Contents
Introduction
- Which companies are in scope of the CS3D?
- What are the obligations imposed by the CS3D?
- Due diligence
- Climate change mitigation
- What is the cost of non-compliance?
- When do these rules start applying to which companies?
As part of the European Union (EU)'s European Green Deal, one of the areas of EU law that has developed most rapidly and profoundly is that relating to corporate sustainability governance. This area focuses on shaping companies' management of environmental, social, and governance (ESG) matters. A number of EU laws in this area have already been adopted – most notably the Corporate Sustainability Reporting Directive (CSRD)1 and the Taxonomy Regulation2.
Most recently, the Corporate Sustainability Due Diligence Directive (CS3D), has been provisionally agreed at a political level in December 2023, and confirmed by COREPER in a revised version in March 20243. The final text of the CS3D must still be formally adopted by the European Parliament and the Council of Ministers before it will enter into force.
Compared to the agreement reached in December, the revised compromise of March 2024 has been scaled back. Most notably, it will apply to fewer companies and its application will be delayed. Despite this, it remains a very ambitious new law that is bound to have a critical impact on many multinational companies active in the EU. This is why we are now launching the Baker McKenzie "CS3D Explainer Series." This series will highlight the most important aspects of CS3D compliance following this initial overview of the CS3D that will answer the four most important initial CS3D questions:
- Which companies are covered? The CS3D differentiates between different categories of in-scope EU and non-EU companies, as set out in detail in section 1 below.
- What is required of covered companies?
- They will need to adopt and implement effective due diligence policies for identifying, preventing, mitigating, and bringing to an end actual and potential human rights and environmental harms in their own operations, those of subsidiaries, and of their business partners relating to their 'chain of activities' (i.e., specific parts of the value chain), see section 2.1.
- They will also be required to adopt and put into effect a transition plan for climate change mitigation aligned with the Paris Agreement's objective of limiting global warming to 1.5 °C, see section 2.2.
- Why should companies comply? Because, otherwise, very significant administrative and financial penalties may be imposed, and they will be subject to civil liability for damages caused by non-compliance.
- When will this apply? The largest in-scope companies will have three years, likely meaning until 2027, from the entry into force of the CS3D to comply, others will have four or five years.
The CS3D covers both companies incorporated under the law of a Member State ("EU companies") and companies incorporated under the laws of a third country ("non-EU companies") as per the table below.
| |
EU companies |
|
Non-EU companies |
| |
Group 1 – 'Very large' companies that had in their last financial year:
- More than 1000 employees on average
- More than EUR 450 million of net worldwide turnover
|
|
Group 1a – 'Very large' companies that generated a net turnover of more than EUR 450 million in the EU in the financial year preceding the last financial year. |
| |
|
|
|
| |
Group 2 – Ultimate parents of 'very large' groups, i.e., companies, not falling in Group 1, that are the ultimate parent of a group reaching the thresholds outlined above for Group 1 on a consolidated basis in the last financial year. |
|
Group 2a – Ultimate parents of 'very large' groups, i.e., companies, not falling in Group 1a, that are the ultimate parent of a group reaching the financial threshold outlined above for Group 1a on a consolidated basis in the last financial year. |
| |
|
|
|
| |
Group 3 – Companies with a franchising or licensing business model, i.e., companies that entered into – or are the ultimate parent company of a group that entered into – franchising/ licensing agreements (ensuring a common identity and business concept) in the EU, and provided that, in the last financial year:
- These royalties amounted to more than EUR 22.5 million
- The company generated, individually or on a consolidated basis as the ultimate parent company of a group, a net worldwide turnover of more than EUR 80 million.
|
|
Group 3a – Companies with a franchising or licensing business model, i.e., companies that entered into – or are the ultimate parent company of a group that entered into – franchising/licensing agreements (ensuring a common identity and business concept) in the EU, and provided that, in the financial year preceding the last financial year:
- These royalties amounted to more than EUR 22.5 million in the EU
- The company generated, individually or on a consolidated basis as the ultimate parent company of a group, a net turnover in the EU of more than EUR 80 million.
|
2.1. Due diligence
Under the CS3D, in-scope companies are required to adopt and implement effective due diligence policies for identifying, preventing, mitigating, and bringing to an end potential and actual so-called "adverse impacts" on human rights and environmental matters in these companies' own operations, the operations of their subsidiaries, and certain operations of their business partners.
