as the United States because its scope encompasses several thousand companies that do business in the bloc but are headquartered elsewhere.”
Not included in the scope of the CSDDD? The bulk of financial services. According to the EU Council, “The financial sector will be temporarily excluded from the scope of the directive, but there will be a review clause for a possible future inclusion of this sector based on a sufficient impact assessment.”
Director-level duties: In addition to imposing requirements on companies, the CSDDD also introduces duties for the “directors of the EU companies covered,” including “setting up and overseeing the implementation of the due diligence processes and integrating due diligence into the corporate strategy.” The European Commission notes that in fulfilling their duty to act in the best interest of the company, “directors must take into account the human rights, climate change and environmental consequences of their decisions.” (For a deeper dive into what this might mean in terms of claims against companies’ directors for ESG breaches, you can find that here.)
Enforcement: In terms of how the CSDDD will be enforced, there are two main mechanisms …
(1) Civil suits: Victims can take civil action directly against companies that have run afoul of the regulation in court in the EU. “Member States will ensure that victims get compensation for damages resulting from the failure to comply with the obligations of the new proposals,” according to the European Commission.
(2) Administrative action: Member States will designate an authority to supervise and impose “effective, proportionate, and dissuasive sanctions,” including fines of as much as 5 percent of a company’s global turnover and compliance orders. At the same time, Commission will set up a European Network of Supervisory Authorities at the EU level that will bring together representatives of the national bodies to ensure a coordinated approach.
What people are saying …
> “For the first time, there will be a comprehensive legal framework for communities anywhere in the world to sue companies responsible for human rights abuses and environmental harms in European courts,” Global Witness, which campaigns against human rights abuses, told Reuters.
> Richard Gardiner, EU policy head at the World Benchmarking Alliance, said that the CSDDD “gives companies a clear legal mandate that they must address the human rights and environmental harms across their upstream and downstream supply chains.”
> Leo Donnachie, Institutional Investors Group on Climate Change’s Senior Policy Manager (Sustainable Finance), said: “We particularly welcome the robust provisions for companies (including financial institutions) to adopt and put into effect transition plans that align with a 1.5C world, including emission reduction targets. This should help to close the ‘comply or explain’ loopholes in EU transition plans and help to make sure companies take action at the pace and scale needed to reach net zero.” Although Donnachie says that the rule falls short in excluding “the role the financial sector has to play in the context of sustainability due diligence.”
> “This new law sets important human rights requirements for companies, but the EU has failed to go far enough,” said Hannah Storey, Amnesty International’s Policy Advisor on Business and Human Rights. Among other shortcomings, she asserted that the “CSDDD only applies to very large companies, meaning many others will be able to continue harming human rights unchecked,”
> “By fully exempting financial activities from due diligence obligations, the agreement completely ignores finance as a key driving force of today’s economy, thereby severely weakening the impact of the Directive. The deal also deprives the financial sector of the opportunity to foster more informed, risk-resilient financial decisions,” said Uku Lilleväli, Sustainable Finance Policy Officer at the World Wildlife Foundation European Policy Office
Next steps: The proposal must now receive final approval from the European Parliament and the Council. Once adopted, Member States will have two years to transpose the Directive into national law and communicate the relevant texts to the Commission.
As for what companies can do now, Deloitte recommends the following as a starting point …
Meanwhile, Baker McKenzie’s Anahita Thoms, Alexander Ehrle and Kimberley Fischer said in a note on Friday, “Key to comply with the national laws implementing the CSDDD at EU Member State level going forward will be the establishment of a risk management system that allows for regular risk analyses as well as prevention and remediation mechanisms, including an internal complaint procedure for disclosing human rights and environment-related risks and violations.”