Authors: Johanna Lilli Rehkopf, Felix Oberhardt, Merle Kreibaum, Alena Meyer , August 31, 2024
1. Definition and Relevance
The Corporate Sustainability Due Diligence (CSDDD), officially known as Directive (European Union (EU)) 2024/1760, was published in the Official Journal of the European Union on 5 July 2024 and came into force 20 days later. EU member states are now required to transpose the CSDDD into national law by 26 July 2026. In Germany, this will likely be achieved by amending the Supply Chain Due Diligence Act, also known as ‘Lieferkettensorgfaltspflichtengesetz’ (LkSG).1
1.1 Definition
The CSDDD is an EU-wide directive that establishes comprehensive due diligence obligations in the areas of human rights and the environment. Companies are not only obliged to identify and prevent the impact of their own activities on human rights and the environment, but also of their subsidiaries and other business partners in their value chains with whom they maintain indirect or direct business relationships. An indirect business partner is any entity involved in business activities related to the company’s activities, products, or services. In contrast, a direct business partner is an organisation with which the company has a business agreement for its activities, products, or services, or to which it provides services as part of the ‘activity chain’. The ‘activity chain’ encompasses the activities of a company’s upstream and downstream business partners. Further details are provided in the Annex to the CSDDD. In addition, the companies concerned must develop and implement a plan to comply with the 1.5-degree target and the objective of achieving climate neutrality as established in Regulation (EU) 2021/1119. They are obliged to obtain contractual assurances from their direct business partners regarding compliance with these plans and to subsequently verify compliance.2
According to the CSDDD, a company concerned must take the following measures to fulfil its human rights and environmental due diligence obligations and thus the requirements of the CSDDD.
Article 7: Affected companies must ‘integrate due diligence into all their relevant policies and risk management systems and have in place a due diligence policy that ensures risk-based due diligence’.2
Article 8: Affected companies must ‘take appropriate measures to identify and assess actual and potential adverse impacts arising from their own operations or those of their subsidiaries and, where related to their chains of activities, those of their business partners, in accordance with this Article’.2
Article 9: Affected companies must prioritise the actual and potential adverse impacts IDENTIFIED in accordance with Article 8 ‘based on the severity and likelihood’ and address them in the order of importance, unless they can ‘prevent, mitigate, bring to an end or minimise all identified adverse impacts at the same time and to their full extent’.2
Article 10: Affected companies must ‘take appropriate measures to prevent, or where prevention is not possible or immediately possible, adequately mitigate, potential adverse impacts that have been, or should have been, identified’. Negative impacts with a high priority (Article 9) must be addressed first.2
Article 11: Affected companies must take measures to bring actual adverse impacts to an end. If the adverse impact cannot be brought to an end immediately, companies must ‘minimise the extent of that impact’. Here, too, negative impacts must be addressed first with high priority.2
Article 12: Affected companies must provide redress if they are directly responsible for an actual negative impact.2 For example, people affected by actual negative impacts are entitled to financial compensation.3
Article 13: Affected companies must meaningfully involve stakeholders in the due diligence process.2
Article 14: Affected companies must provide opportunities for people and entities affected by actual or potential negative impacts, their representatives and bystanders to inform the company about these actual or potential negative impacts within the chain of activities.2
Article 15: Affected companies must assess their own ‘operations and measures, those of their subsidiaries and, where related to the chain of activities of the company, those of their business partners’ and monitor the ‘adequacy and effectiveness of the identification, prevention, mitigation, bringing to an end and minimisation of the extent of adverse impacts’.2
Article 16: Affected companies must report on their due diligence process by publishing an annual statement on their website. By 31 March 2027, the Commission shall supplement this Directive by means of delegated acts in accordance with Article 34 by specifying the content and criteria for reporting, in particular by providing ‘sufficiently detailed information on the description of due diligence, actual and potential adverse impacts identified, and appropriate measures taken with respect to those impacts’. Companies that are required to prepare a sustainability report in accordance with the CSRD do not have to publish a CSDDD report.2
In Figure 1, the phased implementation of the CSDDD is outlined, showing the progressive inclusion of companies based on employee numbers and turnover. Three years after the Directive comes into force on 26 July 2027, it will first apply to EU companies with more than 5,000 employees and a turnover exceeding 1.5 billion euros (also third country companies with an EU-wide net turnover above 1.5 billion euros). The following year, on 26 July 2028, the scope expands to include companies with more than 3,000 employees and a turnover above 900 million euros (also third country companies with an EU-wide net turnover above 900 million euros). By 26 July 2029, five years after the directive’s enforcement, the requirements will extend to companies with over 1,000 employees and a turnover exceeding 450 million euros. Additionally, EU-based franchise companies with a turnover above 80 million euros, of which at least 22.5 million euros is generated through license fees, will be affected, with similar thresholds for non-EU franchise companies based on their EU-generated turnover. This phased approach gradually lowers the thresholds, thereby broadening the directive’s applicability to smaller companies over time.2
Figure 1: Adopted directive (own illustration based on Directive (EU) 2024/1760, Article 372)
1.1. Relevance of the CSDDD
The CSDDD is of crucial importance as it promotes sustainable practices and thereby reduces the environmental impact. It contributes significantly to the protection of human rights by improving labour conditions worldwide. Millions of men, women and children work under inhumane conditions in global supply chains: they receive wages that are not enough to survive, are exposed to abuse in the workplace and repeatedly suffer fatal accidents in factories. companies from the Global North exacerbate these conditions by setting strict price targets and tight delivery deadlines. So far, certifications and voluntary commitments have proven to be insufficient to sustainably improve these abuses.4
The CSDDD addresses precisely these problems and offers a comprehensive approach to improving the situation. By emphasising sustainable business models, it not only strengthens consumer and investor confidence in companies, but also gives them a competitive advantage. In addition, the directive contributes to legal certainty by minimising the liability risk of companies. Overall, the CSDDD makes an important contribution to the creation of fairer and safer working conditions worldwide and promotes responsible and sustainable corporate governance.5
2. Background
On the 23 February 2022, the European Commission published a proposal for a directive on corporate due diligence obligations with regards to human rights and the environment in value chains.
