Legislation is rapidly being introduced by countries to improve human rights and help address the environmental issues facing the planet. Organisations worldwide are slowly being scooped up by a metaphorical regulatory net that requires them to assess the potential for human rights and environmental risks within their value chains and report on what they are proactively doing to address them. Across the entire end-to-end process, from the finished product to the metals, minerals and other raw materials that are required to make them, companies must now demonstrate a clear understanding of the impact they are having on people and the planet.
In more and more of the world, ethical business and business as a force for good is now not only a way of differentiating or a way of meeting increasingly discerning consumer expectations, it’s a regulatory issue with significant penalties for doing it wrong. The European Union is one such trading Bloc seeking to clearly establish supply chain due diligence obligations for member states with the proposed Corporate Sustainability Due Diligence Directive.
The Corporate Sustainability Due Diligence Directive has been working its way through several readings in the European Parliament and is now in trialogue. The Directive was adopted by the European Commission at the beginning of 2022 and, whilst we know which organisations it will impact and its intended scope, there is still a degree of ambiguity about what it means to those organisations (and their suppliers) that need to comply. This page is intended to provide a helpful summary of what we know (and what we don’t know) so far. We will be keeping it updated as more information emerges.
What is the Corporate Sustainability Due Diligence Directive?
The Corporate Sustainability Due Diligence Directive (CSDDD) is a Directive that aims to foster sustainable and responsible corporate behaviour which anchors human rights and environmental considerations into a company’s operations and corporate governance. The new rules are aimed at ensuring that businesses address the adverse impacts of their actions, including in their value chains inside and outside of Europe. The intention is for the Directive to be formally ratified in 2024 prior to a phased implementation approach which will be mandatory for businesses that meet the directive thresholds both inside and outside of the European Union.
CSDDD requires companies to go beyond their own direct operations and report on the due diligence activities they have undertaken on their value chain. The Directive establishes a corporate due diligence duty. Its core aims to identify and bring to an end, preventing and accounting for negative human rights and environmental impacts in the company’s own operations, subsidiaries and value chains. Additionally, certain large companies need to have a plan to ensure that their business strategy is compatible with limiting global warming in line with the Paris Agreement.
CSDDD draws upon international guidelines such as the OECD Guidelines for Multinational Enterprises, UN Guiding Principles on Business and Human Rights, human rights conventions defined by the International Labour Organisation (ILO) and the UN Sustainable Development Goals and is part of a growing trend towards greater corporate responsibility for human rights and the environment in global supply chains. Several other countries, including Canada, Norway, France and Germany, have also implemented similar regulations in recent years.
The intention is, however, for this new EU Directive to align closely with the Corporate Sustainability Reporting Directive (CSRD) as businesses across the EU report on their sustainability performance.
What’s the relationship between CSDDD and other legislation like the German Lieferkettengesetz and Norwegian Åpenhetsloven?
Several countries have implemented similar supply chain due diligence acts into their regulatory frameworks. Most recently, both Norway
and Germany has introduced legislation that is similar to that being discussed for CSDDD.
As with much of the emerging social and environmental disclosure or due diligence legislation that is being adopted globally, its foundations are based on core standards and guidance documents like the Independent Labour Organisation (ILO) Fundamental Conventions and OECD Guidelines for Multinational Enterprises.
In some respects, this common foundation has made it easier for countries like Germany and Norway to pre-empt the Directive with their own legislation which interprets general internationally recognised conventions to produce legislation that in Norway focuses specifically on protecting human rights whilst the German legislation incorporates environmental protection, focussing specifically on three conventions: The Basel Convention, Stockholm Convention and Minamata Convention. Interestingly, unlike the CSDDD which will require the largest companies to demonstrate business strategies that align with the Paris Agreement neither the Lieferkettengesetz nor the Åpenhetsloven refer specifically to carbon reduction.
In addition to interpreting the social and environmental requirements of CSDDD and enshrining these into individual nation-state law, countries bound by the Directive will also be responsible for introducing appropriate means to monitor and enforce penalties on companies who fail to comply. As with the environmental elements outlined above, legislation in Norway and Germany differs from one another with regard to how companies should disclose their due diligence activities and the veracity of the penalty. It is likely that many other nation-states will adopt differing requirements for companies to disclose their activities and have differing approaches to enforcement.
