FAQCSDDDEU

CSDDD chain of activities where upstream and downstream due diligence boundaries stop

The CSDDD chain of activities boundary covers a company's own operations, subsidiaries, and business partners where their activities fall inside the directive's upstream or downstream definitions.

Use this FAQ to classify suppliers, logistics providers, service partners, subsidiaries, and downstream exclusions before assigning CSDDD due diligence evidence.

Back to main artifactReview sources
Author
Sorena AI
Published
May 9, 2026
Updated
May 9, 2026
Questions
6

Structured answer sets in this page tree.

Primary sources
1

Cited legal and guidance references.

Publication metadata
Sorena AI
Published May 9, 2026
Updated May 9, 2026
Overview

Under the EU Corporate Sustainability Due Diligence Directive, the chain of activities is not the same as an unlimited value-chain map. It has defined upstream coverage, narrower downstream product coverage, separate treatment for subsidiaries, and explicit exclusions for some downstream services, product disposal, and authorised export-controlled products.

Search this module

Find a question or answer quickly

6 of 6 questions
Question 1

What does chain of activities mean under the CSDDD?

For CSDDD due diligence, start with three buckets: the company's own operations, the operations of its subsidiaries, and the operations of business partners where those partner activities are related to the company's chain of activities.

The upstream side is broad. It covers business partner activities related to producing goods or providing services for the company, including design, extraction, sourcing, manufacture, transport, storage, raw material supply, product or part supply, and development of the product or service.

The downstream side is narrower. It covers distribution, transport, and storage of the company's product only where the downstream business partner performs those activities for the company or on the company's behalf.

  • Map own operations and subsidiary operations separately from partner operations.
  • Classify each partner as upstream, downstream product logistics, or outside the CSDDD chain-of-activities definition.
  • Do not treat downstream customer use, general resale, product disposal, or downstream services as covered merely because they occur after sale.
Citations
Question 2

Are subsidiaries inside the chain of activities boundary?

Subsidiaries are not just another supplier tier. The CSDDD repeatedly treats due diligence as covering a company's own operations, the operations of its subsidiaries, and, where related to the chain of activities, the operations of business partners.

That means a boundary file should identify subsidiaries directly, then identify which business partners sit in each subsidiary's chain of activities. If a parent carries out due diligence obligations on behalf of in-scope subsidiaries, the subsidiary still needs enough local records to show how the parent policy, risk assessment, prevention measures, stakeholder engagement, remediation, and monitoring apply to that subsidiary.

Where a parent uses the CSDDD group-level support route, keep the parent-subsidiary information exchange, adapted policy, local risk-management integration, and any subsidiary-specific partner measures visible in the evidence file.

  • Record each covered subsidiary, legal entity, activity, site, product line, and service line.
  • Show which parent-level due diligence elements apply to the subsidiary and which are handled locally.
  • Keep subsidiary evidence separate enough to respond to supervisory authority questions and civil-liability analysis.
Citations
Recommended next step

Turn CSDDD boundary decisions into an evidence file

Map subsidiaries, upstream partners, downstream logistics providers, exclusions, and unresolved cases before assigning CSDDD assessment and prevention measures.

Research workflow
Open Research Copilot

Check CSDDD boundary questions against cited source material.

Explore next step
Talk to Sorena
Discuss CSDDD implementation

Review chain-of-activities scope, partner evidence, and practical due diligence steps with Sorena.

Explore next step
Question 3

How should direct and indirect business partners be classified?

A direct business partner is an entity with a commercial agreement related to the company's operations, products, or services, or an entity to which the company provides services. An indirect business partner is not the direct contracting party, but performs business operations related to the company's operations, products, or services.

The distinction matters because CSDDD measures often start with direct partners, then extend to indirect partners when their activities are part of the chain of activities and where risk assessment shows adverse impacts are likely or severe. For example, contractual assurances from a direct partner may need corresponding assurances from that partner's relevant partners; in some cases, the company may seek assurances directly from an indirect partner.

Do not stop classification at the procurement system's vendor record. The useful test is whether the partner's activity is related to the company's operations, products, or services and falls inside the upstream or downstream chain-of-activities definition.

  • Use contract records to identify direct business partners.
  • Use bills of material, logistics flows, service delivery maps, supplier disclosures, audit data, and complaints to identify indirect partners.
  • Flag indirect partners in high-risk geographies, sectors, product inputs, or logistics roles for deeper assessment rather than treating them as invisible tiers.
Citations
Question 4

Where do downstream distribution, transport, and storage stop?

Downstream coverage is limited to distribution, transport, and storage of the company's product where a business partner carries out those activities for the company or on the company's behalf. It is not a general downstream customer, reseller, user, or end-of-life obligation.

A contracted warehouse, fulfilment provider, carrier, distributor, or logistics provider can therefore sit inside the downstream boundary when it handles the company's product for the company. A customer that buys and uses the product for its own business normally needs a separate analysis and should not be included merely because it is downstream.

