For decades, corporate sustainability has lived in the world of glossy brochures and voluntary codes. But now the game has changed. As of July 2024, the EU’s Corporate Sustainability Due Diligence Directive (CSDDD) became law, signalling a shift from promises to proof.
CSDDD is a game-changer, forcing companies, both in and outside the EU, to identify, prevent and mitigate adverse human rights and environmental impacts across their global value chains. However, this is not just another compliance burden, but marks a deeper shift in the DNA of regulation. Corporate boards will now be legally accountable and what were once green-washes or optional disclosures become enforceable obligations.
In this article, we’ll walk leaders through why the CSDDD was adopted, what its main features and challenges are, and how it may reshape business not only in the EU but also in the UK, where firms trading with the EU will feel its ripple effects.
From Voluntary Pledges to Enforceable Sustainability
The EU’s CSDDD did not emerge from nowhere, but builds on a lineage of international standards. For years business behaviour was guided by OECD Guidelines for Multinational Enterprises, the UN Guiding Principles on Business and Human Rights (2011), and EU non-financial reporting directives. These frameworks encouraged companies to map risk, disclose impacts, but stopped short of making non-compliance legally enforceable.
The shift toward binding rules reflects mounting public outrage at scandals over forced labour in supply chains, repeatedly exposed instances of greenwashing by big brands, and growing urgency around climate goals. Recent evidence from EU research estimates that a huge majority of companies may be exposed to human rights risks not just in first-tier suppliers, but deep in the supply chain.
CSDDD brings an EU-wide harmonisation in place of the patchwork of national laws like France’s 2017 Duty of Vigilance Law (which in December 2023 convicted La Poste for failing to implement a proper vigilance plan), or Germany’s Supply Chain Act. The new directive sets minimum legal obligations across all member states. It is no longer enough to have glossy statements in CSR reports. Corporate accountability has become law, not marketing.
Redefining Responsibility
The CSDDD doesn’t tiptoe around; it applies to big players: EU-based firms with 1,000+ employees and over €450 million in net turnover worldwide, plus non-EU companies with significant turnover in the EU. It forces them to look beyond their immediate operations and cover their entire supply chains, including subsidiaries and business partners, even those many tiers removed.
Strikingly, directors and boards will have explicit duties for sustainability risk oversight. This shifts accountability away from just CSR teams to the very top, making chief executives and board members legally responsible. Environmental harms like deforestation or pollution and human rights abuses like forced or child labour must be tracked, prevented or mitigated.
As a real-world example, fashion brands sourcing cotton or leather from regions with known child labour and forced work scandals (e.g. in Asia or Xinjiang) are already under pressure to show they have cleaned their upstream supply chains. Reports have shown many fashion firms cannot definitively say their products are free from forced labour because of complexity.
In the UK, although Brexit means UK law doesn’t automatically adopt EU Directives, firms exporting to the EU or operating heavily in EU markets will need to comply with CSDDD’s requirements. By contrast, UK legislation like the Modern Slavery Act and ESG-reporting regimes are less prescriptive, and duties tend to be more voluntary, with less legal risk for senior officers. This means UK companies must anticipate new demands if they want to stay competitive and compliant.
Pitfalls Becoming Promises?
The big question now is will the CSDDD be more than a fancy regulatory badge, or can it genuinely shift how things are done? Much depends on whether enforcement has teeth. The directive allows for civil liability, meaning companies could face legal claims if they fail to act on identified risks. But whether national regulators pursue those cases, or whether companies simply build internal reports to tick boxes, is what counts.
Investors are already raising the bar. A coalition of 211 asset-managers, together controlling €6.6 trillion, urged the EU to maintain strong standards under the CSDDD to enable better risk and impact analysis. This investor pressure could force more than just compliance and may actually shape futures of financing and valuation.
On the tech frontier, tools like AI and blockchain are being deployed to track distant suppliers and verify claims. For instance, the EU Horizon-2020 “TRICK” project is using blockchain to build traceability in textile and food supply chains. Similarly, BMW has piloted blockchain-powered traceability in its auto supply chain to trace component origins.
In the short term, companies will incur costs for systems, audits and training, for instance. But reputational rewards, better risk management and stronger consumer trust could deliver outsized returns in the long run. If CSDDD is used well, the pitfalls become promises fulfilled.
The Horizon, with its Challenges
While the CSDDD promises sweeping change, a thicket of challenges looms on the horizon. First, compliance costs, especially for SMEs deep in large companies’ supply chains. These threaten to strain budgets. A study by the European Parliament finds many smaller firms worry about the expense of audits, risk mapping and monitoring far-flung suppliers.
Legal uncertainty is another big issue: how far must a company go? Must it guarantee pollution never happens, or show it has reasonable processes in place? Ambiguities over what counts as “adequate due diligence” could leave firms exposed to litigation or potentially penalised unfairly.
Trade friction may follow. Non-EU partners, especially in developing countries, could regard these rules as de facto protectionism. The cost of meeting EU standards might push business to jurisdictions with looser rules, or lead to disengagement, ending relationships rather than reforming them. Amidst this, lobbying has already watered down some proposals by, for example, raising minimum thresholds so fewer companies are immediately in scope.
The Potential
Yet, it’s not all risk. Sharp businesses are seeing opportunity and some consultancies are building new revenue streams around ‘due diligence as a service’. Tech-enabled traceability using blockchain or AI-driven supplier risk tools is emerging fast. Brands that transparently chart their full supply chain and spot and address risks early, may win favour with consumers and investors alike, earning trust (and price premium) over rivals.
Looking ahead, CSDDD could help define global standards. Non-EU firms with EU markets will adopt its rules, contributing to a “Brussels effect”, where EU legislation becomes de facto norm elsewhere. For UK firms, even though the UK government has no plan to replicate CSDDD exactly, they will feel pressure. Trade, investment and reputation won’t wait. The big question: will the UK align closer with EU rules to ensure competitiveness or diverge in pursuit of regulatory freedom?
What is clear is that those companies that embrace the shift now may lead the next wave of responsible capitalism and thereby reap the rewards.
And what about you…?
- How well do you currently understand the risks in your own supply chain — not just first-tier suppliers, but further downstream?
- If you operate in or trade with the EU, how prepared are you for directors and senior leaders to be personally accountable for sustainability risks?
