An introduction to the EU Corporate Sustainability Due Diligence Directive (“CSDDD”)
Regulation of global supply chains is increasingly a primary weapon in the arsenal of both international organizations and individual jurisdictions as concerns over the perpetuation of human right abuses and forced labor conditions continue to affect the public conscience. This is particularly true in the European Union (“EU”), which in 2022, released a comprehensive proposal for a sustainability due diligence directive (“CSDDD”) that would broadly obligate EU Member States to identify, mitigate, and end such abuses where possible, and to provide restitution to affected individuals and even communities.
As currently drafted, the CSDDD has a number of primary components, chiefly: (1) a binding legal obligation for certain covered companies to identify actual and potential human rights and environmental adverse impacts in their own operations, as well as their subsidiaries and value chains with which the organization has an established relationship; (2) consistent with the foregoing, the adoption of “appropriate measures” to identify actual and potential adverse human rights and environmental impacts; (3) effective measures to prevent or adequately mitigate potential adverse impacts that have been identified; (4) the adoption of measures to end current adverse impacts either immediately or gradually where immediate cessation is impracticable; (5) a requirement that covered organizations adopt a complaint process that allows certain covered individuals and entities to make reports concerning suspected adverse human rights and environmental impacts; and (6) supervision, monitoring, and imposition of financial penalties by supervisory authorities in EU Member States responsible for the CSDDD’s implementation.
The CSDDD’s coverage: relevance to both EU and non-EU companies
CSDDD Article 2 explicitly extends its material provisions to EU-based companies: (a) that had more than 500 employees on average and a net worldwide turnover of more than EUR 150 million in the previous financial year; and (b) that did not reach the thresholds enumerated under point (a), but had more than 250 employees on average and a net worldwide turnover of more than ERU 40 million in the previous financial year, at least fifty percent of which was generated in one or more of certain high-risk sectors. These sectors include: (1) the manufacture of textiles, leather, and related products (including footwear), and the wholesale trade of textiles, clothing and footwear; (2) agriculture, forestry, fisheries (including aquaculture), the manufacture of food products, and the wholesale trade of agricultural raw materials, live animals, wood, food, and beverages; and (3) the extraction of mineral resources regardless from where they are extracted the manufacture of basic metal product and other non-metallic mineral products and fabricated metal products (except machinery and equipment), and the wholesale trade of mineral resources, basic and intermediate mineral products.
Significantly, even commercial organizations not formed under the laws of any EU Member State are covered by the CSDDD’s requirements by virtue of Article 2(2), which explicitly provides that compliance with the provisions of the CSDDD extends to companies which are formed in accordance with the legislation of a third country: (a) having generated a net turnover of more than EUR 150 million in the Union in the financial year preceding the last financial year; and (b) having generated a net turnover of more than EUR 40 million but not more than EUR 150 million in the Union in the financial year preceding the last financial year, provided that at least fifty percent of its net worldwide turnover was generated in one or more of the high risk sectors designated above. As such, the plain language of the current CSDDD proposal would subject even certain non-European companies with headquarters and operations overseas, but operating in the internal market, to its due diligence obligations.
Due diligence obligations explained
Article 6 CSDDD sets forth the basic principle that covered organizations (identified more comprehensively above) must proactively examine their own operations, those of their subsidiaries, and the value chains at the level of their “established business relationships” for actual and potential adverse human rights and environmental concerns. To comply with Article 6’s requirements, covered organizations are required to deploy a full range of due diligence tools, including the solicitation and evaluation of both quantitative and qualitative information, independent reports and information gathered from complaints (as discussed in great detail below), and various consultations with affected constituencies, including but not limited to, worker groups and other relevant stakeholders that stand to be affected by the impacts in question. While the CSDDD contains very little direction in terms of what methods or means are acceptable to satisfy its requirements, should the draft proposal be adopted by the EU Parliament, organizations can expect more detailed guidance from both the EU itself and individual jurisdictions that are ultimately responsible for the transposition of the CSDDD’s requirements into domestic law.