In 2023, during the ‘trilogue’ negotiations, the European Commission, the European parliament, and the European Council discussed how to adapt the draft directive from February 2022, considering the three positions before its adoption. On 14 December 2023, the EU parliament and the European Council reached a provisional agreement on the CSDDD.1
Figure 2 presents the three trilogue proposals for implementing a new directive by the European Commission, European Parliament, and European Council.
The European Commission proposes two groups: (1) large companies with at least 500 employees and 150 million euros turnover, and (2) high-risk sector companies (e.g. agriculture, textiles) with at least 250 employees and 40 million euros turnover. Criteria are based on global turnover for EU companies and EU turnover for non-EU companies.6
The European Parliament also suggests two groups: (1) EU companies with at least 250 EMPLOYEES and 40 million euros turnover, or parent companies with 500 employees and 150 million euros turnover, and (2) non-EU companies with either 150 million euros turnover, including 40 million in the EU, or parent companies with 500 employees.6
The European Council sets the highest thresholds: EU companies must have at least 1,000 employees and 300 million euros global turnover, while non-EU companies need 300 million euros turnover within the EU. Despite these approaches, none were adopted in their original version due to various barriers. On the 24 of April 2024 the final Directive (EU) 2024/1760 was adopted by the EU Parliament in Strasbourg. After that, the CSDDD was officially published on the 5 of Juli 2024 by the EU.6
The reasons and the need for such an obligation and thus the ultimate adoption of the CSDDD are emphasized in the official CSDDD legislation (EU) 2024/1760. Reference is made here in particular to EU-wide standards and guidelines. The Charter of Fundamental Rights of the european Union sets out a wide range of fundamental values on which the EU is founded. These include values such as respect for human dignity, democracy, freedom, equality and the rule of law. Various guidelines have subsequently developed from these fundamental values. Important for the CSDDD are especially the Guidelines for Multinational Enterprises of the Organization for Economic Cooperation and Development (OECD). These guidelines set out a concept for human rights due diligence. This was further developed to include the topics of the environment and corporate governance in the Guidelines for Responsible Business Conduct and thus now provides the basis for the Corporate Social Due Diligence Directive.2,7
The OECD Guidelines provide six steps for addressing the mentioned issues in Chapter 1.2. ‘Relevance of the CSDDD’. These are the following points2:
- ‘integrating due diligence into company policies and management systems’,
- ‘identifying and assessing adverse impacts on human rights and the environment’,
- ‘preventing, remediating or minimising actual and potential adverse impacts on human rights and the environment’,
- ‘monitoring and evaluating the effectiveness of actions’,
- ‘communicating, and’
- ‘providing remediation’.
These steps ensure that companies act proactively and responsibly to minimise the negative impact of their business activities on human rights and the environment. Further detailed information on the implementation of the CSDDD can be found in Chapter 3. ‘Practical Implementation’ of this wiki. With a reference to the United Nations Guiding Principles on Business and Human Rights, the CSDDD Guideline of 2024 emphasizes the special responsibility companies have to implement the mentioned values. In addition, the Treaty on the Functioning of the European Union serves as the value basis for the CSDDD. In the treaty, the EU has also committed itself to protecting the environment and improving the quality of the environment, which was ultimately bundled in the European Green Deal.2
To fulfil the guidelines described, other laws and directives have already been passed in the EU, from which the CSDDD ultimately developed. Especially three directives, which regulate human rights in supply chains, served as inspiration for the CSDDD.8 These are the ‘Loi de Vigilance’ from France from 2017, the Norwegian Transparency Act which entered into force in 2022 and the German LkSG.9-11 The latter was adopted in 2021 and officially entered into force in 2023.10In the ‘Loi de Vigilance’, the companies concerned must draw up a due diligence plan that describes how risks relating to human, but also environmental, rights are identified and pre-vented in their supply chains. The directive is based, among other guidelines, on the UN Guiding Principles.9 The Norwegian Transparency Act, which was adopted somewhat later, has a similar structure. Likewise, it must be transparently demonstrated that companies comply with human rights and working conditions in their supply chains and potential risks must be identified. The Act is primarily based on OECD guidelines.11 The LkSG deals in particular with compliance with human rights by German companies.10 As the LkSG has great similarities with the CSDDD, a bit further in this section, more information about the background and content of the law will be provided.
Next to those three mentioned directives, which same as the CSDDD, are due diligence obligations with reporting requirements, other guidelines served as inspiration for the EU supply chain act. These are, for example, the slavery legislations from the UK, Canada and Australia.8 In terms of reporting, the Corporate Sustainability Reporting Directive, which came into force in January 2023, is the basis for the CSDDD. The CSRD obliges companies to be more transparent and includes environmental and human rights standards, which therefore affects the CSDDD (see figure 3). The due diligence obligations of the directive are subject to the reporting obligation, which corresponds to the principles of the CSRD.12
Figure 3: Interaction of CSDDD and CSRD (own figure based on PlanA. Earth13)
The CSDDD is based on the aforementioned legislations and complements and expands them. As already emphasized, in particular the LkSG has some parallels to the CSDDD. It therefore makes sense to take a closer look at it and see which aspects of the directives overlap.
The first draft of the LkSG was published in February 2021. After a number of comments from companies and NGOs and subsequent amendments, the law was passed in July 2021. It has finally been enforced for companies in 2023. This year, the directive applied to companies with more than 3000 employees. For 2024, the limit was tightened to a number of employees greater than 1000.10
The similarities and differences between the LkSG and the CSDDD can be seen in table 1. First of all, for 2024, the thresholds in terms of the number of employees for the companies concerned are the same. Both directives must be implemented in companies with 1000 employees or more in that year. In addition, the CSDDD requires companies to have a net turnover of more than 450 million euros, which therefore does not include all companies that also have to comply with the LkSG.
Beyond that, both directives address human and environmental rights, whereas the CSDDD is somewhat more comprehensive. Additionally, for the CSDDD companies must draw up a climate action plan in order to achieve the 1.5-degree target. Besides, the CSDDD generally includes more companies in the activity chain with upstream and downstream suppliers for TIER-1 and tier-n suppliers. This means that not only direct suppliers are included in the directive (as in the LkSG), but also all upstream or downstream suppliers. Downstream suppliers are included here when it comes to the distribution, transportation and storage of products. In the LkSG, such suppliers are only included in cases of suspicion.
