Hostname: page-component-cd9895bd7-hc48f Total loading time: 0 Render date: 2024-12-24T17:57:10.342Z Has data issue: false hasContentIssue false

The Unintended Consequences of the EU Corporate Sustainability Due Diligence Directive

Published online by Cambridge University Press:  16 December 2024

Jowita Mieszkowska*
Affiliation:
Legal Adviser, Global Rights Compliance Foundation, The Netherlands. Contact: [email protected].
Rights & Permissions [Opens in a new window]

Extract

On March 15, 2024, the Corporate Sustainability Due Diligence Directive (CSDDD or Directive) was adopted by the EU Council.1 This Directive represents the EU's first piece of mandatory due diligence legislation governing the responsibilities of companies for human rights due diligence and transition plans for climate mitigation. It also codifies the principle that “all businesses have a responsibility to respect human rights, which are universal, indivisible, interdependent and interrelated.”2 The Directive broadly follows the framework of the non-binding UN Guiding Principles on Business and Human Rights (UNGPs) which first introduced the concept of human rights due diligence.3 The CSDDD requires that businesses incorporate human rights due diligence into policies,4 identifying, assessing, preventing, mitigating, and ending actual and potential adverse human rights impacts,5 remedying any impacts and monitoring the effectiveness of these processes.6 The Directive also introduces significant sanctions for non-compliance.7

Type
Essay
Creative Commons
Creative Common License - CCCreative Common License - BY
This is an Open Access article, distributed under the terms of the Creative Commons Attribution licence (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted re-use, distribution, and reproduction in any medium, provided the original work is properly cited.
Copyright
Copyright © The Author(s) 2024. Published by Cambridge University Press for The American Society of International Law

On March 15, 2024, the Corporate Sustainability Due Diligence Directive (CSDDD or Directive) was adopted by the EU Council.Footnote 1 This Directive represents the EU's first piece of mandatory due diligence legislation governing the responsibilities of companies for human rights due diligence and transition plans for climate mitigation. It also codifies the principle that “all businesses have a responsibility to respect human rights, which are universal, indivisible, interdependent and interrelated.”Footnote 2 The Directive broadly follows the framework of the non-binding UN Guiding Principles on Business and Human Rights (UNGPs) which first introduced the concept of human rights due diligence.Footnote 3 The CSDDD requires that businesses incorporate human rights due diligence into policies,Footnote 4 identifying, assessing, preventing, mitigating, and ending actual and potential adverse human rights impacts,Footnote 5 remedying any impacts and monitoring the effectiveness of these processes.Footnote 6 The Directive also introduces significant sanctions for non-compliance.Footnote 7

While the shift to mandatory human rights due diligence (HRDD) has been welcomed by both businesses and civil society, the CSDDD may have unintended consequences. In particular, the trickle-down provisions of the Directive may result in a rushed termination of business partners and regions in developing states and emerging markets within perceived high-risk areas and sectors, e.g., areas in armed conflict. Second, the Directive's reporting and other requirements may also lead to prohibitive compliance costs for smaller business partners operating within the supply chains of larger companies leading to additional costs and potential loss of business. Finally, the Directive might prevent more progressive efforts to protect human rights in national jurisdictions.

What Are the Likely Unintended Consequences of the CSDDD?

Although EU member states have not yet transposed the Directive into their national law, it is expected that the CSDDD may lead to three major unintended consequences resulting from irresponsible de-risking and disengagement.Footnote 8 First, as highlighted in the Commission's Impact Assessment conducted in preparation for the Directive, implementation could lead to the disengagement of EU companies from suppliers and jurisdictions that are perceived as being too “high risk.”Footnote 9 In turn, this may have an unintended impact leading to termination of contracts, job losses, or supply chains shifting to less regulated jurisdictions.

Second, the Directive may result in the pushing of the costs of compliance to business partners located further down the chain of activities of EU companies in low and middle-income jurisdictions, as well as an increase in compliance verification costs. This trickle down-effect may lead to larger compliance costs and regulatory burden on small and middle-sized enterprises (SMEs),Footnote 10 as well as businesses of various sizes across the globe.

