We have been closely following the legislative progress of the EU draft Directive on Corporate Sustainability Due Diligence (“CSDD”). Please see our previous posts on the subject of Value Chain Sustainability.

The legislation took a big step forward on November 30, 2022, when the Council of the European Union (the “Council”) adopted a  “negotiating position” on the European Commission’s CSDD proposal. The Council and the European Parliament will now negotiate the CSDD’s terms.

From a Big Picture point of view, the most important thing is that, as expected, the Council chose to proceed with this landmark legislation. Because the initiative began in the European Parliament, it is now even more likely that CSDD will become law.

The biggest difference between the original Parliament version and the Council’s version is that the Council chose to include the climate change provisions of the Commission’s proposal. It seems likely that the addition of climate change provisions will be acceptable to the Parliament.

Here are other noteworthy changes:

  1. The financial services sector would enjoy a privileged position. When they individually “transpose” the Directive into their national laws, the Member States will have the right to choose whether or not to apply CSDD to financial services.
  2. In-scope companies would not be responsible for the human rights or environmental shortcoming of their customers, as would have been required under the Commission’s draft – which would have made companies responsible for how their products and services are used and disposed of. (Curiously, the Commission had chosen to call this expansive supply-chain-plus-operations-plus-use-by-customers a “value chain”. Students of business history of course know that “value chain” has meant a company’s internal operations plus its supply chain, since the term was coined by Harvard Professor Michael Porter many years ago.) The Council is now choosing to call operations-plus-supply-chain – what Porter called a “value chain” – a “chain of actions”. Regardless of terminology, this change will come as a great relief to companies that will be affected by CSDD.
  3. To allow companies time to comply with the legislative regime, the timetable for implementing the law would be phased in as follows:
    1. Three years from entering into force for:
      1. EU companies with more than 1,000 employees and a net worldwide turnover of more than €300 million; and
      2. non-EU companies with a net turnover of more than €300 million in the EU;
    2. Four years from entering into force for:
      1. EU companies with more than 500 employees and a net worldwide turnover of more than €150 million; and
      2. non-EU companies with a net turnover of more than €150 million in the EU; and
    3. Five years from entering into force for:
      1. EU companies with more than 250 employees and a net worldwide turnover of more than €40 million – provided that at least 50% of this net turnover was generated in a “high-risk” sector (which includes textiles, clothing and footwear, agriculture, forestry, fisheries, food and extractives); and
      2. non-EU companies with net turnover of more than €40 million but not more than €150 million, provided that at least 50% of its net worldwide turnover was generated in one of those “high-risk” sectors.
    4. Directors’ Duties would be eliminated. Directors would not have a duty of care or a duty to set up and oversee “due diligence”. Recognizing the traditional role of national and state jurisdictions to set the rules of corporate governance, directors’ duties will remain within the purview of individual countries. Therefore, directors may still face duties under those laws.
    5. Civil liability would be retained and clarified. Significantly:
      1. A company would not be held liable if the alleged damage was caused only by its business partners in its “chain of activities”.
      2. The complaining party would be entitled to “full compensation” but not to “overcompensation”, such as punitive damages.

As in previous drafts of the Directive, civil liabilities are in addition to the powerful rules and penalties that Member States shall provide for, including pecuniary penalties. Such penalties are to be “commensurate with the company’s worldwide net turnover”. (This is ominously reminiscent of the GDPR data privacy regime and the €746m fine that was imposed on Amazon by Luxembourg’s National Commission for Data Protection last year.)

Next Steps in the Legislative Process

The draft Directive is now under consideration by the European Parliament to determine its initial negotiating position, as per standard EU legislative procedure. Once that is done, the Parliament and the Council will negotiate to reach a final version of the Directive. Vigorous lobbying can be expected before the final version is agreed upon.

Once the Directive enters into force, EU Member States will have two years to “transpose” the Directive into their national legislation.

What Should Companies Do at This Time?

CSDD will change the rules of the game and the business environment in which companies operate. CSDD directly targets companies with significant footprint in the EU. CSDD will indirectly affect companies in their value chains.

Companies need to begin preparing for the days when CSDD gets enacted in Member States’ laws. Before then, smart, agile companies will have been at work to do what will be required of them, and beyond that, to find and/or create competitive