CSDDD: Human rights & environmental due diligence across your value chain
The Corporate Sustainability Due Diligence Directive requires companies to identify, prevent and mitigate human rights and environmental harm in their supply chains β with civil liability for failures. This guide cuts through the complexity for procurement and operations teams.
Updated Mar 2026
Β· 8 questions answered
First compliance deadline
Jul 2027
Largest companies (5,000+ employees)
Time remaining
Calculatingβ¦
Full value chain due diligence
Human rights & environmental impacts
Climate transition plan required
Civil liability for failures
Fines up to 5% of global turnover
New question: "Does CSDDD apply to financial services companies or only manufacturing?" β 3h ago
Answered: How CSDDD compares to Germany's LkSG β see Q&A below
New question: "Do we need to audit all suppliers or can we use a risk-based approach?" β 5h ago
Updated: July 2026 national transposition deadline confirmed
New question: "Can affected workers really sue our company in EU courts?" β 1d ago
Answered: Climate transition plan requirements β full breakdown in Q&A
New question: "Does CSDDD apply to financial services companies or only manufacturing?" β 3h ago
Answered: How CSDDD compares to Germany's LkSG β see Q&A below
New question: "Do we need to audit all suppliers or can we use a risk-based approach?" β 5h ago
Updated: July 2026 national transposition deadline confirmed
New question: "Can affected workers really sue our company in EU courts?" β 1d ago
Answered: Climate transition plan requirements β full breakdown in Q&A
SC
supplycanvas editorial team
Supply chain compliance specialists Β· Answers reviewed by regulatory experts
β Verified answers
Background
What is the CSDDD β and why does it matter for your supply chain?
The Corporate Sustainability Due Diligence Directive (CSDDD) requires large companies to identify, prevent and mitigate adverse human rights and environmental impacts across their entire value chain β including upstream suppliers, their own operations, and certain downstream activities.
Unlike voluntary frameworks, CSDDD creates legally binding obligations with civil liability. Companies that fail to exercise adequate due diligence can be sued for damages by affected individuals β even if the harm occurred outside the EU.
The core challenge: CSDDD requires a structured, risk-based due diligence process that covers the full value chain β not just Tier 1 suppliers. Most companies lack the data foundation to systematically assess risks beyond their direct business partners.
Key dates
CSDDD implementation timeline
Jul 2024
Directive entered into force
CSDDD published in the EU Official Journal. Member states have 2 years to transpose into national law.
In force
Now
Preparation & gap analysis
Map your value chain, assess current due diligence maturity, identify gaps vs. CSDDD requirements. Build supplier data collection processes.
In force
Jul 2026
National transposition deadline
EU member states must transpose CSDDD into national law. National supervisory authorities must be designated.
Action required
Jul 2027
Phase 1 β Largest companies
Companies with 5,000+ employees and β¬1.5bn+ worldwide net turnover must comply. Climate transition plans required.
Action required
Jul 2028
Phase 2 β Large companies
Extended to companies with 3,000+ employees and β¬900M+ worldwide net turnover.
Future
Jul 2029
Phase 3 β Full scope
All companies with 1,000+ employees and β¬450M+ worldwide net turnover. Non-EU companies with equivalent EU turnover included.
Future
Have a CSDDD question?
Submit it below. We review every question and publish the most relevant answers here. You'll be notified when your answer goes live β and you'll receive our CSDDD starter pack immediately as a thank you.
Supply chain due diligence without spreadsheet chaos
supplycanvas helps you map your value chain, collect supplier data and document your due diligence process β structured, reusable and audit-ready.
Questions submitted by procurement, sustainability and operations professionals β curated and answered by our regulatory team. Submit yours below and get notified when it's published.
Answered
Which companies are in scope of the CSDDD β and does it apply to non-EU companies too?
TG
Thomas G.
