Skip to main content

The EU Corporate Sustainability Due Diligence Directive is final. What now for your organisation?

At a glance:

- The Corporate Sustainability Due Diligence Directive (CSDDD), a major piece of EU legislation, is set to enter into force imminently and will apply to certain EU and non-EU companies from mid-2027. This includes financial services firms.

- Given the complexity of the new obligations and the breadth of challenges stemming from the CSDDD, companies need to dedicate sufficient time and resources to effectively respond to the Directive by the 2027 application deadline. Key aspects of their response should include: taking action to improve supply chain visibility; enhancing existing stakeholder engagement; designing and adopting a climate transition plan; and rolling out a proactive approach to managing sustainability-related risks.

- Companies will also benefit from aligning their response to the CSDDD with existing sustainability efforts, in particular, by ensuring to integrate it within their wider supply chain strategy, Corporate Sustainability Reporting Directive (CSRD) strategy and longer-term organisational sustainability transformation. This approach will help to ensure action taken is fully embedded in organisational processes; resources are streamlined and optimised; and overall efficiencies are realised. It will also contribute more broadly to the effectiveness of the wider organisational commitment to sustainability.

- Moreover, by dedicating adequate resources to building a robust environmental and human rights due diligence process – a core component of the CSDDD – companies can enhance their organisational resilience, increase stakeholder trust and boost their sustainability credentials.

- In this blog, we outline four key challenges that companies must navigate to meet the Directive’s requirements. We then set out where and how companies can streamline their response to the CSDDD with existing sustainability efforts. We conclude by highlighting a range of opportunities stemming from the Directive.

This article is relevant to practitioners operating within companies’ supply chain management and procurement, sustainability, compliance, legal and human resources teams.

The Corporate Sustainability Due Diligence Directive (CSDDD) is a major piece of EU legislation. It requires large companies operating in the EU to conduct and monitor human rights and environmental due diligence across their operations, subsidiaries and business partners. As we explained in our previous blog, companies will need to identify, assess and address any actual or potential harm they have caused, either individually or jointly, and provide remediation if necessary.

The European Parliament is set to approve the text of the CSDDD imminently. This will pave the way for the Directive to enter into force and then apply from mid-2027 for the largest companies (subject to timely adoption of the legislation by Member States). Given the complexity of the new obligations and the breadth of challenges stemming from the CSDDD, this 2027 implementation deadline is relatively tight. Some companies may have certain capabilities already in place to be able to respond to the new requirements, but most companies will need to dedicate time and resources to roll out significant enhancements.

At the heart of their strategy for CSDDD compliance, companies will need to work to fully integrate their response to the legislation with their wider supply chain strategy and longer-term organisational sustainability transformation. This will not only streamline resources, but also ensure that the approach is embedded into each company’s overall corporate strategy. Companies will then be best placed to reap wider strategic benefits as well as reduce the considerable legal, financial and reputational consequences that could arise from poor compliance.

Key challenges stemming from the CSDDD

1. Increasing supply chain visibility

The Directive requires companies to identify and assess environmental and human rights impacts across their chain of activities. The chain of activities is similar to a company’s value chain, encompassing the production of goods and services (e.g., the design, extraction, sourcing and transportation of raw materials) and the distribution, transportation and storage of a product. Companies need to develop a strong understanding of both their upstream and downstream supply chains to be able to identify and assess environmental and human rights impacts within their chain of activities. Since the Directive requires companies to assess the activities of their indirect business partners, it is especially important for companies to look at their Tier 1 suppliers’ supply chain as well as their Tier 3 and 4 suppliers.

This challenge is complicated by the Directive leaving out any specific details on how companies should map out their value chain. Companies will need to develop their own methodology, ensuring a practicable balance between granular and high-level information. Although the Commission is expected to publish guidelines on how to identify adverse impacts, the guidelines will not be available until six months before the rules start to apply. Companies should therefore not rely on waiting until the guidelines from the Commission are available since mapping out the value chain is a critical first step and any delays would affect the roll out of the other due diligence steps.

However, as highlighted in the detail of the legislative text, it is important to remember that companies are expected first to identify the general areas where the most severe and likely impacts are likely to occur before then carrying out a more detailed assessment in those areas. The mapping can also be guided by the value chain mapping completed under the CSRD as part of the double materiality assessment.

2. Recognising importance of meaningful stakeholder engagement

The Directive requires companies to engage with stakeholders throughout the due diligence process, from identifying and addressing impacts, through providing remediation, to monitoring the ongoing process. This includes companies needing to engage with previously unfamiliar stakeholders (such as whistle-blowers, NGOs and workers in the value chain) and to adopt new approaches to communication with existing stakeholders (such as employees, key suppliers and third parties).