Table 1: LkSG vs. CSDDD (own table based on CSDDD EU 2024/1760 and BGBl I p.29592,10)
The regulations for non-compliance with the two directives differ significantly. In the LkSG, there is generally no civil liability if the obligations are not met. The CSDDD is somewhat different. If a company does not properly fulfil its due diligence obligations and is able to report on this, it may be liable under civil law for damages for a period of at least 5 years.2,10
3. Practical Implementation
3.1 Scope of Application and Preparation
Although the contents of the CSDDD have not yet been transposed into national law and the requirements will only have to be gradually implemented by more and more companies from 2027, it is advisable for companies to check now whether they fall within the scope of the CSDDD.14 When assessing this, the company should consider the threshold values of the CSDDD as well as various exemptions (e.g. holding companies are exempt from fulfilling the requirements in certain exceptional constellations).15,16 In this regard, companies can find further information in Chapter 1.1. ‘Definition’ of this wiki entry and in the Directive.2 A non-EU company should calculate its net turnover within the EU in accordance with the requirements of the Accounting Directive in order to check whether it falls within the scope of the CSDDD.15Affected companies should then take into account the time available to them for implementing the requirements of the CSDDD in their further planning.
Companies should then entrust one person or a group of people with the implementation of the requirements and provide them with appropriate capacities and resources.14 In addition, affected companies should carry out an inventory and conduct a gap analysis to determine whether and, if so, which current structures and practices already meet the requirements of the CSDDD.14,15 Based on this analysis, these companies should draw up a roadmap for fulfilling the remaining requirements.
3.2 CSDDD Guidelines from Political Institutions and Organisations
Guidelines that support companies in fulfilling their due diligence obligations in accordance with the CSDDD do not yet exist. Furthermore, companies do not yet have access to guidelines to support them in drawing up a transition plan to meet the 1.5-degree target. However, the EU Commission has set itself the goal of publishing corresponding guidelines in cooperation with the EU member states, various agencies, international organisations or bodies and the stakeholders of companies in the future. Guidelines to support companies in fulfilling their due diligence obligations are expected by 26 January 2027. By 26 July 2027, the EU Commission intends to develop guidelines to support companies in drawing up a transition plan to comply with the 1.5-degree target. These guidelines will also contain information on how companies can protect trade secrets as part of the exchange of information between companies. In addition, the guidelines will explain how stakeholders and their representatives can actively contribute to the fulfilment of corporate due diligence (Article 13). The guidelines will also contain information on software tools that can support companies in implementing the requirements of the CSDDD. More information on software tools can also be found in Chapter 3.6. ‘Software Tools’ of this wiki entry. In future, the guidelines will be published in all official EU languages and will be updated regularly.2
Companies, their business partners and their stakeholders will be able to access these guidelines via websites and platforms set up and operated by the EU Member States. Furthermore, companies will have access to model contract clauses via these websites and platforms. These are tools that affected companies can use to prevent potential negative impacts in the chain of activity and to end actual negative impacts (Articles 10 and 11). The EU Commission also emphasizes in the CSDDD that small and medium-sized enterprises will receive special support in implementing the requirements of the CSDDD. This can take the form of financial support from the member states, for example. Concrete information in the form of instructions on how companies can implement the requirements of the CSDDD cannot be found in the directive.2
Even though there are no specific guidelines yet for implementing the requirements of the CSDDD, and the process is not explained in detail, companies should start implementing the requirements now and not wait for supportive measures from the EU Commission.17 As the CSDDD follows a risk-based due diligence approach and is therefore based on the international standards of the OECD, companies can begin structuring their due diligence process according to the OECD guidelines.18 To this end, companies should first familiarise themselves with the UN Guiding Principles on Business and Human Rights and the OECD Guidelines for multinational Enterprises.13 These are international standards designed to promote responsible corporate behaviour with regard to human rights and the environment as mentioned already in Chapter 2. ‘Background’.19,20 With the OECD Due Diligence Guidance for Responsible business Conduct, the OECD has published a guide which, according to the OECD, is intended to provide companies with practical support in implementing the OECD Guidelines for multinational Enterprises with clearly formulated explanations.21 This guide provides companies with practical measures and answers frequently asked questions in connection with the due diligence process. Although the information in the guide goes beyond the information in the CSDDD, it remains unspecific in most cases and therefore only provides limited support to companies in fulfilling their due diligence obligations. More detailed explanations, examples and templates that support companies, for example in drawing up a company policy (Article 7), can be found in the OECD’s guidance documents on the due diligence obligations of companies in certain sectors.22-25These guides serve as a supplement to the OECD Due Diligence guidance for Responsible Business Conduct. They relate to specific industries and supply chains, such as agriculture, the minerals and raw materials sector, the textile and footwear industry and the financial sector. Companies operating in these sectors in particular can benefit from the guidelines by structuring their due diligence process in accordance with the declarations contained in the guidelines. This means that affected companies can already largely fulfil the requirements of the CSDDD. However, as the CSDDD is only based on the international standards of the OECD and therefore the requirements that companies must implement under the CSDDD are not fully covered by the OECD Guidelines, affected companies should consider the further measures that must be taken to fully comply with the requirements of the CSDDD.2,18 This concerns in particular the preparation of the plan to meet the 1.5-degree target (Article 22), which is not addressed in the OECD Guidelines.21-25More detailed information can be found in the OECD guidelines.
3.3 LkSG Guidelines from Political Institutions and Organisations
As already mentioned in Chapter 2. ‘Background’ of this wiki entry, the LkSG served as a model for the development of the CSDDD and therefore has several parallels with it. Even though the CSDDD imposes stricter requirements, German companies in particular can already prepare for the CSDDD by taking the necessary measures to meet the requirements of the LkSG. To prepare for the CSDDD, affected companies can therefore make use of the support services provided by political organisations and institutions that have been developed for the implementation of the requirements of the LkSG.26
The National Action Plan for Business and Human Rights was adopted by the German government at the end of 2016 to implement the UN Guiding Principles on Business and Human Rights at national level.27 The aim of this action plan was to encourage companies to voluntarily fulfil their due diligence obligations and thus respect human rights.28 However, as this goal was not achieved, the LkSG was passed.29 As a result, there have been offers in Germany since 2017 that companies can make use of to fulfil their due diligence obligations.27 These include general and industry-specific guidelines, best practice examples, advice and training. In the course of the adoption of the LkSG, BAFA also published handouts to support companies in implementing the requirements of the LkSG.30 These handouts systematically show affected companies how to carry out a risk analysis or how to organise, implement and evaluate a complaints procedure. More information is provided on the website of the Federal Ministry of Economic and Social Affairs on the National Action Plan for Business and Human Rights and the BAFA website on the LkSG.
