On 23 February, the European Commission adopted a proposal for a directive on corporate sustainability due diligence. Under the directive 'in scope' companies would be required to:
- undertake due diligence across their value chains to identify the adverse impacts of their business;
- implement processes to mitigate those impacts; and
- integrate sustainability and human rights considerations into their corporate governance and management systems.
Before coming into force, the proposed directive will likely be amended through the EU legislative process and will need to be approved by the EU Parliament, which could potentially alter its scope. However, the introduction of mandatory supply chain due diligence will require a significant change in behaviour for most in scope companies and the draft directive offers a good indication of steps that companies will be required to take in preparation. The intention is for these obligations to apply to relevant companies within two years of the directive entering into force, and for smaller companies in certain high-risk sectors within four years.
While the impact of this legislation is a few years away, it takes time to design and implement effective human rights and environmental due diligence processes, particularly in large international companies and companies with long or complex value chains. As such, we would encourage companies with a presence in the EU to consider if they are likely to fall within the scope of the directive and, if so, start preparing for the actions they are likely to have to take.
Which UK companies will be impacted?
While the proposed directive focuses on EU companies, it will also catch non-EU companies (including UK corporates) which generate a net turnover in the EU of either:
- more than EUR 150 million in the financial year preceding the last financial year; or
- between EUR 40 million and EUR 150 million in the financial year preceding the last financial year where at least half of its worldwide turnover was generated in one or more of the following high-risk sectors:
- the manufacture of textiles, leather and related products, and the wholesale trade of textiles, clothing and footwear;
- agriculture, forestry, fisheries, the manufacture of food products, and the wholesale trade of agricultural raw materials, live animals, wood, food, and beverages; and/or
- the extraction of mineral resources regardless from where they are extracted (including crude petroleum, natural gas, coal, lignite, metals and metal ores, and quarry products), the manufacture of basic metal products, other non-metallic mineral products and fabricated metal products (except machinery and equipment), and the wholesale trade of mineral resources, basic and intermediate mineral products.
In this context, the term 'company' includes certain regulated financial undertakings, however the identification requirements for such companies are limited to identifying adverse impacts prior to providing services.
And, of course, companies which are not themselves in scope but form part of an in scope company's value chain are likely to be affected indirectly by the actions taken by in scope companies to mitigate human rights and environmental impacts.
Sustainability due diligence obligations
Under the directive, companies are required to conduct human rights and environmental due diligence across the whole of their business (including any subsidiaries) and any value chains which are, or are expected to be, 'lasting'. Broadly, companies will only need to take measures that reflect the severity and likelihood of an adverse impact, and are reasonable for the company to undertake.
Specifically, in scope companies will be required to comply with obligations in seven key areas:
- Due diligence policies: companies will need to integrate due diligence into their corporate policies and produce, and review annually, a specific due diligence policy. This policy should include a description of the due diligence processes in place across the organisation. Companies with a net turnover in excess of EUR 150 million will also need to adopt a plan to ensure that the company's business model and strategy are compatible with the transition to a sustainable economy and the limiting of global warming to 1.5ºC;
- Identify adverse impacts: companies will need to identify actual and potential adverse human rights and environmental impacts from their own operations, those of their subsidiaries and from established business relationships within the value chain;
- Prevent potential impacts: companies will need to take appropriate measures to prevent or, where prevention is not possible, adequately mitigate potential adverse impacts. Where impacts cannot be prevented or adequately mitigated, the company should not enter into new or extend existing relationships with a business partner in question or in the value chain which gives rise to the impact. Such measures could extend to suspending temporarily or terminating business relationships where permitted by law;
- End actual impacts: companies will need to take appropriate measures to bring an end to actual adverse impacts which are, or should have been, identified through the due diligence process. Where impacts cannot be brought to an end, the extent of the impact should be minimised. As above, companies will be expected not to enter into new or extend existing relationships where impacts cannot be ended or minimised;
- Complaints procedure: companies will need to establish and maintain a complaints procedure for people and organisations who are affected by the adverse impacts caused by that company, its subsidiaries or its value chain;
- Monitoring: companies will need to monitor the effectiveness of the identification, prevention, mitigation, ending and minimisation of the extent of human rights and environmental adverse impacts through annual assessment, or assessments where there are reasonable grounds to believe there is significant new risk of adverse impacts arising; and
- Communicating: companies that are not already obliged to report on CSR under the national laws implementing the Accounting Directive 2013/34/EU – i.e. public interest entities required to publish a non-financial information statement - will need to publish an annual statement on their website covering the due diligence undertaken, adverse impacts identified and actions taken in the previous calendar year.
