The Corporate Sustainability Due Diligence Directive was definitively adopted on April 24, 2024 after tough negotiations between the European Parliament, the European Commission and the European Council.
This new directive is in line with the CSRD and introduces at European level the concept of due diligence, which companies will soon have to comply with in terms of human rights and environmental protection.
It will also make it possible to harmonize within the European Union the various national legislations that have already incorporated this concept.
What is the CSDDD or CS3D?
The CSDDD, for Corporate Sustainability Due Diligence Directive, is a European directive designed to impose a duty of care on companies in terms of sustainability, linked to respect for human rights and environmental protection. It is also known as CS3D.
This directive will oblige companies to ensure that their activities do not harm the environment, and that they respect the Universal Declaration of Human Rights. This due diligence obligation applies not only to companies' direct activities, but also to a large part of their value chain, i.e. their subsidiaries, their supply chain and the activities of all their business partners. Product end-of-life (destruction, recycling and waste management), on the other hand, is not covered by the directive.
Companies subject to the CSRD will have to publish information on the risks identified, the measures taken to mitigate these risks and the results observed as a result of these measures in their CSRD sustainability reporting.
Those not subject to the CSRD will have to publish an annual declaration on the subjects covered by the CSDD on their website.
The key concept of due diligence
In concrete terms, what is the corporate due diligence ?
While this notion has relatively different scopes of application around the world, in the context of the CSDD, it can be defined as the obligation for companies to prevent human rights, environmental and governance risks associated with their operations and those of their subsidiaries, subcontractors and suppliers.
The notion of prevention is key. It implies that companies must be able to anticipate these risks, and not simply deal with problems once they have arisen. This requires companies to carry out a complete mapping of the risks they and their stakeholders are likely to face, and to set up a vigilance plan aimed at preventing the risks identified.
Failure to comply with these obligations may result in sanctions. In the event of an actual problem, the company will have to be able to prove that it occurred, despite having put in place a reliable prevention process designed to reduce its occurrence and mitigate its impact.
What obligations do companies have?
The CSDDD therefore introduces new obligations for companies, in line with the duty of care and the objectives set by the European Union as part of theEuropean Green Deal.
Concerning the duty of care with regard to human rights and the environment, companies will have to :
- Integrate due diligence into their governance policy (code of conduct, procedures, etc.) and risk management system
- Identify actual or potential negative impacts related to their operations and those of their value chain (excluding end-of-life products).
- Develop a system to anticipate, mitigate or h alt potential or actual negative impacts
- Implement procedures for receiving and managing complaints
- Monitor the effectiveness of our vigilance policies and measures
- Communicate publicly on due diligence and the policy implemented in this area
The CS3D also includes obligations concerning the company's environmental policy. They must commit to adopting a transition plan aligned with the objective of maintaining global warming at 1.5 degrees, in line with the ambition set out in the 2015 Paris Agreements. This is an obligation of means. To achieve this, they must :
- Identify the risks posed by climate change to their activities
- Implement concrete actions to monitor the transition plan underway
- Draw up a financial plan to support these actions and anticipate the risks associated with climate change.
Initially, the European Commission also wanted to link the remuneration of company directors to the actual implementation of the climate transition plan, in order to ensure that the actions undertaken were not limited to publicity stunts. This obligation was not adopted by the European Council.
CS3D's strong links with CSRD
The Corporate Sustainability Due Diligence directive is closely linked to the CSRD, which comes into force on January 1, 2024. In a way, it complements this directive on extra-financial reporting on ESG indicators, by making it compulsory for companies to report on certain elements within the framework of the CSRD.
The most obvious links concern, unsurprisingly, the environmental dimension. The due diligence process requires companies to map the sustainability risks associated with their operations. Under the CSRD, this is a subject they are obliged to report on in their dual materiality analysis.
Similarly, the CSRD requires companies to have a climate transition plan that includes a carbon trajectory. This is also a subject on which they are obliged to report as part of the CSRD, by setting targets for reducing their GHG emissions by 2030 and 2050, in line with the European Green Pact itself linked to the Paris Agreements.
Who does CSDDD concern?
Although the CS3D was initially intended to apply to several tens of thousands of companies, the latest negotiations within the European Council have significantly reduced the thresholds for application.
European companies meeting the following criteria will be concerned:
- More than 1,000 employees
- Sales in excess of 450 million euros worldwide
This represents around 5,300 companies, compared with 15,000 in the initial version of the directive.
Finally, as with the application of the CSRD, certain non-European companies will be subject to the same obligations if they meet the following criteria:
- Generate sales of at least 450M euros within the European Union
This also appliesto European and non-European companies outside the application thresholds but which are the parent company of a company meeting the thresholds.
Finally, European and non-European companies or parent companies that :
- have franchise or license agreements in the EU with third-party companies
- whose agreements guarantee a common identity, a common business concept and the application of uniform sales methods
- if the agreement is worth more than 22.5 million euros
- and if the company or parent company has worldwide net sales in excess of 80M euros
The CS3D was also intended to apply to companies operating in certain sectors deemed to be at risk (textiles, agriculture, the food industry, mining, trade in agricultural raw materials, construction activities, etc.), but this approach has now been abandoned.
