CSDDD: The future of supply chain due diligence
See how the EU’s CSDDD will unify supply chain due diligence laws while impacting existing regulations like Germany’s LkSG and France’s Loi de Vigilance
Historically, countries across the EU have maintained their own legislation regarding supply chain due diligence, which has meant inconsistency from one country to another — plus compliance complexity for companies operating and trading across borders.
Until now.
With the passing of the Corporate Sustainability Due Diligence Directive (CSDDD), EU Member States will soon have a new set of universalized rules to transpose into regional law. For some, this may mean incorporating specific requirements into pre-existing legislation, while for others it might be a case of replacing current laws with new ones.
In this article, Subject Matter Expert in Sustainability & ESG, Jin Wang examines the CSDDD’s supply chain due diligence framework to bring you a breakdown of what this paradigm-shifting directive will mean for countries — and businesses — across the EU.
Read on to learn more about how the CSDDD will change the landscape of supply chain due diligence in the EU, including examples of current laws that stand to change or be replaced by new legislation to align with CSDDD requirements.
An introduction to supply chain due diligence under the CSDDD
The European Union’s Corporate Sustainability Due Diligence Directive (CSDDD) represents a groundbreaking step in promoting corporate accountability and sustainable business practices across global supply chains. Adopted as part of the EU’s broader agenda for transitioning to a sustainable economy, the Directive outlines a comprehensive corporate due diligence framework, which includes:
- Identifying risks
- Establishing preventive measures
- Monitoring their effectiveness
- Publicly reporting on due diligence activities
Companies are required to assess not only their own operations but also those of their subsidiaries and business partners, ensuring all tiers of their supply chain adhere to the established standards.
Member States will have to transpose the CSDDD into national law before 26 July 2026, and the obligations will start to apply one year later.
It’s important to note that this is only a short summary of what the CSDDD entails for the context of supply chain due diligence, but there’s significantly more detail to dive into.
Current supply chain due diligence laws
Many EU Member States already have laws in place that address supply chain due diligence, which will inevitably be impacted by the transposition of the CSDDD.
Here are two examples of such existing regulations, and how they compare with the CSDDD…
Example 1: The German supply chain due diligence act (LkSG)
The German Supply Chain Due Diligence Act (Lieferkettensorgfaltspflichtengesetz, or LkSG) provides a critical regulatory framework aimed at ensuring corporate accountability within global supply chains. Effective from 1 January 2023, the LkSG initially applied to businesses operating in Germany with at least 3,000 employees. It then expanded to those with at least 1,000 employees in 2024. The Act covers human rights and environmental concerns, focusing on core areas such as forced labor, child labor, occupational health and safety, and environmental degradation.
Under the LkSG, companies must establish due diligence procedures to identify risks, implement preventative measures, and address potential violations within their supply chains. Legal obligations include establishing a risk management system, conducting regular risk analysis, adopting preventive and remedial measures, and establishing grievance mechanisms to allow affected parties to report violations and raise concerns. Companies are also required to document and publicly disclose their fulfilment of due diligence obligations through annual reports, ensuring transparency and accountability.
Enforcement of the LkSG is overseen by the Federal Office for Economic Affairs and Export Control (BAFA), which is empowered to investigate complaints, issue compliance orders, and impose fines for non-compliance. These fines can reach up to EUR 400 million or 2% of a company’s annual global turnover.
Comparing the LkSG and CSDDD
While the LkSG and CSDDD are largely aligned on supply chain due diligence obligations, they differ in several key aspects.
Firstly, the LkSG has a narrower scope in terms of geographical reach and the range of protected rights. The LkSG includes in its Annex an exhaustive list of 11 internationally recognized human rights conventions and three environment-related conventions. This confines its coverage to the legal interests protected under these conventions. In contrast, the CSDDD addresses a broader spectrum of human rights and environmental concerns — including biodiversity, ecosystems, and marine protection.
Another major difference lies in reporting requirements. The LkSG, together with supplementing documents issued by BAFA, establishes clear and strict reporting standards. On the other hand, the CSDDD merely refers to the sustainability report without providing detailed specifications.
Lastly, unlike the LkSG, which explicitly excludes civil liability, the CSDDD allows affected parties to file claims directly against companies for damages caused by intentional or negligent breaches of their due diligence obligations. Additionally, the CSDDD imposes stricter penalties, with fines of up to 5% of a company’s net global turnover, significantly higher than the 2% cap under the LkSG.
