Companies news
Corporate Sustainability Due Diligence Directive Explained: Corrs Chambers Westgarth's Guide for Australian Enterprises
Corrs Chambers Westgarth provides essential insights for Australian enterprises on navigating the EU's CSDDD.
The European Union's (EU) Corporate Sustainability Due Diligence Directive (CSDDD) was formally adopted by the EU Parliament in April. The CSDDD requires EU members states to implement legislation in accordance with the articles of the CSDDD to require In Scope Entities to conduct extensive due diligence to identify adverse business impacts on people and the environment. The CSDDD is one of the most significant corporate responsibility reforms in recent years and its impact will be felt far beyond the EU, including here in Australia.
Australian businesses will be impacted one of three ways – (1) directly in scope (“In Scope Entity”), (2), by having a directly in scope EU based parent company, or (3) by supplying goods or services to a directly in scope entity or their subsidiary. Corrs Chambers Westgarth, who has worked with clients to implement governance frameworks and due diligence systems following the introduction of similar legislation in individual EU member states (e.g. the German Supply Chain Due Diligence Act) provides a summary for Australian businesses on navigating the new law and what it will mean for Australian businesses below.
CSDDD’s objectives
The CSDDD is a legal framework by which certain large EU and certain non-EU companies (“In Scope Entities”,) must:
- take responsibility for actual and potential adverse human rights and environmental impacts through conducting risk-based human rights and environmental due diligence to identify, assess, cease, prevent, mitigate and remediate those impacts within their own operations, the operations of their subsidiaries and the operations of their direct and indirect business partners within the chain of activities of the In Scope Entity;
- monitor effectiveness of due diligence efforts; and
- issue an annual report covering the due diligence and related requirements of the CSDDD.
‘Chain of activities’ includes the activities of upstream and downstream direct and indirect business partners relevant to the In Scope Entities’ operations (though downstream activities are more limited in scope). Direct business partners are those with whom the In Scope Entity has a commercial agreement and indirect business partners are those where no commercial agreement exists but who perform certain business operations.
Actual and potential adverse human rights and environmental impacts are defined by reference to certain human rights enshrined in international instruments and certain international environmental prohibitions and obligations, both referenced in the CSDDD. They are wide ranging and include modern slavery, child labour, exploitation, adequate housing, freedom of thought, discrimination, biodiversity loss, pollution and destruction of natural heritage.
Once adopted by each EU member state, the CSDDD will become binding on In Scope Entities.
Mandatory requirements for In Scope Entities (whether based in the EU or Australia)
Unlike traditional corporate due diligence which is aimed at identifying and mitigating risks to the business, the objective of the CSDDD is to identify and mitigate risks to people and the environment. It requires an enterprise-wide approach to the governance of human rights and environmental risks and consultation with an entity’s stakeholders to inform each stage of the due diligence process.
Key requirements for In Scope Entities include:
- implementing a climate change mitigation transition plan aligning the entity’s business model and strategy to compatible with the Paris Agreement global warming scenario of 1.5°C;
- integrating human rights and environmental due diligence into relevant company policies and risk management systems;
- identifying and assessing actual and potential adverse impacts from their own operations, their subsidiaries, and where impacts are related to their chain of activities, their business partners’ actual and potential impacts;
- taking a risk-based approach to prioritising responses to actual and potential adverse impacts by focussing on areas where adverse impacts most likely to occur and be the most severe;
- prioritising identified actual and potential adverse impacts based on severity and likelihood of adverse impact and addressing those impacts within a reasonable time;
- taking steps to prevent adverse impacts, including preparation of a preventative action plan that includes qualitative and quantitative indicators for measuring improvements or seeking contractual assurances from direct business partners;
- bringing actual adverse impacts to an end or minimising the extent of any ongoing impact, and developing a corrective action plan which may also include seeking contractual assurances from business partners or making investments in facilities, production, operational processes and infrastructure;
- remediation of actual adverse impacts;
- conducting meaningful engagement with stakeholders at each stage of the diligence process;
- establishing a notification mechanism and complaints procedure; and
- monitoring the adequacy and effectiveness of diligence procedures and conducting an annual assessment.
