Directive (EU) 2024/1760 of the European Parliament and of the Council (hereinafter also referred to as “CSDDD” or “Directive”), adopted on June 13, 2024, and in force as of July 25, 2024, has introduced new sustainability due diligence requirements for companies, amending Directive (EU) 2019/1937 and Regulation (EU) 2023/2859. The Directive is among the strategic initiatives of the European Green Deal promoted by the EU Commission. More specifically, the legislation aims to hold companies accountable for the environmental and social impacts of their supply chain and, more in general, of their business in accordance with Article 191 of the Treaty on the Functioning of the European Union (1) .

The Commission’s initial proposal, presented in February 2022, envisaged a general application of the new rules to all large “companies” with more than 500 employees and a global “net turnover” of more than €150 million. After intense negotiations between member States and trade associations, its scope was reduced, providing for its gradual entry into force over time, according to the following criteria:

• from January 2027, “companies” with more than 5,000 employees and a “net turnover” of more than 1.5 billion euros for two consecutive fiscal years will be subject to the Directive’s obligations;
• from July 2028, the rules will also apply to “companies” with more than 3,000 employees and “net turnover” of at least 900 million euros for two consecutive fiscal years;
• starting in July 2029, all “companies” with more than 1,000 employees and a “net turnover” of more than 450 million euros for two consecutive fiscal years will be affected;

The Directive, according to the Centre for Research on Multinational Corporations, covers a total of 5,421 “companies” including 737 in Italy.

In addition to large “companies”, the Directive further imposes obligations on “entities” operating as franchises, provided that their “net turnover” exceeds €80 million, with at least €22.5 million from royalties, and on “companies that are incorporated in accordance with the law of a third country”, if their turnover exceeds 450 million euros in the EU for two consecutive fiscal years.

These “companies” will have to adjust their organization structure and risk management systems, as well as implementing measures to prevent and mitigate negative impacts along the entire supply chain. It becomes mandatory to prepare detailed reports on their activities, with a focus on sustainability and social responsibility goals.

(1) The first paragraph of Article 191 TFEU sets out the following objectives, «Union policy on the environment shall contribute to the pursuit of the following objectives: – preserving, protecting and improving the quality of the environment; – protecting human health; – prudent and rational utilisation of natural resources; – promoting measures at the international level to solve regional or worldwide environmental problems and, in particular, to combat climate change».

Under article 1, the Directive already highlights how climate change mitigation is one of the core principles of the CSDDD. Indeed, it imposes an obligation on companies to develop and implement a transition plan that aligns the business model and corporate strategy with the transition to a sustainable economy(2). Said plan must also ensure compliance with the international goal of limiting global warming to 1.5 degrees Celsius, in line with the Paris Agreement.

In this sense, of fundamental interest is article 22, titled “Combating Climate Change”, which is the core of climate change mitigation. The article obliges member States to enact laws requiring companies to adopt a corporate governance plan aimed at assuring the compatibility of their business activities and strategies with the transition to a green and sustainable economy.

According to the original text of the proposal, the plan that companies are required to develop must not only identify the risks that climate change poses to their operations, but also assess the potential impact of their operations on the environment. In particular, the plan must set concrete targets for reducing greenhouse gas emissions and outline measures to achieve them. In addition, it must be consistent with the goals set by the Paris Agreement and Regulation (EU) 2021/1119, which calls for the achievement of climate neutrality by 2050, as well as interim targets along the way.

Article 22 then goes on to specify that the transition plan for climate change mitigation must include, among others, the following elements:

(i) climate-related time targets for 2030, with five-year milestones to 2050, based on established scientific evidence, and, where necessary, absolute GHG emission reduction targets for the various areas (1, 2 and 3);

(ii) a description of decarbonization strategies and key actions needed to achieve these goals, including, where appropriate, product portfolio transformation and adoption of new technologies;

(iii) an explanation and quantification of the investments and funding that will support the implementation of the plan;

(iv) a description of the role of the administrative, management and control bodies in implementing the plan.

According to the Directive, “companies” that already communicate a climate transition plan in accordance with Articles 19 bis, 29 bis or 40 bis of Directive 2013/34/EU are considered to be already in compliance with the obligation to adopt a climate change mitigation plan. In addition, companies included in their “parent company’s”” transition plan reported under Articles 29 bis or 40 bis of the same Directive will also be considered in compliance.

