CSDDDRequirementsEU

EU Corporate Sustainability Due Diligence Directive Requirements

Use this page to map the CSDDD requirements to concrete controls, owners, and evidence.

The focus is the Directive's core operating duties: scope, risk-based due diligence, stakeholder engagement, complaints, remediation, monitoring, communication, and climate transition planning.

Back to main artifactReview sources
Author
Sorena AI
Published
May 9, 2026
Updated
May 9, 2026
Sections
8

Structured answer sets in this page tree.

Primary sources
2

Cited legal and guidance references.

Publication metadata
Sorena AI
Published May 9, 2026
Updated May 9, 2026
Overview

Directive (EU) 2024/1760 requires covered EU and non-EU companies to run risk-based human rights and environmental due diligence across their own operations, subsidiaries, and relevant chains of activities. For implementation work, the useful starting point is not a generic supplier questionnaire; it is an article-by-article control map that shows who is in scope, what process must exist, when impacts are escalated, what remedy is available, and which records prove the system is operating.

Section 1

Who must test CSDDD scope before building controls?

Article 2 sets the company scope. EU companies are in scope where they meet the employee and net worldwide turnover route, where they are an ultimate parent of a group meeting that route, or where the franchising or licensing route is met. Third-country companies use Union net turnover rather than EU employee headcount for the main route, with parallel group and franchising or licensing routes.

The general scope threshold in the adopted Directive is more than 1,000 employees and more than EUR 450 million net worldwide turnover for EU companies, or more than EUR 450 million net turnover in the Union for third-country companies. Franchise and licensing coverage is narrower: it depends on qualifying Union agreements, royalties above EUR 22.5 million, and more than EUR 80 million turnover. Scope is tested over consecutive financial years, and AIFs and UCITS are excluded.

  • Keep a scope workbook showing employee counts, net worldwide turnover, Union net turnover, franchise or licensing royalties, group status, and the two-consecutive-financial-years test.
  • For third-country companies, identify the Union branch or Member State with the highest Union turnover because Article 24 uses that fact to identify the competent supervisory authority.
  • Keep timing notes separate from the Article 2 scope test so phase-in planning does not change the underlying coverage analysis.
Sources for this answer
Directive (EU) 2024/1760 on corporate sustainability due diligence
Article 2 grounds the EU, third-country, group, franchise/licensing, consecutive-year, and fund-exclusion scope criteria.
Section 2

What is the CSDDD due diligence system required to cover?

Article 5 is the control map for CSDDD due diligence. It requires risk-based human rights and environmental due diligence covering policy and risk management, identification and assessment of actual or potential adverse impacts, prioritisation where not all impacts can be addressed at once, prevention and mitigation, ending actual impacts and minimising their extent, remediation, stakeholder engagement, complaints and notifications, monitoring, and public communication.

Article 7 turns that map into internal governance. The company must integrate due diligence into relevant policies and risk management systems and maintain a due diligence policy developed after prior consultation with employees and their representatives. The policy must describe the company's due diligence approach, include a code of conduct for the company, subsidiaries, and business partners, and describe the processes used to integrate and implement due diligence.

  • Policy evidence: due diligence policy, employee consultation record, code of conduct, business-partner extension approach, and policy review history.
  • Risk-management evidence: risk taxonomy, escalation rules, links to procurement and operational controls, and management reporting for severe or likely adverse impacts.
  • Review trigger: Article 7 requires policy review and updates without undue delay after significant change and at least every 24 months.
Sources for this answer
Directive (EU) 2024/1760 on corporate sustainability due diligence
Articles 5 and 7 define the required due diligence actions, policy content, risk-management integration, and update cadence.
Section 3

How must companies identify, assess, and prioritise impacts?

Article 8 requires companies to identify and assess actual and potential adverse impacts from their own operations, subsidiaries, and, where related to chains of activities, business partners. The required method starts with mapping operations and chain-of-activities areas where adverse impacts are most likely and most severe, then carrying out deeper assessment in those areas.

