Green Export

Supply chain due diligence legislation of the European Union: Due diligence obligations of regulated companies

Article 5 of the Directive requires regulated companies to implement risk-based due diligence regarding human rights and the environment through the following activities:

- Integrate supply chain due diligence into the company’s policies and risk management systems;

- Identify and assess actual or potential adverse human rights and environmental impacts, and prioritize risks if necessary;

- Prevent and mitigate potential adverse impacts, terminate actual adverse impacts, and minimize the scale of impacts;

- Implement measures to remedy actual adverse impacts;

- Facilitate meaningful participation of stakeholders;

- Establish and maintain a notification mechanism and a complaints procedure;

- Monitor the effectiveness of policies and due diligence measures;

- Disclose information on due diligence activities.

The detailed content of due diligence obligations that EU Member States must ensure companies implement is specified in Articles 7 to 16 of the Directive, summarized in Table below.

Compared with Germany’s SCDDA, the due diligence obligations under the Directive are greater in number and more complex in nature. For example, while German law only requires preventive/mitigating measures, the EU Directive also includes measures to mitigate, terminate, or reduce adverse impacts.

Note: Due to the nature of the Directive (applicable only to Member States), the due diligence obligations set out for companies are only basic requirements that Member States must implement in national law. Member States may define more specific or even stricter requirements for companies in their domestic legislation.

Table: Summary of supply chain due diligence obligations under the EU CSDDD

Obligation    

Requirements for regulated companies            
1. Integrate supply chain due diligence into the company’s policies and risk management systems                                     

Integrate supply chain due diligence into (i) all relevant policies, and (ii) the risk management system.

-    Establish a dedicated risk-based supply chain due diligence policy covering all required content.

-    Update due diligence policies promptly when major changes occur; review at least once every two years.       
2. Identify and assess adverse impacts, determine priority areas

2.1. Identify and assess actual/potential adverse impacts in the operations of (i) the company, (ii) subsidiaries, and (iii) business partners in the supply chain, including:
-    Map business activities to identify areas most prone to or most severe adverse impacts (high-risk areas).
-    Conduct in-depth analysis of high-risk areas.
2.2. Prioritize risk areas based on likelihood and severity after assessment.                                                                                            
3. Prevent, mitigate, and terminate adverse impacts 3.1. Based on results from Obligation 2, implement preventive, mitigating, or terminating measures for potential/actual adverse impacts:
-    Develop and implement prevention action plans.
-    Require direct partners to sign contracts committed to compliance with codes of conduct and prevention plans.
-    Adjust or upgrade facilities and production processes as necessary.
-    Modify or improve plans, strategies, and operations.
-    Support SME partners.
-    Cooperate with other actors to enhance prevention effectiveness.
3.2. Terminate actual adverse impacts or reduce their scope:
-    Disable or reduce the scope of impacts
-    Apply measures similar to those in 3.1.
3.3. Do not start new or expand existing relationships with partners if potential/actual adverse impacts cannot be prevented, mitigated, or terminated (with specific conditions).
4. Remedy actual adverse impacts    -    Remedy actual adverse impacts caused or contributed to by the company.
-    Support or pressure partners to remedy adverse impacts if caused solely by the partner.
5. Stakeholder consultation   Consult stakeholders (organizations or individuals who may or have been affected) when implementing due diligence, especially regarding Obligations 2-4.
6. Establish and maintain a notification mechanism and complaints procedure

6.1. Complaints procedure:
-     Allow affected or potentially affected individuals/organizations, unions/representatives, or related civil society actors to submit complaints regarding adverse impacts from the company, subsidiaries, or partners.
-     Ensure fair, public, and transparent complaint handling.
-     Maintain confidentiality and prevent retaliation against complainants.

6.2. Notification mechanism:
-     Allow all actors with information or concerns about adverse impacts to notify the company.
-     Maintain confidentiality or anonymity of the notifier.
7. Regular monitoring Monitor the activities of the company, subsidiaries, and partners at least annually or when significant changes or new risks arise:
-     Evaluate implementation, adequacy, and effectiveness of activities under Obligations 2–4.
-     Base monitoring on appropriate quantitative and/or qualitative criteria.
-     Update policies and preventive/remedial measures after monitoring/evaluation results, if necessary.
8. Public disclosure and record-keeping

8.1. Public disclosure
Publish an Annual Statement on the company website reporting on due diligence implementation.
-       The statement must include required content.
-       Publication deadline: no later than 12 months after the end of the relevant financial year.

8.2. Record-keeping
Retain documents and evidence of all due diligence activities for 5 years to demonstrate compliance.

Source: Compiled by the TTWTO-VCCI Research Group

More stories