This browser is not actively supported anymore. For the best passle experience, we strongly recommend you upgrade your browser.

Freshfields Risk & Compliance

| 7 minutes read
Reposted from Freshfields Sustainability

Global supply chains creating global duties for global corporations: Commission’s draft of the Corporate Sustainability Due Diligence Directive

The European Commission has, after some intensive internal discussions, unveiled its proposal on a Corporate Sustainability Due Diligence Directive (the Directive). The European Commission’s proposal aims to ensure that companies undertake environmental and human rights due diligence in their own operations, the operations of their group subsidiaries and their global value chains. Yet, the Directive should not be mistaken as a “pure” compliance instrument for EU companies. In this blog post we highlight the Directive’s interrelation with other sustainability legislation and its extensive scope (including with respect to US and other non-EU multinationals) which has the potential of becoming a global sustainability game changer, compelling corporations to accelerate their sustainability transformation. 

Who is in scope?

As repeatedly proclaimed by EU Justice Commissioner Didier Reynders over the drafting process, the scope of the proposed Directive is far-reaching. The Commission did not only impose duties on EU companies but also on non-EU companies that operate in the EU’s internal market. The Directive shall apply to:

  • EU companies with more than 500 employees and a net turnover of more than EUR 150 million worldwide in the last financial year;
  • EU companies with more than 250 employees and a net turnover of more than EUR 40 million worldwide in the last financial year, where 50% of the net turnover was generated in one or more high-risk sectors which, inter alia, include the textiles, agriculture, wood, food, mining and extractive sectors;
  • Non-EU companies which generated a net turnover of more than EUR 150 million in the EU in the financial year preceding the last financial year;
  • Non-EU companies which generated a net turnover of more than EUR 40 million in the EU in the financial year preceding the last financial year where at least 50% of net turnover was generated in one or more of the above-mentioned high-risk sectors.

What risks have to be taken into account?

Companies’ due diligence obligations will need to address actual and potential human rights and environmental adverse impacts, resulting from violations of human rights and environmental conventions as listed in the Annex of the Directive. With regard to human rights, this includes – inter alia – the right to just and favourable conditions of work; the prohibition of child labour, modern slavery, forced labour; and the right to freedom of association. Protected environmental rights include – inter alia – prohibition of exports of certain hazardous waste within the meaning of the Basel Convention on the Control of Transboundary Movements of Hazardous Wastes and their Disposal; the prohibition to import / export any specimen listed in the Appendix of the Convention on International Trade in Endangered Species of Wild Fauna and Flora; prohibition of the manufacture of mercury-added products pursuant to the Minamata Convention on Mercury. In contrast to an earlier draft by the European Parliament, “governance risks”, such as corruption or tax crimes, are not covered by the proposed Directive any more.

What kind of duties are imposed on companies? 

The proposed Directive foresees comprehensive compliance duties, similar to existing domestic supply chain laws, including:

  • integrating due diligence into all corporate policies and implementing a due diligence policy that is updated and published annually; the due diligence policy must include (i) a description of the company’s approach to due diligence; (ii) a code of conduct; and (iii) a description of the processes in place to carry out due diligence;
  • taking suitable measures to identify actual or potential adverse human rights and environmental impacts;
  • taking appropriate measures to prevent or minimise potential adverse impacts; this could include seeking contractual assurances from business partners that they will comply with the company’s code of conduct (interestingly, the Commission might still adopt guidance about voluntary “model contractual clauses”) or adopting a prevention action plan (including prior consultation with affected stakeholders);
  • setting suitable measures to end and mitigate actual adverse impacts; this could include seeking contractual assurances from business partners;
  • establishing a complaint, i.e. grievance mechanism; and
  • continuously monitoring the effectiveness of their measures (such assessments should be carried out at least annually).

Over the course of the legislative process, the Commission might additionally issue guidelines on how companies should fulfill their due diligence obligations.

The Directive obliges large companies to also adopt a plan ensuring that their business model and strategy are compatible with the transition to a sustainable economy (and with the goal of limiting global warming to 1.5 °C in line with the Paris Agreement). The plan needs to identify the extent to which climate change is a risk for, or a consequence of, the company’s operations – and if this is the case, needs to include emission reduction objectives. Any variable directors’ remuneration that includes ESG aspects will have to encompass the fulfillment of the outlined climate change obligations.