Article 9 applies when the company cannot prevent, mitigate, end, or minimise all identified impacts at the same time and to their full extent. Prioritisation must be based on severity and likelihood. Once the most severe and most likely impacts are addressed within a reasonable time, less severe and less likely impacts must be addressed.

  • Mapping fields: activity, subsidiary or business-partner link, geography, sector, product or service, affected right or environmental obligation, severity, likelihood, information source, and assessment owner.
  • Assessment inputs: quantitative and qualitative information, independent reports, stakeholder information, notifications, complaints, and business-partner data where reasonable.
  • Prioritisation evidence: scoring rationale for severity and likelihood, record of impacts deferred, reason they were deferred, and date or condition for reassessment.
Sources for this answer
Directive (EU) 2024/1760 on corporate sustainability due diligence
Articles 8 and 9 ground the mapping, in-depth assessment, information-source, and severity-and-likelihood prioritisation requirements.
Section 4

What actions are required for potential and actual adverse impacts?

Article 10 covers potential adverse impacts: companies must prevent them, or adequately mitigate them where prevention is not possible or not immediately possible. Relevant measures include prevention action plans, contractual assurances with verification, investments or operational changes, changes to business plans or purchasing practices, targeted and proportionate support for SME business partners, collaboration, and, as a last resort for severe impacts, suspension or termination where the legal and impact conditions are met.

Article 11 covers actual adverse impacts: companies must bring them to an end or minimise their extent where they cannot immediately be ended. Relevant measures include neutralisation or minimisation proportionate to severity and the company's implication, corrective action plans, contractual assurances with verification, investments and operational changes, SME support, collaboration, remediation, and last-resort suspension or termination for severe impacts where the required assessment supports that step.

  • Prevention action plan: impact description, responsible owner, affected operations or partners, timelines, qualitative and quantitative improvement indicators, support measures, and verification method.
  • Corrective action plan: actual impact, immediate containment, steps to end or minimise the impact, remediation link, affected stakeholder input, timeline, and status.
  • Responsible disengagement evidence: why other measures failed or were unavailable, whether suspension or termination could create manifestly more severe impacts, reasonable notice, mitigation steps, and periodic review.
Sources for this answer
Directive (EU) 2024/1760 on corporate sustainability due diligence
Articles 10 and 11 ground the prevention, mitigation, corrective action, SME support, verification, collaboration, and last-resort suspension or termination measures.
Section 5

When is remediation required?

Article 12 requires remediation where the company has caused or jointly caused an actual adverse impact. The definition in Article 3 frames remediation as restoring affected people, communities, or the environment to an equivalent or as-close-as-possible situation, in proportion to the company's implication in the impact. That can include financial or non-financial compensation and, where applicable, reimbursement of public-authority remedial costs.

Where the actual adverse impact is caused only by a business partner, the Directive allows voluntary remediation and allows the company to use its influence to encourage the business partner causing the impact to provide remediation.

  • Remediation file: impact description, affected person, community, or environmental interest, causation or contribution analysis, remedy offered, stakeholder engagement record, acceptance or dispute status, and follow-up monitoring.
  • Avoid treating remediation as only a payment workflow; the Directive's definition includes restoration and non-financial measures where appropriate.
  • Keep the remediation decision linked to Articles 10 and 11, because corrective measures for actual impacts may include remediation.
Sources for this answer
Directive (EU) 2024/1760 on corporate sustainability due diligence
Article 3 defines remediation and Article 12 states when companies must provide it for actual adverse impacts.
Section 6

What stakeholder, complaint, monitoring, and communication controls are required?

Article 13 requires effective engagement with stakeholders at defined due diligence stages, including gathering impact information, developing prevention and corrective action plans, deciding on suspension or termination, adopting remediation measures, and developing monitoring indicators where appropriate. Consulted stakeholders must receive relevant and comprehensive information, may request additional information, and must be protected from retaliation or retribution, including through confidentiality or anonymity.

Article 14 requires a notification mechanism and complaints procedure. People affected or with reasonable grounds to believe they might be affected, legitimate representatives, trade unions and workers' representatives, and experienced civil society organisations for environmental complaints must be able to submit complaints. The procedure must be fair, publicly available, accessible, predictable, and transparent, with follow-up rights and protection against retaliation.