These "adverse impacts" are defined by reference to international treaties ratified by Member States.
- Adverse environmental impacts include impacts resulting from, for example, pollution, deforestation, excessive water consumption, or damage to ecosystems.
- Adverse human rights impacts are defined as impacts resulting from either (i) a breach of enumerated human rights in several listed international instruments, or (ii) an abuse of a human right not listed under a number of conditions meant to ensure legal certainty. Typical examples include child labour, slavery, and labour exploitation.
The interpretation of what will constitute an adverse impact, including the interpretation of the relevant international treaties, will clearly be one of the most sensitive legal issues of the CS3D, as this will determine the type of situation that companies are required to identify, prevent, mitigate, and bring to an end.
The policies to be adopted and implemented will have to go beyond the traditional scope of responsibility of companies. In addition to their own operations and operations of companies they control, these policies will have to cover impacts that arise, or could arise, also from the following:
- The operations of direct and indirect business partners of the company, i.e., those partners with whom the company has:
- A commercial agreement related to their operations, products, or services
- No commercial agreement, but that still carries out business operations related to the company's operations, products, or services of the company
- relating to the following parts of the value chain:
- The upstream value chain, i.e., the production of goods or the provision of services by the company, including the design, extraction, sourcing, manufacture, transport, storage, and supply of raw materials, products, or parts of the products and development of the product or the service.
- Some of the downstream value chain, the distribution, transport, and storage of a product, where the business partners carry out those activities for the company or on behalf of the company, excluding the distribution, transport and storage of products subject to export control (e.g., weapons).
For identified (potential or actual) adverse impacts, the due diligence obligation includes the following aspects:
- Integrating due diligence into policies and risk management systems
- Identifying and assessing actual or potential adverse impacts and, where necessary, prioritizing potential and actual adverse impacts
- Preventing and mitigating potential adverse impacts, as well as bringing actual adverse impacts to an end, and minimizing their extent
- Providing remediation to actual adverse impacts, i.e., providing financial or non-financial compensation including restitution of the affected person or persons or environment
- Carrying out meaningful engagement with stakeholders, including providing information to stakeholders and answering their reasoned requests for information
- Establishing and maintaining a notification mechanism and complaints procedure, open to those affected by adverse impacts, and the legitimate representatives of such persons (NGOs, unions, etc.)
- Monitoring the effectiveness of their due diligence policy and measures, and publicly communicating on due diligence issues (where applicable, directly in the company's CSRD report)
Companies covered by the CS3D will be required to "adopt and put into effect a transition plan for climate change mitigation" ("Climate Plan"), which must have specific features:
- The Climate Plan must aim "to ensure, through best efforts, that the business model and strategy of the company are compatible with":
- The transition to a sustainable economy
- Limiting global warming to 1.5 °C in line with the Paris Agreement
- The objective of achieving climate neutrality as established in the EU Climate Law, including its intermediate and 2050 targets
- Where relevant, the exposure of the undertaking to coal-, oil- and gas-related activities
- It must include the following company-specific climate targets, plans, and other topics
| |
Climate targets |
|
Decarbonisation levers |
|
Transition funding |
|
Leadership accountability |
| |
Time-bound climate change targets every five years from 2030 to 2050, including where appropriate absolute emission reduction targets for scope 1, 2 and scope 3 GHG emissions for each significant category. |
|
A description of identified decarbonisation levers and key actions planned, including, where appropriate, changes to the company's products or services and its adoption of new technologies. |
|
An explanation and quantification of the investments and funding supporting the implementation of the transition plan. |
|
A description of the role of the administrative, management and supervisory bodies of the company with regard to the transition plan. |
- The Climate Plan must be updated every 12 months and must provide details of the progress made by the company towards achieving its targets.