Third, the harmonization of the EU's sustainability framework is already having effects in stifling more progressive national efforts on human rights protection. In July 2024, for instance, Germany's governing coalition agreed to reduce the scope of the German Supply Chain Act in order to conform with the CSDDD.Footnote 11 Only a third of the companies currently covered by the German Supply Chain Act will come within the new, reduced scope of German domestic law.Footnote 12 Commentators fear that, in practice, pending complaints before the German authorities would be left in a legal limbo as the company against whom the complaint is brought will be released from its human rights obligations.Footnote 13

The Quick Fix: A Rushed Exit

The first unintended consequence of the EU's legislation is a potential exodus of companies from certain high-risk regions and thereby, an exacerbation of existing adverse human rights and labor conditions in these jurisdictions. This might be either because suppliers will shift to buying countries with less stringent regulations, or because orders will dry up altogether.Footnote 14

In many cases, disengagement from business relationships is necessary and warranted. In situations where a business risks “being involved in gross abuses of human rights such as international crimes, [a business] should carefully consider whether and how it can continue to operate with integrity in such circumstances.”Footnote 15 For example, human rights organizationsFootnote 16 have consistently called for complete and immediate business disengagement from the Xinjiang Uygur Autonomous Region (XUAR) in China. This is because of “the severity of the adverse impacts” and because “there are no valid means for a company to ensure a supplier operating in XUAR is not sourcing forced labour-tainted minerals, as these state-sponsored practices are broadly implemented in the region.”Footnote 17

However, there may also be valid reasons to remain (or make efforts to find a responsible alternative) in an otherwise challenging context. For example, a complaint submitted to the Norwegian National Contact Point on Responsible Business Conduct alleged that Telenor SA's proposal to sell its Myanmar subsidiary to an entity with alleged links to non-state actors accused of wrongdoing would exacerbate human rights violations.Footnote 18

The Directive includes several provisions governing a company's decision to terminate a relationship with a business partner, stressing that this should be a “last resort” measure. A company may terminate a relationship if the measures it has put in place to prevent, end, or mitigate the impact have failed. As noted by the UN Office of the High Commissioner for Human Rights, in situations where a business risks “being involved in gross abuses of human rights such as international crimes, [a business] should carefully consider whether and how it can continue to operate with integrity in such circumstances.”Footnote 19 Prior to making these decisions, companies are required to assess whether the impact of the termination is manifestly more severe than the adverse impact that could not be prevented or mitigated.Footnote 20 Hence, for example, where a company is providing essential services to a civilian population during an armed conflict, or if the business assets will become nationalized and be repurposed for the furtherance of the war effort, the impact of termination may be more severe than continuing to operate.Footnote 21 In these cases, the company is not required to terminate the relationship, and is entitled to inform the relevant supervisory authority of its reasons.

However, what this will look like in practice could be widely different from the situation envisaged by the Directive. Faced with the threat of sanctions as well as civil liability, many companies may resort to quick fixes by terminating relationships with individual suppliers and even entire countries or regions, leading to severe systemic impacts.Footnote 22 This approach, rather than working with suppliers and stakeholders to address shortcomings, puts the livelihoods of downstream workers at risk if companies switch suppliers or sourcing countries.

Disproportionate Compliance Costs for Downstream Business Partners of Large Companies

Compliance with the Directive will require additional financial and administrative resources, including from impacted companies. At the same time, the Directive allows companies to push at least some of these costs onto their suppliers.

Under Article 7 of the Directive, companies will be required to develop a code of conduct applicable to their own operations, subsidiaries, and business partners.Footnote 23 To demonstrate compliance with the code, the company has to seek contractual assurances from its direct business partners and in some cases also indirect business partners (i.e., entities with whom it has not entered into a contract)—that they will comply with the code.Footnote 24 As part of this process, the company will also have to establish a procedure to verify compliance of its business partners. Only where the business partner is an SME will verification costs be borne by the company in its totality.Footnote 25

Increased Verification May Lead to More Social Audits and Higher Costs for Business Partners

