Policy Briefing — EU Council Adopts Corporate Sustainability Due Diligence Directive

Executive briefing: On 24 May 2024 the Council of the European Union gave final approval to the Corporate Sustainability Due Diligence Directive (CS3D). The directive compels large EU and non-EU companies active in the bloc to integrate human-rights and environmental due diligence into policies, risk systems, and governance. It also requires climate transition plans aligned with the Paris Agreement.

Key obligations

• Due diligence duty. Companies must identify, prevent, mitigate, and remediate adverse human-rights and environmental impacts across their own operations, subsidiaries, and established business relationships.
• Stakeholder engagement. Article 9 requires meaningful consultation with affected stakeholders and workers when designing due diligence measures.
• Grievance mechanisms. Companies must provide accessible reporting channels and ensure whistleblower protections.
• Climate transition plan. Large companies must adopt plans ensuring business strategy aligns with limiting global warming to 1.5°C, with board-level oversight and variable remuneration linkages.
• Supervision and sanctions. Member States must designate authorities empowered to order remediation, impose fines of up to 5% of global turnover, and exclude offenders from public procurement.

Application timeline

• Transposition deadline. Member States must implement CS3D within two years of publication in the Official Journal.
• Largest companies. Companies with over 5,000 employees and €1.5 billion worldwide net turnover must comply three years after entry into force.
• Mid-tier companies. Companies with over 3,000 employees and €900 million turnover have four years.
• Standard scope. Companies exceeding 1,000 employees and €450 million turnover, and certain franchising/licensing groups, must comply five years after entry into force.

Program actions

• Value-chain mapping. Inventory suppliers and partners, prioritising high-risk sectors (textiles, agriculture, extractives) for due diligence controls.
• Risk management integration. Embed CS3D obligations into enterprise risk management, procurement, and contract management systems, including contractual clauses and audit rights.
• Remediation playbooks. Define escalation, remediation funding, and victim compensation processes that comply with Article 12.
• Climate planning. Update transition plans with science-based targets, interim milestones, and board accountability.

Sources

• Council of the EU — Corporate sustainability due diligence: Council gives final approval
• CS3D — Final compromise text approved by the Council

Zeph Tech harmonises CS3D due diligence, grievance processes, and climate transition planning with CSRD and supplier assurance programmes.

Related briefings

Curated signals from the same pillar or overlapping topics.

Policy · Credibility 94/100 · April 24, 2024

Policy Briefing — April 24, 2024

The European Parliament approved the Corporate Sustainability Due Diligence Directive, obliging large companies to map human-rights and environmental risks across operations and value chains.

Policy · Credibility 95/100 · May 24, 2024

Policy Briefing — UK Digital Markets, Competition and Consumers Act Comes into Force

The UK’s Digital Markets, Competition and Consumers Act 2024 now equips the CMA’s Digital Markets Unit with Strategic Market Status powers and modernises subscription and fake-review enforcement, demanding rapid…

Policy · Credibility 96/100 · May 31, 2024

Policy Briefing — RBI Issues IT Governance Master Direction

The Reserve Bank of India finalised a unified IT Governance, Risk, Controls and Assurance Master Direction, forcing banks, NBFC-Upper Layer entities, and payment operators to evidence board oversight, resilience, and…

Policy · Credibility 94/100 · May 17, 2024

Policy Briefing — May 17, 2024

Colorado’s SB24-205 now law demands developers and deployers of high-risk AI systems build risk programs, impact assessments, consumer notices, and incident reporting workflows ahead of the statute’s 1 February 2026…

Policy · Credibility 88/100 · May 16, 2024

Policy Briefing — South Korea PIPC Issues AI Personal Information Guidelines

South Korea’s Personal Information Protection Commission published AI Personal Information Processing Guidelines on 16 May 2024, clarifying transparency, dataset governance, and risk controls for algorithmic services.

Continue in the Policy pillar

Return to the hub for curated research and deep-dive guides.

Visit pillar hub

Latest guides

• Semiconductor Industrial Strategy Policy Guide — Zeph Tech

  Coordinate CHIPS and Science Act, EU Chips Act, and Defense Production Act programmes with capital planning, compliance, and supplier readiness.

• Digital Markets Compliance Guide — Zeph Tech

  Implement EU Digital Markets Act, EU Digital Services Act, UK Digital Markets, Competition and Consumers Act, and U.S. Sherman Act requirements with cross-functional operating…

• Export Controls and Sanctions Policy Guide — Zeph Tech

  Integrate U.S. Export Control Reform Act, International Emergency Economic Powers Act, and EU Dual-Use Regulation requirements into trade compliance, engineering, and supplier…