Given the text’s emphasis on the importance of meaningful engagement, it is crucial for companies to ensure that their communication with various groups is interactive and they are receptive to feedback. Companies must tailor their approach to different groups based on their needs so the engagement is timely, accessible, appropriate and safe.

Many companies will need to overcome multiple hurdles in order to fulfil this requirement to carry out meaningful stakeholder engagement. Some of these obstacles will be specific to the organisation, such as upskilling procurement and sales teams so they are able to take an active role in engaging with business partners on human rights and environmental issues. Others, however, will be prevalent across industries and require a cross-organisational approach, such as addressing language and accessibility barriers and influencing supplier and third-party behaviours in competitive environments. To help them overcome these difficulties, companies can refer to the OECD Due Diligence Guidance for Responsible Business Conduct and relevant OECD sector specific guidance for practical support.

3. Prioritising design and implementation of a climate transition plan

It is widely recognised that the Directive is the first piece of EU legislation to mandate the design and adoption of a climate transition plan (the EU CSRD and its accompanying reporting standards introduces disclosure requirements on transition planning, with the transition plan disclosures subject to a double materiality assessment and applying on a ‘comply or explain’ basis). As importantly, the CSDDD also directs national supervisors to oversee a company’s adoption of its plan. Together, the CSDDD’s requirements will push climate transition planning further up corporate agendas.

The Directive states that if a company discloses a transition plan under CSRD, that plan will be compliant with the requirement in CSDDD to adopt a transition plan. Nevertheless, companies will still have to abide by the additional obligation in CSDDD to put this transition plan into effect and to update it every 12 months to assess progress towards its the targets.

4. Adopting a proactive approach to managing sustainability-related risks

The Directive requires companies to not just identify their environmental and human rights impacts, but also to address and monitor them. Companies must therefore recognise that their response to the CSDDD is not a one-off exercise, but something that must be embedded in the organisation going forward. Companies will need to move away from a static tick box due diligence approach (if they had one in the past) to a robust, risk-based, ongoing due diligence process. This process should be based on a proactive, insight-driven and formalised quantitative mechanism to tracking and addressing impacts, which is aligned with a company’s risk appetite.

Many companies will experience a steep learning curve as they improve their ability to identify and assess impacts. According to Deloitte’s latest global Third-Party Risk Management (TPRM) survey, just 7% of the 1,356 organisations surveyed believed they had mature processes with a blend of quantitative and qualitative mechanisms to enable sustainability assessments that can be compared to the organisation’s risk appetite.

Wider implications for corporate strategies and business models: another piece of the sustainability transformation puzzle

The CSDDD is one of a number of sustainability-related legal acts that drive companies to transform their operations in order to maintain access to the EU market. As companies take steps to address the challenges stemming from the CSDDD, they will recognise that many of their actions align with existing sustainability-related efforts, including those summarised in the following diagram.

Coordinating wider sustainability efforts and anchoring the approach in the CSRD strategy

Companies need to ensure that their response to the CSDDD is fully integrated into a wider supply chain strategy and other corresponding organisational strategies (such as sustainability, data and engagement). This can help streamline efforts and generate efficiencies, which will be especially important as companies continue to navigate the volatile and uncertain macroeconomic and business environment. Integrating approaches will also be essential for bringing teams together and helping achieve a wider organisational commitment to sustainability.

Companies that are also in-scope of CSRD can anchor their response to the CSDDD in their CSRD strategy as they will be required to fulfil the CSDDD’s disclosure requirements via their CSRD reporting which is subject to assurance. Such an approach will not only ensure their CSDDD compliance exercise is complete, but it will also enable companies to leverage the significant resource and effort put in place to respond to the CSRD. This includes building on the processes to gather and assure sustainability-related data, upskilling and coordinating teams, among other things.

Unlocking opportunities and generating value

Dedicating the resource and time to fully address the challenges stemming from the CSDDD and creating a robust human rights and environmental due diligence process can result in significant benefits for companies. For example, enhancing the visibility of the value chain can enable companies to understand the numerous factors that drive and connect risks. This in turn can improve supply chain efficiencies, effectiveness and ultimately profitability. Meanwhile, engaging effectively with a supplier and enhancing trust can boost organisational resilience by positioning the company as a preferred company that may be prioritised in times of disruption. Finally, upholding human rights and protecting the environment can boost a company’s sustainability credentials. Companies can use this to differentiate themselves among their competitors and avoid accusations of greenwashing, opening up new sources of capital and attracting new talent and customers.

Simon Brennan


Simon Brennan leads Deloitte’s EMEA Sustainability Regulation Hub. Organisations are setting ambitious targets as they journey to become sustainable. The Hub is a source of critical insight and advice to support businesses to better understand and respond to new regulatory requirements, and to assess how best to transform business strategies and operating models.