The directive also states that the chain of activities does not include product disposal. It excludes distribution, transport, storage, and disposal of products subject to Member State export controls, including dual-use controls or weapons, munitions, and war material controls, once export is authorised.

  • Include downstream product logistics performed for the company or on its behalf.
  • Exclude downstream activities related to the company's services, and for regulated financial undertakings exclude downstream recipients of services and products.
  • Exclude product disposal from the CSDDD chain-of-activities boundary, while checking whether another product, waste, export-control, or sector law applies.
Citations
Question 5

What evidence should a CSDDD boundary decision retain?

Keep evidence that proves why each activity is in scope, out of scope, or unresolved. A useful boundary record links the legal definition to the company's actual product, service, subsidiary, supplier, logistics, and partner facts.

The record should also show how the boundary decision fed the Article 8 mapping and in-depth assessment, and how it affected prevention or mitigation measures under Article 10 or actual-impact measures under Article 11.

Because business partners are not generally required to disclose trade secrets, preserve the minimum information needed to identify direct and indirect partners and adverse-impact risks without turning the evidence request into an unsupported data grab.

  • Boundary matrix with columns for entity, activity, product or service, upstream or downstream classification, direct or indirect partner status, inclusion decision, source citation, and reviewer.
  • Product and service flow evidence: bills of material, sourcing maps, logistics routes, warehouse contracts, distributor contracts, service delivery diagrams, and subsidiary activity descriptions.
  • Risk evidence: sector, geography, product, service, business-operation, and complaint data used to decide where adverse impacts are most likely or most severe.
  • Action evidence: prevention action plans, contractual assurances, verification records, SME support decisions, suspension or termination reviews, and monitoring updates where the boundary decision triggered CSDDD measures.
Citations
Question 6

What is the most common mistake with CSDDD chain-of-activities boundaries?

The most common mistake is using a broad value-chain diagram as if every actor in it is automatically inside the CSDDD chain of activities. The directive's wording is more specific: upstream is tied to production of goods or provision of services, while downstream is limited to product distribution, transport, and storage performed for the company or on its behalf.

A second mistake is losing the distinction between subsidiaries, direct partners, and indirect partners. Those categories affect who holds information, where leverage sits, which assurances are realistic, and what evidence can be requested without overreaching.

A defensible answer is a maintained boundary file: it names the entity, activity, product or service, partner tier, inclusion decision, exclusion rationale, risk signals, and follow-up due diligence measure.

  • Do not include product disposal unless another legal regime separately requires disposal controls.
  • Do not include downstream service recipients as if they were downstream product logistics providers.
  • Do not rely only on first-tier supplier lists when indirect partners perform activities tied to high-risk production, sourcing, manufacture, transport, storage, or supply.
Citations
Primary sources

