The all-in-one guide to CSDDD: Corporate Sustainability Due Diligence Directive

The Corporate Sustainability Due Diligence Directive (CSDDD), also known as the CS3D, is a crucial part of the EU Green Deal movement, aimed at restructuring the world of corporate accountability.

The EU CS3D means to address a critical issue: large corporations often shifted their compliance burdens onto smaller suppliers, who may not have had the resources to meet these demands or operated in areas with lower regulatory standards. This negatively impacted both people and the environment.  

To combat this, safeguards are being introduced to prevent such risks.  

In this post, we provide an overview of the CSDDD, explaining its purpose, functions, and the potential effects it will have on businesses and society.  

What is the Corporate Sustainability Due Diligence Directive?  

‍The Corporate Sustainability Due Diligence Directive (CSDDD) is a new legislative initiative the European Commission proposed to launch for all companies operating within the entire European Union (EU).  

Together with the EU CSDDD, we’ll be seeing a shift in how businesses see sustainability. Organizations will now be held accountable both for their direct operations as well as for the activity of their partners within the entire supply chain. By asking organizations to take proactive measures, the directive prompts companies to take a deeper look at how their day-to-day operations influence (positively or negatively) human rights and the environment.

CSRD vs CSDDD: The difference between CSRD and CSDDD  

The Corporate Sustainability Reporting Directive (CSRD) was implemented to improve and create a universal standard for the way companies report on sustainability. Per CSRD rules, organizations have to disclose all information regarding their environmental, social, and governance actions. This gives stakeholders more room and data to assess the impact of an organization on society and the environment.

The Corporate Sustainability Due Diligence Directive introduces several new technical and legal requirements into the picture.

As per the CSDDD, companies are required to take "appropriate measures" for preventing and addressing adverse impacts on human rights and the environment within their value chains. For comparison, past directives were either voluntary or driven by self-imposed regulations. The CSDDD measures, however, will remain legally enforceable.  

This means companies risk facing civil liability for any of the harmful effects their actions are causing as long as there are no strategies or plans to prevent or reduce them. This is a major move away from previous practices where reputational damage was seen as the primary consequence of non-compliance. Instead, companies will now face the risk of legal action from affected parties or stakeholders.

All the companies the CSDDD addresses must also adopt and implement a climate transition plan that will align their businesses with the Paris Agreement and the EU’s climate neutrality goals. Specifically, companies should clarify what decarbonization actions and investments they’ll take to hit their climate targets.

Who needs to comply with the CSDDD regulation?  

Both large EU and non-EU companies need to comply with CSDDD requirements if they have at least 1,000 employees and a net global turnover of over €450 million. If it’s a non-EU company, they need to comply if their turnover within the EU is €450 million or more.  

The CSDDD regulation also applies to companies engaged in franchise or royalty agreements within the EU with independent third parties. This includes ultimate parent companies with royalties exceeding €22.5 million and a worldwide net turnover of over €80 million.  

When does CSDDD come into force?  

The CSDDD entered into force on July 25, 2024. If your organization is part of a European Member State, you have until July 26, 2026 to make the changes. Fast forward one year and on July 26, 2027, the rules will begin applying to companies with a step-by-step CSDDD timeline over 3 to 5 years:

• by July 26, 2027: EU companies with more than 5,000 employees and a global turnover exceeding €1,500 million; and non-EU companies with a turnover of over €1,500 million generated within the EU.

• by July 26, 2028: EU companies with more than 3,000 employees and a worldwide turnover of over €900 million; and non-EU companies with more than €900 million turnover within the EU.

• by July 26, 2029: All other companies within the CSDDD scope.  

The benefits of CSDDD compliance  

The Corporate Sustainability Due Diligence Directive was needed as more businesses were starting to recognize their own role in tackling global sustainability challenges. For years, stakeholders have also requested more accountability for corporate actions.  

This, alongside prevalent issues in the climate and human work conditions space, created an urgent need for new regulatory mechanisms that could make sure organizations remained responsible.  

The Corporate Sustainability Due Diligence Directive addresses all of these concerns. It does so by requiring companies to establish improved due diligence processes and asking them to stay transparent in the process. Compliance with this directive can bring advantages such as:  

• By prioritizing the protection of human rights, companies can prevent violations in a society where currently 90% of the world's 2,000 most influential companies fail to uphold human rights, provide decent working conditions, and ensure ethical conduct.