It is understood that member States are required to assure that these plans are updated every year and that they include a description of the companies’ progress in achieving their intended goals.

(2) Article 1(1)(c) states verbatim: «[t]he obligation for companies to adopt and put into effect a transition plan for climate change mitigation which aims to ensure, through best efforts, compatibility of the business model and of the strategy of the company with the transition to a sustainable economy and with the limiting of global warming to 1,5 o C in line with the Paris Agreement».

Protection of human rights is another main objective of the CSDDD: «[M]ember States shall ensure that companies conduct risk-based human rights and environmental due diligence» (article 5 of the Directive).

In order to do so, preventive due diligence measures must be taken: one must commit to the five fundamental principles and rights at work as defined by the 1998 ILO (International Labor Organization) Declaration, and one must consider, in business practices, human rights abuses even if not specifically listed, as long as such abuses are reasonably foreseeable based on the operational context as specified under article 8: «[c]arry out an in-depth assessment of their own operations, those of their subsidiaries and, where related to their chains of activities, those of their business partners, in the areas where adverse impacts were identified to be most likely to occur and most severe». One should therefore develop and implement additional due diligence policies integrated into their risk management systems in order to identify, assess and prioritize adverse impacts, and take measures to prevent and mitigate them as specified in Articles 10 and 11 of the Directive.

The CSDD then requires “companies” to ensure adequate living standards along the entire value chain, including fair salaries for employees and sufficient incomes for the self-employed and small-scale producers. This reflects the obligation of companies to contribute to sustainable and fair working conditions, as specified in the foreword and in Annex I, which includes “Rights and Prohibitions found in international human rights agreements”. And a culturally and socially sensitive approach should also be taken, considering factors such as gender, age, race, ethnicity and socioeconomic status. Special attention should be paid to vulnerable or marginalized people, such as indigenous peoples, and respect rights under international instruments such as the Convention on the Elimination of All Forms of Racial Discrimination and the Convention on the Rights of Persons with Disabilities.

To summarize, the CSDDD requires integrating human rights due diligence into business processes and working with stakeholders to ensure that human rights are respected and protected throughout all business and corporate processes. Through the implementation of appropriate policies and the adoption of responsible practices, one can (or rather, should) significantly contribute to the transition to a sustainable economy that respects human rights and promotes a fair working environment.

4.1. Grievance Mechanisms

The Directive introduces two distinct grievance mechanisms, (a) one internal and (b) one external to the companies, regulated mainly by articles 14 and 26.

The first mechanism, which deals with internal complaints, obliges companies to establish a system through which different categories of parties can submit their possible complaints. Entitled parties include (i) people experiencing or fearing adverse impacts, (ii) labor unions and employee representatives working along the value chain, and (iii) civil society organizations with expertise in environmental issues related to the complaint(3) . Article 14 sets forth that companies are also required to establish a procedure to handle such complaints, guaranteeing stakeholders the right to (a) receive appropriate feedback on their complaints (b) meet with representatives of the company to discuss actual or potential negative impacts, and (c) obtain from the company the reasons as to whether or not a complaint is justified.

Therefore, it is evident that in the process of drafting and approving the Directive, the number of individuals authorized to file complaints was expanded. In addition to those directly affected, additional parties were included.

In addition, the mechanism ensures that reports can be made anonymously or confidentially, and companies must take all reasonable measures at their disposal to  made public and easily accessible. In addition, the supervisory authority is required to assess substantiated reports «[m]ember States shall ensure that supervisory authorities assess the substantiated concerns in an appropriate period of time and, where appropriate, exercise their powers as referred to in Article 25» as stipulated in Article 26(4). This ensures a prompt and proportionate response to reports, preventing situations of noncompliance from remaining unresolved for long periods.

Finally, the Directive integrates Corporate Sustainability Due Diligence in the context of Directive (EU) 2019/1937 (“Whistleblowing Directive”). Indeed, article 30 of the Directive extends the protections provided by the whistleblowing legislation to those who report violations related to the new environmental due diligence obligations, providing protection against possible retaliation for those involved in the reports.

Closely related to the issue of reporting mechanisms is that of the powers of supervisory authorities, regulated in article 25, which strengthens the safeguards for compliance with the provisions of the Directive. The powers include the ability to (i) request information from companies and (ii) conduct in-depth investigations. More specifically, article 25 specifies that «member States shall ensure that the supervisory authorities have adequate powers and resources to carry out the tasks assigned to them under this Directive, including the power to require companies to provide information and carry out investigations». This gives the authorities the ability to operate effectively and intervene promptly in cases of suspected violations.

