The EU proposal on Corporate Sustainability Due Diligence has been long awaited. Now, the Commission presented a draft Directive that is not as ambitious as initially demanded by the EU Parliament, but clearly goes beyond the provisions of e.g. the German “Act on Corporate Due Diligence in Supply Chains” (applicable as of 2023). Yet, this proposal represents only the first step of a legislative procedure that will determine the agenda of 2022/2023 – and affect numerous companies across Europe.  

Publication with a pinch of salt 

With a remarkable delay of 238 days the Commission finally presented its proposal for a Directive on “Corporate Sustainability Due Diligence” on Wednesday, 23 February 2022.  

The postponement was due to quarrels within the Commission and the fact that the Commission’s Regulatory Scrutiny Board (RSB) repeatedly rejected the accompanying Impact Assessment (for further detail, see our blog post from September 2021 here).  

Not only did it take long to present the final draft, also the title underwent changes. The initiative started off as a Resolution by the European Parliament (EP), named  Corporate due diligence and corporate accountability, which was published in March 2021 and provided a first draft for a Directive with a concrete call on the Commission to act. Subsequently, the initiative quickly started trading under the working title of Sustainable Corporate Governance on the Commission schedule. 

Momentum and demand are clearly there 

Few question the need for a harmonized EU approach; the proposal as such has been advocated for by certain companies and civil society alike. For businesses, a fragmented legislative landscape caused by national laws comes with legal uncertainty and potentially ever-growing compliance costs. Additionally, the demand for social bonds among investors is growing – a trend that the Commission seeks to accelerate by exploring the possibility of a “Social Taxonomy”. 

Mathijs Peters, Director of Corporate Affairs in the European Union and International Organizations at PepsiCo, for example, comments that they are “supportive of human rights and environmental due diligence legislation that drives better outcomes for the people and planet by ensuring all businesses prioritize these issues. As a company operating across the EU and beyond, one of our priorities is to prevent a patchwork of diverging rules across the EU, and we hope lawmakers in the European Parliament and the Council will help achieve that goal.” 

Public pressure for the Commission to publish the proposal had therefore significantly risen in the weeks leading up to the publication. While Social Democrat (S&D) MEPs criticised the delay in reference to the EP Resolution, even several companies, including Danone, Ericsson, IKEA and Jack Wolfskin, called for an ambitious approach to human rights and environmental due diligence.  

Objective and provisions of the proposed Directive 

The contentious points in the discourse leading up to the final proposal were notably based on the Directive’s scope as well as on the means to enforce corporate sustainability due diligence. The notion of civil and criminal liability in case of non-compliance had already been discussed in the EP Resolution and was highly criticised by business associations. 

The Directive’s general objective is to prevent or mitigate “adverse impacts” of business conduct on both the environment and human rights (cf. Article 1), such as “greenhouse gas emissions, pollution, or biodiversity loss and ecosystem degradation” and “forced labour, child labour, inadequate workplace health and safety, exploitation of workers”. 

The scope of application 

The companies subject to this Directive include businesses based in an EU Member State (cf. Article 02 

  • with more than 500 employees and a net turnover over of €150 million worldwide, and 
  • those with more than 250 employees and a net turnover of more than €40 million if active in “high impact sectors”, such as the manufacture of textiles, food products or mining. 

But also, third-country companies active in the EU are included (cf. Article 2), provided that they 

  • generate a net turnover of more than €150 million within the EU internal market or 
  • generate a net turnover of more than €40 million but not more than €150 million in the EU, under the condition that at least 50% of its net worldwide turnover was generated in one or more “high impact sectors” mentioned above.  

According to the Commission, roughly 13 000 EU and 4000 non-EU companies are expected to fall within the scope of the Directive.  

Corporate due diligence in practice 

To comply with the above-mentioned objectives, companies will have to  

  • integrate environmental and human rights due diligence into their corporate policies and revise and update these annually;  
  • identify actual or potential adverse human rights and environmental impacts arising from business operations along their entire value chain;   
  • prevent and mitigate potential adverse impacts, and end or minimize actual adverse impacts by developing concrete strategies up to temporarily suspending (or even ultimately dismissing) business relationships – if and where necessary; 
  • establish and maintain complaints procedures, allowing any natural or legal person to submit substantiated concerns regarding the company’s compliance with this Directive; 
  • monitor the effectiveness of the due diligence policies and measures, with an assessment carried out at least every 12 months and, where appropriate, update the policies in place; 
  • publicly communicate on due diligence, provided that they are not yet subject to reporting requirements under Directive 2013/34/EU (i.e., the Non-financial reporting Directive – NFRD), by annually publishing a statement on their website. 

These obligations apply to the entire value chain. This includes the companies’ own operations, those of their subsidiaries as well as the rest of their business relations. 

In addition, large businesses, regardless of whether they are incorporated in a Member State or not, shall adopt a plan to ensure that their business model and strategy “are compatible with (…) the limiting of global warming to 1.5 °C” (cf. Article 15). 

An effective exclusion of SMEs? 

The proposal does not apply to all small and medium-sized companies (SMEs), even from those sectors considered high risk or “high impact”. While a relief for the affected companies, this was criticised by other stakeholders as it effectively excludes 99% of European companies. 

In turn, the Commission commits to providing guidelines to companies as to how to fulfil the obligations laid out in this Directive, especially regarding SMEs which might not explicitly fall within the scope of this Directive, but which can be indirectly affected through established business relations (cf. Recital 45). This was indeed a much-debated issue in the months preceding the Directive. It remains to be seen whether this provision is strong enough to prevent large companies from passing the compliance burden onto smaller suppliers or how the wording might be amended following pressure from industry representatives. 