Controls and penalties
Implementation of the CSDDD obligations will of course be monitored. Each member state of the European Union will have to designate the supervisory authority in charge of monitoring compliance with all obligations under the directive.
In parallel, the European Commission will set up a European network made up of representatives of the supervisory authorities in each member state.
EU member states remain free to define the penalties applicable to companies operating on their territory which fail to meet the obligations set out in the CS3D directive.
Nevertheless, the European Commission has opened the door to a relatively heavy range of sanctions, which may well exceed those implemented under the CSRD.
The framework set by the European Commission indicates that financial penalties will have to be proportional to the worldwide sales of the company concerned, reminiscent of the types of penalties already implemented under the RGPD. However, this penalty must not exceed 5% of the company's turnover.
The Commission also relies on the "Name and Shame" principle, which involves publicly naming companies that fail to meet their obligations, in order to increase pressure from their various stakeholders.
Lastly, although the initial version of the directive made companies liable in the event of actual damage to the environment or proven violation of human rights, this option was not retained by the European Council. It would have enabled natural or legal persons to benefit from financial compensation in the event of damage. It is therefore left to individual countries to decide whether or not to add this clarification when transposing the directive into their national legislation.
Corporate responsibility
In addition to this package of sanctions, there are also those linked to the company's civil liability in the event of actual damage to the environment or proven violation of human rights.
Under certain conditions, the company will be considered liable for direct damage caused to a natural or legal person:
- it has been proven that the company has intentionally or negligently breached its due diligence obligation to prevent, mitigate or halt potential or actual negative impacts
- as a result of the breach referred to above, it will have caused damage to the legal interest protected by the national law of the natural or legal person concerned
This liability does not apply if the damage was caused solely by one or more of the commercial partners making up its value chain.
Once the company's liability has been established, the natural or legal person who has suffered the damage will be entitled to full compensation in accordance with the national law of the country in which the damage was reported.
What is the timetable for implementation of the CSDDD?
As the CSDDD has not yet come into force, the timetable for implementation has not yet been determined.
The directive was adopted by the European Parliament on April 24, 2024. EU member states now have 2 years to transpose it into their national legislation.
Effective application is therefore not expected before 2026.
Application will be phased in gradually, depending on the size of the companies concerned. They will have a period of time in which to comply with the directive once it comes into force:
- 3 years from the date of entry into force of the directive for European companies with more than 5,000 employees and worldwide net sales of more than 1.5 billion euros and for non-European companies with EU sales of more than 1.5 billion euros.
- 4 years from the date of entry into force of the directive for European companies with more than 3,000 employees and net sales of more than 900 million euros and for non-European companies with net sales of more than 900 million euros within the EU.
- 5 years from the date of entry into force of the directive for European companies with over 5,000 employees and sales of over €450 million, and for non-European companies with sales of over €450 million in the EU.
Regulations already applied across Europe
The concept of due diligence has already been incorporated into national legislation in several European countries.
In France, it has existed since February 21, 2017, the date of adoption of the law N° 2017-399. This concerns French companies with more than 5,000 employees and foreign companies with more than 10,000 employees in France. This law requires the companies concerned to set up a vigilance plan on social and environmental issues concerning their activities and those of their subsidiaries and business partners in France and abroad. However, there is no mention of a mandatory environmental transition plan.
Germany has introduced a similar regulation in 2021 via the LkSG (Lieferkettensorgfaltspflichtengesetz), known as the Supply Chain Due Diligence Act. This requires companies with at least 3,000 employees (1,000 from January 1, 2024) in Germany to implement a plan to prevent and mitigate environmental risks and potential human rights violations within their business. This obligation also takes into account the entire value chain of the companies concerned, in Germany and abroad.
Similar regulations also exist outside the EU. These include the Modern Slavery Act in the UK, effective since 2015, and the ULFPA in the USA, to be implemented in 2021.
The CSDDD's mission is therefore also to harmonize existing regulations within the EU.
Far from being a mere copycat of national regulations, the CS3D broadens their scope of application and increases the possibility of sanctions against companies that fail to comply with its rules, although these remain subject to the will of the member states in charge of enforcement.
Sources :
- "A big step closer to a sustainability due diligence directive"Gorrissen Federspiel, 18/03/2024
- "Corporate sustainability due diligence: Council and Parliament strike deal to protect environment and human rights"European Council, 14/12/2023
- "Lettre de la DAJ - Le devoir de vigilance des entreprises en matière de durabilité - Rapport de l'Assemblée nationale"Ministry of the Economy and Finance, 20/07/2023
- "CSDD (Corporate Sustainability Due Diligence Directive): definitions and issues"Youmatter, 04/05/2023
- "Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on Corporate Sustainability Due Diligence and amending Directive (EU) 2019/1937"EUR-Lex, 23/02/2022
- "Gesetz über die unternehmerischen Sorgfaltspflichten in Lieferketten".Bundesministerium für Arbeit und Soziales