A Coherent Approach to Sustainability Due Diligence and Reporting: Making Sense of CSDDD and CSRD

Photo by Mesut Dogan on iStock

June 17, 2024

Authors

Anna Zubets-Anderson

Associate Director, Transformation, BSR
Anna Zubets-Anderson

Associate Director, Transformation, BSR

New York

Anna works with BSR member companies on a range of consulting projects and collaborative initiatives, with particular focus on sustainability reporting.

Her professional background encompasses corporate reporting, sustainability strategy, and providing training and coaching services. Before joining BSR, Anna operated as an independent ESG consultant and professional coach, following a thirteen-year tenure at Moody's Corporation. During her time there, she specialized in sustainable finance markets, ESG training programs, and ESG rating methodologies, in addition to overseeing a portfolio of companies within the basic materials industries. Earlier in her career, Anna spent nearly a decade at KPMG LLP, serving as an Audit Manager in the U.S. Additionally, she was a member of their International Standards Group in London (UK), where she assisted KPMG member firms and clients in adapting to changes in global accounting and auditing regulations.

Anna’s educational background encompasses social policy, human rights, corporate citizenship, business leadership, and mental health. She holds:

Master of Social Work, Fordham University, New York, 2023

Post-graduate certificate in Corporate Citizenship and Sustainability Reporting, Boston College, 2023

Bachelor of Science in Business Administration, San Francisco State University.
Alison Berthet

Associate Director, Human Rights, BSR

Alison Berthet

Associate Director, Human Rights, BSR

Paris

Alison supports companies in embedding respect for human rights across their organizations and value chain. She brings a strong, collaborative spirit and expertise in developing and implementing strategies and governance, due diligence, and engagement mechanisms to effectively manage human rights risks.

Alison joined BSR from BT Group plc, a BSR member company, where she led the development of a new human rights strategy geared at ensuring a responsible approach to how the organization buys, sells, develops, and uses technology. Highlights included setting up a new steering group, engaging key internal stakeholders through innovative workshops, and integrating human rights risks in BT’s group risk management framework. Before that, Alison trained and practiced as a corporate lawyer at the global law firm Hogan Lovells, specializing in international arbitration and business and human rights disputes. Her experience included advising a European energy company and its executives against a potential criminal prosecution for complicit liability in war crimes committed by a state military.

Alison holds a LLM in Public International Law and a BSc in International Relations and History from the London School of Economics and Political Science. Alison is fluent in English and French.
Paloma Muñoz Quick

Director, Human Rights Standards, BSR

Paloma Muñoz Quick

Director, Human Rights Standards, BSR

New York

Paloma leads BSR’s work on Human Rights Standards, including knowledge management and advising companies across industries on human rights and responding to emerging standards and regulation. She is also Senior Advisor to BSR’s Finance & Human Rights Practice.

Prior to joining BSR, Paloma was Advisor to the UN Working Group on Business and Human Rights and Senior Consultant of the UN B-Tech Project, where she developed an ambitious vision for promoting the uptake of the UN Guiding Principles on Business and Human Rights among investors and developed guidance on responsible investment in digital technologies. Prior to the UN, Paloma launched and served as Director of the Investor Alliance for Human Rights, where she developed thought leadership on the investor responsibility to respect human rights and supported stewardship engagements across industries. She also worked as Senior Advisor at the Danish Institute for Human Rights, where she advised companies, governments, and civil society around the world on business and human rights.

Paloma is on the Editorial Board of Developments in the Field of the Business and Human Rights Journal of Cambridge University. She was also Design Team Member of the Human Rights Measurement Initiative and served as Advisory Board Member for First Peoples Worldwide.

She holds a Master of International Affairs (M.I.A.) in Human Rights from the School of International and Public Affairs at Columbia University and a B.A. in Political Science, also from Columbia University.

Paloma is Chilean-American and is fluent in English, Spanish, and Portuguese.
Beth Richmond

Director, Transformation, BSR

Beth Richmond

Director, Transformation, BSR

New York

Beth helps companies create a more just and sustainable world through cutting-edge sustainability management. Beth leads BSR’s strategy practice, helping companies understand performance, identify priorities, and design effective sustainability solutions that increase resilience and deliver value for business and society.

Beth is also an active member of BSR’s Sustainable Futures Lab and regularly advises companies on climate change. Beth has led engagements in all of BSR’s major industry groups, touching all of BSR’s focus areas.

Prior to joining BSR, Beth served as the director of sustainability for a packaging manufacturer, where she was responsible for corporate-wide sustainability strategy and implementation. Beth also worked as a consultant to the US Environmental Protection Agency, where she developed benefit-cost analyses of proposed federal regulation and supported industry partnership development.

Beth holds a MEM from the Yale School of the Environment and a BA in Economics from Colby College.

Key Points

The EU’s Corporate Sustainability Reporting Directive (CSRD) and Corporate Sustainability Due Diligence Directive (CSDDD) are complementary. They establish a coherent regulatory framework covering the full sustainability due diligence lifecycle, from identifying and assessing adverse impacts to addressing and reporting on them.
CSDDD covers all due diligence steps while CSRD focuses on reporting. Both laws adopt a risk-based approach grounded in internationally recognized responsible business conduct standards, with some differences such as value chain activities in scope. CSRD goes beyond reporting on adverse impacts by also looking at positive impacts and financial risks and opportunities.
A pragmatic approach—that capitalizes on synergies while recognizing the specificities of each law—is key to compliance that delivers on the transformational potential of emerging sustainability regulations.

Voluntary frameworks for companies to assess, address, and report on their sustainability impacts on people and the planet have existed for decades. Nevertheless, mandatory EU requirements are bringing new attention to the governance and robustness of these processes and demanding companies harmonize their approaches across issues and teams.

CSRD and CSDDD requirements are aligned in spirit, with a clear overlap in their scopes and obligations. However, some differences exist. Implementation raises practical questions, and we recommend a pragmatic approach that capitalizes on efficiencies while acknowledging the unique requirements of each directive.

Key Similarities and Differences of CSRD and CSDDD

Obligation	CSRD requires companies to disclose impacts on people and the environment, as well as financial risks and opportunities. CSDDD establishes an obligation to conduct due diligence, i.e. to identify, assess and account for how they address (prevent, mitigate or remediate) adverse impacts.
Scope of Companies	Only a subset of the largest companies in scope of CSRD—an estimated 50,000 companies operating in the EU—are required to comply with CSDDD.
Scope of Impact	Both laws cover actual and potential adverse impacts on human rights and the environment across value chains, but the universe of topics under CSRD is broader and covers positive as well as adverse impacts.
Scope of Activities	CSRD covers impacts of own operations and across the full value chain. CSDDD covers the company’s own operations and full upstream supply chain, but only downstream activities related to transport, distribution and storage, excluding impacts connected to the use of products and services by consumers or end-users.
Affected Stakeholder Engagement	CSDDD requires meaningful engagement with affected stakeholders at every step of the due diligence process. CSRD does not require it but acknowledges that assessing materiality should be informed by due diligence and stakeholder perspectives and implicitly encourages it by requiring disclosure of such engagement (or lack thereof) across stakeholder categories.
Prioritization Criteria	Companies must prioritize their attention based on the severity and likelihood of impacts. However, CSDDD requires companies to act on all their impacts on people and the environment, while under CSRD companies set a threshold below which issues are not required to be reported on.

Five Questions for A Coherent Approach to Complying with CSRD and CSDDD

As we work to help companies comply with these regulatory requirements, five considerations stand out:

1) How and when should companies identify actual and potential adverse impacts on people and the environment?

The first step for companies in addressing and disclosing their impacts on people and the environment is identifying them. CSRD and associated guidance clarify that the materiality assessment of negative impacts is informed by the due diligence process defined in the UN Guiding Principles on Business and Human Rights (UNGPs) and the OECD Guidelines for Multinational Enterprises. Due diligence can help a company identify impacts and affected stakeholders, whose perspectives should inform the materiality assessment of impacts.

The OECD Guidelines and UNGPs, which also form the foundation of CSDDD, call for meaningfully assessing actual and potential impacts at various levels of the business, across operational contexts, and throughout the value chain on an ongoing basis (e.g. in supplier management systems). This iterative approach to assessment expects companies to progressively deepen their understanding of their most severe and likely impacts for management and disclosure and provides increasingly granular input for regularly updated double materiality assessments required by CSRD.

In practice, efforts to identify impacts as part of due diligence and as part of materiality exercises can overlap. For example, nascent due diligence processes may start with a corporate-level scan of likely impacts based on industry, geography, and business model. This resembles the high-level view of likely impacts developed as part of a materiality assessment. These processes often include conversations with a similar set of internal and external stakeholders.

As a result, practical questions may arise as to how to integrate and sequence these high-level assessments, noting that human rights and environmental assessments generally go further than impact identification and evaluation, and include an assessment of the measures taken to address these impacts. Teams can benefit from a consistent approach that reflects a unified understanding of the value chain and stakeholder landscape and ensures efficient use of the information gathered.

2) How should companies prioritize impacts for action and reporting?

CSRD and CSDDD adopt the same criteria—severity and likelihood—for prioritizing impacts, though the aim of the prioritization exercise is different: determining topics for disclosure under CSRD versus sequencing actions to address impacts under CSDDD. Companies will need to determine how best to understand the severity and likelihood in service of both objectives across a diverse range of topics. While prior corporate efforts to align with the UNGPs and OECD Guidelines provide experience in applying these criteria to human rights impacts, this approach is new for environmental teams, and it is less clear how criteria should be applied to these topics. Companies also need to determine how to consistently understand inherent (gross) and residual (net) impacts, the former being the basis for prioritizing action and disclosure on adverse impacts under CSDDD and CSRD. The assessment criteria will need to be harmonized across the organization to prevent inconsistencies in communication and action.

The lack of data on a particular topic does not mean that an impact does not exist or is not severe, particularly if the means to collect the data are lacking. Where impacts are unclear, a risk-based methodology—that seeks to assess the likelihood and severity of impacts using proxy data and/or expert judgment—should be used to inform the company’s approach.

3) Why and how should companies engage affected stakeholders?

CSRD and CSDDD stress the need to consider the perspectives of affected stakeholders (e.g., people impacted by the business, environmental defenders) and to communicate to them how impacts relevant to them are managed. While CSRD does not require stakeholder engagement, CSDDD requires—and provides criteria for—meaningful engagement. This includes providing stakeholders with relevant and comprehensive information, ensuring ongoing consultation, considering barriers to engagement, and ensuring stakeholders are free from retaliation and retribution.

Engagement can range from formal channels (e.g., consultations, interviews, surveys, and grievance mechanisms) to informal day-to-day interactions (e.g., regular meetings with customers, town halls, or community roundtables). Companies should also engage stakeholders through their legitimate representatives (e.g., trade unions or civil society organizations) and ensure engagements are tailored for specific groups. For instance, where Indigenous Peoples may be impacted, engagement may involve good faith processes of free, prior, and informed consent.

An effective stakeholder engagement approach should build trust and avoid the need for duplicative information gathering. Engagement with affected stakeholders should be integrated at each step of due diligence (as required by CSDDD), and insights from engagements should inform a company’s reporting (under CSRD), closing the due diligence lifecycle by accounting for its impact management to stakeholders.

4) How should companies address impacts?

While CSRD does not require companies to act on material impacts, it does require them to report on how they manage impacts in some detail. CSDDD requires companies to act on impacts and provides a clear operational framework to help them understand what appropriate action looks like based on the company’s involvement in harm, such as ceasing this activity and providing remedy. It points to governance and management systems that should be deployed to prevent, mitigate, and remediate adverse impacts (e.g., policies, effective grievance mechanisms) as well as ways they should use leverage (e.g., supplier contracts, industry and multi-stakeholder initiatives). Recognizing the vast differences between companies, industries, operating contexts, and issues, CSDDD leaves flexibility for companies to tailor their actions to address impacts.

5) Who should be responsible for oversight and execution of sustainability due diligence, including reporting?

Through CSRD and CSDDD, sustainability due diligence has become a legal responsibility for management and for board oversight with penalties for companies who fail to comply. Ensuring an effective response calls for clear governance structures, cross-organizational collaboration, and access to expertise. Boards may need to add members with relevant subject matter expertise or establish advisory bodies. Senior management should have formalized responsibilities and likewise draw on internal and external sustainability expertise to deepen their understanding of the company’s sustainability impacts and what good compliance looks like.

We hear from companies that new compliance pressure has the potential to become an overwhelming distraction. While this is understandable, our experience helping companies implement each step of due diligence and impact-based materiality reporting gives us hope that the regulatory baseline can become a springboard for ambitious yet pragmatic action on corporate impacts on people and the environment.

BSR’s multidisciplinary team takes a holistic approach to CSRD and CSDDD compliance strategies, helping companies to develop approaches that are aligned and integrated across the value chain. If you’d like further information, please don’t hesitate to reach out.