[author: Cherelle Johannes]
With the EU Parliament hurdle now behind us, the spotlight is on the passing of the European Union's Corporate Sustainability Due Diligence Directive (CSDDD) in early June 2023.
This directive is a huge milestone in enforcing corporate ownership of human rights and environmental footprints within operations and supply chains.
Simultaneously, the EU Corporate Sustainability Reporting Directive (EU CSRD) calls for a staggering 50,000 organizations to pull together comprehensive Environmental, Social and Governance (ESG) reports. This flood of major new ESG legislation will jolt organizations worldwide into confronting the reality of greenwashing liability and taking real action toward sustainable business practices.
What’s the scope?
The EU CSDDD casts a wide net. It applies to EU organizations with over 500 employees and a global turnover topping €150 million, as well as non-EU organizations if they generate €150 million or more in the EU market annually.
But it doesn't stop there. If an EU organization has more than 250 employees and a global turnover north of €40 million – with half of that turnover from a high-risk sector – these new regulatory requirements will apply even below the higher thresholds. Non-EU companies are likewise affected if they generate over €40 million in the EU market and half of that amount comes from a high-risk sector.
High-risk sectors defined under this directive include the manufacturing or wholesale of textiles, leather and related products, agriculture, forestry and fisheries, extractive industries and the food and beverage industry.
What’s on the CSDDD to-do list?
1. Conducting due diligence
Organizations in scope will be required to dig into potential environmental and human rights risks in their operations and supply chains. This includes rigorous screening and auditing of suppliers and business partners. Site visits, policy reviews and regulatory compliance checks will all be expected processes to integrate into due diligence policies and procedures.
2. Mitigating risks
If risks are identified, organizations must devise and roll out policies and procedures to mitigate them. This includes cooperating and engaging with suppliers and other third parties to tackle potential issues across operations.
3. Reporting publicly
The CSDDD demands transparency. Organizations must showcase their due diligence efforts and risk management strategies. This could be through an annual sustainability report or by making the information easily available online.
4. Establishing grievance mechanisms
A responsive channel for workers and stakeholders to air concerns is a must. Organizations must also have efficient processes for addressing and following up on these concerns quickly and within the strict requirements of data privacy and the GDPR.
5. Ensuring third-party compliance
Due diligence extends beyond an organization's own doors to suppliers and third parties. Organizations must ensure these players also meet the CSDDD's standards or face liability for that third party’s non-compliance.
Preparation for rainy days
With the CSDDD, organizations must take responsibility for their suppliers' environmental and social impacts.
Even so, as COVID-19 recently taught us, being prepared for the worst prevents us from being in the worst situation to prepare. All organizations should triple-check that their business continuity plans are solid and in line with the current business environment in case of supply chain issues or other major national or global disruptions. Identifying key suppliers, lining up alternative suppliers, and regularly fine-tuning these processes should all be built-in as part of these organizational preventative measures.
Avoiding regulatory teeth
If an organization does not or cannot meet CSDDD requirements, the consequences can be severe. The directive has teeth, with provisions for enforcement and penalties for non-compliance. These penalties range from fines to other sanctions – and ignoring environmental and human rights risks in operations and supply chains can land organizations in legal trouble with national supervisory authorities.
Worse, the fallout extends beyond the courtroom. The reputational damage can be a serious blow to organizations in any industry, potentially leading to a loss of business and a tarnished brand. In some cases, non-compliance can lead to being shut out of public procurement processes or saddled with additional monitoring and reporting hoops to jump through. The weight of civil liability could also come into play if preventative measures could have helped avoid damages.
In short, failing to meet the CSDDD requirements isn't an option for organizations that want to avoid serious ramifications for the future success of their organization.
What comes next?
As the world absorbs the impact of this new legislation, key debates linger on the extent to which the financial services sector will have to comply with the CSDDD.
One thing is clear, even as everyone wrestles with the details and deadlines – the world of corporate responsibility is about to experience a flood of ESG action, and organizations should prepare themselves to avoid being swept under.
The world of ESG is vast, and can be daunting for those just getting started.
