The Corporate Sustainability Due Diligence Directive (CSDDD), which is part of the European Union’s (EU) proposed legislative framework designed to hold companies accountable for their environmental, social and governance (ESG) activities, is likely to be adopted in 2024, with Member States translating this into national law within another three years, in 2027. The European Parliament adopted the CSDDD as a negotiating text in the summer of 2023 and it was informally agreed by EU co-legislators on 14th December 2023.
Under the proposed rules, organizations will need to identify potential and real adverse environmental and human rights impacts arising from their own operations, subsidiaries, and business relationships. They will be required to take measures to prevent or mitigate any potential impacts they identify, as well as end or minimise any real impacts. The CSDDD scope includes core Diversity, Equity and Inclusion (DE&I) topics of equal pay for equal work or work of equal value, gender-based violence or harassment including sexual harassment, and work-based discrimination based on race and ethnicity, gender, age, or social background.
Organizations are recommended to start preparing now to be ready for the regulatory change. For many, CSDDD reporting will be a huge undertaking. EDGE Certified organizations will have a head start as they have already started assessing and managing the DE&I related topics, and associated risks as part of their certification journey.
Guiding Responsible Business Conduct
The European Commission based its CSDDD directive on the OECD’s Due Diligence Guidance for Responsible Business Conduct, published in March 2018. The CSDDD also aligns with the UN’s Guiding Principles on Business and Human Rights.
For an organization to comply with the CSDDD it will need to develop effective systems and processes to identify, prevent, and mitigate human rights and employment risks, before reporting publicly. What the OECD and the EU hope for is that the systems created will enable organizations to learn what works and what doesn’t and progressively improve over time. That level of reporting requires designing and implementing many interlinked due diligence processes, which will be a daunting prospect for many.
Which Companies Will be Affected?
Once finalized in early 2024, the CSDDD will be applicable to some 12,000 European firms, plus around 4,000 overseas companies with significant presence in Europe.
For any of these organizations, it is strongly recommended that they begin preparing the new reporting requirements, which will begin to impact reporting in about three years’ time. An early assessment of how an organization will be affected is essential to give enough time to make the necessary changes and identify potential opportunities to streamline the DE&I measuring and reporting processes. That will in turn mitigate any risk of sanctions being imposed for non-compliance.
The Potential Penalties
The European Council has outlined that an organization will be civilly liable for any breach of its directive if its actions result in a person’s suffering or damage through a breach of duty, either intentionally or through negligence. If a company is liable or fails to comply with the directive, the penalties are likely to be linked to the size of the company’s worldwide turnover and lead to reputational damage. The Council has spoken of “naming and shaming” and fines of up to 5% of an organization’s worldwide turnover.
What do Companies Need to Do?
To avoid paying damages or risking reputational harm, companies will need to fulfil their due diligence obligations based on six steps originally outlined in the OECD’s guidance, namely:
- Design due diligence processes and integrate them into company policies
- Identify the principal adverse impacts their activities are having or might have on the environment and human rights within the organization and along its value chain
- Prevent and stop or minimize any adverse impacts caused
- Have or set up a grievance process for stakeholders, e.g. employees
- Monitor the firm’s due diligence processes and continuously improve performance
- Report the results of its programs and policies publicly either consolidated with its CSRD sustainability reporting or annually on its website
How Does EDGE Certification Help?
Gathering and analyzing the data to assess, monitor and report on any adverse human or employee rights impacts is by itself a daunting task for organizations that have not started this journey. However, organizations that have or are already going through the EDGE Certification process will be at a distinct advantage.
The EDGE methodology requires organizations to identify and assess gender-based pay inequities or pay discrimination based on gender and other intersectional dimensions such as race and ethnicity. The certification process assesses an organization’s unexplained gender pay gap and examines an organization’s policies and processes to monitor performance, reduce adverse impact, redress imbalances, and continuously improve. The process is consistent with the requirements of the CSDDD.
An integral part of the EDGE Certification process is an employee survey designed to anonymously learn about workers’ experiences and gather their perceptions about the company’s current DE&I policies and practices. An organization’s policy regarding the prohibition and prevention of sexual harassment and all forms of discrimination at the workplace is also assessed along with the associated procedures and resources to implement the policy and report grievances.
An organization’s executive management will need to sign off EU CSDDD data and the final public reporting, therefore, the need for reassurance about the quality and veracity of the stated outcomes is critical. Independent third-party verification is at the heart of the EDGE Certification system, which gives those responsible for disclosure peace of mind that the DE&I-related data and information is of requisite high quality, accurate, and complete.
EDGE Certified organizations already have a head start in preparing their compliance with the EU CSDDD, a disclosure process that will go hand-in-hand with other EU Directives such as the Corporate Sustainability Reporting Directive and the Pay Transparency Directive.