The European Commission is required to publish practical guidelines on this Climate Plan within 36 months of the entry into force of the CS3D.
Companies that report a transition plan fully in accordance with the sustainability reporting standards adopted under the CSRD are automatically deemed to have complied with the obligation to adopt such a Climate Plan. The CS3D's climate-related obligation is thus directly linked to the CSRD. However, the CS3D goes significantly beyond mere disclosure by requiring companies to: (i) adopt a detailed Climate Plan, and (ii) actually implement the Climate Plan on a best-efforts basis.
The CS3D obliges Member States to adopt rules on penalties for violations of national provisions transposing the CS3D and to take all measures necessary to ensure that these are implemented. Penalties provided must be effective, proportionate, and dissuasive, and must at least include pecuniary penalties and 'naming and shaming' measures.
Pecuniary sanctions must be based on the company's global net turnover, and the maximum sanction must be at least 5% of the net worldwide turnover of the company in the financial year preceding the fining decision. Member States are free to set their maximums even higher. For an EU or non-EU company that is the ultimate parent company of a group, penalties are calculated on their consolidated turnover. Non-confidential versions of the fining decisions will be published and will remain publicly available for at least 5 years, including to enable third parties to engage the company's civil liability (see below).
The civil liability of a company will be engaged where it intentionally or negligently violates some of the CS3D obligations outlined in Section 2, where the violated obligation was aimed at protecting natural or legal persons and the violation has caused damage to such a person. Damage must be fully compensated under national law but must not be overcompensated (e.g., by means of punitive damages). A company cannot be held liable if the damage was only caused by one of its business partners, however, when the damage was caused jointly by the company and its subsidiary, direct or indirect business partners, they shall be liable jointly and severally.
The CS3D also provides obligations for Member States to ensure that there exists national legal recourse to damages, including with respect to standing, injunctive relief, and the beginning and duration of the limitation period for bringing damages claims (at least 5 years), as well as with respect to the discovery of evidence and for the preservation of evidence. Member States remain free to adopt more stringent national provisions.
CS3D will start to apply to in-scope companies as follows:
- Three years after the entry into force of the CS3D, likely in 2027, to:
- EU companies that fall within Groups 1 or 2 and had more than 5000 employees on average and generated a net worldwide turnover of more than EUR 1500 million in the last financial year preceding the three-year anniversary of the entry into force of the CS3D
- Non-EU companies that fall within Groups 1a or 2a and generated a net turnover of more than EUR 1500 million in the EU in the financial year preceding the last financial year preceding the three-year anniversary of the entry into force of the CS3D
- Four years after the entry into force of the CS3D, likely in 2028, to:
- EU companies that fall within Groups 1 or 2 and had more than 3000 employees on average and generated a net worldwide turnover of more than EUR 900 million in the last financial year preceding the four-year anniversary of the entry into force of the CS3D
- Non-EU companies that fall within Groups 1a or 2a and generated a net turnover of more than EUR 900 million in the EU in the financial year preceding the last financial year preceding the four-year anniversary of the entry into force of the CS3D
- Five years after the entry into force of the CS3D, likely in 2029, to all other EU and non-EU companies covered by the CS3D.
1 Directive (EU) 2022/2464 of the European Parliament and of the Council of 14 December 2022 amending Regulation (EU) No 537/2014, Directive 2004/109/EC, Directive 2006/43/EC and Directive 2013/34/EU, as regards corporate sustainability reporting
2 Regulation (EU) 2020/852 of the European Parliament and of the Council of 18 June 2020 on the establishment of a framework to facilitate sustainable investment, and amending Regulation (EU) 2019/2088
3 This article is based on the provisional agreement reached December 2023 and amendments thereof by the Belgian Presidency of the Council of the European Union following the vote of 28 February by the COREPER when not enough Member States supported the text of the provisional agreement reached in December.