An important aspect of the Directive is the possibility for supervisory authorities to act not only on their own initiative, but also following a substantiated report received. Article 25(2) provides that «a supervisory authority may initiate an investigation on its own initiative or as a result of substantiated concerns communicated to it pursuant to Article 26, where it considers that it has sufficient information indicating a possible breach». This mechanism reinforces the importance of reports as a tool of active supervision. A crucial point is the cooperation between different supervisory authorities, regulated in article 28. The creation of a “European network of supervisory authorities”, composed of representatives of the authorities of each member state, is intended to facilitate cooperation and coordination among the various jurisdictions. This network not only facilitates the exchange of information, but under article 28: «[t]he European Network of Supervisory Authorities shall facilitate the cooperation of the supervisory authorities and the coordination and alignment of regulatory, investigative, sanctioning and supervisory practices of the supervisory authorities and, as appropriate, the sharing of information among them».

4.2. Sanctions

The Directive prepares a penalty system for “companies” that fail to comply with their obligations. Indeed, article 27 provides that: «member States shall lay down the rules on Directive (EU) 2024/1760 B-HSE Società tra Avvocati a r.l. www.b-hse.law penalties, including pecuniary penalties, applicable to infringements of the provisions of national law adopted pursuant to this Directive, and shall take all measures necessary to ensure that they are implemented. The penalties provided for shall be effective, proportionate and dissuasive». This obliges states to establish a domestic regulatory framework that ensures punishability of violations and deterrence against non-compliant behavior.

The nature and level of the sanctions are to be determined by taking into account several factors, as stipulated in article 27 paragraph 2 (a): «the nature, gravity and duration of the infringement» and «the severity of the impacts resulting from that infringement». Other elements to be taken into account are the investments made to mitigate the negative impacts, whether the company has collaborated with others to resolve the problems that have arisen, and the extent to which the company has taken corrective measures. The overall assessment of the circumstances allows sanctions to be calibrated so that they are appropriate to the specific case.

However, the sanctions provided for in the Directive are not limited to those of a pecuniary nature. Indeed, in the event of non-compliance with a decision imposing a sanction, there is the additional possibility of making «a public statement indicating the company responsible for the infringement and the nature of the infringement» (article 27 paragraph 3). This additional measure has a strong reputational impact, as it makes the violation publicly known, putting the company’s image and credibility at risk.

Lastly, article 27 provides that financial penalties may reach significant levels, stipulating that: «the maximum limit of pecuniary penalties shall be not less than 5 % of the net worldwide turnover of the company in the financial year preceding that of the decision to impose the fine». This ceiling ensures that fines are high enough to be an effective deterrent, especially against large multinational corporations

(3) «[a]rticle 14 enumerates who should be able to complain: Member States shall ensure that complaints may be submitted by: (a) natural or legal persons who are affected or have reasonable grounds to believe that they might be affected by an adverse impact, and the legitimate representatives of such persons on behalf of them, such as civil society organizations and human rights defenders; (b) trade unions and other workers’ representatives representing natural persons working in the chain of activities concerned; and (c) civil society organizations that are active and experienced in related areas where an adverse environmental impact is the subject matter of the complaint».

(4) Article 14 (3).

The new Directive (EU) 2024/1760 will significantly affect companies doing business in the European territory: initially, complex internal mechanisms to monitor and mitigate negative impacts along value chains will have to be implemented, entailing upfront investments and recurring costs related to managing sustainability and human rights procedures. However, if properly implemented, the new rules could bring significant long-term benefits such as, for example, greater business resilience, improved financial performance, and a stronger reputation, especially in an increasingly competitive global environment.

A crucial aspect will then be the balance between compliance burdens and support for small and medium-sized enterprises (SMEs), which, while not directly obliged to adopt autonomous due diligence mechanisms, will inevitably be involved in the processes of large “entities”. If mishandled, these obligations could generate disproportionate costs and undermine competitiveness in the market (i.e., a relocation of production activities to nonEuropean areas of less regulated states, as has happened in the past), thus reducing the effectiveness of the Directive in improving working and environmental conditions globally and causing a weakening of the EU’s industrial and production fabric. Not to mention the costs (monetary and organizational) that public authorities (and European institutions) will face in monitoring and ensuring compliance, with potential pressure on administrative resources.