3.4 Supporting Offers from Companies and Law Firms: CSDDD
In addition to the support services provided by political institutions and organizations, consulting firms, law firms and other companies are already giving advice on how affected companies can prepare for the CSDDD.31-33 However, this advice is only helpful in some cases, as it often remains superficial. For example, they often only describe the requirements that companies must fulfil under the CSDDD.33 Only in a few cases is more detailed information provided. One example of this is the consulting firm terra institute from Italy. On its website, the company recommends that affected companies carry out a spend analysis at the beginning of the due diligence process in order to fully penetrate the supply chain and make it transparent.31 As part of this analysis, the company’s product groups, suppliers and turnover are recorded and then evaluated. The analysis of product groups enables the company to identify which product groups are of the greatest importance in terms of supplier purchases. This makes it easier to identify critical areas in the supply chain. The supplier analysis examines the suppliers’ countries of origin, their production sites and the origin of the raw materials, materials and services they supply. Detailed knowledge of the production sites in particular makes it easier to identify potential and actual negative impacts. By assessing the turnover that the company achieves in the various product groups, the company can better understand in which areas it has the greatest influence. In addition, companies affected by the CSDDD should model their supply chain in order to gain an overview of the various stages, actors, materials and work processes in the supply chain. Companies that start modelling their supply chain should first focus on one product and only then extend the modelling to the rest of the company’s products. Companies can also take advantage of fee-based consulting services.14,26,31
3.5 Supporting Offers from Companies and Law Firms: LkSG
As already mentioned in Chapter 3.2. ‘CSDDD Guidelines from Political Institutions and organisations’, German companies in particular can already prepare for the CSDDD by taking measures that must be taken to meet the requirements of the LkSG.26 In addition to the support services offered by political organisations and institutions, companies affected by the CSDDD can also make use of support services offered by consulting firms, law firms and other companies.31,34 These offers can be supplemented by information from existing sources that deal specifically with the implementation of the requirements of the CSDDD.
Based on this approach, the implementation of a risk analysis in accordance with Article 8 of the CSDDD is outlined below. As no complete guidelines for implementing the requirements of the CSDDD exist at the time of writing this wiki entry, the process outlined is based on a guideline published by the international law firm Taylor Wessing in February 2024.2,34 This describes how to carry out a risk analysis in accordance with Section 5 of the LkSG.34 Whenever necessary, information required to carry out a risk analysis in accordance with Article 8 of the CSDDD was added. As Article 4 of the CSDDD stipulates that the requirements for the identification and assessment of adverse effects are binding and, consequently, EU Member States may not tighten or weaken the content of the CSDDD when transposing it into national legislation, the process outlined below provides a good basis for how companies can carry out a CSDDD-compliant risk analysis in the future.2 The outlined process can also be improved through guidelines and information published in the future.
Companies affected by the CSDDD should obtain an overview of their procurement processes at the start of the risk analysis.34 For this purpose, companies can use the aforementioned spend analysis.31 They should also find out how their business partners are organised and which groups of people could be affected by the company’s business activities.34Furthermore, affected companies should create supplier lists and compile information on their business partners in these lists. In addition to the name of the business partner, the supplier lists should also contain information on the country in which the business partner is headquartered and the sector in which the business partner operates. Moreover, the following information should be ascertained: the name and e-mail address of a contact person, the name of the parent company if applicable, the product type or type of service, the order volume in the last financial year, the location of the operating and production facilities, the number of employees and whether there is employee representation. Gaps in information that cannot be filled by internal or external sources should be completed by supplier surveys. Companies can also obtain information about more distant business partners through intensive exchanges with direct business partners.32Once the company has gathered the necessary information about its business partners, it can begin to determine the negative effects that result or could result from the business partners’ activities.34 As with a risk analysis in accordance with Section 5 of the LkSG, it is advisable to distinguish between an abstract and a concrete assessment.
In the abstract assessment, publicly available sources and indices are used to determine for each business partner, based on information on the country of origin of the business partners and the sector in which the business partners operate, whether there could potentially be negative human rights or environmental impacts as a result of the business partner’s activities.34 The background to this is that business partners operating in a country or sector where human rights or environmental violations are more common are generally exposed to a higher risk of negative impacts occurring. A database with suitable indices and sources for assessing the country-specific and industry-specific risk was published by BAFA at the end of 2023.35 Companies affected by the CSDDD should note that this database only contains indices and sources that are relevant with regard to the risk analysis in accordance with Section 5 of the LkSG.2,35 As the CSDDD requires more human rights and in particular environmental negative impacts to be considered, companies wishing to meet the requirements of the risk analysis under Article 8 of the CSDDD must consider these additional negative impacts and include further indices and sources in the risk analysis. Once the identification of potential adverse impacts has been completed, companies can proceed with the identification of actual adverse impacts.34
In the actual investigation, the business partners are checked for actual negative effects. The analysis includes, for example, negative experiences in the context of the contractual relationship with the business partner as well as information that the company has received through reporting and complaints mechanisms.34
A comparable approach can also be used to determine the potential and actual negative impacts in the company’s own business activities or in the business activities of its subsidiaries. The company should differentiate between domestic and foreign locations and also use the indices and sources to determine the potential negative impacts.34
The negative impacts can then be classified in accordance with Article 9 of the CSDDD and measures can be taken to prevent or to end potential and actual negative impacts (Articles 10 and 11).34
3.6 Software Tools
In view of the numerous requirements that companies have to comply with, software tools can considerably simplify the implementation of the CSDDD requirements.36 Many software companies are already advertising that they can support companies in implementing the requirements of the CSDDD.37,38 However, the wording on the websites of these providers suggests that the software tools have so far been developed primarily for the implementation of the requirements of the LkSG and have not yet been adapted for the implementation of the requirements of the CSDDD.
