Proposed mandatory corporate sustainability due diligence requirements for “companies”


On 23 February 2022, the European Commission adopted a long-awaited proposal for a Directive on corporate sustainability due diligence for widely-defined specified “companies”. The proposals are wide reaching as they cover obligations throughout the value chain and also attach to non-EU companies which meet specific criteria.  

In summary, the proposed Directive establishes a corporate sustainability due diligence duty requiring specific companies to identify and, where necessary, prevent, end or mitigate the potential or actual adverse impacts of their activities on human rights and the environment. A list of agreements, in respect of which violations could constitute adverse impacts, is contained in the Annex to the proposed Directive. In scope companies will have to publicly communicate their findings in an annual report and there are express directors’ duties.  A European Network of Supervisory Authorities will be created to ensure coordination and alignment between Member States. 

A “company” for these purposes includes the below according to certain legal references and definitions as set out in Article 1 to the draft Directive:

  1. a legal person constituted as one of the legal forms listed in Annex I to Directive 2013/34/EU of the European Parliament and of the Council such as public companies limited by shares or by guarantee, private companies limited by shares or by guarantee;

  2. a legal person constituted in accordance with the law of a third country in a form comparable to those listed in Annex I and II of Directive 2013/34/EU (Annex II including partnerships, limited partnerships and unlimited companies);

  3. a legal person constituted as one of the legal forms listed in Annex II of the Directive 2013/34/EU composed entirely of undertakings organised in one of the legal forms falling within points (i) and (ii) referenced above;

  4. a regulated financial undertaking, regardless of its legal form, which is a credit institution, an investment firm or an alternative investment fund manager;

  5. an undertaking for collective investment in transferable securities (UCITS) management company;

  6. an insurance undertaking;

  7. a reinsurance undertaking;

  8.   an institution for occupational retirement provisions;

  9. pension institutions operating pension schemes which are considered to be social security schemes as well as any legal entity set up for the purpose of investment of such schemes;

  10. an alternative investment fund;

  11. UCITS;

  12. a central counterparty;

  13. a central securities depository;

  14. an insurance or reinsurance special purpose vehicle authorised in accordance with Article 211 of Directive 2009/138/EC;

  15. ‘securitisation special purpose entity’;

  16. an insurance holding company or a mixed financial holding company which is part of an insurance group that is subject to the requisite level of supervision and not exempted from the relevant group supervision;

  17. a payment institution;

  18. an electronic money institution;

  19. a crowdfunding service provider; and

  20. a crypto-asset service provider.

The new due diligence rules are proposed to apply to the following groups of companies, including their own operations, their subsidiaries and their value chains:

  • EU companies:

    • Group 1: all EU limited liability companies of substantial size and economic power (with 500+ employees and EUR 150 million+ in net turnover worldwide).

    • Group 2: Other limited liability companies operating in defined high impact sectors (for example, agriculture, manufacture of food products, extraction of mineral resources and wholesale trade of textiles, leather, and related footwear), which do not meet both Group 1 thresholds, but have more than 250 employees and a net turnover of EUR 40 million worldwide, half of which comes from engaging in that sector.

  • Non-EU companies active in the EU with turnover threshold aligned with Group 1 and 2, generated in the EU.

Group 1 companies will also be required to have a plan to ensure that their business strategy is compatible with limiting global warming to 1.5 °C in line with the Paris Agreement.

The proposal recognises the important role that directors will play in this process, such that new directors’ duties are proposed to set up and oversee the implementation and integration of sustainable due diligence into the corporate strategy, and a remunerative incentivisation used to ensure climate change is incorporated within the scope of the corporate plan. A director’s duty to act in the best interest of a company will now include expressly taking into account the human rights, climate change and environmental consequences of their decisions in the near, medium and long term.

Although SMEs are not directly in scope of the proposal, the Commission proposes accompanying measures to support all companies that may be indirectly affected by the broad application of the draft Directive.  

Under present proposals, companies in scope must:

  • describe their long term approach to due diligence;

  • provide a code of conduct setting out rules and principles;

  • describe the processes put in place to implement due diligence and verify compliance;

  • develop and implement a prevention action plan with reasonable and clearly defined timeline for action, including KPIs;

  • seek contractual assurances from business partners with direct relationships and have ‘contractual cascading’ throughout the value chain and make necessary investments to meet this requirement;

  • provide support for SME partners when compliance with the supplier code of conduct jeopardises the viability of the SME;

  • contract with a partner with a view to achieving compliance with the code of conduct or prevention action plan when potential adverse impacts cannot be prevented or mitigated;

  • verify contractual assurances, via suitable industry initiatives or independent third parties;

  • where potential adverse impacts cannot be mitigated, refrain from entering into new or extended contractual relationship connection with or in the value chain of which the impact has arisen and where the law governing their relations so entitles them to, take the following actions: 

(a) temporarily suspend commercial relations with the partner in question, while pursuing prevention and minimisation efforts, if there is reasonable expectation that these efforts will succeed in the short-term;

(b) terminate the business relationship with respect to the activities concerned if the potential adverse impact is severe.

  • take appropriate measures to bring to an end actual adverse impacts.  Where adverse impacts cannot be ended, companies must ensure they minimise the extent of the impact; and

  • set up a complaints procedure.

Member States are required to ensure that natural and legal persons are entitled to submit substantiated concerns to any supervisory authority when they have reasons to believe, on the basis of objective circumstances, that a company is failing to comply with the national provisions adopted pursuant to the Directive. They are also obliged to establish civil liability regimes where companies are liable for damages if they fail to comply with the due diligence rules and as a result of this failure an adverse impact that should have been identified, prevented, mitigated, brought to an end or its extent minimised through appropriate measures occurs and leads to damage.

Practical Implications

Companies in scope need to be aware of the full extent of their proposed responsibilities, and directors of their duties. Whilst the text is subject to negotiation, and can thereby change, businesses should consider how they would map out these requirements if implemented and consider whether any baseline reviews of existing arrangements should be undertaken in order to pre-empt issues ahead of the legislation. Once the final version of the Directive is transposed, procedures and training will be required to ensure that companies have the requisite systems in place to be able to comply with the obligations and provide such reports. This will involve dialogue throughout the value chain and changes to existing contractual arrangements. Those not directly in scope should also consider their position and potential new requests for information to assist in the due diligence process by others. Once legislation is implemented, non-compliance can result in fines or orders issued requiring the company to comply with the due diligence obligation. Victims could also obtain compensation for damage due to non-compliance with this legislation. 

Next Steps

The proposal will be presented to the European Parliament and the Council for debate. Once a text is agreed, approved, and then adopted, Member States will have two years to transpose it into national law. For those companies in Group 2, the rules will start to apply a further 2 years later than for those in Group 1.  This initiative is part of a wider corporate sustainability package intended to advance the European Green Deal which also announced an agreed Council position on the Commission’s proposal for a Corporate Sustainability Reporting Directive. The proposal was also launched on the same day as a Communication on decent work Communication on decent work (

Article co-authored by Tegan Shyne, Trainee Solicitor at CMS.