Implementation and Impact: Navigating the Corporate Sustainability Due Diligence Directive
-
novembre 19, 2024
-
This co-authored article by Dr. Julia Grothaus and Kamaljot Kaur Dhadda, Linklaters and Daniel Herbert and Diana Tabor, FTI Consulting explores a major change in the regulatory landscape for corporations operating within the EU.
The CSDDD marks a major change in the regulatory landscape for corporations operating within the EU. Designed to foster sustainable and responsible business practices, the directive imposes mandatory due diligence obligations aimed at preventing human rights abuses and environmental harm throughout the global value chain. Beyond legal obligations, the CSDDD also poses significant reputational risks for businesses due to alleged human rights violations and environmentally harmful behaviour, making effective stakeholder communication vital. EU member states need to incorporate the CSDDD into national law by 26 July 2026 – the countdown has begun.
The CSDDD Covers:
- Large EU companies with over 1,000 employees and an annual net turnover that exceeds €450 million.
- Non-EU companies that generate at least €450 million annual net turnover in the EU.
- Ultimate parent companies of groups that reach these thresholds on the basis of their consolidated annual financial statements.
- Companies involved in franchise or licence agreements within the EU, if certain royalty thresholds are met.
The timeline for compliance is staggered. In the first phase, the CSDDD will only apply to very large EU and non-EU companies with a turnover over €1.5 billion. The thresholds then reduce to €900 million turnover from July 2028 and to €450 million turnover from July 2029. For European companies, these financial thresholds are accompanied by an employee threshold that starts at 5,000 in 2027 and will be reduced over time to 1,000 employees. Nevertheless, in-scope companies are well advised to start now to assess the impact of this far-reaching legislation on their activities, along with their business partners, to make sure they are compliance ready. Furthermore, business partners may start cascading their requirements down to their contracting partners. Even for those who are ahead of the curve on all things human rights due diligence and transition planning, there will be work to be done in ensuring that all compliance requirements are adequately covered off, and that they are keeping up to date on best practice in this area.
Enhanced Obligations and Sanctions Under the CSDDD
The CSDDD will establish a series of due diligence obligations for companies. In certain aspects, the scope of protection, obligations, and sanctions for violations exceeds existing national supply chain regulation, such as the German Supply Chain Due Diligence Act (“LkSG”), the French Corporate Duty of Vigilance Law or the Modern Slavery Acts along the lines of the 2015 UK legislation. Due to the high levels of obligations, it is important for companies affected by the CSDDD to understand what these new rules mean for them, how they will fit into their respective regulatory frameworks and what steps they need to take to comply.
Due Diligence Obligations Across Companies’ Chain of Activities
The CSDDD aims to protect human rights and environmental resources from adverse effects by a company’s business activities. The rights and goods it protects are listed in an annex, referencing various international human rights and environmental standards, like the ILO Conventions.1
The due diligence obligations cover the company’s business operations, those of their subsidiaries and its entire “chain of activities”. This includes all business partners involved in supplying products or services (upstream) and those handling the transport, distribution, or storage of products (downstream).
To comply with their due diligence obligations, companies are required to identify if there are any actual or potential human rights or environmental risks in their operations and their chain of activities and take suitable preventive and corrective measures. In addition, they must set up a risk management system, identify, assess and prioritize potential or actual negative impacts. They must also stop or minimize actual adverse impacts and prevent or mitigate potential adverse impacts. Additionally, companies may be required to provide compensation to affected parties, engage with stakeholders and set up a notification and grievance procedure. Finally, they must monitor the effectiveness of their measures and communicate publicly about their due diligence efforts.
Furthermore, the CSDDD requires companies to develop and put into effect, on a best-efforts basis, a “transition plan for climate change mitigation”. This plan should ensure that their business model and strategy aligns with moving toward a sustainable economy and limiting global warming to 1.5°C , as per the Paris Agreement and the EU’s climate neutrality targets.
New Public and Private Enforcement to Hold Companies Accountable
The CSDDD envisions a strict, two-pronged sanctions regime. On the one hand, companies’ compliance with the CSDDD will be supervised by competent authorities in the Member States, which are given extensive powers including asking for information, ordering injunctive relief as well as imposing severe fines if companies do not meet their due diligence obligations – with maximum fines of at least 5% of the company’s annual net turnover – . The CSDDD also introduces civil liability if the plaintiff can prove that the company intentionally or negligently failed to prevent or remedy an adverse impact which violated a right listed in the annex. Time will tell how effective these provisions will be, but it is clear that liability and reputational risks will increase significantly.
