The Corporate Sustainability Due Diligence Directive (CSDDD), often referred to as CS3D, came into force on 25 July 2024, after two and a half years of delays and controversy. 

Member states must now transpose CSDDD into national laws and are permitted to introduce legislative provisions more stringent than those in the CSDDD directive to achieve an enhanced level of protection of human, employment and social rights, the environment or the climate.

CSDDD requires in-scope businesses to conduct risk-based human rights and environmental due diligence exercises through their value chain.

Purpose

CSDDD seeks to strengthen the European Union’s engagement in actively promoting the global implementation of various international guidelines, such as the UN Guiding Principles. This includes delivering on the European Parliament, the Council of the European Union and the European Commission’s commitment to deliver an economy that works for people and to improve the regulatory framework on sustainable corporate governance.

More specifically, the Directive aims to ensure that businesses:

1. contribute to sustainable development and the sustainability transition of economies and societies;
2. prioritise, mitigate, minimise and remediate actual or potential adverse human rights and environmental impacts, in their corporate group and supply chain operations; and
3. are subject to legal ramifications where they fail to comply with the relevant requirements.

Controversy

The Directive has caused controversy due to the protracted negotiations leading up to its final passage.

Shortly before the Council of the EU was due to vote on the final text of CSDDD, both Germany and Italy announced that they would abstain from voting. Other EU countries, including Sweden and Finland, also expressed reservations about the Directive.

These led to the Directive being removed from the meeting agenda twice and 45-day closed-door negotiations. The Directive was ultimately passed in a watered-down form with a much narrower scope of application. It is estimated that, in the negotiations, the number of companies now in scope has been reduced by almost two thirds, meaning that only around 5,400 EU companies will have to comply.

Scope and application to non-EU businesses

EU companies:

1. with more than 1,000 employees on average and that had a net worldwide turnover of more than €450,000,000 in the last financial year for which annual financial statements have been prepared; or
2. which are the ultimate parent company of a group that reach the threshold in paragraph (a) above; and
3. have met the condition in (a) or (b) above for two consecutive financial years, are in scope. 

Non-EU companies:

1. with a net turnover of more than €450,000,000 in the European Union in the financial year preceding the last financial year; or
2. which are the ultimate parent company of a group that reach the threshold in paragraph (a) above; and
3. have met the condition in (a) or (b) above for two consecutive financial years,
   • integrate human rights and environmental due diligence into their policies and risk management systems; are in scope. 

Exemptions

SMEs, micro companies, UCITS and AIF are exempted. 

How are financial services businesses affected?

Whilst UCITS and AIFs are exempted (and separately subject to SFDR), regulated financial undertakings such as credit institutions, investment firms and fund managers are caught regardless of their legal form.

Under CSDDD in scope entities are required to conduct due diligence on their “chain of activities”, both upstream and downstream (with various exclusions). For regulated financial undertakings the requirement differs, with CSDDD applying only to the “upstream” activities of financial services businesses, such as strategising and pre-contractual negotiations. Their “downstream” activities of distributions, marketing and the like are exempted.

CSDDD notes that regulated financial undertakings are however expected to consider adverse impacts and to use their so-called “leverage” to influence investee companies, by exercising their shareholder rights (among other things). 

In respect of their in-scope activities, financial services businesses are, amongst others, required to:

•  identify, assess and prevent potential adverse impacts;
• bring adverse impacts to an end and minimise their impacts; and
• improve stakeholder engagement mechanisms.

Transition plans

CSDDD requires in scope entities to prepare and execute climate change transition plans in line with the Paris Agreement with climate targets for 2030 and 2050, including for Scope 3. 

Transition plans will be required to be updated annually and any entity with an existing transition plan pursuant to the Corporate Sustainability Reporting Directive will be deemed to have complied.

Timeframe for compliance

Member States have until 26 July 2026 to publish and adopt relevant laws and regulations for complying with CSDDD.

The timeline for individual businesses to comply with the Directive is as follows.

Sanctions for non-compliance

Firms in breach of the Directive will face civil penalties. Member States have wide discretion in prescribing the rules and regulations governing penalties, provided that the resultant framework complies with the principles laid down in the Directive. 

Examples of penalties includes public censure, damages and injunction.

What should firms do now? 

• Firms should start carrying out scoping exercises to determine the extent of their businesses that are captured by CSDDD.
• Firms that are in-scope should then start conducting gap analysis in respect of their existing policies and processes in the following respect:
  • due diligence; 
  • risk management; 
  • stakeholder engagement; and
  • climate transition planning.
• They should also evaluate their business strategies to ensure any future business plans comply with CSDDD.
• Firms that are not currently in-scope can carry out a high-level review and, where applicable, amend their policies and procedures to align with the principles underlying CSDDD. This will help reduce the potential scope of work should those firms be captured by an amended CSDDD in the future.