Unpacking the CSDDD / CSRD Omnibus Proposal

On February 26th, after a leaked draft of the EU omnibus legislation was circulated, the College of Commissioners adopted the much-anticipated Sustainability Simplification Omnibus package, covering the Corporate Sustainability Reporting Directive (CSRD), the Corporate Sustainability Due Diligence Directive (CSDDD) and the EU Taxonomy. Over the last few weeks prior to this announcement there has been vocal pushback from industry stakeholders, with some calling for the EU to not risk weakening the Directive by introducing this omnibus proposal and others calling for the enforcement date to be delayed in order to give companies more time to implement their due diligence processes. 

Here are the most important takeaways from this proposal and how to interpret them, from Sourcemap’s in-house policy team. 

The proposal emends CSDDD on “8 main points: extending the scope of maximum harmonization, targeting due diligence, as a general rule, to direct business partners, removing the duty to terminate the business relationship as a measure of last resort, limiting the notion of ‘stakeholder’ and further restricting the stages of the due diligence process that require stakeholder engagement, extending the intervals in which companies need to regularly monitor the adequacy and effectiveness of due diligence measures, clarifying the principles regarding pecuniary penalties and removing the ‘minimum cap’ for fines, removing aspects of the civil liability clause and the rules regarding representative actions, and deleting the review clause regarding financial services.” While the intent of this proposal was to harmonize requirements between CSDDD and CSRD, certain proposed changes only apply to one of the two Directives.

Extending the Scope of Maximum Harmonization

In the European Union, “harmonization” refers to the standardization of laws throughout the member states. This facilitates compliance for companies that do business in multiple EU countries, allowing them to adopt similar approaches rather than focus on disparate country-level requirements. In the original CSDDD text, the law only required high-level harmonization, allowing member states to adopt additional requirements. However, the proposal amends Article 4 of the law by extending the harmonization requirement to all social and environmental due diligence requirements, leaving labor-related due diligence up to the member states.

Scope of CSRD to match CSDDD

In a move that will significantly reduce the total number of companies subject to CSRD obligations, the omnibus proposal aims to better align the Corporate Sustainability Reporting Directive (CSRD) scope with the Corporate Sustainability Due Diligence Directive (CSDDD) scope. Both CSRD and CSDDD would apply to EU companies with more than 1,000 employees and either an annual turnover of at least EUR 50 million or a balance sheet above EUR 25 million. The threshold for foreign companies operating in the EU to more than 1,000 employees and a global annual turnover of more than EUR 450 million (up from its original EUR 150 million). Finally, the threshold for EU branches of foreign companies would increase from EUR 40 million to EUR 50 million. These changes decrease the number of companies covered by the Directive by 80%.

Reducing Due Diligence to Direct Suppliers Only

Perhaps the most notable change from the original text was the proposal to limit CSDDD due diligence obligations to a company’s direct suppliers / business partners rather than extend those due diligence obligations across the entire supply chain. While this reduces the due diligence burden on companies, it also significantly weakens the law by no longer holding companies accountable for any social or environmental risks imposed by their upstream suppliers. However, indirect suppliers may still fall under scope of the Directive “where a company has plausible information that suggests that adverse impacts at the level of the operations of an indirect business partner have arisen or may arise, it shall carry out an in-depth assessment.” Additionally, companies are no longer allowed to request information outside of CSRD requirements from their direct suppliers with fewer than 500 employees. This aligns with the existing protections for SMEs in the original text.

Removing the Duty to Terminate Business Relationships with Non-Compliant Companies

The original CSDDD text required companies to, as a last resort, terminate a business relationship with a supplier if the other company was violating environmental or human rights provisions under the law. This requirement was included in Article 10 of the Directive. In this proposal, this duty has now become optional and companies must instead create a “prevention action plan” for any relevant adverse impacts. “As long as there is a reasonable expectation that the enhanced prevention action plan will succeed, the mere fact of continuing to engage with the business partner shall not trigger the company’s liability [under the Directive].”

Companies Must Assess Due Diligence Measures and Monitor Their Effectiveness Every Five Years vs Every Year

This proposal amends Article 15 to require companies to carry out risk assessments and due diligence measures every 5 years. The original text required due diligence to be conducted on an annual basis.

On EU-Wide Liability and Fines for Non-Compliance

The proposal has removed EU-wide liability and now only refers to national law. Member States will decide their own rules on any group claims against companies where non-compliance results in adverse impacts to “natural or legal persons.” The following language, originally included in Article 29 of the text, has been removed:

“Member States shall ensure that a company can be held liable for damage caused to a natural or legal person, provided that:

(a) the company intentionally or negligently failed to comply with the obligations laid down in Articles 10 and 11, when the right, prohibition or obligation listed in the Annex to this Directive is aimed at protecting the natural or legal person; and

(b) as a result of the failure referred to in point (a), damage to the natural or legal person’s legal interests that are protected under national law was caused. A company cannot be held liable if the damage was caused only by its business partners in its chain of activities.”

As such, the member states will be allowed to adopt their own national standards on civil liability, as this would no longer be a requirement as part of harmonization.

Regarding fines for non-compliance, Article 27 required member states to impose financial penalties for non-compliance with a maximum cap that “shall not be less than 5%” of the net global annual turnover for the company in question for the financial year preceding the decision to impose the fine. This proposal removes this language and replaces it with the following: “The Commission, in collaboration with the Member States, shall issue guidance to assist supervisory authorities in determining the level of penalties in accordance with this Article. Member States shall not set a maximum limit of pecuniary penalties in their national law transposing this Directive that would prevent supervisory authorities from imposing penalties in accordance with the principles and factors set out in paragraphs 1 and 2.”

As this change would remove any EU-wide standard for fines, technically member states can issue fines that are higher or lower than 5%. It is anticipated that this ambiguity will lead to further debate amongst the Commission, Council and Parliament.

Updated Language for Climate Transition Plans

The proposal updates the language in Article 22 regarding a company’s climate transition plan, now stating that a company must “put into effect” climate transition plans in place of the previous language requiring them to “adopt” climate transition plans. This change was primarily made to align the language in CSDDD with what is reflected in the CSRD text.

Implementation Timeline

The Commission proposes a “stop the clock” for companies that have not yet reported on CSRD, delaying the implementation of sustainability reporting for CSRD by two years. Application of CSDDD would also be deferred to 2028 to allow for companies to have sufficient time to implement due diligence procedures.

On the EU Taxonomy

Finally, the proposal makes the EU Taxonomy optional for 85% of companies. Only very large companies with more than 1,000 employees and a global annual turnover of EUR 450 million would be required to report annually on the Taxonomy. All other companies have the option to report, but it would be optional.

What’s Next?

Now that the omnibus proposal has officially been introduced, trilogue negotiations would resume for CSDDD and CSRD. The Commission’s deadline to issue compliance guidelines for CSDDD has been advanced from its original 2027 deadline up to 2026. While the Commission still plans to release sector-specific guidelines for CSDDD, according to this proposal the guidelines for CSRD will be generalized. No timeline has yet been articulated for when CSRD guidelines will be published.

For more information about CSDDD, CSRD, or other EU due diligence requirements that might impact your business - and to learn how Sourcemap can help - reach out to our team of experts.