β
Expert answer
From July 2027, CSDDD applies to companies with 5,000+ employees and β¬1.5bn+ worldwide net turnover. Non-EU companies where the company generated a net turnover exceeding EUR1.5 billion in the EU in the financial year preceding the last financial year are also in scope. A previously planned focus exclusively on direct business partners ("Tier-1 companies") has been dropped. Instead, due diligence obligations must be observed across the entire value chain. A risk-based approach is to be applied: companies should only take action where (potential) adverse impacts have been identified. Risks can be prioritised according to their severity and likelihood of occurrence and addressed sequentially. In doing so, an initial focus on direct business partners is permissible where adverse impacts in multiple areas of the supply chain are assessed as equally likely or equally severe.
Answered
What exactly does "due diligence" mean under CSDDD β what must we actually do?
JL
Julia L.
β
Expert answer
CSDDD requires a six-step due diligence process, aligned with the OECD Guidelines for Multinational Enterprises:
(1) Embed due diligence into policies (2) Identify and assess adverse impacts (3) Prevent, mitigate and bring to an end (4) Monitor effectiveness (5) Communicate publicly (6) Provide remediation
Answered
How deep into the supply chain does CSDDD due diligence have to go β Tier 1 only or beyond?
SP
Sandra P.
β
Expert answer
CSDDD covers the entire "chain of activities" β this includes upstream suppliers at all tiers, your own operations, and certain downstream activities. Unlike the German LkSG, CSDDD explicitly requires risk-based due diligence across the full value chain.
You must use a risk-based approach β prioritise high-risk sectors, geographies, and commodities.
Answered
What human rights and environmental standards are covered? Is there a defined list?
RB
Ralf B.
β
Expert answer
Yes β the Annex lists specific international instruments. Human rights: forced labour, child labour, workplace safety, fair wages, freedom of association, discrimination, land rights, indigenous peoples. Derived from ICCPR, ICESCR, ILO conventions.
Environmental impacts: pollution, emissions, water consumption, biodiversity, deforestation. Reference: Minamata, Stockholm, Basel conventions, Convention on Biological Diversity.
Answered
Can our company be held civilly liable for human rights violations by our suppliers?
BK
Bryan K.
β
Expert answer
Yes β CSDDD introduces civil liability for companies that fail to fulfil their due diligence obligations. Victims have at least 5 years to bring claims. Companies cannot contractually limit this liability. NGOs and trade unions can bring claims on behalf of victims.
This gives a legal pathway for people harmed by supply chain practices to seek compensation in EU courts.
Answered
Do we need a climate transition plan under CSDDD? What does it have to include?
HW
Hannah W.
β
Expert answer
Yes β companies must adopt a climate transition plan compatible with the 1.5Β°C target.
Must include: (1) time-bound targets for 2030 and 5-year steps to 2050; (2) decarbonisation levers; (3) investments/funding; (4) role of management bodies. Updated annually.
Answered
How does CSDDD relate to the German LkSG? Do we need to comply with both?
EM
Enrico M.
β
Expert answer
CSDDD will effectively supersede national supply chain laws like LkSG once transposed.
Key differences: (1) full value chain coverage; (2) civil liability; (3) climate transition plan; (4) broader environmental obligations.
If compliant with LkSG, you have a strong foundation β but CSDDD goes further.
Answered
What are the administrative penalties for non-compliance with CSDDD?
PK
Philipp K.
β
Expert answer
National supervisory authorities will have the power to impose fines of up to 5% of the company's worldwide net turnover. This is one of the highest penalty ceilings in EU sustainability legislation β exceeding even the EUDR's 4% threshold.
Beyond financial penalties, authorities can: (1) order the company to cease a specific practice or take specific remedial action; (2) issue public statements identifying the company and the violation; (3) in serious cases, exclude the company from public procurement in the EU.
The "naming and shaming" aspect is significant: reputational damage from a public finding of human rights or environmental due diligence failures can be as costly as the fine itself. Companies should treat compliance as a governance priority β not a paper exercise.