The Corporate Sustainability Due Diligence Directive, explained - Free guide

The Corporate Sustainability Due Diligence Directive, explained – Free guide

This new EU initiative, designed to promote sustainability in the EU and globally, will impact companies in the EU and beyond. Here’s how you can get ready for it

The Corporate Sustainability Due Diligence Directive (CSDDD) is a new piece of legislation that will have far-reaching implications for EU companies and all companies doing business in the EU. It wants to ensure that companies operate sustainably and responsibly. The reporting requirements will be stringent and are designed to get companies to protect the environment, maintain social justice and promote a stronger, sustainable economy.

Download guide

What is CSDDD?

In December 2023 the Council and the European Parliament agreed to a provisional deal on the CSDDD. The provisional agreement now needs to be validated by the European Parliament and EU member states in an upcoming plenary session and council votes in 2024. Once the proposal is adopted it will be transposed to domestic laws by EU member states within the following two years.

The directive will require that companies consider the social and environmental impact of their operations by promoting transparency and encouraging companies to be more proactive in identifying and mitigating sustainability risks.

The directive is a clear signal of the EU’s commitment to sustainability and responsible development. In fact, CSDDD is one of the first laws of its kind to require sustainability due diligence at the corporate level. It represents a major change in the way businesses operate and signals a new regulatory environment.

The directive’s approach, of targeting companies active in the EU market, even if their headquarters are outside the EU, has raised concern among foreign companies about the extraterritorial impact of the directive. But the directive’s goal is to enhance compliance to human rights and environmental standards on a global scale making it unlikely that that will change. For now, small- and medium-sized enterprises are outside the scope of the directive but they will likely be impacted indirectly by the due diligence that in-scope companies will be required to do on their value chains.

That means that if your company is involved in some way in the EU market, you need to get up to speed on this upcoming legislation. Our new guide on the CSDDD explains everything you need to know now about it.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”