New compliance challenges for large companies: analysis of the Directive on corporate sustainability due diligence
Published on 22nd Jul 2024
Spain should aim when implementing CS3D to reduce extra regulation by tailoring it for both large companies and SMEs
The Corporate Sustainability and Human Rights Due Diligence Directive (CS3D) was established on May 24, 2024, to compel companies to promote sustainable development and progress towards sustainability actively.
In recent years, the European Union (EU) has legally committed to achieving climate neutrality, reducing emissions by at least 55% and modernising the European social market economy to promote sustainability.
Furthermore, an increasing number of Member States have pledged to enhance their legislative efforts on sustainability, which will impact how companies produce and procure. CS3D has been implemented to promote harmonisation in due diligence legislation and prevent confusion and legal inconsistencies. Its regulations will gradually start affecting large companies in 2027, posing a considerable challenge for many.
Companies operating under CS3D must establish and implement due diligence procedures for their operations, subsidiaries, and business relationships across their value chains. Companies should take reasonable measures to prevent or minimise adverse effects, considering the specific circumstances of each case. To ensure the significant impact of due diligence, it should address adverse effects across the entire life cycle of the production, use, and disposal of the product or service provision within its operations, subsidiaries, and the rest of its value chain.
Subjective scope
The CS3D's subjective scope has been significantly narrowed from the original European Commission proposal. Under CS3D, EU companies with more than 1,000 employees and a turnover exceeding €450 million will be required to adhere to its provisions – amounting to just 0.05% of all EU companies. It will also apply to non-EU companies with an EU turnover surpassing €450 million.
Likewise, within corporate groups, the parent company must fulfil the requirements that are outlined in the Directive on behalf of subsidiaries that individually fall within its scope. Parent companies primarily holding shares in operating subsidiaries and not making significant management, operational, or financial decisions that affect the group or its subsidiaries may be exempt from complying with the obligations in CS3D. This exemption is subject to approval by the competent authority, provided that one of their subsidiaries is designated to meet the requirements of CS3D.
Objective scope
Under CS3D, Member States must ensure companies uphold human rights and environmental due diligence through specific actions. These measures represent a significant advance for human rights. The due diligence process will involve the following six steps:
- Integrating due diligence into policies and management systems;
- Identifying and assessing adverse human rights and environmental impacts;
- Preventing, interrupting, or minimising actual and potential adverse human rights and environmental impacts;
- Monitoring and evaluating the effectiveness of measures;
- Communicating; and
- Remediating.
As a result, the primary obligations in this CS3D are framed as obligations of means.
It is essential to comprehensively evaluate the extent of due diligence along the entire value chain in CS3D. This involves reviewing the operations of upstream business partners engaged in manufacturing goods or offering services and those downstream in distributing, transporting, and storing products. This implies an assessment on procurement and sourcing practices, approaches, and the contractual terms and conditions between companies and their business associates.
Contractual cascade
Businesses within this scope should obtain contractual guarantees from their commercial partners, ensuring they adhere to the company's code of conduct. Similarly, business partners should also secure comparable assurances from their partners within the company's value chain, a process known as contractual cascade. These contractual assurances will be reinforced by measures to verify compliance. Companies may rely on industry initiatives or independent third-party verification to ensure this. Additionally, Member States will ensure that contracts governed by their laws allow for the option to terminate partnerships with commercial partners whose value chain has adverse effects that cannot be prevented or mitigated.
The CS3D requires companies to create a plan to ensure that their business model and strategy are in line with the transition to a sustainable economy and the objective of limiting global warming to 1.5°C, in accordance with the 2015 Paris Agreement.
Time-based scope
Member States are required to implement the regulations and administrative procedures for CS3D within two years. The implementation timeline is based on company size.
Companies with over 5,000 employees and a turnover exceeding €1.5 billion must comply within three years of the Directive coming into effect.
Companies with over 3,000 employees and over €900 million turnover should meet the requirements within four years of the Directive's entry into force.
Companies with over 1,000 employees and a turnover surpassing €450 million have a five-year compliance period from the date of the Directive's enforcement.
Liability and sanctions
Company directors are responsible for conducting due diligence and overseeing due diligence policies and measures in accordance as per established international frameworks. According to the Directive, Member States must ensure that directors consider the sustainability impacts of their decisions. This may require considering the implications for human rights, climate change, and the environment where relevant.
Every Member State should impose effective, proportional, and efficient penalties for non-compliance to guarantee the successful implementation of national measures based on CS3D. The European Commission will create a European Network of Supervisory Authorities to monitor the enforcement of CS3D.
Additionally, the liability regime does not specify who is responsible for demonstrating that companies' measures are adequate in a case's specific circumstances. This issue is left to be determined by national law.
Osborne Clarke Comment
CS3D does not apply to small and medium-sized enterprises (SMEs), but they could still be indirectly affected as contractors or subcontractors of companies subject to CS3D. This may create an extra burden for SMEs, as they would need to implement specific due diligence and ESG (environment, social, and governance) policies. On the other hand, large companies will have to identify risky business relationships, which could lead to changes in their value chains.
When implementing CS3D, Spain should aim to alleviate the additional burden of this regulation by tailoring it to the needs and resources of both large companies and SMEs.