Example 2: France’s Loi de Vigilance
The French Loi de Vigilance, enacted in 2017, was a pioneering piece of legislation aimed at enhancing corporate responsibility for broad human rights and environmental risks within their global operations and supply chains. The law applies to French companies with at least 5,000 employees in France or 10,000 employees globally.
The Loi de Vigilance requires companies to develop and implement a vigilance plan that identifies and addresses risks related to human rights abuses, environmental harm, and occupational health and safety violations. This plan must include:
- Risk mapping
- Measures to address, mitigate and prevent risks and violations
- Regular assessments of subsidiaries, subcontractors, and suppliers
- A monitoring scheme to follow up on the measures implemented and assess their efficiency
Companies are also obliged to publicly disclose their vigilance plans and report on their implementation.
Failure to comply can result in legal action, including potential civil liability for damages caused by non-compliance with due diligence measures, enabling victims and stakeholders to seek remedies through French courts.
Comparing the Loi de Vigilance and CSDDD
Compared to the CSDDD and the LkSG, the Loi de Vigilance focuses on larger multinational corporations, promotes a strategic view of corporate responsibility, and encourages companies to integrate sustainability into their business strategies. However, the law also has its challenges. While mandating the public disclosure of vigilance plans, it has drawn criticism over insufficient supervision and enforcement to ensure compliance. Additionally, the complexity of proving causality in civil liability cases — where the burden of proof lies on the claimant — can potentially limit the effectiveness of such remedies. Nevertheless, overall, the Loi de Vigilance strikes a balance between encouraging sustainable business practices and imposing rigorous compliance demands.
Apart from Germany and France, Norway’s Transparency Act has been in effect since 2022, aiming to promote corporate transparency and accountability regarding human rights and working conditions within supply chains.
How will the CSDDD impact existing supply chain due diligence regulations?
The CSDDD represents a significant step toward a more cohesive and ambitious regulatory environment for supply chain due diligence and is poised to significantly impact existing regulations in Member States.
In June 2024, Germany released a draft law to repeal the LkSG in preparation for the transposition of the CSDDD, arguing that companies would be subject to unjustified competitive disadvantages if they would have to comply with the LkSG and prepare to comply with the CSDDD at the same time. However, the proposal was rejected by the Bundestag in October 2024, keeping the LkSG obligations in force and creating more uncertainties on its future look.
France hasn’t made any move with regard to its Loi de Vigilance, but regardless of whether it’s going to repeal or adapt its own law, it’s certain that more companies would be brought within scope, while companies already subject to the vigilance plan would face stricter requirements and potential legal consequences following the transposition.
Considering the regulatory landscape across the EU, the transposition process is expected to involve significant legislative changes in Member States needing to align their national laws with CSDDD requirements, yet discrepancies may remain in areas such as the covered risks and stakeholder engagement.
To further complicate the situation, at the end of 2024 the EU proposed to introduce an omnibus regulation to consolidate key sustainability regulations — namely the CSRD, the Taxonomy Regulation, and the CSDDD. While the goal is to streamline sustainability reporting and reduce administrative burden for companies, it may lead to broader amendments and changes in implementation timelines, depending on the legislative dynamics.
Given the complexity and scope of the CSDDD, it’s anticipated that Member States will utilize the full transposition period to develop and implement the necessary legislative measures. Therefore, while preparatory work may be underway, formal transposition efforts are still in the early stages.
Despite any uncertainty, most existing due diligence regulations in the EU refer to common international standards, including the UN Guiding Principles on Business and Human Rights and the OECD Guidelines for Multinational Enterprises on Responsible Business Conduct. Based on these standards, several key requirements at the operational level will likely be retained — especially in areas such as:
- Risk identification and assessment
- Preventive and mitigative measures
- Grievance mechanisms
- Remediation actions
- Monitoring and auditing
- Transparency
Companies are therefore recommended to seek guidance from and adhere to these standards and stay informed about the legislative changes.
Due diligence change is on the horizon with the CSDDD
The CSDDD marks a transformative development in corporate sustainability and accountability, setting a higher standard for supply chain due diligence across the EU. Companies will be required to navigate a more stringent regulatory framework that builds on existing regulations and international standards. With its broad scope, the CSDDD puts great emphasis on integrating sustainability into business operations at all levels, reshaping corporate responsibility in the EU. As Member States begin the process of transposing the directive into national law, companies must stay vigilant, align their practices with international standards, and prepare for the evolving regulatory landscape to ensure compliance and long-term success in a sustainable economy.