One example of this is the software company ‘osapiens’, which writes on its website: ‘Our CSDDD solution fully automates the initial and annual risk analysis’.37 However, an annual risk analysis is only prescribed in the LkSG.34 The CSDDD, on the other hand, requires a continuous risk analysis.39
Other statements on the software companies’ websites also indicate that the tools are currently more suitable for implementing the requirements of the LkSG than for implementing the requirements of the CSDDD. For example, the software company ‘consust’ writes: ‘effectively resolve identified violations with ready-made remedial measures’.38While remedial measures under the LkSG refer to measures taken to end human rights and environmental violations, remedial measures under the CSDDD refer to (financial) compensation for individuals who have experienced negative impacts as a result of a company’s business activities.3
Although the current software tools are not yet suitable for fully implementing the requirements of the CSDDD, it can be assumed that software companies will adapt their software tools to these requirements in the future.37,38 This is due to the fact that they are already intensively promoting the use of their tools to meet the requirements of the CSDDD. As many software tools already exist that support companies in implementing the requirements of the LkSG, companies will be able to choose from a variety of software tools in the future. When selecting a suitable software tool, companies should consider various aspects.36 Firstly, it is important to choose a tool that is customisable to the company’s individual needs. To ensure compliance with existing and future guidelines, the company should also choose a software tool that receives regular updates. As a lot of information is exchanged between companies as part of the implementation of the CSDDD, the software tool should also meet strict security standards. In addition, a user-friendly dashboard and intuitive operation can make the familiarization process easier. When looking for a suitable software tool, companies should also make sure that the provider of the software tool offers comprehensive customer support. This enables a quick response to questions or technical problems.
To make the search for a suitable software tool easier, companies can use so-called matching tools. These tools support the selection process by providing the company with a list of suitable software tools after answering a few questions. One example of a provider of such a matching tool is the Cologne-based company Matchilla, which offers this service free of charge, without obligation and anonymously.36
4. Drivers and Barriers
The main purpose and idea of the CSDDD is to foster sustainability beyond the company’s own boundaries and along the chain of activities. Whether this goal can be achieved with the new directive and which obstacles may lie in the way will be analysed in the following.
4.1 Factors Driving Sustainability
The first section will discuss the driving forces behind the CSDDD for sustainability in general. They are divided into regulatory pressure, transparency, risk minimisation and competitive advantage.
An aspect that has already been hinted at is the regulatory pressure from legislation. The national laws have yet to be implemented by each member state deriving from the Directive (EU) 2024/1760.2 The way the directive is implemented will be a significant determinant of the level of regulatory pressure. The structure and authority of the entities responsible for regulating companies can have a substantial impact on this outcome. Furthermore, the penalties imposed for violations can be pivotal in determining the extent of regulatory pressure.
Another factor that has to be further analysed is transparency and how it influences the behaviour of the company in terms of sustainability. Small and medium enterprises mention that the greatest positive impact from complying with sustainability reporting is the improved image of the company.40 This could be similar to the CSDDD. Through the CSDDD and other sustainability reporting regulations, like the Corporate Sustainability Reporting Directive and the EU taxonomy, companies have to make their sustainability figures public, which increases transparency towards stakeholders. Environmental impacts are then made public, which can be used by companies as either good or bad publicity.
As already explained in Chapter 1.1. ‘Definition’, a risk analysis is one of the steps a company has to apply according to the CSDDD. Assessing how the company is influencing its environment and assessing how the changing environment is influencing the company is a crucial (first) step for realising what the greatest environmental and social burdens are. In the following step, measures could be taken to eliminate or minimise those negative external impacts. Minimising those risks is not only a necessity to fulfil the CSDDD but also a benefit for the company.
There are already some examples of companies that are using sustainability reporting regulations as a competitive advantage. Of course, this is not going to work out for every company but as sustainability reporting and CSDDD will be mandatory, companies should watch out that at least they will not be left behind by their competitors.
4.1.1 Topic-Specific Drivers in the Firms environment
The following section will continue with the firm external drivers focusing on the political, economic, social, technological, and ecological spheres.
In the political sphere, regulatory pressure represents a significant driving force. The number of regulations is increasing, and the German LkSG already paved the way for businesses in Germany as do similar laws in other European countries. The introduction of a new EU-level regulation will further intensify this trend. Sustainability tends to become an increasingly important topic, and there will also have to be more guidelines internationally. Therefore, companies that already have experience with sustainability reporting will have a competitive advantage.
The economic sphere will be of major importance and forms a very interesting topic area. If companies see a financial advantage in an opportunity, they will try to capitalise on it. This will also be the case with the new Directive. As described above, it takes time and money to work out a system in which the new information flow takes place, and it requires training or new hiring of employees and possibly suppliers. Moreover, cooperations have to be made to improve working conditions, and communication has to be strengthened. On the other side, selected authorities will supervise the actions of the companies that fall under the CSDD Directive. They are legitimised to review detailed information about the company. In case of a human rights breach or a severe negative environmental impact, the company will get the chance to remedy its actions. If they do not remedy their actions, the authority will have different measures it can take. Among the actions are ‘name and shame’ measures as well as financial penalties. The EU proposed a maximum penalty of 5 percent of the international turnover from a company. Additionally, breaches will have to be made public, which can secularly weaken the company’s image.41
Depending on how a company evaluates the risk of breaches and penalty payments versus the investment in their supply chain system can tip the scale towards sustainability investments. If it is assumed that, like the EU proposed, a maximum penalty of 5 percent will be imposed, then companies would have quite a big financial and economic incentive to adhere to the CSDDD standards.41
There are not only negative drivers that push companies away from the abyss, but also positive incentives that encourage companies to become more sustainable in their supply chain with the help of the CSDDD. The issue of sustainability is becoming increasingly important to an ever-wider audience, and this is also the case concerning career choices. By advocating for sustainability, fair wages, and a safe working environment, companies present themselves as attractive employers to prospective employees. In this way, they show that their employees are important to them and that they not only care about the well-being of the company but also about the future of their fellow human beings and the environment. Being a company that fulfils the CSDDD and stands for sustainability will attract new young employees who value the company culture.42
Technological advances are facilitating more rapid and effective communication between companies and their suppliers, enabling the tracking of products, parts, and resources, and enhancing overall efficiency through monitoring and automation of processes. Such improvements facilitate compliance with CSDDD standards. It is anticipated that an increasing number of software products will be available to provide employees with practical assistance in the implementation of the directive within their respective organisations. communication with suppliers can be facilitated through the implementation of software programs that enable suppliers to provide the necessary information which can then be verified by contractors. The movement of products and resources can be monitored and traced using blockchain-like technology. Furthermore, automation in general enables the vast distribution of information on a global scale. In conclusion, the appropriate application of technology has the potential to facilitate the implementation of CSDDD in companies at a faster pace.
