With the latest round of Corporate Sustainability Due Diligence Directive (CS3D) trilogue meetings with the European Parliament taking place last week, some big-ticket items are being discussed. One of which is whether the finance sector remains in scope for the CS3D. In a (for some, surprising) turn of events, the Spanish Presidency revised its position and suggested a new approach which could see the finance sector excluded from the scope, with the possibility of reviewing this at a later stage. The European Parliament is expected to offer strong resistance to this, with businesses, investors, and civil society eagerly following the debate.
Last month, the ACC, Control Risks and Linklaters held a discussion with members to analyse the state of negotiations, explore ways in which companies can start to prepare for the CS3D and address some of the legal and practical challenges that can be expected. We outline some of the key takeaways here.
On one hand, it was clear that whatever the outcome of EU negotiations, this will not bring a significant change for some as existing regulation already sets an expectation that businesses will have robust due diligence systems. It is worth noting that the newly adopted Corporate Sustainability Reporting Directive (CSRD) and European Sustainability Reporting Standards (ESRS) already set an expectation that businesses will undertake due diligence and disclose their approach to addressing sustainability impacts. Indeed, this expectation has already been set by soft law standards (such as the UN Guiding Principles on Business and Human Rights and OECD Guidelines for Multinational Enterprises) which will continue to exist regardless of how the CS3D evolves during the legislative process. Those businesses and investors who are already in scope of these new reporting requirements or who have publicly committed to adhere to these soft law standards should already be focussing on the design and implementation of appropriate due diligence systems, regardless of CS3D.
A key element to this will be obtaining relevant human rights and environmental data. The availability of robust human rights and environmental data is a key challenge when it comes to human rights and environmental due diligence. However, prior to obtaining the data, the key thing is to actually know what data is required. This is an area where having a risk-based approach will be helpful. Materiality assessments, sustainability risk assessments or human rights risk assessments will all certainly help. These will provide a picture of risk according to sector, geography and policies and structures of companies and business relationships that can, in turn, help determine what data should be collected and monitored. In fact, reporting standards such as the ESRS and the CSRD have established that metrics for disclosure are now subject to the outcome of materiality assessments.
Even so, the challenge remains. Rarely is information neatly packaged or clearly documented in a convenient format. While businesses will need to continue to push for better quality data (and indeed the advent of detailed mandatory sustainability reporting regimes should assist with this over time), a flexible approach to sourcing information may be necessary in the meantime. For example, accessing NGO reports, studies or indices, data produced by trade unions, local or regional data, etc. Proxy indicators of risk can be useful in this context (such as perceptions of corruption). These data sources can support a risk-based approach to due diligence in this area.
Another key aspect of the due diligence conversation is related to the role of contracts. Contracts provide companies with an additional avenue to develop leverage over other actors in their supply chain, particularly by providing for adherence to minimum standards or codes of conduct, monitoring and reporting, and ongoing access rights. Contracts can also provide the framework around which human rights and environmental risks are managed in a commercial relationship, for example, through human rights and environmental-related covenants for a supplier to take all reasonable steps to implement human rights policies and processes in their own operations and supply chain, and by setting out provisions relating to the remediation of adverse human rights impacts or for responsible disengagement.
However, it is also worth noting that contracts are only as good as the ability to monitor and audit them. Businesses will indeed need to plan and resource for such activities as one of the cornerstones of human rights and environmental due diligence.
We seem to be at a point in the discussion where, for many (not all), ‘low-hanging fruit’ such as having publicly available policy commitments has been reached. The conversations have now shifted to themes around assurance of processes and greater transparency and accountability. As businesses and investors (watch this space) prepare for the CS3D, it is worth thinking about it as part of an expansive ecosystem of regulation whereby assessing, remediating, and reporting are all part of the same effort.