European Union: Penalties and civil liability under the CSDDD

24 Apr 2024 8 minute read

- Share by email
- Share on
- Twitter
- LinkedIn
- Facebook
- Google plus
- Get link
- Get QR Code
- Download
- Print

Sustainability Human Rights Climate Change European Green Deal Energy Transition CSDDD

In brief

As part of the EU’s European Green Deal, one of the areas of EU law that has developed most rapidly and profoundly relates to corporate sustainability governance. The Corporate Sustainability Due Diligence Directive ("CSDDD") was provisionally agreed at a political level in December 2023, confirmed by COREPER in a revised form in March 2024 and subsequently approved by the European Parliament. An overview of this text is available here. The final text of the CSDDD must still be formally adopted by the Council of Ministers before it enters into force.

In this article, we focus on the consequences of non-compliance with the CSDDD, explaining the risks posed by regulatory enforcement via penalties and, in particular, the new civil liability regime that will soon be established.

Who supervises compliance with the CSDDD?

The CSDDD obliges member states to designate one or more supervisory authorities tasked with supervising compliance with the obligations contained in the CSDDD. The supervisory authorities will have the power to enforce both due diligence obligations (see a deep dive on those here) and climate change-related obligations (see a deep dive on those here). The supervisory authorities will have the power to require companies to provide (further) information and to conduct compliance investigations and inspections of the companies concerned. If a supervisory authority identifies a failure to comply with the CSDDD, it can take several measures to remediate that infringement. It must also give the company concerned sufficient time to take remedial action.

When carrying out their tasks, supervisory authorities will be entitled to exercise at least the following powers:

To order the following:
- Cessation of the infringement
- Abstention from repetition of the relevant conduct
- Proportionate remediation
To impose penalties
To adopt interim measures in case of an imminent risk of severe and irreparable harm

What penalties can be imposed?

The (financial) penalties imposable by a supervisory authority must be effective, proportionate and dissuasive. Supervisory authorities must at least be able to impose financial penalties and "naming and shaming" measures. The financial penalty must be based on the company's net worldwide turnover, with the maximum penalty amounting to at least 5% of the net worldwide turnover for the financial year preceding the decision to issue the fine. Member states are allowed to set the maximum fines, potentially over 5%, in their national law.

For an EU or non-EU company that is the ultimate parent company of a group, penalties are calculated based on their consolidated turnover, which can thus in principle lead to significant fines. Such sanctions can also damage the reputation of the companies concerned and their brands, because the decisions of the national supervisory authorities containing sanctions in connection with infringements of the national regulations adopted to implement the CSDDD must be made publicly available for at least five years.

The following factors, among others, must be considered when deciding whether and to what extent penalties will be imposed:

The nature, gravity and duration of the infringement and the severity of its impact
Preventative, mitigative and remedial measures taken by the company concerned
Any relevant previous infringement by the company concerned
Any collaboration with other entities to address the impacts concerned
The financial benefits gained or losses avoided by the company due to the infringement

How does the civil liability regime under the CSDDD work?

A game changer in environmental, social and governance (ESG) legislation is the fact that the CSDDD also regulates the civil liability of companies for human rights or environmental violations in their supply chains and enables persons affected by such violations to seek compensation via civil proceedings.

The CSDDD requires member states to ensure that a company may be held liable under the CSDDD for damage caused to a natural or legal person under the following circumstances:

The company has intentionally or negligently failed to comply with the obligations to prevent potential adverse human rights and environmental impacts or to bring actual adverse human rights and environmental impacts to an end, where the human rights standards are aimed at protecting the natural or legal person.
As a result of the breach referred to under a), damage has been caused to the "legal interests" of the natural or legal person protected under the applicable national law of a member state.

Member states may define what constitutes the "legal interest" of a natural or legal person differently, and therefore there may be differences regarding the type of damages that can be claimed. For instance, in some member states there is no right to claim indirect damages. Therefore, the extent to which companies can be held liable will differ from member state to member state.

Companies that participated in industry or multi-stakeholder initiatives or used third-party verification, audit or contractual clauses to support the implementation of due diligence obligations can still be held liable for damages under the CSDDD. This means that companies cannot discharge their liability for damages under the CSDDD by outsourcing their due diligence risk management for human rights and environmental violations to third parties.

Furthermore, the CSDDD determines that a company and its subsidiary or its direct or indirect business partner can be held jointly and severally liable if the damage was caused jointly, without prejudice to national law on the conditions for joint and several liability and rights of recourse. However, a company cannot be held liable if the damage was caused only by its business partners present in its chain of activities.

The CSDDD requires member states to ensure that the following standards are transposed into their national law to create a robust regime for those affected by human rights and environmental violations and effectively enforce their rights. National rules must do the following:

Provide for injunctive relief and for the discovery and preservation of evidence
Ensure that the limitation period shall be at least five years from the moment the infringement ceased, and the claimant knows or can reasonably be expected to know of the infringement, any harm caused and the identity of the infringer
Ensure that aggrieved persons may authorize a trade union or NGO to bring an action on their behalf
Ensure that the CSDDD overrides any non-EU law that would be applicable to a claim that would otherwise fall under the CSDDD

Note that the specific civil liability regime established by the CSDDD does not explicitly cover violations of companies' climate-related obligations. However, such violations may still potentially be actionable under the laws of certain member states.

How does the CSDDD compare to existing national ESG regulations and case law?

National legislation similar in scope to the CSDDD that covers the potential liability of companies for their value chain already exists in Germany and France.

