As regulatory scrutiny over global supply chains strengthens, companies are under growing pressure to identify and address human rights and environmental risks in their operations and supply chains. At the forefront of this shift is the EU Corporate Sustainability Due Diligence Directive (CSDDD), which introduces complex new requirements for compliance.
The CSDDD establishes a legal obligation for in-scope companies to identify, prevent, mitigate, and remediate adverse human rights and environmental impacts in their operations and supply chains. This extends beyond direct suppliers to include upstream and, in some cases, downstream business relationships.
The CSDDD entered into force in July 2024 and applies to large EU companies based on their global total annual revenue (“turnover”) and employee numbers, as well as to certain non-EU companies based on their EU-only turnover. A European Network of Supervisory Authorities will be set up by the European Commission to ensure enforcement coordination and will publish “an indicative list” of third-country companies subject to the directive. EU Member States have until July 26, 2026 to adopt the CSDDD into their national legislation and inform the Commission of the names and contact details of the supervisory authorities designated for the purposes of the directive. In turn, the Commission will issue core due-diligence and risk assessment guidance by 26 January 2027, with additional guidance by 26 July 2027.
While the exact application dates for compliance with the directive vary based on company size, larger companies will be subject to the directive first, with a phased implementation approach. The dates are grouped as follows:
Regarding enforcement, EU Member States should impose penalties related to violations of the CSDDD that are commensurate with a company’s net global turnover, and all pecuniary decisions by supervisory authorities must remain publicly available for at least five years and be sent to the European Network of Supervisory Authorities. If a company fails to comply with a penalty decision within the applicable timeframe, a public statement indicating the company responsible and the nature of the infringement will be issued.
Companies should assess their size, turnover, and operational presence within the EU to determine if they fall under the CSDDD's scope.
Companies must also conduct due diligence to comply with the EU Forced Labor Regulation, which entered into force on Dec. 13, 2024, and will apply from Dec. 14, 2027. This regulation prohibits products in the EU market that are made using forced labor (including their import and export).
Effective supply chain risk management requires transparency across the entire value chain, including understanding the origin of materials, manufacturing processes, and labor conditions.
Without this visibility, companies face significant potential exposure. Beyond possible financial penalties, companies could face operational disruptions, loss of consumer trust, investor backlash, or restrictions on market access.
For corporations and businesses in Europe and throughout the world, incorporating elements of these laws into a risk-based approach reinforces regulatory preparedness and can align with international best practices. This approach should be comprehensive and adaptable, leveraging advanced data and analytical tools like those offered by Kharon.
Other effective steps to strengthen your compliance program include:
Through its advanced capabilities in forced labor solutions for risk management, supply chain risk management, sanctions and financial crimes compliance, and contextual risk identification, Kharon enables:
Align Internal Policies with CSDDD Requirements
Review and update existing codes of conduct, supplier agreements, and due diligence procedures to align with the directive’s core obligations.
Foster Sustainability, Legal, and Procurement Collaboration
Break down internal silos. Ensure ESG, compliance, procurement, and legal teams are working from the same rulebook to assess and manage risk.
Future-Proof Compliance Programs for Evolving Regulations
Build adaptable processes and audit trails to ensure your compliance program remains defensible in the face of change.
Supply Chain Due Diligence with Kharon
The CSDDD signals a new era of accountability in global supply chains. As enforcement approaches and expectations rise, companies need practical, data-driven tools to uncover risk and act decisively.
Kharon supports organizations in operationalizing supply chain due diligence with the visibility and intelligence needed to meet regulatory demands and uphold responsible sourcing practices.
Stay ahead of expectations and use Kharon to build a strong compliance program. Request a demo today.
Understanding the Corporate Sustainability Due Diligence Directive
The CSDDD establishes a legal obligation for in-scope companies to identify, prevent, mitigate, and remediate adverse human rights and environmental impacts in their operations and supply chains. This extends beyond direct suppliers to include upstream and, in some cases, downstream business relationships.
The CSDDD entered into force in July 2024 and applies to large EU companies based on their global total annual revenue (“turnover”) and employee numbers, as well as to certain non-EU companies based on their EU-only turnover. A European Network of Supervisory Authorities will be set up by the European Commission to ensure enforcement coordination and will publish “an indicative list” of third-country companies subject to the directive. EU Member States have until July 26, 2026 to adopt the CSDDD into their national legislation and inform the Commission of the names and contact details of the supervisory authorities designated for the purposes of the directive. In turn, the Commission will issue core due-diligence and risk assessment guidance by 26 January 2027, with additional guidance by 26 July 2027.
While the exact application dates for compliance with the directive vary based on company size, larger companies will be subject to the directive first, with a phased implementation approach. The dates are grouped as follows:
- Starting in July 2027: Applies to EU companies with more than 5,000 employees and a global turnover exceeding EUR 1.5 billion, as well as to non-EU companies with an EU-only turnover exceeding EUR 1.5 billion.
