Skip to content.

With the EU Parliament hurdle now behind us, the spotlight is on the passing of the European Union’s Corporate Sustainability Due Diligence Directive (CSDDD) in early June 2023.

This directive is a huge milestone in enforcing corporate ownership of human rights and environmental footprints, both within operations and across supply chains.

Simultaneously, the EU Corporate Sustainability Reporting Directive (EU CSRD) calls for a staggering 50,000 organizations to pull together comprehensive Environmental, Social and Governance (ESG) reports. This flood of major new ESG legislation will jolt organizations worldwide into confronting the reality of greenwashing liability and taking real action toward sustainable business practices.

What’s the scope?

The EU CSDDD casts a wide net with its extensive reach. It applies to EU organizations with over 500 employees and a global turnover topping €150 million, as well as non-EU organizations if they generate €150 million or more in the EU market annually.

But the directive doesn’t stop there. If an EU organization has more than 250 employees and a global turnover north of €40 million – with half of that turnover from a high-risk sector – these new regulatory requirements will apply even below the higher thresholds. Non-EU companies are likewise affected if they generate over €40 million in the EU market and half of that amount comes from a high-risk sector.

High-risk sectors defined under this directive encompass various industries, including the manufacturing or wholesale of textiles, leather and related products, agriculture, forestry and fisheries, extractive industries and the food and beverage industry.

What’s on the CSDDD to-do list?

1. Conducting due diligence

Organizations in scope will be required to dig into potential environmental and human rights risks in their operations and supply chains. This includes rigorous screening and auditing of suppliers and business partners. Site visits, policy reviews and regulatory compliance checks will all be expected processes to integrate into due diligence policies and procedures.

2. Mitigating risks

If risks are identified, organizations must devise and roll out policies and procedures to mitigate them. This includes cooperating and engaging with suppliers and other third parties to tackle potential issues across operations.

3. Reporting publicly

The CSDDD demands transparency. Organizations must showcase their due diligence efforts and risk management strategies. This could be through an annual sustainability report or by making the information easily available online.

4. Establishing grievance mechanisms

A responsive channel for workers and stakeholders to air concerns is a must. Organizations must also have efficient processes for addressing and following up on these concerns quickly and within the strict requirements of data privacy and the GDPR.

5. Ensuring third-party compliance

Due diligence extends beyond an organization’s own doors to their suppliers and third parties. Organizations must ensure these players also meet the CSDDD’s standards or risk facing liability for that third party’s non-compliance.

Preparation for rainy days

With the CSDDD, organizations must take responsibility for their suppliers’ environmental and social impacts.

Even so, as COVID-19 recently taught us, being prepared for the worst prevents us from being in the worst situation to prepare. All organizations should triple-check that their business continuity plans are solid and in line with the current business environment in case of supply chain issues or other major national or global disruptions. Identifying key suppliers, lining up alternative suppliers, and regularly fine-tuning these processes should all be built-in as part of these organizational preventative measures.

Avoiding regulatory teeth

If an organization does not or cannot meet CSDDD requirements, the consequences can be severe. The directive has teeth, with provisions for enforcement and penalties for non-compliance. These penalties range from fines to other sanctions – and ignoring environmental and human rights risks in operations and supply chains can land organizations in legal trouble with national supervisory authorities.

Worse, the fallout extends beyond the courtroom. The reputational damage can be a serious blow to organizations in any industry, potentially leading to a loss of business and a tarnished brand. In some cases, non-compliance can lead to being shut out of public procurement processes or saddled with additional monitoring and reporting hoops to jump through. The weight of civil liability could also come into play if preventative measures could have helped avoid damages.

In short, failing to meet the CSDDD requirements isn’t an option for organizations that want to avoid serious ramifications for the future success of their organization.

What comes next?

As the world absorbs the impact of this new legislation, key debates linger on the extent to which the financial services sector will have to comply with the CSDDD.

One thing is clear, even as everyone wrestles with the details and deadlines – the world of corporate responsibility is about to experience a flood of ESG action, and organizations should prepare themselves to avoid being swept under the surge and remain proactive in this new era of corporate responsibility

The world of ESG is vast and can be daunting, especially for those just getting started. For more information on how to plan, implement and measure an ESG program, check out our Definitive Guide to ESG.

For more information about human rights due diligence in the supply chain, view our recent webinar on demand

Watch the Webinar

Frequently Asked Questions (FAQ)

1. What does CSDDD stand for, and what does it do?

CSDDD stands for Corporate Sustainability Due Diligence Directive. It’s a European Union directive that enforces corporate responsibility for human rights and environmental sustainability within an organization and its supply chain.

2. Who is impacted by the CSDDD, and what are the thresholds for compliance?

The CSDDD applies to EU organizations with over 500 employees and a global turnover exceeding €150 million. Non-EU organizations must comply if they generate €150 million or more in the EU market annually. However, even lower thresholds apply to certain organizations. EU entities with over 250 employees and a global turnover exceeding €40 million, with half of it from a high-risk sector, also must adhere to the CSDDD. Non-EU companies are likewise affected if they generate over €40 million in the EU market, with half of that amount coming from high-risk sectors.

3. What are the high-risk sectors identified in the CSDDD?

High-risk sectors defined under the CSDDD include the manufacturing or wholesale of textiles, leather and related products, agriculture, forestry, fisheries, extractive industries, and the food and beverage industry.

4. What are the key requirements for organizations under the CSDDD?

Organizations must undertake due diligence to identify potential environmental and human rights risks in their operations and supply chains. This includes screening and auditing suppliers and business partners. They must also mitigate identified risks and engage with suppliers and other third parties to address potential issues that may arise. Organizations are required to report their due diligence efforts and risk management strategies transparently, which can be done through annual sustainability reports or online platforms. Additionally, they must establish grievance mechanisms for workers and stakeholders and ensure third-party compliance with CSDDD standards.

5. How can organizations prepare for supply chain issues and disruptions?

Organizations should review their business continuity plans to ensure they are aligned with their current business environment and that the plans are ready to address supply chain issues or other major disruptions. This can include identifying key suppliers, securing alternative sources, and regularly fine-tuning these processes to be better prepared for unexpected challenges.

6. What are the consequences of non-compliance with the CSDDD?

Non-compliance with the CSDDD can lead to severe consequences. The directive includes provisions for enforcement, as well as penalties ranging from fines to other sanctions. Ignoring environmental and human rights risks can result in legal issues with national supervisory authorities, potential reputational damage and the exclusion from public procurement processes. In some cases, civil liability may come into play if preventive measures could have mitigated damages.

7. How can organizations stay ahead of the evolving ESG landscape and avoid being “swept under?”

 Organizations should stay informed about the evolving ESG regulations and industry best practices. Engaging in continuous learning and adopting proactive approaches to sustainability and ethical practices can help them remain competitive and compliant with emerging standards.

8. What additional resources are available for organizations looking to implement ESG programs and understand the CSDDD?

The NAVEX Definitive Guide to ESG provides insights into planning, implementing and measuring an ESG program. Additionally, readers can find an on-demand webinars at for further information on human rights due diligence within the supply chain.