Whilst it’s certain that all EU member states will require companies to publicly disclose their due diligence the nature of financial penalties and the level of enforcement that is adopted by regulators is likely to vary. There are several differences between German and Norwegian disclosure requirements and the penalties for non-compliance which you can learn about in our Ultimate Guide to Lieferkettengesetz and our Åpenhetsloven Ultimate Guide.
Why is CSDDD Important?
CSDDD is important for several reasons:
Protection of Human Rights: The Directive is designed to protect human rights by requiring companies to identify and address potential risks in their supply chains, including forced labour, child labour, and other forms of exploitation. By ensuring that companies are held accountable for human rights abuses in their supply chains, the law helps to protect vulnerable workers and communities around the world.
Environmental Protection: The law also helps to protect the environment by requiring companies to prevent and address environmental damage caused by their operations or their suppliers, including pollution, carbon consumption, deforestation, and the destruction of habitats. This helps to promote sustainable business practices and reduce the environmental impact of global supply chains, particularly on local communities.
Responsible Business Conduct: The law promotes responsible business conduct by requiring companies to comply with ethical business practices in their supply chains, including aligning processes to international guidance documents like the OECD Guidelines for Multinational Enterprises and OECD Guidance for Responsible Business Conduct. This helps to create a level playing field for companies and promotes sustainable economic development.
International Norms: The Directive is consistent with international norms on business and human rights, including the United Nations Guiding Principles on Business and Human Rights and ILO Fundamental Conventions. By aligning due diligence processes with these norms, the Directive helps to extend a common understanding of the responsibilities of companies in relation to human rights and the environment across global supply chains.
Overall, CSDDD is important because it helps to promote sustainable and responsible business practices, protect human rights and the environment, and create a more just and equitable global economy.
Which organisations need to comply with CSDDD?
The proposed Directive is expected to be ratified in 2024 and will include a two-year implementation phase. The phased rollout is expected to capture the following groups of companies:
Group 1 – EU companies with more than 500 employees and a net worldwide turnover of more than €150 million.
Group 2 – EU companies with more than 250 employees and a net worldwide turnover of more than €40 million, if more than half of the net turnover was generated in a high-risk sector (manufacturing of textiles, leather and related products; agriculture, forestry and fisheries; extraction and manufacturing of mineral products).
Group 3 – Third-country (i.e., non-EU) companies that generate a net turnover of more than €150 million in the EU.
Group 4 – Third-country companies that generate a net turnover of more than €40 million in the EU, and where at least half of their worldwide turnover is generated in one of the high-risk sectors identified above.
Upon final approval of the Directive EU companies in Group 1 and non-EU companies in Group 3 will be expected to comply with the new rules two years later. For those companies falling into groups 2 and 3, the implementation phase will extend a further two years from approval meaning that all eligible companies will be required to comply with the Directive within four years of approval.
What does the framework encompass?
SDDD has been developed to align with internationally recognised human rights and environmental conventions and standards including the ILO Fundamental Conventions, OECD Guidelines for Multinational Enterprises, OECD Due Diligence Guidance for Responsible Business Conduct and UN Guiding Principles on Business and Human Rights.
Additionally, for larger entities that fall within Groups 1 and 3, the Directive obligates companies to ensure their business operations and strategies are compatible with the 2015 Paris Agreement.
The Directive is designed to promote responsible business conduct and prevent negative impacts on both people and the environment across global supply chains as well as helping to create sustainable economies. Companies will be expected to consider the wide range of human rights, environmental and climate-related risks associated with their operations, particularly those that are present within their supply chains. The Directive reflects a growing recognition of the need for companies to take responsibility for their supply chains and ensure that their business practices are both sustainable and ethical.
What are the obligations of companies and directors?
The CSDDD requires companies to conduct reasonable due diligence on their operations and their value chains to prevent or minimise
human rights or environmental risks.
There are several measures an organisation will be expected to take in order to fulfil obligations:
• Integrate due diligence into corporate policies and procedures.
• Conduct a risk analysis to identify potential adverse impacts.
• Prevent and mitigate adverse impacts that have been identified.
• Establish and maintain a complaints procedure.
• Monitor the effectiveness of due diligence procedures.
• Publicly communicate the due diligence that has been undertaken.
