Submission
Privacy Policy
Code of Ethics
Newsletter

A Shot in the Foot?—How Companies May Be Affected by the EU’s New CSDDD Rules (Part 2)

In Part I of my article regarding the new Sustainability Due Diligence and the European Union’s new directive, I already highlighted how a new generation of human rights was born and what scope and costs this due diligence process has. The Corporate Sustainability Due Diligence Directive (or CSDDD for short) aims to prevent adverse human rights or climate impact as defined in Article 3 of the document. The current article intends to show the effects of the rules of the Directive from the market participants’ point of view. By analyzing the due diligence requirements and reporting obligations imposed on the companies falling under the rules of the Directive, it aims to show the positive and the negative potential consequences and lacking parts of the CSDD Directive.

According to Article 5 point (1) of the Directive, the responsibility is placed on the Member States to ensure compliance with the provisions of the CSDDD. This shall be done by integrating due diligence, identifying the adverse risks by proper risk management tools with a priority of actual (already occurring) issues over potential impacts. As the scope (Article 2) does not involve all companies but only ones that qualify according to the requirements such as having more than 1,000 employees on average and obtaining a certain amount of worldwide turnover, SMEs are normally not included. However, they can be subject to the due diligence process by being business partners of the direct subjects under the scope of the rules of the Directive. Article 5 point (3) ensures that disclosing trade secrets of business partners cannot be obligatory under the Directive in case the SME complies with the obligations resulting from the document as the disclosure of classified information could cause significant harm to businesses. Furthermore, state security interests are also acknowledged in this point to be confidential, and they do not have to be revealed for the due diligence process.

According to consultation results, about 70% of market participants (companies) expressed the need for a due diligence procedure to be established EU-wide. However, this new regulation burdens the companies under its scope heavily. The costs of establishing a due diligence process through additional labor and reporting systems can be risen significantly due to these new rules. Apart from the costly implementation, the time consumption is also great as supply chains need to be reassessed and cleared from any business partners who are incompliant with the Directive’s rules. However, revealing these facts can be quite difficult, costing not only tremendous amounts of money but also time and effort from companies that also cost money.

The Directive offers the companies under its scope the possibility to obtain a better image and marketing by gaining consumers’ trust with compliance. However, it is uncertain if these implemented changes will affect buyer behavior and company turnovers positively, especially if the additional costs of the due diligence process will be built into prices and by that, increasing them even more. As the issue of competitiveness was discussed in Part I, it can be also seen that players like China and the US who do not set up a place of establishment in Europe and have their products simply shipped to the EU have a significant comparative advantage in trade as their cost effectiveness is greater due to the fewer regulatory burdens imposed.

According to estimations, around 12,000 companies around the globe will be directly affected (and much more indirectly through business partnerships).  With that power in hand, the Directive has the potential to influence human rights and the environment positively with its “downstream” effect. By obliging larger companies to comply with the regulation and giving them the responsibility of clearing their supply chains, smaller business partners are also indirectly forced to put up and comply with the rules and provisions of the directive.

However, it is important to mention that the Directive leaves critical areas omitted, and with that, it jeopardizes the law’s aim and its objectives to be met. Such an omission is the exclusion of the financial sector from the scope of the directive. The largest adverse impacts (both human rights and environmental impacts) are to be found in the tech and finance sector, but it is effectively excluded by considering only impacts from “distribution, transport, storage and disposal”. The wording can be considered quite strange as it excludes major players and industries. It could have been easily solved by broadening the scope to the use of products and services and not only the abovementioned activities. Another flawed point of the rules of the Directive is the inclusion of proper remedy for civil liability. The Directive highlights the importance of remediation in the Preamble quite frequently. However, Article 5 expects Member States to only provide remediation for actual adverse impacts whereas the risk assessment is considered for both the actual and potential adverse impacts as well. This limitation excludes potential adverse impacts from being a civil liability for which people could claim in courts. This is a serious limitation that makes the Directive weaker in many senses. Also, in Article 12, remediation caused by the company’s business partner is only subject to voluntary remediation (a naturalis obligatio so to say) which makes this provision more ineffective in clearing the supply chains as the responsibility is not really taken over by larger companies under the scope of the rules of the Directive.

All in all, the attainable objectives of the CSDDD are remarkable but its execution brings up several problems not only for companies (with higher costs and time-consuming additional reporting requirements) but also for people whom this Directive aims to protect apart from the environment by excluding the financial sector from its scope and also limiting the possibility of a civil liability claim in courts. As the Directive shall only be transpositioned by 26 July 2026 and be only applied fully for the financial years starting on or after 1 January 2029 (Article 37), the real-life effects of the Directive remain unseen and with the lack of many critical analyses on the topic, most companies face real uncertainty regarding the application of the provisions. This article intended to serve as a discussion kick-off and was aimed to be among the first analyses to critically examine the subject matter.


Dorina BOSITS is a law student at the Széchenyi István University of Győr, Hungary, and an international finance and accounting graduate of the University of Applied Sciences of Wiener Neustadt, Austria. She is currently an exchange student at Karl Franzes University of Graz, Austria. The main area of her research includes freedom of speech, digitalization, space law, data protection, and financial law. She is a student at the Law School of MCC and a member of ELSA Győr.