On Feb. 23, 2022, the European Commission (Commission) announced a proposed Directive on Corporate Sustainability Due Diligence, which would establish uniform EU-wide requirements to foster compliance with certain international conventions on human rights and environmental matters and to take corrective measures.
The Commission’s draft directive is a modified version of proposals made previously by the Commission and the European Parliament, but remains ambitious and multifaceted. It reflects the general consensus in the EU to make economic activity more compatible with ESG (environmental, social and governance) goals, as illustrated by myriad EU legislation already on the books[1] or being proposed[2] as well as national legislation in several EU Member States.
This proposal would require action, including at the board and C-suite levels, to identify and combat certain human rights and environmental “adverse impacts.” It would mandate EU Member States to enact legislation imposing on large companies a duty to conduct due diligence with respect to such “adverse impacts” resulting from their operations and those of their subsidiaries, suppliers, customers and others in their “value chains,” including “upstream” or “downstream” actors, that are the subject of “established business relationships.”[3] National legislation would provide for sanctions and civil liability in case of noncompliance.
The directive if and when adopted would require EU Member States to enact implementing legislation within the ensuing two years — but the text will likely be subject to debate and possible modification before it becomes final.
The proposed directive would apply to two groups of companies:
The Commission estimates around 9,400 EU companies and 2,600 non-EU companies to be in Group 1, while around 3,400 EU companies and 1,400 non-EU companies would be in Group 2. The directive would require EU Member State legislation to apply to Group 1 companies two years after it enters into force and to Group 2 companies after an additional two years.
Although the directive would not require Member States to apply these measures to companies outside Groups 1 and 2, small and medium-sized enterprises (SMEs) are likely to feel the impact of the proposed rules by virtue of their participation in the value chains of Groups 1 and 2 companies.
Human rights and environmental impacts are to be measured against the standards set out in international conventions listed in an annex to the proposed directive, including, for example, the Universal Declaration of Human Rights, the International Convention on Civil and Political Rights, the International Convention on Economic, Social and Cultural Rights, the International Labour Organization core/fundamental conventions, and various international conventions on biodiversity, endangered species, use of chemicals, waste disposal and greenhouse gases. The proposed rules would impose on large companies a duty to identify, prevent, mitigate, end and minimize adverse human rights/environmental impacts stemming from their activities and the activities of their value chains. For Group 1 companies, all such adverse impacts would be relevant, but for Group 2 companies, requirements would extend only to “severe adverse impacts”[4] related to high-impact sectors.
Some countries, such as France[5] and Germany, have already enacted corporate sustainability due diligence laws; others — such as Austria, Belgium, Denmark, Finland, Luxembourg and Sweden — plan to do so in the near future. Moreover, many EU companies have their own voluntary sustainability initiatives in place. But according to the Commission, this fragmented approach has made progress “slow and uneven.” By proposing a unified EU-level approach to due diligence and other sustainability-related measures, the Commission hopes to create legal certainty for companies across the EU and encourage improvements on a much larger scale.
The proposal also purports to respond to increased consumer demand to buy sustainably sourced goods from socially responsible companies. The Commission expects companies will benefit from rules requiring them to more closely manage their operations and supply chains, which will lead to earlier detection of problems and risks — including reputational risks.
The proposal introduces seven detailed due diligence and other obligations on covered companies, which can be summarized as follows:
In order to prevent, mitigate, end or minimize the extent of adverse impacts, companies would be obligated to take appropriate measures such as investing in infrastructure or collaborating with industry stakeholders. Other specific actions required by the proposal include:
Companies that comply with their due diligence duty but are still unable to avoid adverse impacts can be forced to terminate commercial contracts or suspend operations until they are able to prevent or minimize harmful outcomes.
A company’s failure to comply with its obligations could expose it to civil liability for adverse impacts stemming from its own actions, or the actions of its subsidiaries or global value chain partners. Victims would be entitled to recover damages for any harm a company “should have” identified, prevented, mitigated, ended or minimized.
Companies could also face administrative sanctions by national authorities, such as turnover-based fines or orders to take remedial action. A non-EU company would be subject to enforcement in the Member State where it has a branch or, if it has multiple EU branches or no EU branch, in the Member State where it generated most of its EU turnover.
The Commission’s proposal imposes on Group 1 companies additional obligations to combat climate change. Both EU and non-EU companies in this group would be required to come up with a plan to make the operation of their business “compatible with” the transition to a “sustainable economy” and limiting global climate change to 1.5° C, a goal identified by the Paris Climate Accords. They would also have to take sustainability efforts into account when setting management bonuses.
Further, for EU companies in Groups 1 and 2, the proposal would introduce a “duty of care” for executives and board members, requiring that “when fulfilling their duty to act in the best interest of the company” they take account of short-, medium- and long-term sustainability matters.
* * *
The Commission’s proposal will be carefully scrutinized during the coming months by the European Parliament and Council and by the public, including the business community and public-interest groups. Whether the Commission’s proposal will be approved intact is uncertain, but with or without modification, the result seems likely to include major new obligations for large companies operating in the EU.
[1] For example, the Taxonomy Regulation (2020/852 of June 1, 2020), the Sustainable Finance Disclosure Regulation (2019/2088 of Nov. 27, 2019) and the Non-Financial Reporting Directive (2014/95 of Oct. 22, 2014).
[2] Such as the proposed Corporate Sustainability Directive.
[3] For banks, insurers, funds and other regulated financial-sector entities, the value chain would not include their customers who are small and medium-sized enterprises.
[4] An impact would be judged “severe” if it either is “especially significant,” affects “a large number of persons” or “a large area of the environment,” is “irreversible” or is “potentially difficult to remedy.”
[5] The French legislation applies to companies employing (for two consecutive years) either at least 5,000 employees in France or at least 10,000 worldwide. It requires companies to establish, publish, implement and monitor a “vigilance plan” to identify and prevent risks of severe adverse impacts on human rights, fundamental freedoms, health and safety caused by activities of the company and its subsidiaries, as well as subcontractors or suppliers with which it has an “established commercial” relationship. The vigilance plan must include five components: risk mapping to identify, analyze and rank risks of adverse impacts; procedures for regular assessment of subsidiaries and subject suppliers and subcontractors; measures to mitigate or prevent serious harm; whistle-blowing mechanisms; and monitoring/evaluation of these measures’ efficacy. This French legislation has had a significant impact, but proposals have been made to strengthen it.
[6] Regulated financial-sector entities would have to make this analysis only at the outset of providing services to clients.