What Is the EU CSDDD and Why Does It Matter?
On December 14, 2023, the European Union reached a political agreement on the Corporate Sustainability Due Diligence Directive (CSDDD), a groundbreaking piece of legislation that fundamentally redefines corporate accountability. The directive creates mandatory human rights and environmental due diligence obligations for companies operating in the EU, whether they are based there or not. It was formally approved in June 2024 and entered into force on July 25, 2024, marking the transition from policy proposal to binding EU law. The CSDDD departs significantly from the voluntary frameworks established under the OECD Guidelines and the UN Guiding Principles on Business and Human Rights. Rather than relying on goodwill and self-reporting, the directive establishes civil liability for damages and introduces penalties for noncompliance, including fines of up to 5% of global turnover. This shift signals that sustainability and human rights risk are now firmly within the domain of corporate compliance, not optional corporate social responsibility programs. The directive is a cornerstone of the EU's broader Green Deal and sustainability agenda, working alongside related regulations such as the Corporate Sustainability Reporting Directive (CSRD), the Deforestation Regulation, the Conflict Minerals Regulation, and the Forced Labour Ban Regulation. Together, these regulations form a coherent framework aimed at ensuring that businesses operating in Europe act responsibly both within EU borders and across the globe. The CSDDD, however, focuses specifically on what companies must do, not merely what they must disclose — requiring active due diligence processes tied to enforcement and liability.
Large EU and non-EU companies meeting turnover thresholds must embed due diligence into their operations, subsidiaries, and value chains.
The CSDDD applies to EU companies with more than 500 employees and annual net global revenue exceeding €150 million, as well as companies operating in high-impact sectors such as manufacturing, food, clothing, and textiles with more than 250 employees and €40 million in annual net global revenue. For non-EU companies, only turnover generated in the EU counts toward meeting these thresholds. The directive is expected to directly cover approximately 6,000 EU-based companies and around 900 to 1,000 non-EU-based companies. Small and medium-sized businesses may be indirectly affected if they are part of the supply chain of a covered company, as those upstream or downstream can anticipate requests for information, contractual assurances, and audits to verify compliance. At its core, the CSDDD imposes a duty on in-scope companies to detect, prevent, mitigate, or end real or potential adverse impacts on human rights and the environment. This applies to the company's own operations, those of its subsidiaries, and its upstream and downstream business partners across the value chain. Companies must integrate due diligence into their corporate policies and risk management systems, conduct thorough assessments to identify potential or actual adverse impacts such as child labor, worker exploitation, pollution, and biodiversity loss, and take appropriate measures to stop, minimize, and remedy any harms that materialize. Beyond risk identification, companies must establish and maintain accessible grievance mechanisms and complaint procedures that allow affected workers, communities, consumers, and other stakeholders to raise concerns without fear of retaliation. Companies are also required to monitor the effectiveness of their due diligence policies and publish regular reports detailing their environmental and social impact, as well as the measures taken to address negative effects. Directors of EU companies bear specific responsibility for creating and maintaining these due diligence frameworks and must report back to their board on progress. What makes the CSDDD particularly significant is the requirement that companies disengage from business partners if adverse impacts cannot be prevented or mitigated. This moves compliance well beyond documentation and reporting, compelling businesses to make concrete sourcing decisions based on human rights and environmental performance throughout their value chains.
Non-compliance carries financial, legal, and reputational consequences — and the CSDDD works hand-in-hand with broader EU sustainability reporting rules.
Enforcement of the CSDDD will be carried out through national supervisory authorities, which EU member states must designate by July 26, 2026. These bodies will have extensive investigative powers, including the ability to demand information, launch independent investigations, and respond to complaints from individuals and organizations. A European Network of Supervisory Authorities will also be established to harmonize enforcement approaches across member states. Penalties for non-compliance may include substantial fines, suspension or withdrawal of licenses and contracts, and exclusion from public procurement processes. Additionally, the directive includes provisions for civil liability, meaning companies that cause harm may be held liable for damages, and victims may have access to legal remedies and compensation. It is important to distinguish the CSDDD from the Corporate Sustainability Reporting Directive (CSRD). While the CSRD focuses on what companies must disclose — requiring detailed standardized reporting on environmental, social, and governance factors — the CSDDD focuses on what companies must actually do. Compliance with the CSDDD requires active due diligence processes with enforcement and liability tied to action. For companies subject to both regulations, treating them separately increases operational complexity and regulatory exposure, as CSRD reporting relies on the quality and consistency of underlying due diligence that the CSDDD demands. The two directives are designed to be complementary pillars of the EU's sustainable finance and corporate governance strategy.
Proactive steps taken now — from supply chain mapping to policy updates — will determine a company's readiness as CSDDD obligations phase in through 2029.
The CSDDD's implementation is phased, with larger companies required to comply by 2027 and full application to all in-scope companies expected by July 26, 2029. EU member states have until July 2028 to transpose the directive into national law. Given the complexity and breadth of the obligations, businesses should begin preparing well in advance rather than waiting for enforcement deadlines to approach. A practical compliance roadmap starts with mapping the value chain — identifying all suppliers, subsidiaries, and business partners involved in product and service delivery across multiple tiers. Companies should then review and update existing policies related to human rights, labor standards, and environmental protection to incorporate a formal due diligence strategy aligned with CSDDD requirements. Risk identification and assessment processes must be developed or strengthened to systematically surface adverse impacts across operations and the extended supply chain, covering issues from labor rights and working conditions to pollution and climate-related harm. Once risks are identified, companies need systems in place to prevent or mitigate potential impacts — including contractual assurances from business partners, supplier training programs, and investment in cleaner technologies. Grievance mechanisms must be established or enhanced to provide safe, transparent, and accessible channels for raising concerns. Monitoring and performance tracking systems should be put in place to evaluate whether prevention and mitigation measures are working, using data, audits, and stakeholder engagement. Finally, companies should ensure their documentation and evidence management is structured and audit-ready, as regulators increasingly require verifiable evidence rather than self-reported questionnaire responses. The EU Corporate Sustainability Due Diligence Directive signals a transformative approach to business sustainability and social responsibility. Companies that proactively adapt to these changes can not only meet regulatory demands but also build more resilient, transparent, and trusted operations — gaining a competitive advantage with conscious consumers, investors, and partners in an increasingly sustainability-driven marketplace.
*not sales material disguised as 'resources.'