The “Court of Public Opinion”
For companies, the CSDDD will increase potential areas of risk when it comes to their activities. Due to the higher level of scrutiny across their business and value chains as well as increasing external triggers, such as customer complaints and investigative media coverage, CSDDD will increase both legal and reputational risks concerning unethical or illegal business practices. Companies should therefore focus on compliance, but also think carefully about communication. In this regard, strategic and comprehensive considerations are essential – but what does this look like in practice?
Corporate communication and reporting that is prepared jointly by all relevant experts, both within a company and alongside external expert consultants, is a useful and impactful resource. Combining the expertise of subject matter experts from procurement and sustainability with legal and communications, strengthens the credibility and a crisis-proof narrative of ESG reporting. This united approach is important, as it is not only regulators and plaintiffs who pose a risk, but also other stakeholder groups such as customers, business partners and NGOs, traditional media, mass movements or even single influencers via social media – all of which may act as potential “judges” and “plaintiffs” in the court of public opinion. In this context, the risk analysis required by the CSDDD will provide a strong initial basis for coordinating communication, as companies will already have a substantial understanding of potential areas of vulnerability within their business model.
When preparing communications, stakeholder involvement plays a decisive role. Companies should be prepared to address potential and actual adverse impact with regulators, customers, shareholders, employees and others, both reactively and proactively. The quality of the relationship between internal and external stakeholders, alongside their willingness to engage in dialogue is crucial for mitigating adverse impact due to actual or alleged infringements of supply chain due diligence obligations.
Companies will want to carefully weigh up the opportunity and risk when it comes to communication activities. One approach could be ‘as much as necessary and as little as possible’, but, depending on their sustainability strategy and risk profile, others may opt for a more comprehensive communication or even go above and beyond what is legally required. This approach of being open and transparent is a proactive method to protect the company’s reputation and not create any new potential area of attack.
In addition, companies falling under the scope of CSDDD might want to consider raising the level of their crisis preparedness, particularly for those that are in the spotlight or exposed to particular risks. It is essential to assess the consequences of a potential crisis, prepare for its dynamics and the risk of further escalation. This includes reviewing already existing action plans and investing in the company’s and the management’s reputation, which can provide a cushion for a potential crisis and benefit the necessary crisis communication in the long run.
Navigating Through the Acute Crisis
In a crisis, whether due to “naming and shaming” by potentially affected stakeholders, investigations by relevant authorities or companies becoming aware of compliance breaches within their supply chain, having already established crisis structures which define a crisis team, as well as individual responsibilities immediately, is an essential and valuable tool. From the very first moment, it is important to be responsive, show presence and ownership, not shy away. With regard to the situation and potential scenarios, the crisis team has to decide quickly on a strategic communications approach, including proactive and reactive, external and internal communication and to define communication channels and spokespersons. Having a crisis plan laid out in advance helps to get into action faster when a crisis occurs, whereby specific adjustments can then be made according to the situation.
The major challenge in communicating in a crisis is usually that the situation is initially unclear, but external and even internal pressure for a response is high. In this situation, it is important to remain calm, not get carried away with speculation or premature promises, but to rapidly investigate the issue and to prioritize key stakeholders including customers, investors or employees. This takes priority and is just as important as handling potential media enquiries.
When the incident becomes more clear over time, communication on the situation needs to be adapted. Holding statements and key messages are prepared, adapted and consistently communicated as required – all based on and tailored to the evolving situation, in accordance with the legal strategy. In order to integrate the external view of the situation into the communication, continuous stakeholder and media monitoring is required. With a consistent and credible narrative, which is both geared towards safeguarding the company’s reputation and addressing stakeholder interests, as well as subsequent measures, the reputational damage of a supply chain crisis can be contained. With a strong level of preparedness and a stable approach during the crisis, the company can gradually and smoothly recover by rebuilding and enhancing its brand and reputation.
Authors: Julia Grothaus, Kamaljot Kaur Dhadda, Daniel Herbert and Diana Tabor
Footnotes:
1: Directive on Corporate Sustainability Due Diligence, available at: Directive (EU) 2024/1760 of the European Parliament and of the Council of 13 June 2024 on corporate sustainability due diligence and amending Directive (EU) 2019/1937 and Regulation (EU) 2023/2859Text with EEA relevance. (europa.eu), last accessed on 25 October 2024.
Date
novembre 19, 2024