CSDDD - Löning - Human Rights and Responsible Business

The CSDDD:

Here’s What You
Need to Know

A quick guide to the Corporate Sustainability Due Diligence Directive

Intro

On 24 May 2024, the EU Council formally adopted the Corporate Sustainability Due Diligence Directive (CSDDD), concluding a political decision-making process that spanned several years. The regulation came into effect on 25 July 2024 and must be transposed into national law by 26 July 2026.

For the first time in the European Union’s legislative history, key principles set out in the UN Guiding Principles on Business and Human Rights are now codified into EU law.

Show all

With the adoption of the CSDDD, a new standard of corporate conduct has emerged – one that prioritises sustainability and responsibility.

The CSDDD mandates a thorough due-diligence process for companies, to hold them accountable for their impacts on human rights and the environment. This responsibility extends not only to their direct operations, but to their chain of activities, too.

A key aspect of the directive is the obligation for companies to identify, cease, prevent, mitigate and be held accountable for any adverse impacts resulting from their activities. Moving forward, EU member states will have a two-year transposition period to incorporate the CSDDD into their national legislation by 26 July 2026. As EU law takes precedence over national law, existing regulations such as the German Supply Chain Act (LkSG) will have to be adapted to comply with the new directive.

The Corporate Sustainability Due Diligence Directive heralds a new era of corporate responsibility, where businesses are driven not only by profit, but also by their commitment to social and environmental well-being.

Show less

Scope of application

EU companies with more than 5,000 employees and worldwide turnover higher than €1,500 million
Non-EU companies with higher than €1,500 million turnover in the EU

EU companies with more than 3,000 employees and worldwide turnover higher than €900 million
Non-EU companies with higher than €900 million turnover in the EU

EU companies with more than 1,000 employees and worldwide turnover higher than €450 million
Non-EU companies with higher than €450 million turnover in the EU

EU companies with EU franchising or licensing agreements with worldwide turnover higher than €80 million (with at least €22,5 million generated by royalties)

Non-EU companies with EU franchising or licensing agreements with turnover higher than €80 million (with at least €22,5 million generated by royalties)

Chain of activities

Companies should take appropriate steps to establish and implement due diligence measures with respect to their own operations, those of their subsidiaries as well as of their direct and indirect business partners throughout their chain of activities.

The “chain of activities” should cover activities of a company’s upstream business partners related to the production of goods or the provision of services by the company, including the design, extraction, sourcing, manufacture, transport, storage and supply of raw materials, products or parts of products and the development of products or services, as well as activities of a company’s downstream business partners related to the distribution, transport and storage of the product, where the business partners carry out these activities for the company or on behalf of the company.

Show all

The disposal of products will not be comprised by the due diligence obligations.

Furthermore, the “chain of activities” does not include the activities of a company’s downstream business partners related to the company’s services.

Interaction with other EU legislations:

The chain of activities should not include the distribution, transport, storage and disposal of products covered by the Dual Use Regulation (EU Regulation 2021/821) as it already addresses negative impacts in the fields of human rights or environmental protection. In particular, this regulation requires member states to consider the risk of such goods being used in connection with internal repression or the commission of serious violations of human rights and international humanitarian law.

Show less

Civil Liability

How does the directive strike a balance between holding companies accountable for their actions and taking into account their business partners’ role and responsibility in causing damage?

The directive imposes civil liability on companies that caused a damage by intentionally or negligently failing to take preventive or remedial measures. However, companies are not liable for any damage that is caused solely by a business partner. Affected parties can bring legal actions for a minimum of five years and shall be fully compensated for the damage suffered. Injured parties can authorise organisations (such as trade unions, non-governmental human rights or environmental organisations, or other NGOs) to claim damages on their behalf.

Requirements

Risks

Rights of the Child
Prohibition of Child Labour

Right to Liberty and Security
Prohibition of Forced or Compulsory Labour
Prohibition of Slavery and Slave-Trade

Just and Favourable Conditions of Work

Freedom of Association and Collective Bargaining

Prohibition of Unequal Treatment in Employment
Freedom of Thought, Conscience, and Religion

Just and Favourable Conditions of Work
Prohibition of Restricting Workers' Access to Essential Needs

Right of Individuals, Groups and Communities to Lands and Resources and to not be Deprived of Means of Subsistence

Right to Life
Prohibition of Torture and Cruel, Inhuman, or Degrading Treatment

Prohibition of Environmental Degradation

Prohibition of Arbitrary or Unlawful Interference with Privacy and Family
Freedom of Thought, Conscience, and Religion, Adequate Housing for Workers

Risks Related to Mercury as Prohibited by the Minamata Convention

Risks Related to Persistent Organic Pollutants (POPs) as Prohibited by the Stockholm Convention

Import and Export of Hazardous Wastes as Prohibited by the Basel Convention

Obligation to Avoid or Minimize Adverse Impacts on Biological Diversity (1992)
Convention on Biological Diversity, Cartagena Protocol and the Nagoya Protocol

Prohibition of Importing, Exporting, Re-exporting, or Introducing Endangered Species of Wild Fauna and Flora (CITES)

Prohibition of Importing or Exporting Dangerous Pesticides and Industrial Chemicals Listed in Annex III of the Rotterdam Convention

Prohibition of Production, Consumption, Import, and Export of Ozone-Depleting Substances (ODS) in Line with the Montreal Protocol.