Ecologically speaking it is very important that organisations take responsibility for their supply chain and the environmental and human impacts that go along with it. The problem is that organisations tend to not care about this since the primary business objective is to increase profits.43 And even if they are indirectly connected to climate change their connection is very thin. Rising sea water levels, continuous erosion, and increasing extreme weather events occur more often in developing countries far away from large business entities in Europe. If organisations decide to become more sustainable it is sadly rarely due to ecological aspects.
4.1.2 Firm-Internal Drivers
Coming to the firm internal drivers which help organisations to implement CSDDD. Probably one of the most important aspects is the position of a company towards sustainability. Companies that have sustainability embedded in their management and strategic decision-making processes give more value towards non-financial indicators when choosing suppliers.40 The study from the German Business Panel revealed that companies who do Environmental Social Governance reporting voluntarily and use ESG indicators for internal strategic decision-making attribute a higher value to non-financial indicators than companies that are obliged to do Environmental Social Governance reporting and companies that do not have to do them at all. Sjåfjell and Mähönen (2024) confirm that the corporate purpose of an organisation plays a critical role in securing the organisation’s contribution to the environment and human rights.44 A study conducted in New Zealand revealed that the most frequently mentioned reason why companies invest in sustainable supply chain management was support from top management, followed by the ‘value based orientation’ came second and afterwards ‘cost reduction, operational efficiency, risk management sales increase and long term orientation/survival’.45 This further illustrates the significant impact that managers can have on the implementation of sustainable supply chains. The values and morals demonstrated by managers are passed on to their direct staff, who then extend this throughout the entire company.
4.2 Barriers to Sustainability
In this section, the barriers to sustainability including the flaws and gaps the directive leaves for companies to take advantage of will be pointed out. Starting with the major problems and following with the smaller issues.
A major criticism of the CSDDD is that it has limited influence on the core purpose of a company, and thus on the integration of sustainability into the company’s purpose. A study from the German Business Panel showed that the implemented LkSG did not change the way German companies choose their suppliers.40 According to the study, sustainability is still a minor important category when it comes to supplier selection. The three most important categories were price and product quality, payment options, and time of cooperation. The respondents argued that the directive is too bureaucratic and that the effort required to comply with it is disproportionate. The survey suggests that the new regulation does not have the intended effect on companies and their value chain.
In general, companies are required to comply with national legislation. However, there have been repeated cases in the business world where companies have flouted applicable law, with the Volkswagen scandal being a notable example (along with the Wirecard case).46,47 companies will inevitably seek to exploit any loopholes in the new legislation to circumvent its requirements. However, it will be necessary to await the Directive’s incorporation into hard national law and the commencement of compliance with it before any evaluation can be made. Should the new law prove to be insufficiently precise and lenient towards companies, the CSDDD may be prompted to introduce a further ‘tick box culture’. This term is used to describe a situation in which companies complete a checklist without sticking to the relevant legislation.48 This leads to the question if companies will comply with the new regulations and if they internalise social and environmental standards or if they merely do what they are obliged to not get sanctioned. Bueno et al. (2024) analysis of the Directive concludes that it is sufficiently certain for the organisations to know what they should do but at the same time leaves space for the companies to adapt to their own situation and analyse what is most important for them in terms of environmental impact and human rights risk.49
The CSDDD only works if suppliers and customers work hand in hand on the same goal. The problem is that the goal of the supplier is to maintain the contract with the upstream business partner with minimal input, and the upstream business partner wants to comply with the new directive with minimal input by minimising the risk of being held accountable for sustainability and human right breaches in their value chain. Additionally, the relationship between the two is characterised by an imbalance of power with larger buyers holding significantly greater negotiating leverage than smaller suppliers. The potential for exploitation and cover-ups of violations exists when large, influential companies enter into contracts with small suppliers from developing countries, where monitoring systems may be less robust. Suppliers may be motivated to conceal violations in order to maintain their contractual relationship with their partners. Companies are dependent on the cooperation of suppliers to issue information mentioned in the Implementation part, but smaller suppliers might be overwhelmed with the requirements from their contractors, which makes it tempting to give false information. In order to avoid such situations contractors should keep in close contact with their downstream business partners and make regular unannounced visits to their suppliers. Of course, this might be a time consuming task if you have more than 60.000 suppliers in 90 countries like Volkswagen.50
Another common problem among companies that primarily focus on financial profit is that the new regulations designed to ensure sustainability in the economy, present an investment. To be precise, these are financial investments we make in our future, and there is a cost associated with this. Since companies are only interested in profit, and preferably short-term profit, there is a conflict. Companies that are not embedded in a sustainability context or that do not have sustainable performance indicators embedded into their management and strategy face a particularly significant conflict of objectives. Despite the introduction of new regulations and laws, companies will always attempt to incorporate as little sustainable practice as possible in order to still maintain their business operations.
4.2.1 Firm-Internal Barriers
One firm-internal barrier is that managers who have a great influence on the corporate purpose can just as easily turn the corporate purpose and other employees into a significant internal barrier to sustainable corporate governance.44 The tendency of many managers to prioritise profit-making over other considerations can result in a lack of awareness of their social and environmental responsibilities. The concept of shareholder primacy is concerned with the assumption that the primary objective of a company is to generate profits, both in the short and long term, which is a view commonly held by managers. This perspective does not allow room for sustainability improvement. The aforementioned study from New Zealand also asked about the internal barriers encountered by the companies, with the response indicating that financial and time investments were the primary concerns.45
4.3 Best Practice for Overcoming Barriers
The most effective way for organisations to overcome firm external barriers is open and close communication with their suppliers. Engaging in cooperations and working together on solutions for potential breaches, avoiding greenwashing and working on potential risks in advance to minimise them.
