On July 25, 2024 the Corporate Sustainability Due Diligence Directive (CSDDD) came into force. Generally, the directive imposes new due diligence obligations on large companies operating in the EU. The legislator requires them to identify, prevent, mitigate, and remediate human rights violations and environmental impacts throughout their entire “chain of actions”. The member states shall transpose the CSDDD into national law by July 26, 2026. As businesses are trying to navigate through this evolving regulatory landscape, it is essential to understand the key elements of this legislation in order to ensure compliance with the new obligations.
The European Commission published a set of consolidated Frequently Asked Questions (FAQs) on the CSDDD on July 25, 2024, the day on which the CSDDD entered into force. They provide insights and elaborate on key aspects of the legislation and its implications for companies bound by the EU Member State legislation implementing it, which will largely take effect through July 26, 2027. This article will give you an overview over the topics covered by the FAQs.
The FAQs of the European Commission are not legally binding, neither for EU Member State legislators nor the competent courts and enforcement authorities in the EU. They nonetheless provide useful guidance and are typically observed by the competent authorities in particular, when interpreting EU law. As such, they provide guidance for EU operators, even though there is no guarantee that EU Member State legislators or authorities might deviate from the suggested interpretation and application of law in the FAQs to the extent permissible under EU law.
The FAQs provide further detail on some key aspects of the CSDDD, such as the material scope, the content of obligations, its enforcement, the liability system, and the risk-based due diligence approach, etc.
Personal scope and on entry thresholds
The Commission clarifies that the applicability of the new due diligence obligations for companies is primarily based on their annual turnover and number of employees. Specific thresholds were established, and once surpassed, these thresholds trigger new due diligence requirements for companies.
The EU Commission’s FAQs reiterate the criteria on the scope of application as provided for by the CSDDD. According to the Commission’s FAQs approximately 6,000 EU-based companies will be in scope of application of the CSDDD. The companies in scope will encompass limited liability companies and partnerships with over 1,000 employees and a worldwide turnover exceeding EUR 450 million, as well as ultimate parent companies of corporate groups that meet these thresholds. Franchisors and licensors are also in the scope of this Directive if the generated royalties exceeded EUR 22.5 million in the last financial year and are the ultimate parent of a group with a net turnover exceeding EUR 80 million.
According to the FAQs about 900 non-EU companies fall under the Directive, including those with a net turnover of over EUR 450 million generated within the EU. However, the Commission has not released a list of the companies, whether EU based or not, that will effectively be bound by the CSDDD’s EU Member State implementing legislations.
The FAQs reiterate that the CSDDD shall only apply if the aforementioned thresholds are met for two consecutive financial years. They specify that the thresholds shall in principle be applied equally to EU and non-EU companies and that it was decided for practical reasons to abandon the employee threshold for non-EU entities, resulting from divergences in the approach to the calculation of employees and the difficulty to determine non-EU companies’ number of employees. The FAQs specify that the number of employees shall be calculated in accordance with the jurisprudence on the definition of an employee by the European Court of Justice and that the term employee encompasses part-time workers on a full-time equivalent basis, as well as temporary agency workers meeting specific criteria.
Material scope
The Commission’s FAQs offer reassurance regarding the material scope of the regulation, particularly on the specific rights and business activities that fall under the purview of the CSDDD.
Covered human rights
The CSDDD addresses human rights outlined in international conventions, such as the right to life and the prohibition of child labour. These conventions are based on the United Nations Guiding Principles on Business and Human Rights and shall reflect the generally recognized human rights standards.
Covered on environmental impacts
The environmental impacts, covered by the CSDDD are based on obligations from multilateral conventions, such as preventing ship pollution and minimizing harm to biodiversity.
Covered business activities
The Directive encompasses global “chains of activities,” including both upstream and downstream activities. In contrast, the LkSG’s term “supply chain” relates only to upstream business relationships, i.e. direct and indirect suppliers of German in-scope companies and provides for due diligence obligations in relation to these in addition to the companies’ own business operations. The CSDDD has a broader scope of application in that it provides for the implementation of due diligence obligations upstream and downstream and therefore also regarding the in-scope companies’ customers.
Upstream activities involve the production and sourcing of goods, while downstream activities relate to distribution and storage.
Downstream activities involve the distribution, transport and storage of the product, where the business partner carries out those activities for the company or on behalf of the company.
Companies within the scope of the CSDDD must identify and address harmful impacts linked to their operations and modify their business strategies accordingly. The Directive emphasizes that due diligence should be integrated into a company’s corporate policies and risk management systems. Regarding the covered business activities, the FAQs do not go beyond what the CSDDD already immediately provides for.
Content of obligations
Furthermore, the FAQs focus on the CSDDD’s risk-based approach:
The risk-based approach to due diligence allows companies to prioritize their actions where they cannot address all effects. Companies are obligated to implement “appropriate measures” to efficiently identify and address impacts based on their severity level and likelihood. This includes the assessment of impacts of a company’s own operations, its subsidiaries, and business partners. The required measurements to prevent, mitigate, and resolve adverse impacts, include:
- development and implementation prevention and corrective action plans for complex issues
- attainment of contractual assurances from direct business partners and cascading requirements through supply chains
- making the necessary financial or non-financial investments, including in their chains of activities (for example, upgrading infrastructures
- provision of support (such as capacity building) to SME business partners where necessary in light of the resources, knowledge and constraints of the SME
- provision of financial support (such as direct financing, low-interest loans, guarantees of continued sourcing, or assistance in securing financing) to their SME business partners if compliance with the regulations threatens their viability
- adaptation of business plans, strategies and operations
- collaboration with other entities to resolve the issues including with a view to increase their leverage over business partners
In relation to the reporting obligations, the FAQs specify that no reporting obligations shall apply to companies already meeting the reporting requirements under the CSRD. The same shall apply to the obligation to adopt climate transition plans. Where companies already adopt such plans under the CSRD framework, no additional obligations shall arise for them under the CSDDD in relation to the obligation to adopt a climate transition plan.
Civil liability
Non-compliance with the obligations to prevent, mitigate, or end adverse impacts might result in civil liability of the non-compliant company. The FAQs clarify however, entities are not liable if only their business partners caused the harm. If found liable, a company must provide full compensation to victims for the damages suffered, but this compensation shall not result in overcompensation and shall specifically not encompass punitive damages.
Key Steps for Compliance and Preparedness
At this stage it is crucial for companies to familiarize themselves with the legislation. Doing so provides planning security and helps mitigate potential unwanted surprises. The FAQs can assist in addressing initial questions, such as the applicability of the regulation to your specific organization. However, this initial set of FAQs cannot provide specific guidance on the CSDDD, leaving the concrete interpretation and implementation of the regulation uncertain. Nonetheless, understanding the key elements of this legislation is essential for compliance and for fostering a culture of sustainability. The Commission’s FAQs might help you to get a broad overview over the scope and consequences of this Directive.