CSDDD — Corporate Sustainability Due Diligence Directive

Overview

The Corporate Sustainability Due Diligence Directive (CSDDD/CS3D) — Directive (EU) 2024/1760 — requires large companies to identify, prevent, and mitigate adverse human rights and environmental impacts throughout their value chains. Scope was narrowed significantly by the Omnibus package.

Legal basis

• Proposed: 23 February 2022
• Adopted: 24 May 2024
• Entered into force: 25 July 2024
• Revised transposition deadline: 26 July 2027 (Omnibus "stop-the-clock")
• Compliance start (Phase 1): 26 July 2029

Scope (post-Omnibus)

• EU companies: >5,000 employees AND >1.5 billion net turnover
• Non-EU companies: >1.5 billion net turnover generated in EU
• Original thresholds (before Omnibus): 1,000 employees and 450M turnover

Core requirements

Companies in scope must:

1. Integrate due diligence into corporate policies and risk management
2. Identify adverse impacts on human rights and environment in own operations, subsidiaries, and business partner chain
3. Prevent and mitigate potential adverse impacts (prioritised by severity)
4. Bring to an end actual adverse impacts
5. Establish grievance mechanisms for affected persons
6. Monitor effectiveness of due diligence measures
7. Communicate publicly through annual sustainability statement

Key Omnibus changes

• No mandatory climate transition plan requirement
• "Scoping exercise" instead of comprehensive supply chain mapping
• In-depth assessment only for most likely and severe impacts
• SME partners (fewer than 1,000 employees) protected from excessive information demands

Timeline

| Date | Event | |------|-------| | 25 July 2024 | Entered into force | | 26 July 2027 | Member state transposition deadline | | 26 July 2029 | Phase 1 compliance (>5,000 employees, >1.5B turnover) |

Penalties

Administrative penalties under Art. 27 are set by member states with an EU-wide floor:

• Maximum administrative fine of at least 5% of net worldwide turnover
• Market access restrictions for continued non-compliance
• Civil liability provisions (Art. 22) removed by Omnibus Directive (EU) 2026/470 — EU-wide civil liability regime deleted; national civil liability rules apply instead

Who is affected

Post-Omnibus scope applies from 26 July 2029 (Phase 1):

• EU companies with more than 5,000 employees AND more than €1.5 billion net worldwide turnover
• Non-EU companies with more than €1.5 billion net turnover generated in the EU (no employee threshold for non-EU)

Original pre-Omnibus thresholds (1,000 employees and €450M turnover) captured substantially more companies. The Omnibus narrowing removes the vast majority of originally in-scope businesses from mandatory compliance.

SME partners with fewer than 1,000 employees are explicitly protected from excessive information demands from in-scope companies.

Key articles

| Article | Subject | |---------|---------| | Art. 7 | Identifying and preventing potential adverse impacts | | Art. 8 | Addressing actual adverse impacts | | Art. 22 | Civil liability — deleted by Omnibus Directive (EU) 2026/470 | | Art. 27 | Penalties — maximum at least 5% of net worldwide turnover |

Relevance to DPP

CSDDD does not mandate a DPP, but DPP infrastructure supports compliance:

• Product-level traceability data helps demonstrate supply chain provenance
• Material sourcing data in DPP supports due diligence documentation
• Companies with robust DPP systems can more easily demonstrate supply chain transparency

Source

• Directive (EU) 2024/1760 — EUR-Lex
• Omnibus Directive (EU) 2026/470 — EUR-Lex