Significant penalties will apply for non-compliance, based on a company’s net worldwide turnover. In Scope Entities may be held civilly liable for intentional or negligent failure to comply with a preventative or corrective action plan causing harm to a person (including legal person) and may also be held jointly and severally liable for damage caused jointly by subsidiaries or business partners.
Effects on Australian businesses
Australian subsidiaries of In Scope Entities
Our experience advising Australian subsidiaries of German parent companies subject to the German Supply Chain Due Diligence Act suggests that In Scope Entities will require their subsidiaries to implement the substantive requirements of the CSDDD in full. This will be challenging for many Australian businesses who are not subject to the same regulatory requirements, who may have inconsistent Australian law obligations or challenging operating environments and who until now have not been required to have in place either climate transition plans or holistic frameworks that operationalise human rights and environmental due diligence.
Doing business with In Scope Entities
The CSDDD’s prescriptive requirements will also have a significant impact on Australian businesses doing business with In Scope Entities. Impacts may include:
- requests for emissions data to enable In Scope Entities to assess alignment of their transition plan to a global warming scenario of 1.5°C;
- the imposition of stringent contractual terms in supply and other commercial agreements, as a result of In Scope Entities seeking to ensure business partners and suppliers adopt practices directed to preventing adverse human rights and environmental impacts, including relating to reducing emissions, for example requiring direct business partners to adhere to prevention and/or corrective action plans, contractual requirements to notify risks and incidences of adverse human rights and environmental impacts, rights to inspect records including transition plans or to impose other methods of verifying compliance with human rights and/or environmental standards; and
- requirements to indemnify In Scope Entities against losses caused by intentional or negligent failure to comply with a preventative or corrective action plans imposed by the In Scope Entity.
Because the Australian regulatory framework for human rights and environmental impacts (including climate change) is less developed than the EU, we expect Australian businesses will require significant uplift to existing approaches to managing human rights and environmental risks to respond to likely impacts of the CSDDD.
Phased implementation
Once fully implemented, the CSDDD will apply to an estimated 5,500 companies with operations in the EU. It will be introduced in three phases from 2027, giving In Scope Entities and other impacted entities between three and five years to prepare:
- from 2027: EU companies with over 5,000 employees and revenue greater than €1.5 billion, and non-EU companies satisfying the revenue threshold within the EU;
- from 2028: EU companies with more than 3,000 employees and greater than €900 million revenue, and non-EU companies satisfying the revenue threshold within the EU; and
- from 2029: EU companies with 1,000 or more employees and an annual turnover of €450 million, and non-EU companies satisfying the revenue threshold within the EU.
Preparing for the CSDDD
Impacted Australian businesses should take steps to understand how and when they are likely to be impacted to ensure that they are able to maintain (or exploit in the future) EU relationships and distribution networks for example:
- liaising with EU based parent companies or EU based business partners to understand if they are In Scope Entities and when their respective obligations commence;
- understanding the scope of contractual obligations likely to be imposed by EU parent companies/investors and business partners;
- assessing readiness by conducting a gap analysis between likely impacts and current human rights and environmental risk management frameworks, for example the OECD Guidelines for Multinational Enterprises on Responsible Business Conduct and the United Nations Guiding Principles on Business and Human Rights.
Australian businesses with a high dependence on supplying to or trading in EU markets should assess their readiness by understanding the scope of uplift required to existing practices. Doing so early may also provide a competitive advantage. Conversely, delay will mean limited time within which to design and implement enterprise-wide human rights and environmental due diligence and may ultimately expose the business to potential loss of EU generated revenue streams.
Source: Corrs Chambers Westgarth