The Corporate Sustainability Due Diligence Directive (CSDDD): Everything, Everywhere, All at Once?
By David Ramos Muñoz (Associate Professor at Universidad Carlos III de Madrid)
The Corporate Sustainability Due Diligence Directive (CSDDD) marks a significant step in the European Union’s commitment to integrate supply chain sustainability standards in EU Law. The legislative process was fraught with challenges. The Commission Proposal’s impact assessment received two negative opinions from the Commission’s Regulatory Scrutiny Board (RSB); civil society advocates, in turn, complained to the European Ombudsman about RSB’s bias. The legislative project lay dormant until it was picked up again in 2023; it failed to secure a Council majority on 28 February 2024, then approved amidst concerns that some Member States could withdraw their support. The text voted by the European Parliament in 24 April 2024 had some carve-outs and compromises from the initial proposal. All this controversy and tension have cast a (mostly) negative light on some of the CSDDD limitations (to human rights advocates) or costs (for members of industry).
In a recent paper I argue that this debate is largely distracting. It fails to acknowledge the CSDDD’s defining feature: its ambition. The CSDDD is not intended as a mere ‘compliance’ text, but a ‘transformative’ framework. It also fails to acknowledge the CSDDD’s challenge: turning a source of costs/risks into a value proposition. This depends not only on the CSDDD, but on the conditions for its application.
The CSDDD ambition: a text that tries to be transformative.
The first aspect (ambition) is hard to argue with. In terms of firms subject to it, the CSDDD applies to corporations with over 1,000 employees and €450 million turnover, including non-EU companies generating substantial revenue in the EU. It incorporates both direct and indirect business partners into a company’s ‘chain of activities.’ This extends its reach to upstream and some downstream relationships. True, the CSDDD excludes financial firms’ downstream services, their main source of impact, but doing so would have made the CSDDD hard to manage and probably interfered with those firms’ prudential frameworks. Plus, the Directive has a potential to irradiate beyond its original scope, as smaller firms adapt their practices to their larger clients or suppliers, and as banks are increasingly faced with new information about their clients’ ‘adverse impacts’ on human rights and the environment.
In terms of content the CSDDD builds on prior initiatives such as the Corporate Sustainability Reporting Directive (CSRD) and transforms voluntary guidelines, like those present in the UN Guiding Principles (UNGP) and the OECD Guidelines for Multinational Enterprises (MNEs) into mandatory legal obligations. It goes far beyond soft law texts (eg, Japan, China) and narrower laws, focused mostly on forced labor and disclosure obligations (California, UK, Australia, Canada), and is closer to the more ambitious French Vigilance Law and German Supply Chain Act, by embedding due diligence in risk management systems. It is also more specific than the French law, and more comprehensive than the German law, in the list of rights, principles, and instruments that will inform companies’ obligations to identify and assess adverse impacts in human rights and the environment (Article 8), and adopt ‘appropriate measures’ to prevent, mitigate, and end those adverse impacts (Articles 8-11 CSDDD). Companies must also provide access to grievance mechanisms, ensure stakeholder engagement, and offer remediation beyond mere termination of harmful activities.
Furthermore, the CSDDD uniquely requires companies to develop transition plans for climate change mitigation, ensuring their business models align with the Paris Agreement’s 1.5°C target, turning aspirational goals into enforceable obligations.
Can it deliver? Not a question for the CSDDD alone.
The CSDDD’s problem is that, at an institutional level, it rests on the EU approach of regulation and compliance because this is what the European legislator can guarantee. And this model is hopelessly insufficient for a transformative text. There are three main challenges that the CSDDD itself cannot answer.
Institutional and Enforcement Challenges
Successful implementation of the CSDDD depends on enforcement mechanisms, but even more than conventional ‘enforcement’, it depends on the ability of competent authorities and courts to be discriminating, and capable to distinguish meaningful efforts from mere ‘box ticking’; to order and command, yes, but also to listen and look carefully. The directive proposes a European Network of Supervisory Authorities and guidelines for risk factors and model contract clauses. However, ensuring adequate resources and expertise for enforcement remains a concern, especially as Member States balance competitiveness with compliance demands.
Adversarial vs. Collaborative Dynamics
The transition from voluntary to mandatory frameworks may strengthen adversarial dynamics. Litigation under similar laws, such as the French Vigilance Law and German Supply Chain Act, like Friends of the Earth v. Total, Envol Vert v. Casino or complaints against IKEA and Amazon highlights this risk. High-profile cases were also filed in jurisdictions without such legislation, like the UK, such as Vedanta, Okpabi or Mariana. This litigation involves jurisdictional and procedural challenges and can present major complexities on elements such as the standard of care, or ‘causation’. Furthermore, it is unclear whether such adversarial dynamics are a means to an end, ie, leverage to support more constructive engagement, or can become an end in themselves, harming the prospects of collaborative dynamics. It is important to be aware of the behavior and incentives of defendants and plaintiffs, to strengthen collaborative dynamics.
A Value Proposition for Firms
The list of aspects covered by the directive can be overwhelming. Furthermore, if a reading of the CSDDD in isolation makes it clear that its focus is ‘risk management’, a reading in combination with the CSRD shows that legislators also try to incorporate supply chain due diligence as a source of intelligence to inform the company’s ‘strategy’. This is explicit in the case of climate transition plans, more implied in other areas. However, strategy requires ‘focus’, ie, not every interest protected by the CSDDD can be ‘strategic’, and ‘value’, ie, an aspect can only be strategic if it is a source of value for the company.
This is perhaps the most difficult aspect: for the CSDDD to succeed, it must shift authorities’ and companies’ views of due diligence from a compliance burden to a strategic advantage. Aligning sustainability goals with risk management and long-term business strategy requires clear incentives. Transition plans, a unique feature of the directive, could serve as a value proposition if firms integrate them into financial and operational planning. Can firms be left the space to experiment, and turn this into strategic potential? Will they even heed (or even hear) the message amidst all the debate about costs, burdens and constraints? Admittedly, the defeatism about a declining Europe does not bode well for this.
Conclusion
The CSDDD’s ambition to harmonize due diligence standards has transformative potential. However, success depends on resolving ambiguities in enforcement, balancing aspirational goals with legal precision, fostering collaborative relationships between firms, stakeholders, and regulators, and creating a space to turn sustainability into a strategic asset (through prioritization and experimentation). Achieving this balance will determine the directive’s legacy in advancing global sustainability goals. It will be challenging. We could, however, start by acknowledging the challenges.