With regard to civil liability, the CSDDD exceeds the standards of the (Lieferkettensorgfaltspflichtengesetz ("LkSG")), which "merely" contains a special procedural status clause that allows persons affected by human rights and environmental violations to enforce their rights in court by authorizing a domestic trade union or non-governmental organization to institute proceedings. These public proceedings can lead to reputational damage for the company concerned and its brands.

In the context of administrative penalties for violations of the standards of the LkSG, the competent German authority ("BAFA") can impose a fine of up to 2% of the global annual turnover of the company concerned, depending on the degree to which the company is deemed accountable for the violation of these human rights and environmental standards. The fine for infringements under the CSDDD, of 5% of the global net turnover, is therefore significantly higher than the maximum fine of 2% of the global net turnover of the company concerned under the LkSG.

Since 2017, large French companies are required to effectively manage human rights and environmental risks — both within the company itself, but also its subsidiaries and value chain. The French "duty of vigilance" is currently in the spotlight, with several nonprofits and trade unions having sent more than 30 formal notices and filed a dozen legal actions against major French companies on this basis. The first ruling on the merits was handed down in December 2023 (see the La Poste judgment currently before the Court of Appeal). The court ruled that the vigilance plan drawn up by La Poste was insufficient and ordered the latter to adapt and complete its vigilance plan. An explanatory article on this judgment can be found here.

Litigation in this area increases every year, leading to financial and reputational exposure. The implementation of the CSDDD into French law will result in having more French companies subject to due diligence obligations. Furthermore, the CSDDD is expected to provide more detail on the duty of vigilance requirements, which is lacking under the current French law.

Case law from the Netherlands provides another example of liability for ESG infringements in a company's value chain. In 2021, the District Court of the Hague ordered Shell to reduce its CO2 emissions within the Shell group on the basis that it had breached its duty of care flowing from Dutch tort law. This responsibility covered Shell's whole value chain, including not only subsidiaries but also business relations that supplied Shell entities with raw material, electricity and heat. This remains a unique case, which is currently under appeal. The judgment can be read here.

Practical consequences of public and civil enforcement of the CSDDD

It is still uncertain how strict the supervisory authorities will be in supervising and enforcing compliance with the CSDDD, and how they may impose remedial measures and penalties. However, based on the increasing importance placed by supervisory authorities on compliance with existing ESG-related regulations, it can be assumed that compliance with and enforcement of the CSDDD will be a priority for member states and their supervisory authorities.

Furthermore, the possibility of civil liability for non-compliance with the CSDDD could lead to an increase in the number of claims for human rights and environmental violations. This may, in turn, lead to reputational damage for companies where their (even potential or alleged) human rights violations are litigated in public court proceedings. Therefore, it is crucial that companies carry out an effective human rights and environmental risk analysis in order to minimize both the risk of administrative enforcement and civil liability.

Contact Information

Clotilde Guyot-Rechard
Partner
Paris
Read my Bio
clotilde.guyot-rechard@bakermckenzie.com

Mario Cigno
Counsel
Milan
Read my Bio
mario.cigno@bakermckenzie.com

Sjef Janssen
Legal Director
Amsterdam
Read my Bio
sjef.janssen@bakermckenzie.com

Franz Kaps
Associate
Frankfurt
Read my Bio
franz.kaps@bakermckenzie.com

Mark Banks
Associate
London
Read my Bio
mark.banks@bakermckenzie.com

Jan Kloosterhuis
Associate
Amsterdam
jan.kloosterhuis@bakermckenzie.com

Copyright © 2024 Baker & McKenzie. All rights reserved. Ownership: This documentation and content (Content) is a proprietary resource owned exclusively by Baker McKenzie (meaning Baker & McKenzie International and its member firms). The Content is protected under international copyright conventions. Use of this Content does not of itself create a contractual relationship, nor any attorney/client relationship, between Baker McKenzie and any person. Non-reliance and exclusion: All Content is for informational purposes only and may not reflect the most current legal and regulatory developments. All summaries of the laws, regulations and practice are subject to change. The Content is not offered as legal or professional advice for any specific matter. It is not intended to be a substitute for reference to (and compliance with) the detailed provisions of applicable laws, rules, regulations or forms. Legal advice should always be sought before taking any action or refraining from taking any action based on any Content. Baker McKenzie and the editors and the contributing authors do not guarantee the accuracy of the Content and expressly disclaim any and all liability to any person in respect of the consequences of anything done or permitted to be done or omitted to be done wholly or partly in reliance upon the whole or any part of the Content. The Content may contain links to external websites and external websites may link to the Content. Baker McKenzie is not responsible for the content or operation of any such external sites and disclaims all liability, howsoever occurring, in respect of the content or operation of any such external websites. Attorney Advertising: This Content may qualify as “Attorney Advertising” requiring notice in some jurisdictions. To the extent that this Content may qualify as Attorney Advertising, PRIOR RESULTS DO NOT GUARANTEE A SIMILAR OUTCOME. Reproduction: Reproduction of reasonable portions of the Content is permitted provided that (i) such reproductions are made available free of charge and for non-commercial purposes, (ii) such reproductions are properly attributed to Baker McKenzie, (iii) the portion of the Content being reproduced is not altered or made available in a manner that modifies the Content or presents the Content being reproduced in a false light and (iv) notice is made to the disclaimers included on the Content. The permission to re-copy does not allow for incorporation of any substantial portion of the Content in any work or publication, whether in hard copy, electronic or any other form or for commercial purposes.