Thousands of companies — both in the EU and outside of the EU — will soon have to comply with the Corporate Sustainability Due Diligence Directive (CSDDD). The European law, finalized in 2024, mandates that organizations take action to mitigate adverse environmental and human rights impacts within their operations and value chains — or face penalties. As part of the law, affected companies will need to develop climate transition plans, and reliable carbon accounting systems will become essential.
A capstone piece of the European package of sustainability policies was finalized in the Summer of 2024. The Corporate Sustainability Due Diligence Directive (CSDDD) requires companies to take proactive steps to address their adverse environmental and human rights impacts. Among other things, the law mandates that EU companies (and non-EU companies operating in Europe) align their business strategies with the climate targets set out in the Paris Agreement. The CSDDD will directly affect an estimated 6,000 EU companies and 900 non-EU companies — and bring lasting repercussions for global markets.
In this article, we’ll provide an overview of the CSDDD—what’s required, who must comply, and how businesses can begin to prepare.
What is the CSDDD?
The CSDDD establishes environmental and human rights obligations for companies.
With the adoption of the CSDDD, companies operating in Europe will, for the first time, be legally required to meet due diligence obligations on environmental and human rights issues. The CSDDD will also drive corporate climate action to new levels. As part of the law’s sustainability provisions, affected organizations will have to adopt and implement plans to align their business models with the Paris Agreement goal of limiting global warming to 1.5 degrees Celsius. The CSDDD goes further than climate and sustainability disclosure regulations — it will force companies not just to identify and report on impacts, but to take action to prevent, mitigate, or put an end to the harms.
Who needs to comply with the CSDDD, and when?
The law affects both EU and non-EU companies.
The CSDDD applies to EU companies with more than 1,000 employees and €450M in global revenue. Non-EU companies that earn more than €450M in revenue from their activity in Europe will also have to meet the law’s requirements
The law has a phased-in timeline, with the earliest set of companies scheduled to comply by 2027.
Below is a breakdown of the compliance timeline, based on the assumption that European Member states will meet their 2026 deadline for incorporating the CSDDD into their domestic laws.
CSDDD Timeline
The CSDDD establishes a staggered compliance timeline, giving organizations time to implement the law’s requirements based on their size and revenue. With phased deadlines starting in 2027, the largest companies will be the first to comply, followed by additional groups over the next two years.
- EU companies with over 5,000 employees and €1,500M in global revenue must comply by 2027.
- EU companies with over 3,000 employees and €900M in global revenue must comply by 2028.
- EU companies with more than 1,000 employees and €450M in global revenue must comply by 2029.
- Non-EU companies with more than €450M in revenue in the EU.
CSDDD Requirements: What will companies need to address?
Due diligence, climate transition plans, and value chain impacts are all part of the law.
European lawmakers enacted the CSDDD to encourage sustainable and responsible corporate behavior in companies’ operations and value chains. To this end, the law designates three different areas of reporting and action for companies that fall within its scope. These components include:
1. Due Diligence
Organizations affected by the CSDDD must identify actual or potential adverse human rights and environmental impacts — from child labor to deforestation and carbon emissions. They must also describe the actions they will take to mitigate these problems. The due diligence requirements are based on the OECD Guidelines for Multinational Enterprises, which reporting organizations should get to know.
One of the significant features of the CSDDD is that it requires companies not just to address harm from their own operations, but from their value chains as well. They will have to integrate human rights and environmental due diligence into their policies, publicly communicate these policies, establish complaint mechanisms, and monitor the effectiveness of their policies over time. Ultimately, companies are obligated to bring an end to any environmental and social harm they cause.
2. Climate Transition Plans
Under the law, covered companies must adopt climate transition plans with targets for achieving carbon neutrality by 2050. While the Corporate Sustainability Reporting Directive (CSRD) calls on companies to disclose transition plans if they have them, the CSDDD is the first EU policy mandating the creation of such plans — and it sets a high bar. Organizations must set intermediate milestones in 5-year increments, monitor progress toward climate targets, and update their transition plans every 12 months. The CSDDD directs European supervisors to oversee the adoption and design of the plans, as well as the required updates. Affected companies need to make these plans an organizational priority.
The CSDDD builds on the CSRD requirement for companies to disclose their transition plans for climate mitigation. Under the CSRD, companies that have transition plans need to disclose them, along with the details prescribed in the European Sustainability Reporting Standards (ESRS, specifically E1-1). Publishing a transition plan under the CSRD meets the requirements of the CSDDD.
The European Commission has committed to issue more guidance on transition plans to help companies achieve their climate objectives. Teams preparing transition plans can also look to guidance from the UK Transition Plan Taskforce (TPT). The International Sustainability Standards Board (ISSB) is now responsible for the disclosure guidance in TPT Framework, and it provides additional support for companies striving to meet a global gold standard in developing and disclosing their transition plans.
