On 23 February 2022, the EU Commission presented a draft directive on sustainability-related due diligence obligations for companies (Proposal for a Directive of the European Parliament and of the Council on Corporate Sustainability Due Diligence and amending Directive (EU) 2019/1937 (COM 2022) 71, available at: https://ec.europa.eu/info/publications/proposal-directive-corporate-sustainable-due-diligence-and-annex_en), the aim of which is to take human rights and environmental concerns into account in corporate governance and business operations. Companies are to be required to establish processes that enable the identification and mitigation of adverse impacts of the company’s own business operations and their global value chains on these issues.
The requirements are similar to the German Supply Chain Sourcing Obligations Act (German Act on Corporate Due Diligence to Prevent Human Rights Violations in Supply Chains (German Supply Chain Due Diligence Act) of 16 July 2021, published in the Federal Law Gazette I, page 2959.), which comes into force on 1 January 2023, but in some aspects go even further.
The scope covers companies (this refers to corporations and partnerships as defined in Annex I and Annex II of the Accounting Directive (Directive 2013/34/EU of 26 June 2013, OJ EU No. L 182, p. 19) as well as regulated financial undertakings (such as credit institutions, investment companies and insurance undertakings), which are incorporated under the law of an EU Member State and that
- employ an average of more than 500 employees and achieved a total worldwide net turnover of more than EUR 150 million in the last fiscal year, or
- employ an average of more than 250 employees and achieved a total worldwide net turnover of more than EUR 40 million in the last financial year, if at least 50% of this net turnover is attributable to a sector that is “particularly affected” (see under Art. 2 para. 1 lit. b of the draft Directive),
and companies incorporated under the laws of a third country if their net sales in the EU in the fiscal year before last
- exceeded EUR 150 million, or
- exceeded EUR 40 million and at least 50% of global net sales were generated in one of the above-mentioned particularly affected sectors.
Obligations of the companies and their management
Integration in corporate policies
The companies shall integrate environmental and human rights due diligence into all their corporate policies and maintain a Due Diligence Policy that shall be updated annually and include the following:
- a description of the company’s approach to due diligence,
- a Code of Conduct with requirements for employees and subsidiaries,
- a description of the implementation process, including the measures envisaged to verify compliance with the Code of Conduct and its application in the context of “established business relationships” (see under Art. 3 lit. b of the draft directive).
Identifying adverse impacts
Companies should take appropriate measures to identify actual or potential adverse impacts on human rights and the environment arising from their own operations, the operations of their subsidiaries or, within their value chain, from their established business relationships. Companies that are only included in the scope of application because they generate turnover in a particularly vulnerable sector (see above) may limit their due diligence to that sector. Financial services companies providing credit, lending or other financial services must identify the (potential) impact before providing the respective service.
The identification measures should be carried out before starting new or changing existing business operations or relationships, as well as in case of (expected) changes in the business environment. In the context of existing business operations or relationships, a regular, at least annual, examination should take place.
Measures to eliminate, prevent and mitigate adverse impacts
Where companies have identified actual or potential adverse impacts, they shall take appropriate measures to prevent or eliminate such impacts or, where this is not possible, at least minimise them.
Companies can be obliged to take the following measures:
- Compensation payments to affected persons or entities,
- Develop prevention or remediation plans with clearly defined deadlines and indicators for improvement,
- Assurances from business partners that they will abide by the company’s Code of Conduct and, if applicable, remediation or prevention plans (for this purpose, the Commission shall provide model contractual clauses),
- Investments into management or production processes and infrastructure,
- Provide targeted and proportionate support to small and medium-sized enterprises with which there is an established business relationship, if compliance with the Code of Conduct or a remedial or preventive plan would jeopardise the viability of those enterprises,
- Collaborate with other entities in compliance with Union law.
To the extent that these measures are not sufficient, the company may be required to also contract with indirect business partners to achieve compliance with its Code of Conduct or, where applicable, compliance with a prevention or remediation plan. Furthermore, there may be obligations not to expand, temporarily suspend or, as a last resort, terminate the relevant business relationships.
Companies should establish a process for lodging complaints which is available in particular to persons (potentially) affected by the impacts, trade unions and other representatives of workers in the value chain, as well as civil society organisations active in areas related to the value chain. If a complaint proves to be well-founded, the remedial measures described above must be taken.
The complainant shall also have the right to discuss the subject matter of the complaint with representatives of the company.
Companies shall regularly (at least every 12 months and on an ad hoc basis) review the effectiveness of their measures. The results should be incorporated into the Due Diligence Policy.
Companies that are not already obliged to report on CSR under the national laws implementing the Accounting Directive (Directive 2013/34/EU of 26 June 2013, OJ EU No. L 182, p. 19.) will be required to prepare an annual report on the implementation of the new due diligence requirements and make the respective report available on their website by 30 April of the following year. The Commission will specify the content of these reports.
Climate protection measures
Companies incorporated under the law of an EU Member State, employing on average more than 500 employees and having a worldwide net turnover in the last financial year of more than EUR 150 million, as well as third country companies with a net turnover in the EU of more than EUR 150 million, are also required to develop a plan to bring their business into compliance with the Paris Agreement and, where appropriate, to include emission reduction targets.
The fulfilment of these obligations shall be taken into account when determining variable remuneration for directors if the variable remuneration is linked to the director’s contribution to the business strategy, long-term interests and sustainability of the company.
The directors of the company concerned are responsible for the implementation of the envisaged due diligence measures, in particular the introduction of the due diligence policy. Member States should ensure that, in fulfilling their obligation to act in the best interests of the company, directors should take into account the short, medium and long-term consequences of their actions in relation to sustainability issues, including human rights, climate change and environmental impact.
Supervisory authorities and authorised representative
Member States shall designate one or more supervisory authorities to monitor compliance with the Directive. These authorities shall be provided with the necessary powers, including the power to request information and to initiate investigations.
Whistleblowers must be given the right to notify the relevant authority of a justified suspicion of a breach of an entity’s obligations and, if there is a legitimate interest, to have the authority’s decision reviewed by an impartial public body. Each covered entity shall designate a special representative to communicate with the supervisory authority.
Consequences of non-compliance
Liability for damages
Companies that breach their due diligence obligations shall be liable for damages caused by an adverse impact that could have been prevented, eliminated or mitigated if the obligations had been fulfilled.
The entity should not be liable for damage caused by the activities of an indirect business partner if it has taken the prescribed measures (see above). In that case, the entity could only be held liable if it could not reasonably be assumed that such measures would be sufficient in the individual case.
In assessing both the existence and the extent of any liability, account should be taken of the entity’s efforts to fulfil the existing obligations as well as investments made and support measures taken to remedy adverse effects in the value chain.
Sanctions and administrative fines
In addition to liability for damages, breaches of due diligence obligations may also lead to the imposition of other sanctions and fines, calculated on the basis of the company’s turnover.
The final version of the Directive is expected to enter into force in 2023, with a further two years for Member States to transpose it into national law. However, affected companies should start early with the establishment of appropriate processes to ensure compliance with their due diligence obligations.