Non-EU companies will further have to designate a legal or natural person as its authorised representative who should be entitled to receive communications from supervisory authorities and should cooperate with supervisory authorities, established or domiciled in one of the Member States where it operates.

Do companies need to report?

In general, companies in scope need to report annually on their due diligence carried-out, on potential and actual adverse impacts and on their actions taken. Yet, companies that are already subject to the current Non-Financial Reporting Directive – which will soon be replaced by the more stringent and scope-extensive Corporate Sustainability Reporting Directive – are spared from this duty, enabling a consolidated reporting via general non-financial reporting as implemented in the Member States. In contrast, all companies not obliged under the Reporting Directives, e.g. non-EU corporations, will have to publish an annual statement on their due diligence measures. The Commission will adopt additional delegated acts laying down criteria for such reporting.

What consequences can arise in case of non-compliance or damage caused?

Member States have to ensure that a civil liability regime is in place that renders companies liable for damages if they fail to (i) prevent potential adverse impacts; or (ii) cease adverse impacts. It is further stipulated that civil liability under the law of a Member State can arise irrespective of whether the law applicable to claims raised in connection with the subject matter of the Directive is not the law of a Member State.

Moreover, administrative fines – which should be based on a company’s turnover – and other sanctions can be imposed on non-compliant companies. However, the types of possible sanctions lie in the discretion of Member States.

The Directive sets out that there has to be one or more national supervisory authorities to ensure compliance with the obligations under the Directive. Such authorities shall at least be competent for conducting investigations (either on its own motion or as a result of substantiated concerns submitted by natural and legal persons), imposing pecuniary sanctions, and interim measures on companies to prevent severe or irreparable harm. In addition, any decision of the supervisory authorities containing sanctions should be published. In order to join forces within the EU – and similar to the draft 6th EU AML Directive on “cooperation to the greatest extent possible” amongst national supervisors and FIUs – the proposed Directive foresees the introduction of a European Network of Supervisory Authorities, which focuses on cooperation, coordination, information sharing and general alignment of the regulatory, investigative, sanctioning and supervisory practices of the competent authorities.

Directors’ duties for EU companies 

The proposed Directive also explicitly expands directors’ duties under company law to sustainability matters. It is laid down that when directors are fulfilling their duties to act in the best interest of the company, they have to take into account the consequences of their decisions for sustainability matters, incl. human rights, climate change and environmental consequences. In general, Member States shall ensure that domestic provisions on breach of directors’ duties also apply to these provisions, e.g. adding personal liability of directors regarding sustainability non-compliance

Expected timeline 

The Directive will become applicable to large companies within two years and to smaller companies in high risk-sectors within four years from the entry into force of the Directive.


The Directive will present the most detailed as well as complex supply chain regulation to date globally – reaching into different branches of law and establishing significant extraterritorial scope by subjugating many non-EU companies with considerable sales in the EU’s internal market. It goes far beyond other supply chain compliance laws presented by the EU, such as the EU Conflict Minerals Regulation or the Draft for a Deforestation Regulation, by not only focusing on compliance measures but stipulating new standards for domestic corporate law. 

While the Directive is an important milestone to level (up) the international playing field, companies with global operations should be reminded that EU directives serve the goal of legal harmonisation, not equalisation. That means boards and General Counsel will now have to monitor and abide by national supply chain laws that will be enacted by Member States in order to transpose the Directive.

It will be interesting to see how the Directive will drive:

  • the regionalisation of supply chains (to a certain extent already to be observed);
  • corporate M&A activities with respect to carve-outs or divestments of “risky” business operations as well as potential takeovers of suppliers’ businesses in order to establish control power over critical suppliers; and
  • the “high impact” amendments to be made with respect to the contractual relationships towards suppliers and customers.

We strongly recommend that corporations – whether incorporated under EU Member States’ laws or not – start familiarizing and aligning with the Directive’s (minimum) requirements as it can be expected that Member States like France, Germany and the Netherlands, which already adopted comprehensive supply chain due diligence laws in the past, will not wait two more years after the adoption of the Directive to adapt their national laws to the new standards set by the EU.  

The European Commission’s proposal aims to ensure that companies undertake environmental and human rights due diligence in their own operations, the operations of their group subsidiaries and their global value chains.


corporate governance, environment, climate change, regulatory, retail and consumer goods, manufacturing, energy and natural resources