The Corporate Sustainability Due Diligence Directive (CSDDD), which came into force on July 25, 2024, is one of the EU’s central sustainability laws. It requires companies to conduct thorough due diligence on human rights and environmental impacts across their entire value chain, both upstream and downstream. The aim is to identify, prevent, and eliminate negative effects. The Directive is a crucial aspect of the EU's broader commitment to sustainable development and corporate social responsibility.
With our expertise in sustainability, legal matters, risk management, supply chain management, business strategy, and other key related topics, we are prepared to help companies interpret legislation and prepare for compliance while meeting their broader sustainability and business objectives.
Prepare your business: read our guide to CSDDD and how to navigate it below.
First announced by President von der Leyen in November 2024, the European Commission released the Omnibus package on 26th February 2025. The package includes proposals to streamline and simplify certain aspects of the EU sustainability framework, notably the CSRD, CSDDD and EU Taxonomy.
The documents released are proposals, and therefore explicitly subject to further debate and negotiations. This means that the final outcome may be different from the proposals including thresholds for companies to be in scope. As the negotiations are ongoing, it is still unclear if more changes are on the horizon or if there may be a softening of some of the proposed changes. Up until adoption of Omnibus Proposal I and II, the existing timelines of the CSRD, CSDDD and EU Taxonomy are applicable.
The proposals will now go through the political process, requiring approval by the European Parliament and European Council.
To give companies more certainty on timing of the directives, a decision on the ‘stop the clock’ proposal is expected in early April 2025. The ‘content’ proposal containing the detailed changes will likely take between 12-18 months depending on the progress of negotiations.
Timing: The application deadline is subject to a 1-year delay from 26 July 2027 to 26 July 2028. Guidelines will be published earlier starting in July 2026.
Value chain: Value chain due diligence is limited to direct business partners, except when there is plausible information that suggests that adverse impacts at the level of the operations of an indirect business partner have arisen or may arise. In this case it shall carry out an in-depth assessment.
Stakeholder engagement: The definition of ‘stakeholder’ has been narrowed to cover only company employees, employees of direct business partners and subsidiaries, and individuals and communities that are directly impacted by the products, services and operations of the company and its subsidiaries.
Stakeholder engagement is no longer required when deciding to terminate or suspend a business relationship, or develop indicators for the monitoring of effectiveness. It is still required to identify and prioritise adverse impacts, developing action plans and remediation efforts.
Monitoring frequency: Changed from annually to every 5 years.
Termination of business relationships: Companies are no longer required to terminate business relationships in the case of non-compliance, instead focusing on the suspension of the relationship and remediation.
Enforcement: The EU-wide civil liability requirements have been removed, leaving civil liabilities requirements to the discretion of member states. In addition, it is proposed that NGOs and trade unions are no longer authorized to file complaints or claims on behalf of affected persons.
Penalties: The commission shall issue guidance to Member States’ supervisory authorities to determine the level of penalties. The minimum cap of 5% global turnover has been removed and the penalty amount is no longer mandatorily based on the company’s net worldwide turnover.
Climate transition plan: The obligation to adopt a transition plan remains, but the obligation to ‘put it into effect’ has been removed.
The Omnibus is still subject to significant discussion, and potential changes. However, the scope of companies impacted by the directive hasn’t changed, nor its foundations in the UN Guiding Principles and OECD Guidelines for Responsible Business. As immediate next steps we would advise companies to:
The Corporate Sustainability Due Diligence Directive (CSDDD) is an EU directive that requires companies within its scope to implement a human rights and environmental due diligence process.
The Directive requires companies to identify and assess negative impacts on human rights and the environment that are associated with their own operations, the operations of their subsidiaries, and the operations of their business partners in the companies' chains of activity. Business partners include direct partners, those with commercial agreements related to the company’s business activities, products, or services, as well as indirect business partners, companies that carry out business activities related to the company’s business activities, products, or services.
Where necessary, companies should prioritize the most serious risks to prevent, mitigate, and remediate or contribute to remediation, based on shared responsibility.
The CSDDD will ultimately apply to:
The CSDDD has strong synergies with and is closely linked to various EU laws related to human rights and value chain due diligence, including the EU Deforestation Regulation (EUDR), the EU Conflict Minerals Regulation (EUCMR), the EU Batteries Regulation (EUBR), and impending legislation banning forced labour. While the due diligence obligations in these regulations are often sector-, commodity-, or topic-specific and vary in scope and obligations, the CSDDD sets a uniform EU-wide standard. It requires both EU and non-EU companies to develop comprehensive due diligence strategies for human rights and environmental issues. However, the data collected and the due diligence implemented in the context of EUDR, EUCMR, and other regulations may be used to support CSDDD compliance, and vice versa.
In addition, the CSDDD is closely linked to the Corporate Sustainability Reporting Directive (CSRD), and the two complement each other in their efforts to enhance value chain sustainability and transparency within the European Union. Both guidelines are consistent with the OECD Guidelines for Multinational Enterprises on Responsible Business Conduct and are based on the UN Guiding Principles, with the CSRD focusing on reporting and disclosure of social and environmental impacts, risks, and opportunities, while the CSDDD imposes action-oriented obligations, requiring companies to actively examine and address the environmental and human rights impacts of their own operations and supply chain.
