EU Corporate Sustainability Due Diligence Directive (CSDDD): 2027 Effective Date

Directive Scope and Applicability

The CSDDD, adopted in 2023 and effective 2027, applies to:

• Phase 1 (2027): EU companies with ≥5,000 employees or €1.5B annual turnover
• Phase 2 (2028): EU companies with ≥3,000 employees or €900M annual turnover; non-EU companies with EU-sourced revenues ≥€900M
• Phase 3 (2029): Potentially expanded to SMEs with supply chain exposure

Non-EU organizations with material EU supply chain exposure or customers in EU markets should begin CSDDD alignment immediately to mitigate regulatory and supply chain disruption risk.

Core Due Diligence Requirements

The CSDDD mandates a six-step due diligence cycle:

1. Risk Mapping and Materiality Assessment

Organizations must identify actual and potential adverse impacts across their value chain:

• Human rights: Forced labor (debt bondage, document confiscation, movement restrictions), child labor, wage theft, unsafe working conditions, denial of freedom of association, discrimination
• Environmental: GHG emissions, water pollution, deforestation, habitat destruction, pollution from hazardous substances
• Governance/Anti-corruption: Bribery, fraud, sanctions evasion, corruption in supply chain engagement

Materiality assessment should identify geographic risk zones (countries with weak labor standards, environmental enforcement), sector-specific risks (garment, agriculture, mining, electronics exhibit high labor risk), and supply chain concentration (single-sourcing amplifies risk).

2. Stakeholder Engagement and Impact Identification

Organizations should engage:

• Internal: Procurement, operations, compliance, ESG teams to map supply chain structure and identify risk concentration
• Suppliers: Direct engagement on working conditions, environmental practices, compliance requirements
• External stakeholders: NGOs, labor unions, industry coalitions, local communities to validate risk assessment and identify gaps in organizational awareness

3. Risk Assessment and Prioritization

Organizations rank risks by:

• Severity: Magnitude of potential harm (forced labor or child labor are highest severity; wage disputes lower)
• Likelihood: Probability risk occurs given industry, geography, supplier characteristics
• Reach: Number of workers or extent of environmental impact affected

Priority should focus on high-severity/high-likelihood risks: garment factories in Southeast Asia (forced labor, wage theft), agricultural supply chains in emerging markets (child labor, unsafe pesticide use), mining operations (environmental damage, community displacement).

4. Due Diligence Actions: Contractual, Audit, Remediation

Contractual Requirements

Supplier contracts should mandate:

• Compliance with ILO conventions (forced labor, child labor, freedom of association)
• Compliance with applicable environmental regulations and ESG standards (water quality, hazardous substance management, GHG reporting where applicable)
• Right of access for audits, inspections, and worker interviews
• Obligation to remediate identified violations within agreed timelines
• Prohibition on retaliation against workers reporting concerns

Audit and Monitoring Frameworks

Organizations implement tiered audit approaches:

• Self-assessment questionnaires (SAQs): Low-cost initial screening; suppliers self-report compliance status. Limited reliability; used for baseline categorization.
• Desktop audit: Remote review of supplier documentation, certifications, track record. Identifies documentation gaps.
• On-site compliance audits: Third-party auditors conduct announced or unannounced facility inspections, worker interviews, document reviews. Standard practice for high-risk suppliers; typically conducted annually or biennially.
• Specialized assessments: Deep dives on specific risks: forced labor risk assessment (ILO indicators), environmental audit, community impact assessment

Remediation and Corrective Action Plans (CAPs)

When audits identify violations, organizations establish CAPs specifying:

• Root cause analysis
• Specific corrective actions with timelines
• Resource allocation (sometimes financial support from buyer to enable remediation)
• Verification mechanisms (follow-up audits, worker feedback mechanisms)
• Escalation triggers for failure to remediate (supplier delisting, termination, regulatory notification)

Critical remediation cases (forced labor, child labor, severe wage theft) should trigger immediate action: law enforcement notification, victim support programs, supply chain re-routing.

5. Grievance and Remediation Mechanisms

Organizations should establish channels enabling workers, communities, and suppliers to report concerns confidentially:

• Worker hotlines: Phone, SMS, WhatsApp accessible in local languages, managed by third-party to ensure confidentiality
• Grievance forms: On-site or digital grievance submission (e.g., QR code at facility entry)
• External partnerships: Engagement with NGOs, industry coalitions to receive and investigate complaints
• Remedy procedures: Clear process for investigation, remedy determination, appeal, and escalation

Organizations must commit to non-retaliation and victim confidentiality. Remedies typically include wage restitution, worker retraining, facility remediation funding, or supply chain restructuring for systematic abuse.