Article 15 requires periodic effectiveness assessments of operations, subsidiaries, and business partners where related to the chain of activities. Assessments must happen after significant change, at least every 12 months, and whenever there are reasonable grounds to believe new adverse-impact risks may arise. Article 16 requires an annual public statement unless the company is already subject to specified sustainability reporting requirements under Directive 2013/34/EU.

  • Stakeholder engagement evidence: stakeholder group, affected right or interest, information provided, additional requests, company responses, barriers addressed, confidentiality safeguards, and how input changed the due diligence decision.
  • Complaints evidence: channel publication, eligibility basis, founded or unfounded decision, reasons, meeting record for severe impacts where requested, follow-up actions, and anti-retaliation safeguards.
  • Monitoring and communication evidence: annual assessment results, indicators used, significant-change triggers, updates to policies or measures, annual statement publication decision, and CSRD-reporting exemption rationale where used.
Sources for this answer
Directive (EU) 2024/1760 on corporate sustainability due diligence
Articles 13 to 16 ground stakeholder engagement, complaints and notifications, monitoring cadence, and public communication requirements.
Section 7

What does the CSDDD climate transition plan require?

Article 22 requires covered companies to adopt and put into effect a transition plan for climate change mitigation. The plan must aim, through best efforts, to make the company's business model and strategy compatible with the transition to a sustainable economy, the Paris Agreement 1.5 degrees Celsius objective, and the EU climate-neutrality objective, including intermediate and 2050 targets.

The plan design must include time-bound climate targets for 2030 and in five-year steps to 2050, and, where appropriate, absolute scope 1, scope 2, and scope 3 greenhouse gas emission reduction targets for significant categories. It must also describe decarbonisation levers and key actions, explain and quantify investments and funding, and describe the role of administrative, management, and supervisory bodies. Companies reporting a transition plan under the relevant CSRD provisions are deemed to have complied with the CSDDD obligation to adopt a plan, but Article 22 still requires annual updates describing progress.

  • Transition-plan evidence: target baseline, scientific evidence used, scope coverage, decarbonisation levers, investment and funding assumptions, board or management-body role, and annual progress update.
  • Do not describe the plan as a guaranteed emissions outcome; the Directive frames the plan around best efforts and plan design, implementation, and update obligations.
  • Tie climate-plan governance to the CSDDD scope conclusion so parent and subsidiary reliance on group plans is documented where used.
Sources for this answer
Directive (EU) 2024/1760 on corporate sustainability due diligence
Article 22 grounds the climate transition plan content, CSRD reporting interaction, and 12-month update requirement.
Section 8

What evidence makes the requirements operational?

A defensible CSDDD requirements file should show that the company has translated Articles 2, 5, 7 to 16, and 22 into owned processes. The evidence should connect the legal requirement to business systems: procurement, supplier management, operations, enterprise risk, sustainability reporting, complaints handling, remediation, legal governance, and board or management-body oversight.

The evidence should also separate current law from monitoring items. Proposal-stage Omnibus simplification material should stay in a watchlist until an adopted act is available in the source set being used for implementation.

  • Scope and phase-in register with source citation, thresholds tested, responsible legal owner, and next review trigger.
  • Due diligence policy pack with employee consultation, code of conduct, risk-management integration, and update history.
  • Impact register with mapping, in-depth assessments, severity and likelihood prioritisation, prevention plans, corrective plans, remediation records, and monitoring indicators.
  • Stakeholder and complaints records with channel evidence, confidentiality controls, anti-retaliation safeguards, follow-up decisions, and founded or unfounded complaint reasons.
  • Communication and climate-plan pack with annual statement analysis, CSRD-reporting interaction, transition-plan targets, investments, management-body role, and annual progress update.
Sources for this answer
Directive (EU) 2024/1760 on corporate sustainability due diligence
Primary legal source for the requirement-to-evidence map across Articles 2, 5, 7 to 16, and 22.
European Commission CSDDD overview
Commission overview used for plain-language confirmation that the CSDDD targets adverse human rights and environmental impacts in operations, subsidiaries, and chains of activities.
Recommended next step

Turn CSDDD requirements into an evidence system

Use this CSDDD requirements map to connect legal scope, due diligence controls, complaints, remediation, transition-plan governance, and source-linked evidence.

Research workflow
Open Research Copilot

Answer CSDDD implementation questions with cited source material.

Explore next step
Talk to Sorena
Discuss CSDDD implementation

Review scope, due diligence controls, and evidence requirements with Sorena.

Explore next step
Primary sources

References and citations

European Commission CSDDD overview
commission.europa.eu
Referenced sections
  • Commission overview used for plain-language confirmation that the CSDDD targets adverse human rights and environmental impacts in operations, subsidiaries, and chains of activities.
"identify and address adverse human rights and environmental impacts"
Related guides

Explore more topics

CSDDD adverse impact prioritisation workflow
A CSDDD workflow for identifying actual and potential adverse human rights and environmental impacts, ranking severity and likelihood, and documenting prevention, mitigation, remediation, and stakeholder evidence.
CSDDD Applicability Test: EU and Non-EU Company Scope
Test whether Directive (EU) 2024/1760 may apply to an EU or non-EU company using grounded CSDDD employee, turnover, group, franchise, royalty, exclusion, and phase-in checks.
CSDDD chain of activities and supplier due diligence
Explain CSDDD chain-of-activities scope, upstream and downstream boundaries, subsidiaries, direct and indirect business partners, supplier risk segmentation, and evidence.
CSDDD Chain of Activities Boundaries
Define CSDDD upstream and downstream chain of activities boundaries for subsidiaries, direct and indirect business partners, distribution, transport, storage, and records.
CSDDD chain of activities boundaries: upstream and downstream FAQ
FAQ on how the CSDDD defines chain of activities boundaries for subsidiaries, direct and indirect business partners, upstream activities, downstream logistics, and evidence.
CSDDD civil liability under Article 29: what companies should check
FAQ on CSDDD Article 29 civil liability: liability conditions, protected legal interests, causation, compensation, limitation periods, and evidence disclosure.
CSDDD Climate Transition Plan Requirements
Article 22 CSDDD guidance for climate transition plans: business model alignment, targets, actions, funding, governance, and 12-month progress updates.
CSDDD complaints and notifications FAQ
FAQ on Article 14 CSDDD complaint and notification mechanisms, who may complain, follow-up rights, confidentiality, retaliation, and evidence.
CSDDD compliance duties and evidence guide
A grounded CSDDD compliance guide covering due diligence policy, adverse impact identification, prevention, corrective action, complaints, monitoring, reporting, climate plans, and supervisory evidence.
CSDDD contractual assurances FAQ for Articles 10 and 11
How CSDDD Articles 10 and 11 use contractual assurances with business partners, verification, SME support, action plans, and suspension or termination escalation.
CSDDD deadlines and compliance calendar after Directive (EU) 2025/794
Current CSDDD calendar for transposition, application phases, Article 16 reporting exceptions, Commission guidance dates, and practical compliance evidence.
CSDDD due diligence checklist
A grounded CSDDD checklist for scope, due diligence policy, chain-of-activities risk mapping, impact prioritisation, action plans, complaints, monitoring, communication, climate planning, and evidence.
CSDDD Due Diligence Steps Playbook for Articles 5 and 7-16
A grounded playbook for the CSDDD due diligence sequence: policy integration, impact assessment, prioritisation, prevention, correction, remediation, stakeholder engagement, complaints, monitoring, communication, and evidence.
CSDDD FAQ: scope, dates, duties, liability, and evidence
Practical answers on CSDDD scope, current application dates, chain of activities, due diligence duties, complaints, remediation, civil liability, climate plans, and evidence.
CSDDD franchising and licensing scope FAQ
FAQ on when franchise or licensing networks can fall within Article 2 of the EU CSDDD, including royalties, turnover, EU and non-EU treatment, and evidence.
CSDDD grievance and remediation workflow guide
Build a CSDDD grievance, notification, stakeholder engagement, and remediation workflow around Articles 12, 13, and 14 of Directive (EU) 2024/1760.