The Directive's inclusion of a verification process in Articles 10 and 11 is likely to lead to two results: continued reliance on external social auditing, despite well-documented evidence of its failures, and an aggravated compliance burden on suppliers. Social auditing is the most common practice used by companies to verify compliance with human rights obligations. It has been heavily criticized both methodologically and substantively.Footnote 26 In broad terms, social auditing is a practice of analyzing, measuring, and reporting on an organization's social performance by scrutinizing non-financial activities that affect stakeholders.Footnote 27 Although there is no uniform standard of how to conduct audits, in most cases, visits are pre-announced and therefore are unable to meaningfully capture the reality on the ground. Where auditors conduct interviews with workers (which is rare), these are led in the presence of factory managementFootnote 28 and workers are often told to misrepresent their conditions.Footnote 29 The nature of these interviews is unlikely to result in reliable evidence collection. This is especially true in the case of human rights violations, which require a longer-term or sensitive approach to be properly identified, such as child labor, sexual harassment, lack of freedom of association, and forced labor.Footnote 30 In most cases, payments for audits will also fall on the supplier, which has the potential to undermine the credibility of the audit, and has additional cost implications.Footnote 31

In addition, verification processes are likely to add to the existing compliance burden faced by many suppliers and lead to audit fatigue. A recent survey of 525 audited facilities found that a typical factory already undergoes three to five social audits per year. Audits are paid by the factory in most cases—the costs of which range from $5,000 to $20,000 USD per year.Footnote 32 Some of the facilities surveyed reported being audited over sixteen times a year. The costs and frequency of audits are likely only to increase with the advent of mandatory due diligence requirements.

This imposition of an excessive administrative and financial burden on SMEs and those operating in low- and middle-income countries could lead to their exclusion from trade activities with EU companies if they are unable to demonstrate compliance with new due diligence measures. Instead of allocating resources to increase wages or improve factory standards, businesses might dedicate resources to demonstrating compliance with company codes of conduct (including paying for additional social audits) to maintain their business relationships. Although the EU Commission plans to issue guidance on model contractual clauses for the CSDDD, it is still uncertain how risk will be distributed between the company and its business partners.

Legal Liability and Indemnity Clauses

The liability provision of the Directive also raises concern. If the in-scope company can show that the adverse human rights impact has been caused only by its business partner, it cannot be held liable. In such case it is only required to provide voluntary remediation to the impacted stakeholders for harm caused.Footnote 33 In this respect, companies may externalize the activities involving the highest amount of risk to indirect business partners further outside the reach of the CSDDD to minimize their exposure.Footnote 34

In most EU jurisdictions, the burden of proof to demonstrate that the company is responsible for the impact will rest with the claimant.Footnote 35 It is unclear whether the business partner will be joined to the litigation or entitled to provide evidence supporting that the CSDDD company was jointly responsible for the adverse impact.

In addition, the Directive is silent on the use of indemnity clauses in international contracts. Such clauses may mean that business partners may be held liable by companies if they are sanctioned for breaches of the Directive. The Directive does not include language to limit this transfer of liability onto the company's business partner and so the amounts claimed from business partners could be disproportionate to their financial viability. The EU's guidance on model contract clauses will be crucial to governing the fair allocation of liability.

EU Harmonization Stifling More Progressive National Legislation

The CSDDD is also narrower in scope than some existing national legislation. For example, the German Supply Chain Act applies to companies with at least 1,000 employees in Germany, like the CSDDD, but has no minimum turnover threshold. Following the adoption of the Directive, the German government has agreed to reduce the scope of the Act, meaning that some companies already complying with the German legislation will have their compliance requirements pushed back to 2029.Footnote 36 In addition, this change is predicted to reduce the number of companies required to conduct mandatory HRDD from 5,200 to less than 1,000.Footnote 37

Another significant effect of the CSDDD is the exemption of companies manufacturing, storing, distributing, or transporting goods subject to state export controls—including weapons and dual use military technologies—after the export has been authorized, from due diligence requirements.Footnote 38 A similar exemption could follow in national legislation where it was not previously included.