Once identified, organizations are obliged to either: (1) prevent or mitigate the potential for the identified abuse; or (2) end the abuse in question (incrementally or immediately). Under the rubric of prevention and mitigation, Article 7 CSDDD makes it clear that companies should develop and implement a prevention action plan that includes “clearly defined timelines for action and qualitative and quantitative indicators for measuring improvement.” WIth respect to organizations with whom the covered company has an established, direct business relationship, contractual assurances should be acquired that commit the business partner to comply with the covered company’s code of conduct and where necessary, a prevention action plan that essentially flows-down the same contractual requirements from its own partners. Where necessary, Article 7 also mandates that organizations “make necessary investments” into management and production processes, as well as infrastructure to prevent the identified abuse from materializing. When dealing with SMEs that, for the most part, fall outside of the ambit of the CSDDD, covered organizations are also required to provide “targeted and proportionate support” where compliance with the covered organization’s code of conduct would be too onerous and jeopardize the viability of the SME in question. Additionally Article 7 provides an opportunity for organizations to collaborate on a collective basis to utilize their combined leverage to prevent or end the abusive impact altogether. Most significantly, Article 7 requires covered organizations to suspend and/or completely sever their commercial ties with any business partner incapable of collaborating with the covered entity to prevent or mitigate the adverse human rights or environmental impact at issue. This includes both temporary suspension of contractual relations (where the covered entity has a reasonable expectation that it will encourage the business partner to reform its practices in the short-term and outright termination where the “potential adverse impact is severe.”
CSDDD Article 8 addresses an organization’s obligation to bring an identified adverse human rights or environmental impact to an end. Under Article 8, covered organizations are required to “neutralize” the adverse impact altogether or minimize its extent. Notably, this includes the provision of monetary assistance, in the form of the payment of damages, to affected persons and communities. The scope of such assistance must be “proportionate to the significance and scale of the adverse impact” and take into account the particular contribution of the covered company to the adverse impact itself. Alternatively, Article 8 permits an organization to develop a corrective action plan similar in content to the prevention action plan referenced in Article 7. CSDDD Article 8 further instructs organizations to seek contractual assurances from its direct business partners to ensure compliance with its code of conduct and where necessary, a corrective action plan. Similar to Article 7, Article 8 additionally imposes the obligation on covered organizations to make necessary investments into management and production processes as well as needed infrastructure to satisfy their cessation obligations. Finally—again akin to Article 7—Article 8 requires a covered entity to provide targeted and proportionate support to all SMEs with which the company has an established business relationship where compliance with the conduct or corrective action plan would be unduly burdensome.
The final constituent element of the CSDDD consists of Article 9’s complaints protocol. To encourage third parties to report abusive human rights and environmental practices, Article 9 requires covered entities to adopt a mechanism for the submission of complaints where legitimate concerns regarding actual or potential adverse human rights and/or environmental impacts are raised. The mechanism must be capable of receiving reports from a number of constituent groups, including: (1) persons adversely affected by or have grounds to believe they might be affected by, an adverse impact; (2) trade unions and workers representatives involved in the value chain; and (3) civil society organizations active in relation to the value chain concerned. In the same vein, covered entities are also required to establish a procedure to investigate and disposition complaints. Where a complaint is well-founded, the adverse impact designated is deemed to have been identified within the meaning of Article 6—thereby requiring the organization to take measures to mitigate and eventually cease the practice in question.
Sanctions under the CSDDD
While the CSDDD empowers supervisory authorities in Member States to impose financial penalties for non-adherence to its explicit stipulations, it is largely envisioned that companies will be encouraged to voluntarily submit to the proposed regime with assistance and proper guidance issued by supervisory authorities in each Member State. To the extent a fine is imposed, Article 20 CSDDD empowers a supervisory authority to impose pecuniary sanctions based on a company’s turnover, taking into account the company’s efforts to comply with any remedial action required by a supervisory authority, any investments/targeted support provided to individuals and affected communities, and the participation of the violating organization in collaborative efforts with other entities similarly situated to rectify the abuse in question.