The new legislation is designed to impose new wide-ranging environmental, social and corporate governance (ESG) due diligence requirements on the whole value chain of companies established or operating in the European Union. The new obligations can therefore apply to EU and non-EU companies alike and will affect non-EU companies dealing with companies operating in the EU.
Wide New Obligations and Liabilities
Companies whose activities fall under the scope of the new legislation are required to carry out a comprehensive due diligence of their operations and direct and indirect business relationships, upstream and downstream, in and outside of the EU and publish a statement that they have identified no potential or actual risk to human rights, the environment or good governance as well as the data and methodology used.
If risks have been identified, companies must publish, implement and report annually on their due diligence strategy and policies to monitor and address those risks (including a description of their value chain), and ensure that their business and business partners conform to that strategy: e.g. independent audits of suppliers and service providers, additional undertakings in contracts, requirement to adhere to codes of conduct, etc.
Sanctions for non-compliance are yet to be defined but may include proportionate but dissuasive administrative fines, financial or non-financial compensation, reinstatement, public apologies, restitution and injunctions, as well as exclusion from public procurement, state aid or export credit agency facilities. Crucially, sanctions can be cumulative with civil liability.
The idea behind the new legislation is that voluntary due diligence and national or sectoral legislation are not sufficient to combat recurring issues such as child or forced labour, pollution, land grabbing and corruption. The new legislation is extra-territorial by design: by imposing an EU mandatory due diligence framework requiring companies to take responsibility for their supply chains, it intends to reach business practices everywhere in the world and promote a level-playing field for all businesses in the EU.
Despite its wide scope, the new legislation has some limits. It applies only to large companies, publicly listed small and medium enterprises (SMEs), SMEs with a business that is at high-risk of human rights, environmental and governance issues, and companies providing financial services and products.
The new legislation also accepts that companies’ due diligence strategies and policies should be proportionate and commensurate to the likelihood and severity of the risk to human rights, the environment or good governance, their sector of activity and their capacity and resources.
Finally, it shall be a defence for companies to show that they have proper due diligence processes and effectively implement their policies to prevent harm; the EU endeavours to publish general non-binding guidelines to facilitate companies’ compliance and companies may be allowed to comply by collaborating through multi-party institutions.
Stakeholders and Sanctions
The new legislation gives extensive rights of consultation and accountability to third-party ‘stakeholders’; the term is defined widely to include any persons or groups of persons whose rights or interests may be affected by the potential or actual adverse impact of the companies’ business or business relations on human rights, the environment or good governance, such as shareholders, trade unions, local communities and civil society organisations.
The intention is to engage and give rights of redress to stakeholders who might not otherwise have the means to do so under national (local) laws. Accordingly, companies are required to consult stakeholders when they develop their due diligence plans and to provide them with relevant information concerning those plans upon request.
Companies are also required to implement non-judicial grievance and remedial mechanisms allowing stakeholders to raise concerns (including anonymously) about a potential or actual adverse impact on human rights, the environment or good governance and to seek remediation if the adverse impact is proven. Stakeholders may also raise concerns with competent national authorities to prompt them to carry out investigations of companies.
The new legislation was introduced by the EU Parliament in March 2021 in the form of a proposal directive to the EU Commission1. It is expected that the directive will be adopted later this year or in 2022 although the final version may differ from the proposal. Once adopted the directive must be transposed by the EU Member States into national law within 2 years.
 European Parliament, Corporate due diligence and corporate accountability European Parliament resolution of 10 March 2021 with recommendations to the Commission on corporate due diligence and corporate accountability (2020/2129(INL)).
Registered Foreign Lawyer (Malaysia)
Solicitor of the Senior Courts of England and Wales