Simultaneously, the transposition of the CSDDD into domestic legislation might curb national efforts to enact laws aimed at enhancing supply chain accountability for a broader range of companies. For instance, the proposed Dutch Child Labour Due Diligence Act, which would have applied to all companies regardless of legal form or size, will no longer be implemented.Footnote 39

Conclusion

Mandatory human rights due diligence is essential to counteract the many failures of industry self-regulation. It is however, not without its unintended consequences. How the EU develops its guidance on fair purchasing policies and practices, model contractual clauses, and capacity building for SMEs will be paramount to its effectiveness and crucial to preventing the compliance burdens on business partners discussed in this piece. In addition, encouraging companies to remain in emerging and developing markets instead of enabling their irresponsible exit must be a crucial element of future implementation. Implementation of the Directive also needs to be coupled with appropriate technical assistance and capacity-building programs for upstream actors, while encouraging downstream actors to incentivize sustainable suppliers.

Then it will be left to the member states to implement the Directive into their national legal systems and develop what will hopefully be accountable and fair national authorities. At the same time, it is imperative to underline the continued relevance of the UNGPs for all companies regardless of size, sector, or geographical reach, as well as the promotion of alternative verification mechanisms to social auditing and industry-led initiatives, including community-based monitoring.

Footnotes

This essay is written in a personal capacity and the views expressed here are the author's own.

References

4 CSDDD, supra note 2, Art. 5.

5 Id.

6 Id.

7 Id. Art. 27.

9 “Lead EU companies to prioritise risk avoidance through disengagement from suppliers and producers in developing countries over meaningful engagement in risk prevention and mitigation.” Commission Staff Working Document, Impact Assessment Report, SWD (2022) 42 final, 6.1.5 (Feb. 23, 2022).

10 This regulatory burden has been identified as a significant challenge in the report from the European Commission, The Future of European Competitiveness, EC, 321 (Sept. 2024).

11 Mitschrift Pressekonferenz, Die Bundesregierung, Einigung auf Haushalt 2025 und Wachstumsinitiative (July 5, 2024).

12 Id.

16 Human Rights Watch, Asleep at the Wheel: Car Companies’ Complicity in Forced Labor in China (Feb. 1, 2024); Coalition to End Forced Labour in the Uyghur Region, 180+ Orgs Demand Apparel Brands End Complicity in Uyghur Forced Labour (July 23, 2020).

17 C4ADS & Global Rights Compliance, Fractured Veins Report: A Six-Month Review (Apr. 11, 2024).

19 OHCHR, supra note 15.

20 CSDDD, supra note 2, Art. 10(6)(b).

21 Global Rights Compliance, Conducting Business During Armed Conflict.

22 Alina Carrozzini & Luigi Lonardo, Non-contractual Liability for EU Sanctions: Towards the Normalization of CFSP, 26 Eur. For. Aff. Rev. (2021).

23 Sarah Vandenbroucke, The Role of Codes of Conduct in EU Corporate Governance, 118 AJIL Unbound 297.

24 CSDDD, supra note 2, Art. 7(2)(b).

25 Id. Art. 10(5).

27 S. S. Ghonkrokta & Anu Singh Lather, Identification of Role of Social Audit by Stakeholders as Accountability Tool in Good Governance, 7 J. Mgmt. Res. 18, (2007).

28 Nicole Dando & Tracey Swift, Transparency and Assurance: Minding the Credibility Gap, 44 J. Bus. Eth. 195 (2003).

30 Id.

31 Dara O'Rourke, Motivating a Conflicted Environmental State: Community Driven Regulation in Vietnam, in The Environmental State Under Pressure, Vol. 10 (Arthur P.J. Mol & Frederick H. Buttel eds., 2002).

33 CSDDD, supra note 2, Art. 29(1).

35 Anton Zimmermann, Access to Supply Chain Justice?, Verfassungsblog (May 27, 2024); Carsten Koenig, Human Rights or Private Rights? – Effective Protection of Victims in Global Supply Chains, 118 AJIL Unbound 269 (2024).

37 Id.

38 CSDDD, supra note 2, (25).

39 David Ollivier de Leth & Joseph Wilde-Ramsing, Law of Unintended Consequences: Rejection of the EU Due Diligence Directive Will Bring Back Dutch Child Labour Act, Driving Legal Fragmentation, Business & Human Rights Resource Centre (Mar. 5, 2024).