The directive allows for company cooperation, use of industrial schemes and multi-stakeholder initiatives to reduce the cost of compliance.
There is an expectation that the obligations set out in the draft legislation will change as it makes its way through the European legislation process. Once the final obligations are clear, we will issue a further update and provide an analysis of how such obligations interact with other EU and UK reporting requirements.
The proposed directive also places obligations on directors to:
- put in place and oversee the human rights and environmental due diligence required by the directive and the due diligence policy;
- integrate actual and potential adverse impacts and any measures taken to prevent or end adverse impacts or in respect of the complaints procedure into corporate strategy; and
- when exercising their duty to act in the best interest of the company, take into account the consequences of their decisions on sustainability matters including human rights, climate change and environmental consequences in the short, medium and long term.
Consequences of non-compliance
In scope, non-EU companies will need to designate an authorised representative which is established or domiciled in an EU company in which the business operates. Supervisory authorities will be designated by each Member State, and will communicate with authorised representatives on compliance and enforcement matters.
Non-compliance with the directive could result in:
- a requirement from a supervising authority to cease or not to repeat the infringement and, where appropriate, take remedial action required to bring the infringement to an end;
- a requirement to undertake interim measures to avoid the risk of severe and irreparable harm;
- sanctions, which would take into account factors such as a company's efforts to comply with any remedial action required of them. Sanctions will be based on a company's turnover and will be published;
- damages, where a failure to comply with the obligations to prevent potential adverse effects and end actual adverse effects lead to damage caused by the adverse effect; and
- in respect of a director's breach of its duty of care, the 'usual' consequences for a breach of its duty.
Evolving due diligence requirements
This directive goes beyond the current and proposed due diligence requirements in the UK which have specific objectives. For example, the Modern Slavery Act 2015 requires certain commercial organisations to report on due diligence undertaken to ensure that slavery and human trafficking is not taking place in their business and supply chains.
A recent addition to this body of law, which has not yet come into force, is the Environment Act's prohibition on the use of certain commodities associated with illegal deforestation. To achieve this aim, companies are required to undertake due diligence on their supply chains to identify the illegal production of 'forest risk commodities'.
In light of the level playing field agreement arising out of Brexit alongside the growing ESG pressure on both nations and corporates, more comprehensive obligations could be introduced in the UK. In any event, in practice, the complexity of value chains and the desire of multi-national companies to have consistent standards across their business may result in the EU's due diligence requirements effectively become a voluntary standard in the UK.
Companies with a net turnover in the EU in the region of EUR 40 million or more should take the time before the directive enters into force to identify whether they are within scope and what steps the business will need to undertake to ensure compliance.
Steps that a business might take now include:
- conducting a risk analysis of existing operations and value chains;
- identifying areas of the business and value chain which could have adverse human rights and/or environmental impacts;
- considering where changes to policy and/or strategy are required and taking appropriate action; and
- embedding a culture of due diligence within the company.
Companies may also choose to liaise with business partners on these matters and consider its future obligations when entering into new or renewing existing contracts. This could include the introduction of specific compliance obligations and the adoption of climate conscious drafting to limit carbon footprints.
For those interested in the impact of the proposed directive on EU companies, please read Draft EU Directive on sustainability-related Due Diligence Obligations of Companies published by our Frankfurt-based Head of Corporate Governance, Florian Drinhausen, and Astrid Keinath.