The initial process of overcoming internal firm barriers is to identify them. Once barriers have been identified, it becomes possible develop solutions. Modifying the corporate values or changing ownership represents a significant challenge and is not always a viable option. One method of achieving consensus and collaboration across the entire organisation is through effective internal communication and transparency. Notifying employees of a change to their typical operational procedures will facilitate a more receptive and open attitude towards the proposed change. It is important to ensure that employees do not feel left behind by the company; rather, they should be encouraged to view themselves as part of the journey. Another potential avenue for consideration is the organisation of workshops and training sessions for employees. By gradually integrating all stakeholders into the process, the likelihood of resistance to change can be reduced. However, some individuals will inevitably oppose the change. In such cases, comprehensive training programmes may prove effective solutions.
References
1 DNK. Corporate Sustainability Due Diligence Directive (CSDDD), <https://www.deutscher-nachhaltigkeitskodex.de/de/berichtspflichten/corporate-sustainability-due-diligence-directive-csddd/> (n. d.).
2 European Parliament; European Council. Directive (EU) 2024/1760 of the European Parliament and of the Council of 13 June 2024 on corporate sustainability due diligence and amending Directive (EU) 2019/1937 and Regulation (EU) 2023/2859, <https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=OJ:L_202401760> (2024).
3 Industrie- und Handelskammer Schwaben Körperschaft des öffentlichen Rechts. IHK Spezial Webinar: Das neue EU-Lieferkettengesetz, <https://youtu.be/_qo-f-VIl3M?si=T7xQoel-D3bp-xNE> (2024).
4 European Center for Constitutional and Human Rights e.V. Ausbeutung & Globale Lieferketten, <https://www.ecchr.eu/cluster/ausbeutung-globale-lieferketten/> (n. d.).
5 European Commission. Corporate sustainability due diligence, <https://commission.europa.eu/business-economy-euro/doing-business-eu/sustainability-due-diligence-responsible-business/corporate-sustainability-due-diligence_en> (n. d.).
6 DNK. 4 (Deutscher Nachhaltigkeitskodex, 2023).
7 Organisation for Economic Co-operation and Development. OECD-Leitfaden für die Erfüllung der Sorgfaltspflicht für verantwortungsvolles unternehmerisches Handeln. (2018).
8 NRF. European Parliament and Council reach agreement on Corporate Sustainability Due Diligence Directive (CSDDD), <https://www.nortonrosefulbright.com/en/knowledge/publications/044c4b0f/european-parliament-and-council-reach-agreement-on-corporate-sustainability-due-diligence-directive#:~:text=CSDDD%20follows%20various%20recently%20enacted,the%20UK%2C%20Canada%20and%20Australia%2C> (2024).
9 Muir Watt, H. Devoir de vigilance et droit international privé : Le symbole et le procédé de la loi du 27 mars 2017.Revue internationale de la compliance et de l’éthique des affaires-International Review of Compliance and Business Ethics, 48 – 53 (2017).
10 Bundesgesetzblatt. Gesetz über die unternehmerischen Sorgfaltspflichten in Lieferketten (BGBl. I S. 2959). Bundesgesetzblatt Jahrgang 2021 Teil I Nr. 46, 11 (2021).
11 Forbrukertilsynet. The Transparency Act, <https://www.forbrukertilsynet.no/vi-jobber-med/apenhetsloven/the-transparency-act> (2023).
12 European Commission. Corporate sustainability reporting, <https://finance.ec.europa.eu/capital-markets-union-and-financial-markets/company-reporting-and-auditing/company-reporting/corporate-sustainability-reporting_en> (n. d.).
13 Basil-Jones, W. A comprehensive guide to the Corporate Sustainability Due Diligence Directive (CSDDD), <https://plana.earth/academy/guide-corporate-sustainability-due-diligence-directive-csddd> (2023).
14 Systain Consulting GmbH. CSDDD (Corporate Sustainability Due Diligence Directive) – Was das für Unternehmen bedeutet, <https://systain.com/news-und-views/csddd-vergleich-lksg/> (2024).
15 Latham & Watkins LLP. The EU’s Corporate Sustainability Due Diligence Directive – Obligations for Companies, <https://www.lw.com/admin/upload/SiteAttachments/The-EUs-Corporate-Sustainability-Due-Diligence-Directive-Obligations-for-Companies.pdf> (2024).
16 Bird & Bird LLP. Weg frei für die Corporate Sustainability Due Diligence Directive (CSDDD), <https://www.twobirds.com/de/insights/2024/germany/weg-frei-fuer-die-corporate-sustainability-due-diligence-directive-csddd> (2024).
17 Rödl & Partner GmbH Wirtschaftsprüfungsgesellschaft. Vorbereiten auf die CSDDD, <https://www.roedl.de/themen/esg-news/2024-3/vorbereiten-auf-csddd> (2024).
18 LRQA Deutschland GmbH. Interview: Greta Koch über die Umsetzung der EU CSDDD und ihre Auswirkungen, <https://www.lrqa.com/de-de/insights/blog/interview-umsetzung-der-eu-ccsddd-und-ihre-auswirkungen/> (n. d.).
19 Deutsches Global Compact Netzwerk. Leitprinzipien für Wirtschaft und Menschenrechte, <https://www.auswaertiges-amt.de/blob/266624/b51c16faf1b3424d7efa060e8aaa8130/un-leitprinzipien-de-data.pdf> (2014).
20 Organisation for Economic Co-operation and Development. OECD-Leitsätze für multinationale Unternehmen, <https://mneguidelines.oecd.org/48808708.pdf> (2011).
21 Organisation for Economic Co-operation and Development. OECD-Leitfaden für die Erfüllung der Sorgfaltspflicht für verantwortungsvolles unternehmerisches Handeln, <https://mneguidelines.oecd.org/OECD-leitfaden-fur-die-erfullung-der-sorgfaltspflicht-fur-verantwortungsvolles-unternehmerisches-handeln.pdf> (2018).
