On July 25, 2024, the European Union Corporate Sustainability Due Diligence Directive (CS3D) entered into force. It marks a major political breakthrough and a turning point for human rights and environmental due diligence, setting a strong legal precedent worldwide around the role of states in ensuring responsible business conduct. The Directive has the potential to significantly redefine accountability within business practices by legally requiring companies to identify, prevent, and mitigate adverse human rights and environmental impacts across their supply chains.
By holding businesses accountable for both direct and indirect harms, the Directive sets a new standard for corporate responsibility, promoting greater transparency and ethical conduct in global business operations. However, concerns persist regarding the efficiency of its implementation and the potential for corporate regulatory capture, which could undermine the Directive’s intended impact and effectiveness.
Voluntary frameworks and soft-law instruments have existed for some time now. Introductory guidelines—such as the United Nations Guiding Principles on Business and Human Rights, the OECD Guidelines for Multinational Enterprises, and the OECD Due Diligence Guidance for Responsible Business Conduct—have helped instruct companies on transparency and accountable conduct, as well as on identifying good practices in regards to human rights across their operations.
However, links between business-related human rights violations and environmental harms persist, spurring social mobilization and contestation worldwide. The lack of effective regulations to hold business and private actors accountable and the continued corporate capture of decision-making in governments and institutions still need to be urgently addressed. Against this backdrop, a broad range of stakeholder groups—including civil society representatives, citizens, and business associations—have been calling for mandatory and efficient due diligence regulations.
The CS3D is the culmination of a contentious political process where the major concern was the Directive’s potential burden on businesses worldwide, which impacted the final agreed scope of the CS3D considerably. In the final text, the scope was reduced from EU companies with 500 employees and a turnover of €150 million to those with 1,000 employees and a turnover of €450 million. Smaller manufacturers and suppliers were not directly included, but some could be affected through their role as the business partners of companies within this scope.
The core aims of this legal obligation are identifying and addressing potential and actual adverse human rights and environmental effects in the company’s operations, their subsidiaries, and—where related to their value chain—those of their business partners. The CS3D sets out general guidelines to integrate a risk-based approach into their due diligence process. It also indicates specific duties to establish a notification mechanism and complaints procedures and to monitor the effectiveness of the measures. EU Member States will have two years to implement the regulations and administrative procedures to comply with the CS3D, and companies, depending on their size and turnover, will have a time window of three to five years to comply.
The CS3D represents a significant milestone in corporate accountability, in companies’ operations, and across their global value chains. Although many companies are already taking measures to address the adverse effects of their actions on human rights or the environment, progress has been slow and uneven. The absence of effective mechanisms to hold companies accountable for human rights violations is well-documented, particularly in highly contentious contexts and in nations with limited institutional capacity. Research has shown that when companies take voluntary action, they often focus on the first link in the supply chain, but harm can potentially occur throughout the value chain. This issue has led to distrust in civil society organizations and concerns surrounding the effectiveness of the CS3D implementation.
Another complication is that several EU Member States have adopted national due diligence laws, resulting in legal uncertainty and unnecessary administrative burdens for companies. There are also ongoing negotiations at the UN level on a legally binding instrument on business and human rights that would advocate mandatory due diligence procedures worldwide. Further, the increasing complexity and global nature of value chains make it challenging for companies to obtain reliable information on business partners and their operations.
However, the main issue at hand is how companies can take appropriate measures that align with the degree of severity and the likelihood of adverse impacts. “Appropriateness” is pivotal to the entire CS3D and at the core of the obligations for in-scope companies. Companies need to be aware that fulfilling these obligations will be challenging, as they will need to ensure they can provide sufficient evidence to underpin any claims denying harm or wrongful behavior. These hurdles pertain even to companies that have already flagged these issues—partly to comply with other emerging legislation and partly to meet growing societal expectations.
The latest regulatory developments have also been accused of increasing the bureaucracy around reporting practices and stymieing tangible action. Because these measures build on reporting obligations already introduced by the Corporate Sustainability Reporting Directive, in order to meet the demands of the CS3D, companies will likely need to make changes in both governance and organizational structures. Finally, there is pressure for additional human and financial resources and a need for specialized capacity building to foster more sensitive and action-focused behavior across all business operations.
Other concerns about the CS3D relate to the reliability of the information reported and the capacity of the states to ensure its accuracy. For decades, companies have been accused of “greenwashing” or providing false or misleading information about their practices. Thus, the independent verification of practices and non-financial audit procedures are likely to play a crucial role in enabling organizations to demonstrate compliance with the new Directive. This raises concerns about corporate regulatory capture.
The administrative enforcement regime under the CS3D follows a traditional oversight model, with independent authorities responsible for supervising compliance. While the Directive emphasizes independence in supervisory authorities in order to mitigate risks of corporate capture and conflicts of interest, undue corporate influence over administrative entities may lead the Directive to fail to deliver its intended outcomes of transparency, ethical conduct, and true corporate responsibility, ultimately undermining its goal of addressing human rights and environmental harm across global supply chains.
In this context, there is a risk of regulatory capture if businesses, particularly large corporations, exert undue influence over policy makers or regulatory bodies. This could result in the weakening of the Directive’s enforcement mechanisms, reduced accountability for companies, or loopholes that allow harmful practices to persist under the guise of compliance. Therefore, ensuring the independence of regulatory bodies and strengthening oversight mechanisms is crucial to preventing such capture and ensuring the Directive’s success.
All actors will need to address the systemic issues of human rights violations or environmental degradation in supply chains. This can help mitigate unethical practices such as greenwashing or “human rights-washing,” where businesses falsely present themselves as ethical and sustainable while continuing harmful practices behind the scenes.
Member States face a significant challenge in effectively integrating the Directive’s mandate into their administrative frameworks to ensure compliance and prevent corporate capture of the appointed supervisory authorities. In this context, the role of rightholders is crucial for holding businesses accountable according to the standards set by the CS3D. The introduction of functioning and efficient grievance mechanisms, which include both a complaints procedure and a notification system, and the establishment of civil liability mechanisms are essential.
While the challenges are considerable, the CS3D marks an opportunity for civil society, governments, and social movements to leverage human rights and climate litigation as powerful tools to hold private actors accountable for the harms caused by their business operations and those within their value chains. This regulation represents a pivotal moment in redefining accountability within business practices.