Skip to main content

      The European Union legislative process has concluded: the Corporate Sustainability Due Diligence Directive (CSDDD) has been published. Member states must transpose the directive within two years.

      The concerned companies – including third-country companies – will be required to identify environmental and human rights adverse impacts with respect to their own operations, the operations of their subsidiaries, and the operations carried out by their business partners in the chains of activities of those companies. Their responsibilities will include preventing, mitigating, or remediating these adverse impacts, operating a complaint handling mechanism, and preparing a transition plan for climate change mitigation.

      Concerned companies

      The directive applies to those European Union or third-country companies that exceed certain thresholds regarding the number of employees and net turnover.

      • Companies in the European Union: Companies with more than 1,000 employees and an annual net worldwide turnover of more than EUR 450,000,000, as well as the ultimate parent companies of corporate groups meeting this threshold, will be obligated. Additionally, the directive also applies to companies operating under franchise or license agreements based on the amount of annual royalties and net worldwide turnover.
      • Companies outside of the European Union: Third-country companies with an annual net turnover of EUR 450,000,000 in the European Union will also be obligated. The directive also obligates the ultimate parent companies of corporate groups meeting this threshold, as well as companies operating in the European Union under franchise or license agreements.

      For these companies, the directive prescribes two main obligations: conducting sustainability due diligence and preparing a transition plan for climate change mitigation.

      Sustainability due diligence obligation

      Companies are required to conduct risk-based human rights and environmental due diligence to identify actual and potential adverse impacts arising from their own operations, the operations of their subsidiaries, and the operations carried out by their business partners. They must examine whether they comply with specific human rights and environmental requirements outlined in the directive's annex. Examples include ensuring the right to liberty and security under the International Covenant on Civil and Political Rights, and prohibiting illegal waste handling as per the Minamata Convention. To achieve this, companies must establish their own internal due diligence and risk management system focusing on human rights and environmental considerations.

      Subsequently, they must take appropriate measures to prevent the potential adverse impacts and to eliminate the actual adverse impacts identified during the risk assessment. Examples of such measures may include requesting contractual assurances, implementing financial or non-financial investments and upgrades, or even as a last resort, suspending or terminating business relationships. Additionally, if the company has caused actual adverse impacts, it must ensure remediation. The risk management system should operate through annual regular assessments, with extraordinary risk assessments conducted as warranted.

      Companies are required to conduct a full assessment of their entire chain of activities, which according to the law includes the 'upstream' chain of activities (supplier activities) and the 'downstream' product-related activities throughout the product's lifespan. However, this legislation does not extend to the disposal of products after their lifecycle. There is an exception for the financial sector, where the regulations apply only to the 'upstream' chain of activities.

      Finally, companies are also required to establish a notifcation mechanism and complaints procedure allowing a broad range of stakeholders to report concerns regarding adverse impacts. If an existing complaint handling mechanism is in place, it will need to be supplemented with environmental and human rights considerations. Additionally, companies must regularly assess the adequacy and effectiveness of their measures, and – if they are not subject to sustainability reporting requirements under the CSRD – report annually on these activities on their website.

      In addition to sanctions (such as fines) that can be imposed by authorities, the directive also addresses the civil liability of companies. Companies can be held liable for damages caused to natural or legal persons as a result of breaching their obligations to prevent or mitigate adverse impacts, and they may be required to fully compensate for the damage caused. Trade unions and non-governmental human rights and environmental organizations may also be authorized to enforce the rights of the alleged injured parties.

      Contribution to combating climate changes

      In addition to conducting sustainability due diligence, companies will also be required to adopt a transition plan for climate change mitigation. This plan must ensure that their business model and strategy is compatible with limiting global warming to 1.5°C as outlined in the Paris Agreement and with the European Union's climate neutrality targets. Among other things, the plan must detail explanations and quantifications of investments and funding supporting its implementation.

      Expected market impacts and consequences

      In addition to imposing various obligations on concerned companies, the legislation can also create opportunities and exploitable business advantages through induced developments. Conducting sustainability assessments within the chain of activities and establishing a complaint handling mechanism can timely reveal severe human rights and environmental adverse impacts, which if disclosed, could significantly damage the reputation and revenue of companies through customer boycotts. Establishing an internal audit system promotes conscious and effective development in environmental, social, and corporate governance aspects for companies. With a transition plan for climate change mitigation, companies can better prepare for climate-related consequences and capitalize on the opportunities in the sustainability transition.

      Transposition and applicability

      Member states have two years to transpose the directive and establish detailed rules. Additionally, specific guidelines will be prepared within 30-36 months to support the implementation and practical application of the legislation. In Hungary, a framework similar to that established by the CSDDD has already been developed, regulated by the ESG Act, which assesses and manages environmental and social responsibility risks for companies. Based on regulatory communication, it is expected that the transposition of the CSDDD will align with or possibly modify the provisions of the ESG Act.

      After transposition, the provisions of the directive will gradually become applicable based on thresholds defined by the number of employees and annual net turnover. Companies exceeding the largest thresholds of 5,000 employees and 1,500 million euros in turnover will be required to comply with the requirements from 2027 onwards, those exceeding thresholds of 3,000 employees and 900 million euros in turnover from 2028 onwards, and by 2029, the regulations will apply to all concerned companies.

      Environmental, Social and Governance (ESG) insights and services
      Read more

      We have made it a priority to deliver integrated legal advice that simultaneously recognize business priorities.
      Read more

      Contact us

      Gera Anna
      dr. Anna Gera

      Associate

      KPMG Law Béli Attorneys at Law

      dr. Fanni Márkus
      dr. Fanni Márkus

      Senior associate

      KPMG Law Béli Attorneys at Law