By: Reinhilde Weidacher, Global Head of Corporate Sustainability Services, ISS-Corporate, and Olivia Windorf, Sustainability Advisor, ISS-Corporate

The adoption of the EU’s Corporate Sustainability Due Diligence Directive (CSDDD) signals broad consensus on the importance of robust controls to prevent adverse impacts of business activities on people and the environment. Notwithstanding significant concessions on the ambitious proposal presented by the European Commission over two years ago, this regulation will drive the harmonization of sustainability due diligence obligations in the EU and beyond.

The regulation seeks to “anchor human rights and environmental considerations in companies’ operations and corporate governance” to prevent, mitigate, and address adverse impacts throughout companies’ global value chains. According to ISS ESG research, nearly 30% of European large and mid-cap companies are currently facing allegations of causing harm to people or the environment, either through their operations or along their value chains, and scrutiny on these topics is expected to further increase as a result of the new rules.

Establishing due diligence obligations  

CSDDD is rooted in established frameworks, notably the UN Guiding Principles on Business and Human Rights adopted by the UN Human Rights Council in 2011 (UN Guiding Principles). These principles, which were also incorporated into the OECD Guidelines, are endorsed by governments and companies globally and serve as the most authoritative standard on business and human rights. The three-pillar structure of the UN Guiding Principles covers, next to the State’s duty to respect human rights, the responsibility of companies to respect rights and the duty of both States and companies to make available judicial and non-judicial grievance mechanisms and provide access to remedy. Accordingly, CSDDD not only defines the due diligence obligations for companies, but also the obligation for Member States to establish complaint mechanisms, impose penalties for non-compliance and civil liability for damages caused.

According to ISS ESG data, around 55 percent of European large and mid-cap companies have formally endorsed the UN Guiding Principles, while only 45 percent reference the framework in a public policy. Commitment to the OECD Guidelines shows a similar gap between endorsement and policy, yet at lower levels.

Due diligence obligations

The due diligence process set out in the Directive is based on the six steps defined in the foundational frameworks and relevant implementation guidelines, in particular the OECD Due Diligence Guidance for Responsible Business Conduct:

Integrating due diligence into policies and management systems

Identifying and assessing adverse human rights and environmental impacts

Preventing, ceasing, or minimising actual and potential adverse human rights and environmental impacts

Monitoring and assessing the effectiveness of measures

Communicating on due diligence policies and measures

Providing remediation

Importantly, CSDDD requires companies to develop their due diligence policy “in prior consultation with the company’s employees and their representatives.” The policy should be based on the concept of risk-based due diligence, or the alignment of due diligence measures with the severity and likelihood of adverse impacts caused or contributed to by the company.

ISS ESG data shows some level of preparedness by European companies, with over 50% disclosing the existence of a human rights due diligence programme. However, current disclosures suggest that not all programmes are aligned with the specific recommendations on policies and processes set out in the UN Guiding Principles.

To support companies in implementing due diligence along the value chain and obtain assurance from their business partners that they take measures to prevent, mitigate, and address adverse impacts, the EU Commission will develop guidance in the form of voluntary model contractual clauses. ISS ESG data shows that few companies currently embed sustainability commitments in contractual agreements. Only 10% and 14% of European companies require a contractual commitment from their suppliers to the OECD Guidelines and the UN Guiding Principles, respectively, compared to the 27% and 16% requiring a general commitment to the same standards.

Similarly, while over two-thirds of companies disclose the existence of supplier sustainability risk assessments, only roughly one-fourth disclose the details of their programmes. It is of note that far fewer companies disclose the existence of supplier environmental risk assessments compared to social risk assessments.

The above frameworks form the basis of the rights-based approach at the core of all EU regulations on sustainable business and sustainable finance, emphasizing the importance of alignment with global norms and best practices. The CSDDD highlights the need for companies to familiarize themselves with international standards to establish effective and compliant due diligence programs throughout their operations and supply chains.