22 Organisation for Economic Co-operation and Development. OECD/FAO-Leitfaden für verantwortungsvolle landwirtschaftliche Lieferketten, <https://mneguidelines.oecd.org/OECD-FAO-Leitfaden.pdf> (2016).
23 Organisation for Economic Co-operation and Development. OECD-Leitfaden für die Erfüllung der Sorgfaltspflicht zur Förderung verantwortungsvoller Lieferketten für Minerale aus Konflikt- und Hochrisikogebieten: Dritte Ausgabe, <https://www.oecd.org/de/publications/oecd-leitfaden-fur-die-erfullung-der-sorgfaltspflicht-zur-forderung-verantwortungsvoller-lieferketten-fur-minerale-aus-konflikt-und-hochrisikogebieten_3d21faa0-de.html> (2019).
24 Organisation for Economic Co-operation and Development. OECD-Leitfaden für die Erfüllung der Sorgfaltspflicht zur Förderung verantwortungsvoller Lieferketten in der Bekleidungs- und Schuhwarenindustrie, <https://www.oecd.org/de/publications/oecd-leitfaden-fur-die-erfullung-der-sorgfaltspflicht-zur-forderung-verantwortungsvoller-lieferketten-in-der-bekleidungs-und-schuhwarenindustrie_9789264304536-de.html> (2020).
25 Organisation for Economic Co-operation and Development. Verantwortungsvolles unternehmerisches Handeln für institutionelle Investoren: Zentrale Erwägungen zur Erfüllung der Sorgfaltspflichten nach den OECD-Leitsätzen für multinationale Unternehmen, <https://mneguidelines.oecd.org/Responsible-Business-Conduct-for-Institutional-Investors-GERMAN.pdf> (2018).
26 MHP Management- und IT-Beratung GmbH. Schlüsselloch zum EU-Lieferkettengesetz: Berührungspunkte und Unterschiede von LkSG und CSDDD, <https://www.mhp.com/de/insights/blog/post/lksg-vs-csddd> (2024).
27 Auswärtiges Amt. Nationaler Aktionsplan: Umsetzung der VN-Leitprinzipien für Wirtschaft und Menschenrechte 2016-2020, <https://www.auswaertiges-amt.de/blob/297434/8d6ab29982767d5a31d2e85464461565/nap-wirtschaft-menschenrechte-data.pdf> (2017).
28 Bundesministerium für Arbeit und Soziales. Ziele des NAP, <https://www.csr-in-deutschland.de/DE/Wirtschaft-Menschenrechte/NAP/Ueber-den-NAP/Ziele-des-NAP/ziele-des-nap.html> (n. d.).
29 Bundesministerium für Arbeit und Soziales. Fragen und Antworten zum Lieferkettengesetz, <https://www.csr-in-deutschland.de/DE/Wirtschaft-Menschenrechte/Gesetz-ueber-die-unternehmerischen-Sorgfaltspflichten-in-Lieferketten/FAQ/faq.html> (n. d.).
30 Bundesamt für Wirtschaft und Ausfuhrkontrolle. Lieferketten, <https://www.bafa.de/DE/Lieferketten/Ueberblick/ueberblick_node.html> (n. d.).
31 Terra Institute GmbH. Vorbereitung auf die neue CSDDD: Ein Leitfaden für Unternehmen, <https://terra-institute.eu/vorbereitung-auf-die-neue-csddd/> (n. d.).
32 Code Gaia GmbH. Wie die CSDDD sich auf das LkSG auswirkt und was dies für deutsche Firmen bedeutet, <https://codegaia.io/wie-die-csddd-sich-auf-das-lksg-auswirkt/#kapitel-3> (2024).
33 NAVEX Deutschland GmbH. CSDDD Checkliste, <https://www.navex.com/de-de/ressourcen/whitepapers/csddd-checkliste/> (n. d.).
34 Taylor Wessing Partnerschaftsgesellschaft mbD. Praktischer Leitfaden für die Risikoanalyse nach § 5 Lieferkettensorgfaltspflichtengesetz, <https://www.taylorwessing.com/-/media/taylor-wessing/files/germany/2022/03/leitfaden-risikoanalyse_taylor-wessing.pdf> (2024).
35 Bundesamt für Wirtschaft und Ausfuhrkontrolle. (ed BAFA) (2024).
36 Matchilla GmbH. Die CSDDD und CSDDD-Software: Tools für die neue EU-Lieferkettenrichtlinie, <https://matchilla.de/matchzine/csddd-software/> (2024).
37 osapiens Services GmbH. osapiens HUB for Due Diligence (CSDDD): Meet your due diligence obligations for the European supply chain act, <https://osapiens.com/esg-solutions/csddd/> (n. d.).
38 CONSUST GmbH. Proactively manage supply chain risks with our LkSG / CSDDD software, <https://consust.de/lksg-csddd-software/> (n. d.).
39 eagle lsp GmbH. Die Übersicht zur EU-Lieferketten-Richtlinie (CSDDD), <https://eagle-lsp.de/blog/die-uebersicht-zur-eu-lieferketten-richtlinie-csddd/> (n. d.).
40 Bischof, J., Dörrenberg, P., Rostam-Afschar, D., Simons, D. & Voget, J. Unternehmenstrends im Juli 2024. GBP-Panel (2024). https://doi.org/10.52569/KYCC9424
41 Baker & McKenzie. European Union: Penalties and civil liability under the CSDDD, <https://insightplus.bakermckenzie.com/bm/environment-climate-change_1/european-union-penalties-and-civil-liability-under-the-cs3d> (2024).
42 Jäger, J., Sanhueza, G. I. D. & Schmidt, L. Expected Economic Effects of the EU Corporate Sustainability Due Diligence Directive (CSDDD). (2023).
43 Friedman, M. in The New York Times (1970).
44 Sjåfjell, B. & Mähönen, J. Corporate Purpose and the Misleading Shareholder vs Stakeholder Dichotomy. Bond law review 34 (2024). https://doi.org/10.53300/001c.94050
45 Sajjad, A., Eweje, G. & Tappin, D. Managerial perspectives on drivers for and barriers to sustainable supply chain management implementation: Evidence from New Zealand. Business strategy and the environment 29, 592-604 (2020). https://doi.org/10.1002/bse.2389