A combination of sanctions and civil liability 

The proposal maintains a combination of sanctions and civil liability as already included in the EP Resolution, however, the Commission backed down on the inclusion of criminal liability for directors. While the details regarding any sanction regime are left to the discretion of the Member States, the provisions on civil liability are specific. 

A company subject to the Directive can be held liable if it 

  • failed to prevent and mitigate potential adverse impacts and to bring to an end or minimize actual adverse impacts and  
  • as a result of this failure, an adverse impact has occurred and caused damage. 

However, if appropriate measures have been put into place to prevent potential adverse impacts, the company shall not be held liable if damage occurs that was caused by an indirect business partner. Companies may even obtain contractual assurance of their direct business partners, ensuring that those comply with their code of conduct regarding sustainability due diligence.  

Directors, in addition, would be obliged to perform a duty of care by taking “into account the consequences of their decisions for sustainability matters (…), including in the short, medium and long term”.  

An approach beyond the German Supply Chain Act 

The EU proposal on Corporate Sustainability Due Diligence clearly goes further than the equivalent German “Act on Corporate Due Diligence in Supply Chains” (“Lieferkettengesetz”), as adopted on 11 June 2021. First of all, the number and nature of companies covered by it goes beyond the scope of the German law which ultimately addresses only companies with more than 1000 employees and does not differentiate between “high risk” and “low risk” sectors.  

Secondly, the German law only covers first and maximum second-tier business relations, whereas the EU proposal attempts to cover the “entire value chain”. German MEP Axel Voss from the EPP-Group thus voices some concern:   

Not every company is in a position to control every single one of its possibly thousands of suppliers. Although SMEs are exempt from the law, large companies should also be given the opportunity to monitor only where there are clear risks. Otherwise, a toothless tiger will emerge, which will not bring about any improvements, but will overload companies with completely pointless bureaucracy. 

This is especially relevant regarding the provisions on civil liability which bears the possibility to claim compensation for damages in case a company “failed to comply with the obligations to prevent and mitigate potential adverse impacts or to bring actual impacts to an end and minimise their extent” (cf. Article 22).  

As mentioned, the prospective inclusion of a civil liability regime had been controversially debated, notably in opposition to the German Act. The pressure had finally led to an exclusion of liability provision in German law.  

Opinions diverge 

Civil society organisations and some MEPs, e.g., Anna Cavazzini, Chair of the Committee on the Internal Market and Consumer Protection (IMCO), criticise the notion of “established business relationships” as ambiguous and potentially leading to loopholes. In contrast, the German business Association BDI, for example, maintains that any liability for downstream business operations and suppliers is “unacceptable”.  

From a company perspective, the question arises whether established standards and industry labels or certificates will be taken into consideration by the proposed legislative framework. The textile industry, officially considered a high-risk sector, represents an interesting example in this regard. After all, it was the Rana Plaza incident that incited the focus to the conditions of workers along the supply chain, especially in EU third countries.  

Since then, the sector has shown a lot of initiative on more sustainable practices, which unite SMEs and global players alike. Already in earlier discussions, Ralf Kamphöner, Head of Brussels Office at the Confederation of the German Textile and Fashion Industry, cautions against a one-size-fits all approach (see our blog post from May 2021):  

“Some risks are company-specific and therefore difficult to coordinate across the sector. A small label, for example, operates very differently compared to a large fashion group. We therefore consider the proposals for sector-specific due diligence action plans to be of little use.”  

Jérome Pero, Secretary General of the Federation of the European Sporting Goods Industry (FESI), is not as critical of the proposal but reminds that “to be fully effective, the new EU framework should remain consistent with existing and recognised global standards, such as the OECD guidelines”. 

As the draft remains vague, there is an evident need for clarification. Some of it could be provided through specific guidelines or so-called Commission Delegated Acts at a later stage of the process. Already today, industry stakeholders and NGOs will, however, do their utmost to influence the proposal with the aim of achieving legal certainty or simply seeing their positions represented. As always, early clarification of one’s position and long-term dialogue with legislators is the best way for companies to make their voices heard sustainably. 

What’s next? 

The ball now lies in the EU co-legislators’ field. Both European Parliament and Council have taken up the work; in the Council, two meetings have already been scheduled for March 2022.  

In the Parliament, as many as twelve Committees are involved and will give an opinion in addition to the Lead Committee on Legal Affairs (JURI). Lara Wolters, a Dutch MEP from the S&D Group, has been confirmed as rapporteur for the file.  

To Wolters, it is important that the Directive will not turn into a mere “compliance-stamp”. However, she also expressed optimism about the fact that the Commission Proposal allows for many options to be negotiated. 

On average, it takes 18 months to negotiate a legislative proposal. With an initiative so encompassing and horizontal, discussions could extend even over a longer period, leaving multiple opportunities for businesses to make their voice heard. In the case of the General Data Protection Regulation (GDPR), for example, it took more than four years, including as many as 4000 suggestions for parliamentary amendments, from proposal to adoption.  

Didier Reynders, the Commissioner behind the proposal, estimates that the Directive could be in force by 2024 and transposed by the Member States within two years. It would then be fully binding for large companies by 2026 of most sectors and by 2028 for companies in high-impact sectors, which are given a transition period of an additional two years.  

Would you like to stay informed on the progress of the file? Subscribe to our Issue Letter on “Corporate Sustainability Due Diligence” and receive regular updates as well as analyses from a regulatory as well as legal point of view. 

Or contact our experts in Brussels: