Authors
Key Points
- The Corporate Sustainability Due Diligence Directive’s (CSDDD) obligations for financial institutions include due diligence on the actual or potential human rights and environmental impacts of their own operations, subsidiaries, and upstream value chain.
- Looking ahead, financial institutions should adopt a pragmatic approach to CSDDD alignment. This includes conducting downstream due diligence, as this data is needed for reporting under the Corporate Sustainability Reporting Directive (CSRD) and could potentially become a requirement in the CSDDD.
- Financial institutions in-scope of the CSDDD should start taking action by looking to international due diligence standards to identify management gaps, upskilling and collaborating across teams, mapping their value chains, identifying affected stakeholders, and developing a roadmap for alignment.
In July 2024, the WBA’s Social Benchmark evaluated the world’s 2,000 most influential companies and found that approximately 90% of financial institutions assessed scored zero on human rights due diligence. This follows the 2022 WBA Financial Systems Benchmark findings that 80% of financial institutions did not acknowledge their impacts on the environment or society.
Despite the progress we have seen in the industry at BSR, these figures are sobering. They highlight the importance of mandatory measures that foster responsible finance industry conduct to drive the transition to a more just and sustainable green economy.
Inclusion of the finance industry in CSDDD was the subject of intense debate throughout the negotiation process and proved to be a major sticking point among EU governments. Despite intense lobbying, the finance industry is in scope of CSDDD, with downstream due diligence out of scope.
Adopted in May 2024, the CSDDD is the EU’s most ambitious attempt to reshape business practices in support of sustainability. It is grounded on globally agreed due diligence standards—the OECD Guidelines for Multinational Enterprises and the UN Guiding Principles on Business and Human Rights (UNGPs). It requires some 6,000 EU companies and 900 non-EU companies to conduct risk-based due diligence on their human rights and environmental impacts. This includes managing climate impacts through the adoption of climate transition plans covering scopes 1, 2, and 3 emissions. Companies may be held civilly liable for damages for failing to comply with the law.
Unpacking the Implications for the Finance Industry
Starting as early as 2027, “regulated financial undertakings” that operate or generate income in the EU and meet the relevant EUR€450 million and employee thresholds must conduct due diligence to assess, manage, and report on the actual and potential negative impacts of their operations, subsidiaries, and supply chains on human rights and the environment. Companies in scope include investment firms, alternative investment fund managers, insurance companies, credit institutions, central securities depositories, financial holding companies, and crypto companies.
The CSDDD requires shifting attention away from purely financial risks to the risks that business poses to people and the environment. It involves investing time and resources to embed concern for—and transparency on—human rights and environmental impacts into business cultures and creating channels for affected stakeholders to report harm. Where prioritizing action may be necessary, the most severe and likely impacts must be prioritized first.
In practice, banks, asset managers, and others must know and show that they manage the impacts of their operations on their workforce, on the individuals they serve, and on the environment. Key risks include paying some workers below the living wage, engaging in predatory lending to at-risk communities, or failing to prevent environmental harms of crypto-assets.
It also requires addressing supply chain impacts—ranging from privacy breaches and labor impacts associated with data management providers to office equipment and hardware tainted with modern slavery—through an ongoing process of assessment, engagement, and monitoring. It requires using responsible contracts and may involve providing support to small and medium-sized enterprises and collaborating with peers to address root-cause issues. While the CSDDD only applies to supply chain relationships, it recognizes the leverage tools available to the finance industry, such as shareholder resolutions and proxy voting, and expects them to consider these when seeking to influence direct and indirect business partners.
Preparing for Downstream Due Diligence
While downstream exclusion is a sign of misalignment with the spirit of the CSDDD’s risk-based due diligence approach (as the greatest risks to people and planet in finance are found downstream), it is critical for financial institutions to incorporate this approach into their downstream activities and relationships.
The CSDDD requires the EU Commission to submit a report to the EU Council on the need for expanded downstream due diligence requirements for financial undertakings within two years of its adoption.
Given the regulatory regime in which the CSDDD resides, financial institutions should already be assessing and reporting on how they manage downstream impacts. The CSDDD is part of a trio of EU laws that create a framework for sustainability due diligence. Companies in scope of the Corporate Sustainability Reporting Directive are required to report on the material negative impacts of their downstream business partners, such as corporate clients and portfolio companies. CSRD guidance further clarifies that materiality assessments of negative impacts should be informed by the OECD Guidelines and UNGPs due diligence approach. Meanwhile, the Sustainable Finance Disclosure Regulation requires finance companies to report on the alignment of portfolio companies in ESG-labelled funds with the OECD Guidelines.
At BSR, we also see growing attention to downstream due diligence. We work with private equity firms, insurance companies, and pension funds to conduct pre-deal, site-level human right assessments and assess portfolio-level human rights impacts, including those related to environment and biodiversity. We also support companies to embed human rights throughout the investment lifecycle and develop effective grievance mechanisms to address harms across value chains. These companies are not only preparing for compliance; they recognize that these measures provide them with better data to inform business decisions and enable them to navigate emerging human rights and environmental issues more effectively.
The Journey of Finance Industry Alignment with the CSDDD and Beyond
Financial institutions are encouraged to act by developing and implementing a due diligence approach that is grounded in the OECD Guidelines and the UNGPs. In June 2024, we published insights to help companies start on their journey to align with the CSDDD. While the journey may be different for each company, some key steps include assessing gaps in existing policies and management practices, upskilling and increasing collaboration across teams, mapping their value chains and identifying affected stakeholders, and establishing a roadmap for CSDDD alignment.
BSR takes a tailored and forward-looking approach to CSDDD compliance, helping finance companies develop strategies and processes to build their resilience and align with their sustainability goals. If you’d like further information, please reach out to us.
Topics
Let’s talk about how BSR can help you to transform your business and achieve your sustainability goals.