Due to the alignment of the Directive with international standards and guidelines, it is likely that due diligence obligations will be broadly aligned to those that are defined in other supply chain due diligence legislation adopted most recently by Germany and Norway.
In addition to corporate obligations the Directive also introduces duties for the directors of eligible companies. Duties include overseeing the implementation of due diligence processes and integrating due diligence into the corporate strategy of the organisation. Directors will also
be expected to take into account the human rights, climate and environmental consequences of their business decisions on an ongoing basis.
What is the reporting format?
It is not believed that there will be a formal reporting format as with other, similar legislation or the Corporate Sustainability Reporting Directive (CSRD) which came into force at the beginning of 2023. Companies will be expected to outline their due diligence processes and activities within publicly available reports. This may be done by incorporating information within existing sustainability reports or by producing a standalone report.
What happens if a company fails to comply with the CSDDD?
Enforcement of the Directive is managed at a member-state level. Individual EU Member States will be expected to use a relevant regulatory authority to impose penalties such as sanctions, fines and compliance orders. Similar legislation adopted by Germany and Norway includes trade sanctions for companies identified as not complying with legislation.
In addition, attitudes to organisations and their approach to sustainability are creating other significant implications of not taking a proactive approach to ESG supply chain risk including damage to brand reputation and the financial impact of a loss of consumer or shareholder confidence. It can take a very long time to build up positive brand recognition, however, it does not take long to seriously damage it.
What are the benefits of compliance?
Overall, taking a proactive approach to sustainability can bring significant benefits to organisations, including improved reputation, reduced risk, increased efficiency, competitive advantage, and long-term sustainability.
Improved Reputation: Demonstrating a proactive approach can help to improve an organisation’s reputation as a responsible and ethical business. By taking steps to prevent human rights abuses, environmental pollution and other negative impacts in their supply chains, organisations can enhance their brand image and increase customer loyalty.
Reduced Risk: ESG compliance can help reduce the risk of legal action, fines, and reputational damage. By identifying and addressing potential risks in their supply chains, organisations can minimise the likelihood of human rights abuses occurring and mitigate any negative impacts.
Increased Efficiency: ESG compliance can help increase the efficiency of supply chain management. By implementing due diligence measures and monitoring suppliers, organisations can identify areas for improvement and optimise their supply chain operations.
Competitive Advantage: ESG compliance can provide a competitive advantage by demonstrating a commitment to responsible business practices. This can help organisations attract and retain customers, investors, and employees who prioritise ethical business practices.
Long-Term Sustainability: ESG compliance can contribute to the long-term sustainability of an organisation’s operations. By taking steps to prevent exploitation and ensure the health and safety of workers, organisations can promote the well-being of their employees and the communities in which they operate.
How to get started with EU CS DDD?
Getting started with any Supply Chain Due Diligence requirements can be a complex process, but there are several steps that companies can take to begin their compliance journey and ensure they are as prepared as possible for legislation that is creeping up on the horizon:
Develop a Due Diligence Policy: Companies should develop a due diligence policy that outlines the processes and measures they will take to mitigate risks in their supply chains. This policy should be aligned with the requirements of the law and should be communicated to all relevant stakeholders.
Assess Your Supply Chain: The first step is to assess your supply chain to identify potential human rights and environmental risks. This includes identifying suppliers, subcontractors and other parties you have business relationships with and evaluating their adherence to international standards and regulations.
Implement Due Diligence Measures: Companies should implement due diligence measures to identify and mitigate risks in their supply chains. This includes conducting risk assessments and audits engaging with suppliers to ensure compliance and implementing risk mitigation measures where necessary.
Monitor and Evaluate Performance: Companies should monitor and evaluate the performance of their due diligence measures to ensure that they are effective in mitigating risks in their supply chains. This includes tracking supply chain due diligence supplier performance and conducting regular risk assessments.
Publish Performance Reports: Companies should publish reports on their compliance with the due diligence obligations. These reports should include a description of due diligence processes, identified risks, risk mitigation measures, supplier engagement, remedy measures, verification measures, grievance mechanisms, transparency, and management approach.
Engage with Stakeholders: Companies should engage with stakeholders, including customers, investors, civil society organisations, and affected communities, to understand their concerns and expectations related to supply chain due diligence.