CSDDD Liability and Penalties: enforcement, fines, and civil claims
A grounded guide to CSDDD supervisory enforcement, penalty mechanics, civil liability, compensation limits, evidence records, and national transposition caveats.
CSDDD non-EU turnover threshold FAQ
How non-EU companies should assess CSDDD scope using EU-generated turnover, group thresholds, authorised representative records, and competent authority evidence.
CSDDD Non-EU Turnover Thresholds and Scope Waves
Article 2 and Article 37 CSDDD scope guide for non-EU Union turnover, group routes, franchise and licensing routes, and current application dates after Directive (EU) 2025/794.
CSDDD Omnibus timing changes after Directive (EU) 2025/794
FAQ answer on current CSDDD Article 37 dates after Directive (EU) 2025/794 and how to separate adopted timing changes from proposal-stage Omnibus simplification.
CSDDD penalties and fines under Article 27
How CSDDD Article 27 sets penalty rules, turnover-based fine caps, public decision publication, supervisory authority powers, and national transposition caveats.
CSDDD prevention vs mitigation: potential and actual adverse impacts
CSDDD FAQ on when to prevent or mitigate potential adverse impacts, when to end or minimise actual adverse impacts, and what evidence records to keep.
CSDDD remediation FAQ: when companies must remedy adverse impacts
FAQ on CSDDD remediation: when Article 12 requires remedy, how complaints and stakeholder engagement affect the response, and what evidence to keep.
CSDDD Remediation Plan Template: Article 12, 13 and 14 evidence
A CSDDD remediation plan template for actual adverse impacts, complaint inputs, stakeholder engagement, action records, and monitoring evidence.
CSDDD risk prioritisation FAQ: severity, likelihood, and evidence
How to prioritise CSDDD adverse impacts when teams cannot address everything at once, using severity, likelihood, stakeholder evidence, and a reviewable rationale.
CSDDD Scope Thresholds: EU, Non-EU, Group and Franchise Routes
Article 2 CSDDD scope thresholds for EU companies, non-EU Union turnover, ultimate-parent groups, franchise and licensing routes, consecutive-year tests, and evidence records.
CSDDD scope waves: current Article 37 dates and thresholds
FAQ on the current CSDDD phase-in after Directive (EU) 2025/794: 26 July 2028, 26 July 2029, Article 2 scope thresholds, and evidence to retain.
CSDDD Supplier Contract Clause Review Workflow
Review supplier contract clauses against CSDDD Articles 10 and 11: contractual assurances, verification, SME fairness, support, action plans, and escalation evidence.
CSDDD Supplier Contract Clauses: Articles 10 and 11 Evidence
How to use CSDDD supplier contract clauses without treating clauses as a substitute for due diligence: contractual assurances, verification, SME support, action plans, limits, and evidence.
CSDDD supplier human rights impact scoring template
A CSDDD supplier impact scoring template for Article 8 identification, Article 9 prioritisation, severity, likelihood, stakeholder input, chain-of-activities boundaries, and evidence records.
CSDDD transition plans FAQ: Article 22 climate plan requirements
FAQ on CSDDD Article 22 climate transition plans: targets, decarbonisation levers, investment and funding, governance, CSRD overlap, and evidence records.
CSDDD vs CSRD: Due Diligence and Reporting Compared
Compare CSDDD due diligence duties with CSRD sustainability reporting, including scope, timing, Article 16 reporting, evidence overlap, assurance, and enforcement.
CSDDD vs German LkSG Comparison
Compare the EU CSDDD with Germany's LkSG without mixing directive duties, national-law duties, chain boundaries, complaints, reporting, and enforcement routes.
CSDDD vs OECD Guidelines
Compare the binding EU CSDDD with the OECD Guidelines for responsible business conduct across scope, due diligence duties, business relationships, remediation, and evidence.
How CSDDD overlaps with OECD, UNGP, and ILO standards
FAQ on how OECD responsible business conduct guidance, the UN Guiding Principles, and ILO labour standards inform CSDDD due diligence without being the same legal instrument.