It’s important to note that carbon accounting is the cornerstone of a credible transition plan. Targets set by companies should include absolute emission reductions for scopes 1, 2, and 3 — and scope 3 targets should address each significant category. A company’s disclosure about its transition plan and targets is also subject to assurance when reported pursuant to the CSRD. Having strong carbon data and controls to support your target setting, transition plans, and updated results is crucial. Companies implementing the CSDDD will quickly need to establish a dedicated carbon system of record to ensure their emissions data is accurate, transparent, and assurance-ready. Carbon accounting based on activity data provides a solid foundation to identify opportunities for action.
3. Value Chain Impacts
The CSDDD applies not just to a company’s own operations but to its upstream and downstream partners. This feature of the law promises to create a ripple effect around the world. As large organizations complete their due diligence obligations under the CSDDD, they will put pressure on their suppliers and upstream partners to mitigate their own environmental and social impacts. With the CSDDD’s focus on transition plans, suppliers should anticipate accelerated efforts from covered companies to decarbonize. That dynamic will translate to more demand for detailed carbon footprint information. Gathering this data, while complex, is something businesses can start to do today. Those that act early to set up a reliable system for tracking and managing their carbon data will be better prepared for a commercial market shaped by the climate objectives of the CSDDD.
CSDDD vs. CSRD
The two sustainability laws are distinct but complementary.
The CSDDD and the CSRD are separate policies that work together to uphold more rigorous and comprehensive sustainability standards for companies doing business in the EU.
While it’s easy to confuse the two laws, each has its own distinct purpose. The CSRD focuses on expanding transparency and spurs companies to publicly disclose their environmental and social impacts, while the CSDDD focuses on actively managing and mitigating those impacts.
What are the penalties for non-compliance?
Companies can face fines and civil liability.
Authorities in EU member states will be responsible for enforcing the CSDDD. Failure to comply could lead to a number of direct penalties, including:
- Fines. EU member states could fine companies that do not adequately comply with the law up to 5% of their global turnover.
- Civil liability. Civil society and non-governmental organizations will be able to bring claims against companies if they neglect to mitigate adverse impacts.
- Potential exclusion from public tenders. It’s possible that EU member states could decide that public contracts and concessions can only be awarded to organizations that comply with the CSDDD.
Is the CSDDD all about reporting?
No. Unlike the Corporate Sustainability Reporting Directive (CSRD), which focuses on ESG transparency, the CSDDD calls on organizations to identify adverse impacts — and take action to address them. It follows a due diligence process based on the OECD Guidelines for Multinational Enterprises. Companies will use CSRD-compliant reports for communication aspects, and those not covered by CSRD must issue annual statements describing their due diligence implementation.
Getting Ready for the CSDDD
There are four key steps affected companies can follow.
If you’re within the scope of the CSDDD, it’s not too early to prepare for compliance. Incorporating due diligence and climate transition into your business strategy will take company-wide planning. To get started, companies can focus on these steps:
- Understand the requirements. Teams responding to the CSDDD should get to know each component of the law, including these six steps for meeting the due diligence requirement. For climate, companies should focus on what will be involved in developing a credible climate transition plan and how they can measure progress. You’ll need to become very familiar with the text of the final law and engage your legal team to ensure that your response plan is adequate — the consequences of non-compliance can be serious.
- Prioritize efforts by identifying and assessing risks based on severity and likelihood. Businesses will likely find it difficult to simultaneously address all of the human rights and environmental risks they face. Because of this, it’s important to spend time prioritizing. You should assess each risk, tackling those that are most imminent and severe first. In climate planning, for example, companies are often encouraged to first identify emission “hotspots” — heavy sources of greenhouse gases where decarbonizing can make the biggest difference. This is another reason for establishing a reliable carbon accounting system early on.
- Engage in stakeholder consultation throughout the process. Companies will need to work closely with their value chain partners to gather information, identify solutions, and spur action to mitigate environmental and social impacts. It will also be important to cultivate buy-in internally — many different functions will be involved in reporting and planning, and everyone in the organization needs to thoroughly understand the risks that arise from non-compliance.
- Start early. The first group of affected entities has to comply beginning in 2027 — a tight deadline, especially for large organizations with complex global value chains. The law’s climate transition plan requirement means businesses will need to conduct a thorough accounting of their carbon footprints, including gathering data and ensuring the proper controls and oversight are in place. Those who begin this process now will find the road to compliance much smoother — and will be able to identify opportunities for mitigation sooner.
A Catalyst for Global Change
The CSDDD will spark lasting changes across global markets. Thousands of businesses now face significant legal liability in Europe for their environmental and human rights impacts — a development that will have a ripple effect on value chains worldwide. Under the law’s climate mandates, companies will also be required to develop robust climate transition plans. To respond, they’ll need to pinpoint where their emissions are coming from; it will be crucial to establish reliable systems for tracking and managing carbon data.
If your organization is in scope under the law, you’ll likely need substantial time and resources to prepare — getting started now will set you up for a smooth road ahead.
Find out how Persefoni can help you prepare for the climate requirements of the CSDDD.