Obligation to Avoid or Minimize Adverse Impacts on Natural Heritage Properties

Obligation to Prevent Pollution from Ships

Obligation to Prevent, Reduce, and Control Pollution of the Marine Environment by Dumping

Climate Transition Plan

To limit global warming to 1.5°C in line with the Paris Agreement, and to meet the EU’s climate neutrality target, companies that are subject to the CSDDD are required to prepare a climate transition plan.

This plan comprises the following elements:

REALITY CHECK

There are increased reporting obligations under the CSDDD.

Learn the truth

SMEs will be unable to cope with the severe impacts they’ll face.

Learn the truth

Full upstream supply chain transparency is required immediately.

Learn the truth

There is no business case for corporate sustainability due diligence.

Learn the truth

The CSDDD only applies to supply chains.

Learn the truth

The CSDDD will make foreign trade extremely difficult.

Learn the truth

Myth
There are increased reporting obligations under the CSDDD.

Reality
The directive does not introduce new reporting requirements, referring instead to those already established by the CSRD. The CSDDD is about more than just reporting. While the CSRD, its close relative, aims to ensure ESG transparency in the companies to which it applies, the CSDDD focuses on identifying adverse impacts and taking action. It does this through a due diligence process that follows the six steps outlined in the OECD Guidelines for Multinational Enterprises.

Myth
SMEs won’t be able to cope with the requirements of this regulation.

Reality
SMEs are excluded from the scope of the directive and therefore have no legal obligations under it. While there may be indirect impacts as larger companies shift responsibilities to SMEs, the directive addresses this through a risk-based approach. Companies will focus on significant risks and should provide support to SMEs, such as capacity building or financial assistance, including direct funding or soft loans, particularly where compliance with the larger company’s code of conduct could threaten the viability of the SME.

Myth
Full upstream supply chain transparency is required immediately.

Reality
The CSDDD promotes a risk-based methodology for determining where companies should first focus their efforts. Companies are expected to identify risks and assess them based on severity and likelihood. This way, they can prioritise their impacts and corresponding mitigation efforts. Companies must assess risks across multiple dimensions, such as geographic location, supply chain activities, and supplier performance. The scope includes a company’s operations, subsidiaries and business partners linked to specific segments of the value chain. Companies are required to prioritise the most severe risks, understand causes and mitigate these risks first. While less severe risks require less immediate attention and transparency, companies are still expected to continuously enhance their understanding of supply chain risks and work towards mitigating them over time.

Myth
There is no business case for corporate sustainability due diligence.

Reality
Due diligence helps companies prevent risks (including legal liability) and address issues before they become significant and costly conflicts. In addition, companies that can demonstrate their CSDDD alignment to investors, business partners and governments are likely to have easier access to capital and markets. Compliance may also emerge as a prerequisite for securing public contracts and concessions awards. In addition, responsible companies have a competitive advantage in the labour market. Young talent often prefers to work in an environment where social responsibility is a core value.

Myth
The CSDDD only applies to supply chains.

Reality
Companies can have adverse impacts beyond their supply chain. For instance, companies may violate the labour rights of workers in their own operations or impact local communities near their facilities, particularly when large capital projects are involved, such as mines, data centres, and construction sites. It is imperative for companies to understand the origins of these impacts and determine whether they directly cause, contribute to or are linked to these impacts.

Myth
The CSDDD will make foreign trade extremely difficult.

Reality
No, it will not. According to the CSDDD, withdrawal and disengagement are seen as last-resort measures for addressing human rights violations or environmental harm. Evidence suggests that companies are unlikely to withdraw from markets solely on the basis of existing supply chain legislation. What’s more, companies must assess and demonstrate that withdrawal would cause less harm than the identified issues—a practice that is already standard for many companies. In essence, the CSDDD will require companies to encourage their suppliers to respect human rights and comply with local labour laws, regardless of whether these laws are enforced by government authorities. The CSDDD also encourages closer partnerships through collaboration, knowledge sharing and capacity-building. This fosters trust between partners and strengthens trade relations around the world.

Contact us

Interested in navigating the CSDDD in your chain of activities? We can support you!

Löning – Human Rights & Responsible Business is an international management consultancy specialised in human rights. With our multinational and interdisciplinary team of experts, we help companies establish and integrate effective human rights due diligence processes.