References and citations

Related guides

Explore more topics

CSDDD adverse impact prioritisation workflow
A CSDDD workflow for identifying actual and potential adverse human rights and environmental impacts, ranking severity and likelihood, and documenting prevention, mitigation, remediation, and stakeholder evidence.
CSDDD Applicability Test: EU and Non-EU Company Scope
Test whether Directive (EU) 2024/1760 may apply to an EU or non-EU company using grounded CSDDD employee, turnover, group, franchise, royalty, exclusion, and phase-in checks.
CSDDD chain of activities and supplier due diligence
Explain CSDDD chain-of-activities scope, upstream and downstream boundaries, subsidiaries, direct and indirect business partners, supplier risk segmentation, and evidence.
CSDDD Chain of Activities Boundaries
Define CSDDD upstream and downstream chain of activities boundaries for subsidiaries, direct and indirect business partners, distribution, transport, storage, and records.
CSDDD civil liability under Article 29: what companies should check
FAQ on CSDDD Article 29 civil liability: liability conditions, protected legal interests, causation, compensation, limitation periods, and evidence disclosure.
CSDDD Climate Transition Plan Requirements
Article 22 CSDDD guidance for climate transition plans: business model alignment, targets, actions, funding, governance, and 12-month progress updates.
CSDDD complaints and notifications FAQ
FAQ on Article 14 CSDDD complaint and notification mechanisms, who may complain, follow-up rights, confidentiality, retaliation, and evidence.
CSDDD compliance duties and evidence guide
A grounded CSDDD compliance guide covering due diligence policy, adverse impact identification, prevention, corrective action, complaints, monitoring, reporting, climate plans, and supervisory evidence.
CSDDD contractual assurances FAQ for Articles 10 and 11
How CSDDD Articles 10 and 11 use contractual assurances with business partners, verification, SME support, action plans, and suspension or termination escalation.
CSDDD deadlines and compliance calendar after Directive (EU) 2025/794
Current CSDDD calendar for transposition, application phases, Article 16 reporting exceptions, Commission guidance dates, and practical compliance evidence.
CSDDD due diligence checklist
A grounded CSDDD checklist for scope, due diligence policy, chain-of-activities risk mapping, impact prioritisation, action plans, complaints, monitoring, communication, climate planning, and evidence.
CSDDD Due Diligence Steps Playbook for Articles 5 and 7-16
A grounded playbook for the CSDDD due diligence sequence: policy integration, impact assessment, prioritisation, prevention, correction, remediation, stakeholder engagement, complaints, monitoring, communication, and evidence.
CSDDD FAQ: scope, dates, duties, liability, and evidence
Practical answers on CSDDD scope, current application dates, chain of activities, due diligence duties, complaints, remediation, civil liability, climate plans, and evidence.
CSDDD franchising and licensing scope FAQ
FAQ on when franchise or licensing networks can fall within Article 2 of the EU CSDDD, including royalties, turnover, EU and non-EU treatment, and evidence.
CSDDD grievance and remediation workflow guide
Build a CSDDD grievance, notification, stakeholder engagement, and remediation workflow around Articles 12, 13, and 14 of Directive (EU) 2024/1760.
CSDDD Liability and Penalties: enforcement, fines, and civil claims
A grounded guide to CSDDD supervisory enforcement, penalty mechanics, civil liability, compensation limits, evidence records, and national transposition caveats.
CSDDD non-EU turnover threshold FAQ
How non-EU companies should assess CSDDD scope using EU-generated turnover, group thresholds, authorised representative records, and competent authority evidence.
CSDDD Non-EU Turnover Thresholds and Scope Waves
Article 2 and Article 37 CSDDD scope guide for non-EU Union turnover, group routes, franchise and licensing routes, and current application dates after Directive (EU) 2025/794.
CSDDD Omnibus timing changes after Directive (EU) 2025/794
FAQ answer on current CSDDD Article 37 dates after Directive (EU) 2025/794 and how to separate adopted timing changes from proposal-stage Omnibus simplification.
CSDDD penalties and fines under Article 27
How CSDDD Article 27 sets penalty rules, turnover-based fine caps, public decision publication, supervisory authority powers, and national transposition caveats.
CSDDD prevention vs mitigation: potential and actual adverse impacts
CSDDD FAQ on when to prevent or mitigate potential adverse impacts, when to end or minimise actual adverse impacts, and what evidence records to keep.
CSDDD remediation FAQ: when companies must remedy adverse impacts
FAQ on CSDDD remediation: when Article 12 requires remedy, how complaints and stakeholder engagement affect the response, and what evidence to keep.
CSDDD Remediation Plan Template: Article 12, 13 and 14 evidence
A CSDDD remediation plan template for actual adverse impacts, complaint inputs, stakeholder engagement, action records, and monitoring evidence.
CSDDD requirements: scope, due diligence, climate plan, and evidence
A grounded map of the Corporate Sustainability Due Diligence Directive requirements across scope, due diligence policy, impact assessment, complaints, remediation, monitoring, communication, and climate transition planning.
CSDDD risk prioritisation FAQ: severity, likelihood, and evidence
How to prioritise CSDDD adverse impacts when teams cannot address everything at once, using severity, likelihood, stakeholder evidence, and a reviewable rationale.
CSDDD Scope Thresholds: EU, Non-EU, Group and Franchise Routes
Article 2 CSDDD scope thresholds for EU companies, non-EU Union turnover, ultimate-parent groups, franchise and licensing routes, consecutive-year tests, and evidence records.
CSDDD scope waves: current Article 37 dates and thresholds
FAQ on the current CSDDD phase-in after Directive (EU) 2025/794: 26 July 2028, 26 July 2029, Article 2 scope thresholds, and evidence to retain.
CSDDD Supplier Contract Clause Review Workflow
Review supplier contract clauses against CSDDD Articles 10 and 11: contractual assurances, verification, SME fairness, support, action plans, and escalation evidence.
CSDDD Supplier Contract Clauses: Articles 10 and 11 Evidence
How to use CSDDD supplier contract clauses without treating clauses as a substitute for due diligence: contractual assurances, verification, SME support, action plans, limits, and evidence.
CSDDD supplier human rights impact scoring template
A CSDDD supplier impact scoring template for Article 8 identification, Article 9 prioritisation, severity, likelihood, stakeholder input, chain-of-activities boundaries, and evidence records.
CSDDD transition plans FAQ: Article 22 climate plan requirements
FAQ on CSDDD Article 22 climate transition plans: targets, decarbonisation levers, investment and funding, governance, CSRD overlap, and evidence records.
CSDDD vs CSRD: Due Diligence and Reporting Compared
Compare CSDDD due diligence duties with CSRD sustainability reporting, including scope, timing, Article 16 reporting, evidence overlap, assurance, and enforcement.
CSDDD vs German LkSG Comparison
Compare the EU CSDDD with Germany's LkSG without mixing directive duties, national-law duties, chain boundaries, complaints, reporting, and enforcement routes.
CSDDD vs OECD Guidelines
Compare the binding EU CSDDD with the OECD Guidelines for responsible business conduct across scope, due diligence duties, business relationships, remediation, and evidence.
How CSDDD overlaps with OECD, UNGP, and ILO standards
FAQ on how OECD responsible business conduct guidance, the UN Guiding Principles, and ILO labour standards inform CSDDD due diligence without being the same legal instrument.