The EU Corporate Sustainability Due Diligence Directive (CSDDD) exempts financial institutions from due diligence to identify, mitigate and remedy potential adverse impacts, whether human rights or environmental, in their downstream “chain of activities”. In practice, however, it will be hard to escape entirely, not least as the sector will still need to adopt and implement transition plans.
As recognized in the Paris Climate Agreement, financial institutions are critical players in the transition to a carbon-neutral economy and, because of their role in allocating capital, they can act as a catalyst in achieving better sustainability outcomes in society generally. When reflecting on their role, those in management at financial institutions should remember that the recitals to the CSDDD state that they are expected to consider the “adverse impacts” of their activities and use their financial leverage to influence other companies generally. Moreover, reference is made to the OECD Guidelines for Multinational Enterprises, which indicate the types of measures that are appropriate and effective for financial institutions to take in due diligence processes, while acknowledging the specific circumstances of financial services.
Intrinsically, bound up with transition plans is transition finance, where financial institutions lend to businesses to finance their transition to net-zero emissions. Unlike sustainable and green finance into renewables and recyclables, transition finance often invests in higher emissions and hard-to-abate sectors to put them on pathways to align with the 1.5°C Paris Climate Agreement goal. This path will not necessarily be linear and may in fact see emissions increase in the early years, for example, in the energy sector pending the deployment of new technologies and behavioral societal changes. For this reason, it is imperative for both the institutions providing this finance and their customers that transition plans are robust and credible and will withstand vigorous due diligence by third parties.
After protracted negotiations and delay, the EU’s Council of Ministers reached an agreement on the CSDDD,1 the text of which was approved by the European Parliament on 24 April 2024, adopted by the council on 24 May 2024 and published in the Official Journal on 5 July 2024. This legislation, to be phased in from 2027, establishes an EU-wide corporate due diligence duty on businesses to promote sustainable and responsible corporate behavior grounded in human rights and environmental concerns. To gain support to pass the measure, far fewer companies will now fall within scope, and there will be a transition period of between three to five years depending on the size of the business. Moreover, financial institutions will not now have to carry out due diligence on downstream business partners (the chain of activities) that receive their services and products, such as loans and finance.
However, these important concessions are subject to significant provisos. First, financial institutions may still be caught indirectly. This may happen when in-scope business counterparties perform mandated due diligence on them, requesting information about their operations. What’s more, under the CSDDD, larger financial institutions must adopt transition plans to show how they are mitigating their impact on global warming. This means that their business model must comply with the goal of limiting global warming to 1.5°C. In practice, preparation of such a transition plan requires downstream due diligence into their customers and on the use to which, for example, the proceeds of transition or sustainability-linked finance is put.
The European Commission must report within two years on whether to extend the financial sector’s due diligence obligations. Given the current political climate, this would seem unlikely, but the position may change. As the CSDDD is a directive it remains open to individual EU member states to go further.
In what follows, we explore the directive’s ambit and the requirement for transition plans further.
CSDDD coverage
So, which financial institutions fall within the ambit of the CSDDD for these purposes? The starting point is that the directive applies to all EU companies and partnerships that meet one of the following criteria:
They have more than 1,000 employees and a net worldwide turnover of more than EUR 450 million (this is three times the original EUR threshold).
They are the ultimate parent company of a group that, on a consolidated basis, reaches these thresholds.
For non-EU businesses, the relevant trigger is solely having a net turnover generated in the EU of more than EUR 450 million or being the ultimate parent company of a group that satisfies this threshold. It’s worth noting the absence of an employee threshold. According to the European Commission, this is because of the difficulty in transposing the concept of an “employee” to third countries without creating uncertainty. Potentially, this means that the criteria for non-EU businesses is wider than for EU-based institutions.
For both EU and non-EU businesses where the ultimate parent company has as its main activity the holding of shares in operational subsidiaries and is not involved in management, operational or financial decisions affecting the group (or one or more of its subsidiaries), it may potentially be exempted from carrying out obligations under the CSDDD. This is subject to one of the ultimate parent companies’ subsidiaries based in the EU being nominated to do so in its place. The ultimate parent company, nonetheless, remains jointly liable with the designated subsidiary for that subsidiary’s failure to comply with its obligations, even if an exemption is granted. Additionally, certain businesses benefitting from franchising or licensing agreements with entities in the EU will also be caught.
