EU Supply Chain Directive: What You Need to Know and How to Prepare
The European Corporate Sustainability Due Diligence Directive (CSDDD) has officially been adopted, signaling significant changes in supply chain compliance across the EU. Following Germany’s Supply Chain Due Diligence Act (LkSG), this new directive introduces stricter obligations to protect human rights and the environment, extending its scope beyond Germany to the entire EU and beyond.
What is the CSDDD (Corporate Sustainability Due Diligence Directive)?
On 25 July 2024, the Directive on corporate sustainability due diligence (Directive 2024/1760) entered into force. The Corporate Sustainability Due Diligence Directive (CSDDD) requires companies to implement processes to address human rights and environmental risks.
Companies must identify and assess negative impacts linked to their operations, subsidiaries, and business partners, including both direct and indirect partners involved in their activities, products, or services.
When risks are identified, companies should prioritize addressing the most serious ones, focusing on prevention, mitigation, and remediation, with shared responsibility as a guiding principle.
Key highlights of the directive.*
The Corporate Sustainability Due Diligence Directive (CSDDD) introduces stricter compliance standards, requiring companies to assess risks across their entire "activity chain." This includes suppliers (upstream) as well as transport, distribution, and storage partners (downstream).
By 2026, the directive will apply to companies with 5,000+ employees and €1.5 billion+ turnover. By 2029, it will extend to companies with 1,000+ employees and €450 million+ turnover. Thresholds for high-risk sectors have been removed.
Key requirements include identifying risks to human rights and the environment within supply chains. Companies must implement preventive or corrective measures to address these risks. Additionally, businesses are expected to align with the Paris Agreement by developing plans to meet the 1.5°C climate target. Grievance mechanisms must also be available for individuals affected by violations.
To ensure compliance, national authorities will conduct audits and investigations. Companies failing to comply may face penalties, including fines of up to 5% of their annual turnover. Public disclosure of violations, often referred to as "naming and shaming," poses a significant reputational risk.
The directive also introduces civil liability for intentional and negligent breaches, allowing claims within a minimum five-year limitation period. This adds a new layer of accountability, making it crucial for businesses to proactively manage risks and ensure compliance with the directive’s requirements.
*This is a summary of the key points of the European Supply Chain Directive, originally published on Mondaq: Read full article here.
How to prepare for CSDDD compliance?
The directive creates significant administrative and legal challenges, particularly for companies that lack streamlined systems. Without proper tools, businesses risk inefficiencies, missed deadlines, and penalties.
A robust DMS is not just a storage tool but a strategic asset for compliance. It helps companies stay organized, efficient, and audit-ready under regulations like the CSDDD. Businesses should invest in or optimize their DMS to manage compliance workflows and mitigate risks. Early preparation will be essential as the directive’s implementation approaches.
Key Roles of Document Management Systems (DMS) in Compliance Support.
1. Centralized Repository for Documentation
Compliance Evidence: Store all relevant documents (e.g., risk assessments, audit reports, supplier certifications, training records) in a single, accessible location.
Version Control: Ensure only the latest, approved versions of documents are used, which is critical during audits and legal evaluations.
2. Enhanced Traceability
Audit Trails: Automatically record every action on a document (e.g., edits, approvals, access), ensuring a transparent and traceable history.
Supplier Due Diligence: Track and log communication and agreements with suppliers to demonstrate ongoing compliance efforts.
3. Automated Workflows
Risk Assessment Processes: Streamline workflows for conducting, reviewing, and approving risk assessments.
Grievance Mechanisms: Automate the intake and resolution tracking of stakeholder grievances reported under the compliance framework.
4. Secure Data Management
Access Controls: Protect sensitive compliance data with role-based permissions, ensuring only authorized personnel can view or edit specific documents.
Data Encryption: Prevent unauthorized access and ensure the confidentiality of compliance-related data.
5. Integration with ESG and Compliance Tools
Supplier Monitoring Systems: Integrate DMS with platforms that track supplier compliance.
Reporting Tools: Generate compliance reports directly from stored data and documents for streamlined reporting.
6. Policy and Procedure Management
Policy Distribution: Distribute updated compliance policies and training materials to employees and suppliers through the DMS.
Acknowledgment Tracking: Require recipients to acknowledge receipt and understanding of policies, creating a record of compliance awareness.
Document Management Systems (DMS) Features Critical for Compliance.
1. Metadata Tagging: Tag documents with relevant compliance attributes (e.g., supplier name, audit year) to simplify search and categorization.
2. Retention Policies: Enforce document retention schedules to ensure compliance with legal requirements, while securely disposing of outdated data.
3. Compliance Alerts: Notify responsible parties of approaching deadlines for compliance tasks, such as supplier evaluations or training renewals.
4. Collaboration Tools: Facilitate secure collaboration on compliance-related projects across departments and with external stakeholders.
Contact our experts to see how we can support your CSDDD compliance.
Joachim Freitag, Managing Director at IseoSolutions
As document management experts, we can help you Build, switch or optimize your Document Management System that ensures compliance is documented and traceable. This will help you stay organized, efficient, and audit-ready under regulations like the CSDDD.
FAQ's
-
The Corporate Sustainability Due Diligence Directive (CSDDD) requires companies to implement processes to address human rights and environmental risks.
Companies must identify and assess negative impacts linked to their operations, subsidiaries, and business partners, including both direct and indirect partners involved in their activities, products, or services.
When risks are identified, companies should prioritize addressing the most serious ones, focusing on prevention, mitigation, and remediation, with shared responsibility as a guiding principle.
-
The CSDDD applies to:
EU Companies: Over 1,000 employees and €450M+ global turnover.
Non-EU Companies: €450M+ turnover in the EU.
Parent Companies: Groups meeting the above thresholds.
Franchise/Royalty Companies: Those with:
Common identity, business concept, and uniform methods.
Royalties exceeding €22.5M.
Worldwide turnover above €80M.
-
The Directive requires companies to address human rights and environmental impacts in their value chain, with actions depending on their proximity to the impact and influence over the business partner.
-
The CSDDD covers several environmental topics, including:
Negative impacts on natural resources: biodiversity, endangered species, natural heritage sites, wetlands, and seas/oceans (pollution from ships and other sources).
Management of harmful substances: mercury, prohibited chemicals, waste handling, and controlled substances.
Environmental degradation affecting health and safety: soil alteration, water/air pollution, harmful emissions, excessive water use, land degradation, and deforestation.
Climate change reduction: aligning with the Paris Agreement through a climate transition plan.
-
Companies should prepare for CSDDD now to ensure they have enough time to implement required systems and identify risks. This includes working with partners and renegotiating contracts if needed. Early preparation also helps align these requirements with broader business and sustainability goals.
While the CSDDD is complex, it can be integrated into operations, leading to benefits like improved reputation, better customer relationships, and stronger risk management. Proactive action avoids costly penalties, reputational damage, and inefficiencies. It also allows companies to streamline CSDDD compliance with other regulations, maximizing resources.
5 Mistakes You Don't Know You're Making in Enterprise Document Management
You might also find this interesting: