On July 5, 2024, the European Union approved and published the Corporate Sustainability Due Diligence Directive (CSDDD) officially setting a clear path for new regulations aimed at promoting responsible business practices across a company’s entire value chain. Now in force, the CSDDD or CS3D introduces robust compliance requirements that will significantly impact the footwear and apparel industry.
As a key part of the EU’s expansive regulatory framework on sustainability, the directive demands a thorough understanding of its compliance criteria to avoid potential risks and penalties.
As part of the EU’s expansive regulatory framework on sustainability, the directive mandates that companies conduct thorough due diligence on human rights, environmental sustainability, and governance practices throughout their supply chains. To help businesses navigate this complex landscape, the "Stop-the-Clock" Directive has recently extended some key deadlines, providing companies more time to comply with certain reporting and due diligence requirements.
With these updated timelines in place, it is more critical than ever for companies to understand the compliance criteria to avoid potential risks and penalties.
This article provides a comprehensive guide to the CSDDD, detailing who will be affected, the specific actions needed for compliance, and the timeline for implementing these changes. Let’s get started!
What is the Corporate Sustainability Due Diligence Directive?
The Corporate Sustainability Due Diligence Directive (CSDDD) introduces a due diligence duty for textile companies operating in the European Union to actively identify and address potential and actual human rights violations and environmental harms throughout their entire value chains. For the footwear and apparel industry, known for its complex global supply chains and reliance on third-party manufacturers, this directive represents a substantial shift.
Companies will now be required to scrutinize their practices and those of their business partners to prevent abuses ranging from unsafe working conditions to environmental degradation. Additionally, the CSDDD mandates that large fashion brands in this sector develop and implement climate transition plans aligned with the Paris Agreement's goals, setting clear intermediate targets under the European Climate Law.
What’s more, the CSDDD has teeth. There are both civic liabilities and penalties for companies who fail to comply. This includes a maximum 5% fine on the company’s net worldwide turnover from the previous financial year.
Important: Because the CSDDD is a directive, it only establishes minimum requirements for the EU member states to follow. Within two years (mid 2026), member states are required to create their own laws or regulations to meet these standards. While they must comply with the directive, there may be instances in which member states introduce more stringent regulations. That said, the CSDDD provides several articles in which full harmonization across member states is accounted for. Follow this blog to stay updated on the latest regulatory developments.
Omnibus Simplification Package and Its Impact on CSDDD
Introduced on February 26, 2025, as part of the EU’s Competitiveness Compass, the Omnibus Simplification Package proposes changes to key sustainability regulations, including CSRD, CSDDD, and the EU Taxonomy, aiming to reduce compliance burdens while maintaining due diligence obligations. However, these changes have sparked concerns that they weaken corporate accountability and limit supply chain transparency.
If enacted, the Omnibus would:
- Limitation of Due Diligence Scope: Companies will only be required to conduct due diligence on direct suppliers (Tier 1) rather than across their full value chain. Full due diligence beyond direct suppliers will only be necessary if a company has plausible evidence of risks further down the supply chain.
- Assessment Frequency Reduction: Companies will now be required to conduct due diligence assessments every five years instead of annually.
- Restrictions on Information Requests from SMEs and Small Mid-Caps: Large companies cannot demand extensive sustainability data from business partners with fewer than 500 employees, except for specific information required under CSRD Voluntary Sustainability Reporting Standard for non-listed SMEs (VSME).
- Removal of EU-Wide Civil Liability: The proposal deletes the harmonized EU civil liability framework, meaning liability will now be determined by national laws.
- Changes to Penalties: The directive no longer includes fines based on global turnover, reducing financial risks for companies in scope.
However, the Omnibus is still a proposal and must go through the legislative process before implementing all of the outlined changes.
Read all about the Omnibus Simplification Package here.
"Stop-the-clock" Directive: Delay in CSDDD Implementation
On 16 April 2025, the "Stop-the-clock" directive was published in the Official Journal of the European Union and entered into force the following day. The agreed text was formally approved by the European Parliament on 03 April and adopted by the Council on 14 April 2025. The Directive forms part of the Commission's Omnibus I package.
This update has modified the implementation timelines for CSDDD directive as follows:
-
The deadline for transposition has been postponed by one year to 26 July 2027.
-
Wave 1 (companies with more than 5,000 employees and €1.5 billion in turnover): These companies will need to comply by 26 July 2028 (a 1-year delay).
-
Wave 2 (companies with more than 3,000 employees and €900 million in turnover) and Wave 3 (companies with more than 1,000 employees and €450 million in turnover): These groups' compliance dates remain unchanged, with compliance required by 26 July 2028 and 26 July 2029, respectively.
Member states will have until 31 December 2025 to transpose these provisions into their national law. The EU Commission estimates that nearly 6,000 EU companies and 900 non-EU companies will be impacted by the CSDDD. Compliance will be implemented in phases:
.png?width=2000&height=1144&name=1%20(1).png)
Tip: Parent companies can carry out due diligence responsibilities for their subsidiaries, provided both entities fall within the CSDDD's scope and the subsidiaries comply with the parent company's policies. However, both parties remain jointly liable under the Directive, and subsidiaries must still cooperate by sharing necessary information and maintaining appropriate measures where required.
The CSDDD will apply to any company that has met the above requirements for the last two consecutive financial years. If you are a microenterprise and small to medium-sized enterprise (SMEs), you will not be directly affected by the CSDDD. In fact, there are supportive and protective measures for SMEs that may be indirectly impacted as partners within supply chains. These provisions help ensure that SMEs can navigate the directive's requirements when collaborating with larger companies.
What are your obligations under the CSDDD?
The CSDDD sets forth a range of obligations that companies must meet to ensure compliance with its standards. At the core of these requirements is the integration of due diligence into corporate policies and risk management processes, aiming to identify and address adverse human rights and environmental impacts throughout a company’s operations and value chain. Businesses will be expected to take proactive steps to prevent and mitigate risks, and where harm has already occurred, to effectively remedy those impacts.
The CSDDD applies to a company's entire upstream value chain, including all suppliers and activities such as design, manufacturing, transportation, and storage. For downstream activities, it only covers certain operations like distribution, transport, and storage when these are carried out for or on behalf of the company. Indirect partners are not included in downstream activities.
Here is a snapshot of the main obligations fashion and apparel brands will meet under the CSDDD:
Integrating due diligence into policies and risk management systems
For apparel and footwear brands, integrating due diligence into corporate policies and risk management systems under the CSDDD involves creating a comprehensive set of measures. These should be clearly defined in a company’s code of conduct, outlining its long-term approach to due diligence and specifying the rules and principles that must be followed by the company. It should detail how due diligence is incorporated into various company policies, including steps for verifying compliance and ensuring that these standards are upheld across the entire supply chain.
For example, you could opt to integrate human rights and environmental clauses into all direct supplier contracts, extending these standards to subordinate relationships.
Identifying and assessing actual or potential adverse impacts
Companies are required to identify and assess both actual and potential adverse impacts related to their operations. That means you will be required to map your operations, pinpointing areas where adverse impacts are most likely to occur and be most severe. You could achieve this by conducting a carbon footprint assessment to pinpoint high-emissions suppliers, such as energy intensive textile mills. This mapping process should consider a range of risk factors, including company-specific, geographic, product or service-related, and sectoral risks. An in-depth assessment should follow, analyzing these impacts comprehensively and understanding how business partners’ strategies may contribute.
This is not a one-and-done process. Identification and assessment of adverse impacts should be an ongoing effort, reviewed at least once every 12 months if new risks are likely to emerge. Because the CSDDD applies to the entire value chain, there could be some information—such as trade secrets—outside your purview. If certain data cannot be obtained due to your business partner’s refusal to disclose it, you won’t be held accountable. That said, you’ll need to show that you’ve made reasonable efforts to acquire it.
Preventing, mitigating, and ending adverse impacts
In addition to its hefty identification and analysis process, the CSDDD requires companies to take action. This includes the development of an action plan, adapting business practices, and obtaining contractual assurances from business partners. Your ability to prevent and mitigate impacts ultimately depends on your level of involvement. If, for example, the impact is created by a business partner, your company may or may not have the capacity to influence their activities.
Here is a list of the specific set of measures:
- Create a prevention action plan with clear timelines, steps, and indicators to track progress.
- Obtain contractual assurances from business partners to commit to the company’s code of conduct and prevention plan, with measures to monitor compliance.
- Invest in or upgrade processes and collaborate with other companies to prevent adverse impacts.
- Adjust business plans and strategies to align with the CSDDD objectives.
- End business partnerships as a last resort, when efforts are mitigation and prevention efforts are not likely to succeed—for example, in severe cases like state-imposed forced labor.
- Develop a corrective action plan to address any actual adverse impacts, including timelines and criteria to measure improvement.
Put into effect a transition plan for climate change mitigation
Companies affected by the CSDDD are required to develop and implement a transition plan for climate change mitigation, aligning their business models and strategies with the goals of the Paris Agreement. This plan should support the EU's broader climate neutrality targets for 2030 and 2050, as well as intermediate steps. Within the transition plan, you’ll need to include time-bound targets for reducing greenhouse gas emissions and detail specific decarbonization actions, such as changes in product catalogs or the adoption of new technologies.
Companies must update their transition plans annually to report on progress toward these targets. If you already report such a plan under existing EU financial directives, you will be considered compliant with this requirement. Check out our write-up on the Corporate Responsibility and Sustainability Directive (CSRD) for more information.
What are the next steps?
The EU Commission is currently preparing guidance to help companies comply with the CSDDD. As member states implement their own regulations in accordance with the directive, the EU will release further instructions and establish a helpdesk to assist companies. With the recent "Stop-the-Clock" Directive extending some key compliance deadlines, it’s crucial to stay up to date with these changes as new details emerge.
Although the timeline has shifted, apparel and footwear brands must continue preparing for compliance to avoid last-minute challenges. Carbonfact is here to help navigate these updates with data-driven solutions for CSDDD reporting, ensuring your sustainability strategy remains strong — even with the evolving timelines.
With compliance now just a few years away, it’s time to start identifying and analyzing impacts across your value chain. Companies will need comprehensive insights into all raw materials, suppliers, manufacturers, distributors, and transportation networks used throughout their operations. The extended deadlines provide some breathing room, but proactive preparation will ensure you stay ahead of the regulatory curve.
Lidia Lüttin
Martin Daniel