6. Reporting and Transparency

Organizations should disclose:

• Supply chain structure and geographic concentration (top suppliers/sourcing countries)
• Due diligence methodology, materiality assessment, and risk prioritization approach
• Findings from risk mapping and audits: number of facilities audited, prevalence of identified violations (anonymized for worker/supplier confidentiality)
• Remediation and grievance resolution: cases identified, resolved, pending; remedies provided
• Governance: board/management accountability, policy commitments, third-party certifications

Forced Labor Prevention: Assessment and Indicators

ILO Forced Labor Indicators

The International Labour Organization defines forced labor assessment criteria:

• Threat of penalty: Threats to punish workers, coercive worker scheduling, sexual or psychological abuse
• Debt bondage: Workers indebted to employers for recruitment, housing, uniforms, food; debt escalates faster than wages can repay
• Restriction of movement: Confiscation of identity documents, locked facilities, surveillance preventing worker departure
• Isolation: Workers in remote locations, linguistic/cultural isolation, low literacy preventing understanding of rights
• Excessive working hours: Mandatory overtime without additional pay, no rest days, unrealistic production quotas
• Wage deprivation: Non-payment of wages, excessive fines/deductions, underpayment relative to agreed terms

Supplier Self-Assessment and Audit Checklists

Organizations should require suppliers to complete ILO-aligned assessments:

• Evidence of written employment contracts provided to workers before employment
• Verification that workers retain control of identity documents (passports, visas)
• Documentation of wage payments (pay stubs, bank transfers) meeting or exceeding legal minimum wage
• Evidence of reasonable working hours (max 48 hours/week per ILO, or compliance with national standards)
• Documentation of freedom of association (union memberships, grievance channels, worker councils)
• Proof of freedom of movement (no locked facilities, exit controls, or surveillance preventing departure)

High-Risk Indicators Requiring Escalation

Organizations should immediately escalate cases exhibiting:

• Obvious evidence of document confiscation or worker confinement
• Extreme wage theft (unpaid wages, excessive deductions exceeding 50% of earnings)
• Child labor (workers under 18 in hazardous work, or under 15 in other work)
• Systematic denial of freedom of association (suppression of union organizing, retaliation against worker representatives)

Audit Frameworks and Third-Party Certification

Key Audit Standards and Protocols

SA8000 (Social Accountability International)

SA8000 is an auditable standard covering labor rights, occupational health and safety, environmental management, and management systems. Certification is valid for 3 years with annual surveillance audits. Organizations relying on SA8000 certification should verify certification currency and audit scope.

BSCI Code and Audit Protocol

Business Social Compliance Initiative (BSCI) Code covers human rights, labor standards, environmental practices, and anti-corruption. BSCI conducts announced audits (annually) and re-audits for flagged violations. BSCI audits are documented in publicly accessible database, enabling supply chain transparency.

RBA (Responsible Business Alliance) Code

RBA Code focuses on electronics and supply chain assembly. It includes labor rights, occupational health, environmental management, ethics, and management systems. RBA maintains audit database of member facility assessments.

Fair Trade and Industry-Specific Certifications

Certifications like Fair Trade, UTZ Certified, Rainforest Alliance, RSPO (palm oil) cover labor, environmental, and social standards in specific commodities. Organizations sourcing certified commodities should verify certification authenticity and audit recency.

Supplier Engagement and Capacity Building

Tiered Supplier Programs

Organizations should differentiate supplier engagement by risk level:

• Tier 1 (low-risk): Minimal audit frequency (biennial or triennial); lighter due diligence burden
• Tier 2 (medium-risk): Annual audits; quarterly management reviews; corrective action plan requirements
• Tier 3 (high-risk): Semi-annual or quarterly audits; enhanced grievance monitoring; intensive management engagement; remediation funding

Capacity Building and Technical Assistance

Rather than pure punishment/supplier replacement, progressive organizations invest in supplier improvement:

• Training: Worker rights education, management labor practices, grievance handling, health and safety protocols
• Systems assistance: Help suppliers implement management systems (documentation, record-keeping, worker communication channels)
• Financial support: Low-interest loans or direct funding for facility remediation, wage gap closure, or safety equipment
• Partnership models: Long-term purchasing commitments and price stability enabling supplier investment in labor/environmental compliance

Capacity-building approach is more sustainable than supplier replacement, particularly for developing-market suppliers who face structural capacity constraints.

Frequently Asked Questions

Connecting Related ESG Topics

Supply chain due diligence integrates with broader ESG and risk management. Explore related resources:

• Circular Economy and Waste Reduction — environmental due diligence in supply chains
• Community Impact Assessment and Social License to Operate — stakeholder engagement in supply chain regions
• Workplace Health, Safety, and Wellbeing — occupational safety standards across supply chain
• Social Responsibility in ESG: The Complete Professional Guide (2026) — comprehensive social ESG strategy
• Governance in ESG: The Complete Professional Guide — supply chain governance and accountability structures