Seek External Support: Companies can seek external support from consultants, auditors, and other experts to help them comply with the requirements of the law.
In summary, getting started with CSDDD requires a broad approach to be truly effective. An approach that should include developing due diligence processes, assessing the supply chain, implementing due diligence measures, monitoring and evaluating performance, reporting on performance, engaging with stakeholders, and seeking external support where necessary. Adopting a broad approach and treating your due diligence as a supplier development programme can have tangible benefits for an organisation, going far beyond regulatory compliance.
Challenges of achieving compliance with the CSDDD?
We know from similar legislation that is being introduced across the world that organisations working towards and achieving compliance with sustainability and supply chain legislation face some common challenges. These include:
Supply Chain Complexity: Many companies have complex and extensive supply chains, with numerous tiers of suppliers. Identifying and assessing risks throughout the entire supply chain can be challenging and resource-intensive. The complexity can also be compounded by the global nature of supply chains, some operating in hard-to-reach or hard-to-access countries.
Data collection: Data required to comply goes beyond regular operational boundaries. Data sources with questionable provenance, accuracy and interpretation often become primary sources of information which undermine the basis for the reporting. Data may also be in multiple data formats and there is often an absence of systems to record data in a methodical way that can be used to demonstrate a risk-based approach.
The veracity of data: Web-scraped or AI-generated data from sources of unknown provenance lacks the scrutiny necessary to fully understand the risks. Organisations rarely have the resources to undertake credible data checking or independent verification required to report with confidence.
Lack of Transparency: Many suppliers may be unwilling or unable to provide full transparency in their operations, making it difficult to identify and address risks.
Limited Capacity: Many buyers may lack the resources to undertake such intensive and sustained supply chain management including data collection from numerous disparate sources or sufficiently credible levels of data checking and verification of their suppliers. Likewise, suppliers may lack the capacity or resources to implement the necessary improvements to comply with the law.
Cost of Compliance: Complying with the law can be expensive, especially for small and medium-sized companies. The cost of conducting due diligence, monitoring suppliers, and implementing risk mitigation measures can be significant.
Knowing what is enough: Understanding what is required to satisfy the regulators and ensure compliance. For more on this read our useful Blog: When is enough, enough?
Legal Liability: Non-compliance with the law can result in legal liability, including fines and legal action. This can create additional risk for companies, particularly if they are unable to identify and address potential risks in their supply chains.
Coordination with Suppliers: Collaboration with suppliers is essential to implement due diligence processes effectively and as transparently as possible. However, engaging with suppliers can be challenging, especially if they are in different countries with different cultural and legal frameworks.
Time Constraints: Companies may struggle to implement effective due diligence processes within the required timeframe. The law requires companies to implement due diligence processes within a specific timeframe, and non-compliance can result in legal liability.
The Corporate Sustainability Due Diligence Directive is a significant development in the European Union’s approach to supply chain regulation. This Directive will require companies to implement effective supply chain due diligence processes to prevent and mitigate negative human rights, and environmental and climate impacts. The Directive will be phased in by the EU after its ratification, with each Member State enforcing the Directive with their relevant regulators.
The CSDDD is aligned with other moves globally to introduce legislation to help create a more responsible global economy. As more and more countries consider harmonising their own ESG legislation, it is likely that supply chain transparency and accountability will become increasingly important in the global marketplace. Embarking on a journey of improved supply chain due diligence now will likely reduce future disruption when other nations or industries adopt increased levels of due diligence on the supply chain.
The CSDDD is a positive development that has the potential to create a more sustainable supply chain ecosystem. By prioritising the well-being of workers, communities, and the environment, companies can build a stronger and more resilient global economy for the future.
For over 30 years, Achilles has protected organisations’ business interests and reputations by providing unrivalled levels of supply chain transparency, carbon reduction and management. We are the ESG and carbon management partner of choice for the world’s leading global brands.
Achilles specialises in supporting customers that require truly robust environmental, social and governance reporting to fully comply with ESG regulation, meet investor requirements and achieve their own ambitious sustainability goals. We work with market-leading financial, industrial, commercial and governmental organisations requiring the serious, detailed analysis and expert insight necessary to deliver exceptional reporting confidence and positive social and environmental impact.