Regulated financial undertakings such as credit institutions, investment firms and fund managers are caught regardless of their legal form. Non-EU equivalents of these firms would generally fall within this definition. In contrast, alternative investment funds and undertakings for collective investments are expressly excluded from the entirety of the CSDDD. These financial products are, of course, subject to transparency requirements under the Sustainable Finance Disclosure Regulation (SFDR).
Link to CSRD reporting and SFDR duplication
The CSDDD and the Corporate Sustainability Reporting Directive (CSRD) have been linked. This means that financial institutions that “report a transition plan for climate change mitigation” in accordance with the Accounting Directive2 (as amended by the CSRD) will be treated as complying with the CSDDD’s obligation to adopt a transition plan.
Under the CSDDD, however, financial institutions will also be required to put the plan they reported into effect and update it every 12 months to assess the progress made toward its targets.
Separately, the European Commission is charged with ensuring that there is no duplication in the CSDDD reporting requirements with those under the SFDR.
Best efforts obligation
The obligation to adopt and put into effect a climate transition plan under the CSDDD is to ensure through “best efforts” that the company’s business model and strategy are compatible with the following:
The transition to a sustainable economy and the limiting of global warming to 1.5°C in line with the Paris Climate Agreement.
The objective of achieving climate neutrality contained in the EU’s European Climate Law3 (This includes the 2030 (intermediate) and 2050 climate neutrality targets and, where relevant, the exposure of the business to coal-, oil- and gas-related activities).
The requirement in the CSDDD to use “best efforts” is important. The recitals to this directive state that:
While companies should strive to achieve the … targets contained in their plans, specific circumstances may lead to companies not being able to reach these targets, where this is no longer reasonable.
In a case about online content-sharing providers, the EU courts held that when assessing if a business has fulfilled this duty, they look to see if it has taken all the steps that a diligent business would take to put such a business model and strategy in place, considering best industry practices, all relevant circumstances and the principle of proportionality.4 While this case may not be a direct analog precedent, it seems that, in broad terms, EU law requires businesses to at least take proactive diligent steps in accordance with high industry standards.
Content of transition plans
The transition plan under the CSDDD must contain the following:
Time-specific related targets for 2030 and in five-year steps up to 2050.
A description of “decarbonization levers” to be used (e.g., investments in low-carbon businesses and technologies, financing renewable energy projects, offsetting carbon emissions and incorporating ESG criteria in investment decisions), together with the key actions planned to reach these targets.
An explanation and quantification of the plan’s investments and funding.
A description of the role of management and supervisory bodies in the plan.
Critically, the time-specific targets must be scientifically based (as the Accounting Directive similarly requires), including, where appropriate, absolute emission reduction targets for scope 1, scope 2 and scope 3 greenhouse gas emissions. These requirements are of course part and parcel of any credible transition plan, for example, in accordance with the Organisation for Economic Co-operation and Development’s (OECD) guidance and the Glasgow Financial Alliance for Net Zero’s report on transition plans. Businesses included in their parent’s plan will be considered to have complied with the requirement to adopt a transition plan.
Reporting and governance
The CSDDD requires relevant businesses to provide yearly updates and progress reports on their transition plans. The original text agreed between the parliament and the council would have required those companies with more than 1,000 employees to have had a robust policy to promote the plan’s implementation, including financial incentives for members of management and supervisory bodies (e.g., sustainability key performance indicators within managers’ and employees’ incentive plans and discretionary pay awards). This provision has been removed in the final compromise.
Regulatory oversight and fines
Member states will designate their financial regulators to supervise financial institutions in their compliance with the CSDDD. In line with other recent EU legislation, there will be significant penalties for noncompliance under national law. These must be sufficient to be “dissuasive, proportionate and effective,” taking account of “the nature, gravity and duration of the infringement, and the severity.” The maximum limit of pecuniary penalties is not to be less than 5% of net worldwide turnover. Additionally, where damage can be shown, there is potential for civil liability in the case of intentional or negligent failure.
1 Official Journal of EU, 5 July 2024.
2 Directive 2013/34/EU Consolidated Text.
3 Regulation (EU) 2021/1119.
4 See Poland v. Parliament and Council, ECJ (2022) C-401-19.