• Businesses that show strong accountability and ethical practices can build stronger relationships with customers and foster trust among employees.

• Implementing complex due diligence lets organizations find and address potential risks proactively, minimizing their negative impacts on overall operations.

• Companies will acquire better knowledge and data into their human rights and environmental impacts. This can reduce liability risks and improve corporate reputation in the long run.

• Firms that prioritize sustainability and social responsibility become more appealing to top talent, sustainability-focused investors, and public procurement entities.

• Transparent ESG practices make a company more attractive to lenders and investors so it’s easier for the organization to get access to diverse financial resources.

How does the CSDDD work?  

The Corporate Sustainability Due Diligence Directive first introduces the need for running extensive due diligence processes for companies, with a stronger focus on their impact on human rights and environmental sustainability. To implement the directive, you’re required to cover six core provisions:

1. Introduce due diligence requirements  

The main thing companies should focus on is implementing the initial policies and processes the CSDDD requires. This includes incorporating due diligence into their operations and taking whatever actions are needed to prevent or mitigate these impacts and associated risks in the future.

2. Assess your current efforts

To effectively manage risks, companies must adopt a proactive approach, conducting regular assessments to continuously identify and re-evaluate actual and potential human rights and environmental impacts associated with their operations.

‍“Companies are expected to first identify the general areas where the most severe and likely impacts may occur, before conducting a more detailed assessment in those specific areas. The CSDDD differentiates between a high-level assessment and an in-depth assessment. In the high-level assessment, for example, companies should identify and evaluate actual and potential adverse impacts arising from their own operations, subsidiaries, and related activities, including those involving business partners.” - Matthias Leisinger, Director & Co-Founder at Focusright ltd

3. Work on preventing and mitigating risks

Develop and launch a preventive action plan that includes contractual assurances with business partners. Tell them how you’re going to support them with implementing preventive and corrective measures and set timely targets for both your and their prevention efforts.

4. Monitor the effectiveness of the new measures

To see how your new due diligence measures perform, set clear performance indicators from the start to reflect any direct policy results. You’ll also need to set up a robust system (e.g. a mix of a digital platform and framework) to track key metrics and get feedback from your stakeholders.

ESG software helps you with the collection, tracking, management, reporting, and analysis of ESG data. On top of that, ESG Flo helps you take control of your Supplier Portal and know exactly what kind of impact your supply chain is making on society and the environment. Such tools optimize the way you handle company data related to sustainability, social responsibility, and corporate governance, so your organization stays compliant with CSDDD demands.

5. Communicate everything publicly

If your company falls within the CSDDD scope, you’re required to publish an annual statement on the human rights and environmental due diligence efforts you’re implementing. This means you’ll have to publicly post information about your operations and supply chains, share potential negative impacts, and come up with a plan to mitigate or remedy these.  

6. Fix adverse impacts

Establish a complaints procedure for affected individuals and their representatives, along with notification mechanisms for persons or organizations with information about adverse impacts. Additionally, ensure remediation is provided for any actual adverse impacts identified.  

“Often, auditing can be useful at this stage. Where issues arise, corrective action plans should be implemented as part of the remediation strategy. Additionally, there's a communication aspect, including a disclosure requirement—either through the same channels as the CSRD, if you're subject to it, or on your website." - Maureen O'Donnell, Manager Responsible Business Certification Scheme.

What’s next for your organization in 2025?  

To stay ahead of all new CSDDD demands, begin by implementing the new rules as soon as possible.  

1. Start by identifying new or complex risks within your own operations and partners’ activity. Although the directive is unlikely to undergo major changes, it’s prudent to base your efforts on the current draft.

2. Update your code of conduct (CoC) to address the most significant risks that can occur at any point in your value chain. Don’t forget to evaluate your suppliers by taking a look at the risks they face and what the impact of these vulnerabilities would be for your own business. Prioritize critical suppliers and establish responsible purchasing policies that integrate environmental and social vigilance.

3. Request updated information from suppliers to reclassify them, focusing on mitigating their vulnerabilities. Additionally, ensure that corrective action plans are effectively implemented to reduce risks. This risk-based strategy can help your organization prepare for future regulatory changes (unexpected or not) while maintaining strong supplier relationships.

Needless to say, there’s only so much you can do to keep up with all the moving parts without automation. ESG Flo leverages AI to help you automate all data management processes so nothing slips through the cracks.  

Book your demo today and make CSDDD compliance easy for you and your partners!