It should be noted that CSRD and CSDDD have different application areas. The CSRD applies to a broader range of companies and covers all value chain activities, including companies’ own operations, downstream and upstream. The CSDDD, on the other hand, applies to a narrower set of companies and focuses on a smaller group of value chain activities.
Finally, the CSDDD also has strong similarities with the minimum protection criteria of the EU taxonomy. If a company wants to be compliant with the EU taxonomy, it must implement human rights due diligence, which is very similar to the CSDDD due diligence requirements.
Implementing human rights and environmental due diligence requires companies to carry out the below activities.
Meaningful stakeholder engagement is required in each of these processes and is a fundamental element of due diligence as mandated by CSDDD.
In addition, CSDDD requires that companies establish a climate transition plan:
While the Directive places responsibility on companies to address negative human rights and environmental impacts throughout their value chain, the proximity to the impact and the influence that the company has on the business partner involved plays a role in determining the level of action expected from the company.
Note that context and leverage should not be a factor in impact prioritisation, as this should be done based on severity and likelihood.
Companies are expected to address these risks by working directly with business partners and/or working with indirect business partners if necessary, as well as working with affected stakeholders or representatives. However, if these measures do not lead to successfully managing the risks, the company may, as a last resort, choose to temporarily suspend the business relationship until the risk is resolved, or refrain from entering into new or existing relations with the relevant partner, if it has been determined that the situation will not be further affected.
For environmental due diligence under the CSDDD, a specific set of environmental topics is in scope, as outlined in the Directive’s appendix and summarised below:
Negative impact on natural resources:
Management of substances that are environmentally harmful:
Environmental degradation that affects people’s safety, health, well-being, and access to resources, such as:
Reducing climate change in line with the Paris Agreement, on the basis of a climate transition plan
Fines up to a maximum amount to be determined individually by each Member State (this maximum amount should not, however, be less than 5% of the company’s net global turnover)
Exclusion from public tenders
Civil liability for the intentional or negligent causing of adverse effects
Compliance with the Corporate Sustainability Due Diligence Directive (CSDDD) can help companies position themselves as leaders in sustainability and ethical business practices and achieve significant operational, reputational, and financial benefits:
Companies should start preparing for CSDDD now to allow enough time to build the systems and carry out the activities required by the directive. This includes taking enough time to identify risks and mitigate them, including through coordination with partners in the value chain and through contract (re)negotiations if necessary. Companies also need to consider how they can effectively meet these requirements, while taking into account their broader business and sustainability goals.
The requirements of CSDDD are complex, but if addressed carefully, they can be seamlessly integrated into business operations, potentially leading to positive outcomes such as improved reputation, stronger customer relationships, and enhanced risk management. By proactively addressing CSDDD, companies avoid costly reactive measures such as expensive firefighting or penalties and reputational damage due to non-compliance with human rights and environmental standards. Additionally, early preparation allows companies to harmonise CSDDD compliance with other related regulations, thereby minimising inefficiencies and maximising resource utilisation.
Deloitte can support you with each of these key steps.
While corporates are mandated to implement comprehensive sustainability due diligence across their entire value chain, FSIs primarily focus on upstream activities. Moreover, FSIs need to integrate clients' sustainability strategies and commitments to the Paris Agreement for improved risk assessment and transparency.
The CSDDD impacts FSIs by requiring them to conduct comprehensive human rights and environmental due diligence, primarily focusing on upstream activities of their value chain. Although FSIs are not obligated to cover downstream activities, aligning with the broader compliance efforts of their clients—who might be in scope of CSDDD and CSRD—can enhance transparency and risk management. Furthermore, FSIs must also align their business models with the Paris Agreement, ensuring that their financial activities contribute to global sustainability goals.
Extending sustainability due diligence beyond the CSDDD minimum requirements offers FSIs enhanced risk mitigation and can position them as leaders in sustainable finance. By integrating downstream activities, FSIs can better support their clients' sustainability efforts, align with international standards such as the OECD Guidelines and the UN Guiding Principles on Business and Human Rights (UNGPs), and build competitive advantages through credible transition plans.
This proactive approach not only facilitates improved Know Your Customer (KYC) practices and transition planning but also supports strategic decision-making and operational efficiency, leading to stronger client relationships and increased trust. Furthermore, having solid knowledge of the sustainability performance of clients, also in the downstream value chain may limit the risk of ESG-related litigation.
FSIs can leverage sustainability data from the CSRD. By integrating client-reported data, FSIs can strengthen their KYC and risk management practices, aligning with soft law standards, and enhancing strategic decision-making. This "trickle-up" approach ensures FSIs contribute effectively to sustainability goals and defend their practices in a changing regulatory landscape.
We hope this information has given you the context around CSDDD that you were looking for. We understand that every organisation and situation is unique. With our extensive experience, global network, and state-of-the-art technology, we are ready to help you find a fitting solution. Please feel free to contact us. We are ready to discuss how we can help you with your specific needs.
Did you find this useful?
To tell us what you think, please update your settings to accept analytics and performance cookies.