- Starting in July 2028: Applies to EU companies with more than 3,000 employees and a global turnover exceeding EUR 900 million, as well as to non-EU companies with an EU-only turnover exceeding EUR 900 million.
- Starting in July 2029: Applies to EU companies with more than 1,000 employees and a global turnover exceeding EUR 450 million, as well as to non-EU companies with an EU-only turnover exceeding EUR 450 million. Companies that did not reach those thresholds but are the ultimate parent companies of a group that reached those thresholds are included. Also, this directive applies to companies operating under franchising or licensing models with over EUR 80 million in turnover and EUR 22.5 million in royalties (with both thresholds being global for EU companies and EU-only for non-EU companies).
Regarding enforcement, EU Member States should impose penalties related to violations of the CSDDD that are commensurate with a company’s net global turnover, and all pecuniary decisions by supervisory authorities must remain publicly available for at least five years and be sent to the European Network of Supervisory Authorities. If a company fails to comply with a penalty decision within the applicable timeframe, a public statement indicating the company responsible and the nature of the infringement will be issued.
Companies should assess their size, turnover, and operational presence within the EU to determine if they fall under the CSDDD's scope.
Why Supply Chain Screening is Central to CSDDD Compliance
To meet CSDDD requirements, companies must identify and address serious impacts tied to their operations, particularly in areas such as human rights, environmental harm, and governance practices. This includes risks like unsafe labor conditions, deforestation, excessive pollution, and weak governance structures across their value chains.Companies must also conduct due diligence to comply with the EU Forced Labor Regulation, which entered into force on Dec. 13, 2024, and will apply from Dec. 14, 2027. This regulation prohibits products in the EU market that are made using forced labor (including their import and export).
Effective supply chain risk management requires transparency across the entire value chain, including understanding the origin of materials, manufacturing processes, and labor conditions.
Without this visibility, companies face significant potential exposure. Beyond possible financial penalties, companies could face operational disruptions, loss of consumer trust, investor backlash, or restrictions on market access.
Building a Risk-Based Supply Chain Due Diligence Program
CSDDD mirrors the structure of similar laws such as Germany’s Supply Chain Due Diligence Act and Norway’s Transparency Act. These frameworks, and similar efforts gaining ground in the U.K. and U.S., point to a shared direction among some governments, even as their approaches diverge.For corporations and businesses in Europe and throughout the world, incorporating elements of these laws into a risk-based approach reinforces regulatory preparedness and can align with international best practices. This approach should be comprehensive and adaptable, leveraging advanced data and analytical tools like those offered by Kharon.
Other effective steps to strengthen your compliance program include:
- Establish effective vendor screening protocols: Develop clear criteria for evaluating suppliers, conducting initial risk assessments, and integrating due diligence into procurement processes.
- Implement a tiered risk assessment framework: Categorize suppliers based on their risk profiles to prioritize due diligence efforts and deftly allocate resources.
- Build continuous monitoring systems: Stay ahead of evolving threats by monitoring supplier activities and external risk factors in an ongoing way.
- Document chain of custody and use third-party audits to validate sourcing integrity: These can provide verifiable assurance of compliance.
How Kharon Helps Companies Meet CSDDD Supply Chain Requirements
Kharon equips companies with the data and tools needed to manage evolving regulatory obligations under the CSDDD and more.Through its advanced capabilities in forced labor solutions for risk management, supply chain risk management, sanctions and financial crimes compliance, and contextual risk identification, Kharon enables:
- Multi-tier supplier screening and monitoring that dives deep into supply chains, revealing hidden risks and connections that other tools might miss
- Real-time risk insights with continuously updated data to drive proactive compliance decisions
- A scalable approach that supports both initial risk assessments and ongoing monitoring
Practical Tips for Operationalizing CSDDD Compliance
Companies should adopt an integrated, cross-functional approach to operationalizing due diligence to meet CSDDD expectations.Align Internal Policies with CSDDD Requirements
Review and update existing codes of conduct, supplier agreements, and due diligence procedures to align with the directive’s core obligations.
Foster Sustainability, Legal, and Procurement Collaboration
Break down internal silos. Ensure ESG, compliance, procurement, and legal teams are working from the same rulebook to assess and manage risk.
Future-Proof Compliance Programs for Evolving Regulations
Build adaptable processes and audit trails to ensure your compliance program remains defensible in the face of change.
Supply Chain Due Diligence with Kharon
The CSDDD signals a new era of accountability in global supply chains. As enforcement approaches and expectations rise, companies need practical, data-driven tools to uncover risk and act decisively.
Kharon supports organizations in operationalizing supply chain due diligence with the visibility and intelligence needed to meet regulatory demands and uphold responsible sourcing practices.
Stay ahead of expectations and use Kharon to build a strong compliance program. Request a demo today.