The Directive on Corporate Sustainability Due Diligence - CSDDD was adopted by the competent EU authorities on June 13, 2024, with effect from July 25, 2024.

Similar to the German SCDDA, although the responsibility for due diligence rests with the regulated company, most of the core due diligence obligations (such as identifying, preventing, mitigating, terminating, and remedying adverse impacts) under the EU Directive must be implemented not only within the company’s own operations and its subsidiaries, but also across the supply chain with the participation of business partners (suppliers) engaged with the company.

However, unlike the German SCDDA, the EU Directive, except for a few minor exceptions, applies due diligence obligations to partners (suppliers) in a general manner, without distinguishing between direct or indirect partners (suppliers).

1. Due diligence obligations affecting both direct and indirect partners/suppliers

The following due diligence obligations of regulated companies under the EU Directive directly and equivalently impact both direct and indirect business partners (suppliers):

- Identifying, assessing, and prioritizing impacts (Obligation 2 in Table 3 above: Articles 8-9 of the Directive require regulated companies to analyze, assess, and prioritize adverse human rights/environmental impacts in the operations of business partners. Consequently, partners/suppliers must both comply with relevant human rights/environmental standards (to avoid adverse impacts) and provide information or cooperate with the company during this due diligence process.

Note: In the Draft Amendment of the Directive (February 2025), this obligation was proposed to apply only to direct partners/suppliers (i.e., excluding indirect partners/suppliers). This implies that Obligations 3 and 4 (from the Table above) might also not apply to indirect partners/suppliers (as these obligations rely on adverse impacts identified, assessed, and prioritized under Obligation 2).

- Preventing, mitigating, or ending adverse impacts (Obligation 3 in Table 3 above):

Articles 10–11 of the Directive require regulated companies to implement certain measures to prevent, mitigate, or end potential/actual adverse impacts occurring within the operations of partners/suppliers. Therefore, the relevant partners/suppliers are responsible for cooperating with the company in implementing these measures.

Specifically, the company may need to apply a final measure - refraining from initiating or expanding existing business relationships with partners/suppliers where potential/actual adverse impacts occur under certain conditions.

- Implementing remedial measures (Obligation 4 in Table 3 above):

According to Article 12 of the Directive, regulated companies must directly implement remedial measures for adverse impacts occurring in the activities of partners/suppliers if the company is at fault.

In cases where the fault lies entirely with the partner/supplier, the company may either voluntarily carry out remedial measures itself or require the relevant partner/supplier to implement the remedial measures.

Thus, if the company is responsible for causing the adverse impact, the partner/supplier must implement the remedial measures themselves (possibly with support, guidance, or direction from the company). If the company is not at fault, the partner/supplier may still be required to cooperate with the company in carrying out the remedial measures.

2. Due diligence obligations with different impacts on direct vs. indirect partners/suppliers

In the Directive, the measure requiring partners/suppliers to sign a commitment (via contract) to implement the company’s Code of Conduct or Action Plan to prevent adverse impacts (hereinafter referred to as the “compliance commitment measure”) is the only provision designed differently for direct and indirect partners.

Specifically, the Directive differentiates the timing of this measure between direct and indirect partners/suppliers:

- For direct partners/suppliers: This measure is part of the group of measures that must be implemented immediately if relevant.

- For indirect partners/suppliers: This measure applies only if the company determines that other measures cannot prevent, mitigate, or cease potential/actual adverse impacts related to the indirect partner/supplier.

Apart from the timing difference, other rules related to this measure are designed identically for both direct and indirect partners. Specifically, the regulated company must ensure:

- There are appropriate measures to monitor the partner’s/supplier’s compliance with the commitment (e.g., via independent third-party monitoring, or common channels of stakeholders or the industry).

- For partners that are SMEs: The regulated company must (i) ensure the commitment content is fair, reasonable, and non-discriminatory; (ii) consider simultaneously implementing other support measures for SMEs; and (iii) bear the cost of compliance monitoring by an independent third party (if the partner/supplier participates in sharing part of the cost, the company must allow them to access the monitoring results).

Source: Compiled by the TTWTO-VCCI Research Group

• Definition of “Supply chain due diligence”
• Regulations on supply chain due diligence
• Characteristics of Supply chain due diligence
• Supply chain due diligence in international organization documents
• European Union supply chain due diligence regulations