Operating from 17 locations worldwide, Achilles is at the forefront of the battle against climate change, a champion for social justice and human rights, and an expert in health, safety, and risk management.
How we help companies comply with the Act:
Achilles works on behalf of organisations that require comprehensive supply chain due diligence solutions and detailed data insight necessary to comply with international supply chain legislative obligations. Beyond compliance, our sustainability services and supplier development programmes enable organisations to demonstrate improved performance within their supply chain.
Achilles services include:
Supply Chain Evaluation – We collect and assess data from a wide range of sources including (but not limited to) documentation from your suppliers, publicly accessible and historical information from the internet and investigation reports from NGOs and charities. Uniquely, our Transparency questionnaire also incorporates information captured from our extensive, global, in-person audit programme, and the voices of workers gathered over many years of interviews in similar industries and regions to paint a full picture of your supply chain risk.
Risk Assessment – Detailed supply chain evaluation enables us to undertake a “broad scoping exercise” to create a high-level picture of risks that may be hidden within the supply chain. This broad, multi-disciplined approach is integral to successful supply chain due diligence and key for organisations that need to be able to demonstrate to regulatory authorities that they understand their risks and have “done enough” to mitigate them.
Due Diligence – Delivering thousands of audits (both desktop and site) every year, our teams of highly skilled audit personnel are strategically situated across the globe to interrogate documentation, physically inspect workplaces and confidentially speak with individuals who may be subject to unethical employment practices or human rights violations.
Remediation and Reporting – Committed to continually improving international supply chains, Achilles drives continual improvement through the tracking of audit report findings and remediation actions within the supply chain. The analysis supported by Achilles Data Scientists gives you comprehensive supply chain data that can be included in annual reports.
Contact us to find out how Achilles can help you meet your supply chain due diligence obligations.
The importance of Supply Chain legislation and helpful advice to companies starting out on their compliance journey.
Temperature records are being broken across the globe and July 2023 was set to be the hottest month ever recorded. Leading climate scientists have warned that businesses need to reduce carbon emissions by 50% by 2030 if the world is to stand a chance of limiting climate change, but Achilles data shows that many businesses do not yet have a carbon reduction plan in place. On average companies that deploy the Achilles Carbon Reduce Programme reduce carbon by 30% over 3 to 4 years and 50% over a 5 to 6 year period.
In September 2022 the ILO estimated that there were fifty million people living in modern slavery, 10 million more compared to 2016 estimates. Of that, 86% of forced labour cases were identified in the private sector.
Issues aren’t limited to human rights, countries around the world have become dumping grounds for hazardous waste. Developed nations have received increased criticism for not acting upon the export of hazardous or contaminated waste to various parts of the world, in contravention of the Basel Convention.
It’s not possible to use one part of any due diligence toolkit and expect it to drive significant change within the
supply chain. Due diligence is a holistic approach requiring collaboration, communication, education and cooperation as much as it is around the more technical elements of risk assessment and audit. Creating transparent supply chains, open to critique and willing to learn is vital.
The most successful due diligence programmes (even where there’s not been any legislation to leverage) embolden suppliers to improve. Technology is a vital tool for combatting supply chain issues, however, hearing the voices of those within the supply chain and seeing their working and living conditions provides far richer insight into the challenges within the supply chain than any amount of electronic data can.
Due diligence processes are unlikely to identify everything in the supply chain. Anyone who suggests otherwise perhaps has not seen the very real issues that our teams have witnessed around the world. As businesses and professionals, our due diligence activities should stand up to scrutiny. In the event of an investigation, you will want to feel confident you did as much as you could to prevent issues and have processes to resolve the ones that have been identified. It’s often investigative reports or testimony from individuals that get splashed on the front pages of the national press.
Whilst some due diligence processes may take longer to implement, whether that be risk mapping of the supply chain, utilising third-party software or conducting audits there are some simple steps companies can take, starting with communication and education. The importance of speaking to the supply chain should not be underestimated. Explain what it is that you are doing, why and what you are hoping to achieve. Reassure that it is not about wielding a stick, it’s about identifying common areas of improvement. Many suppliers don’t have the same resources as the organisations embarking on this legislative journey, or the knowledge required to ensure compliance. Impart that knowledge, whether that be through supplier communications, events or even visits. Share examples of best practices and lead by example.