Human rights and environmental due diligence ("HRDD" or “HREDD”) requirements introduced or proposed in several European countries in recent years – particularly the German Supply Chain Act which came into force last year – pose unprecedented compliance challenges for multinational companies. In the EU, these national HRDD obligations will soon be significantly supplemented and extended by an upcoming directive. Further, businesses active in individual industry sectors must now comply with far-reaching additional due diligence obligations, such as the Battery Regulation and Deforestation Regulation.
These laws all create duties on companies to manage potential risks that may arise far from their headquarters, in value chains which are increasingly complex and global. Multinational companies doing business in the EU should therefore be preparing for the significant and novel challenges posed by this patchwork of legislation.
We have set out below an overview of the most important legislation in this area, as well as recommendations on how to manage the different requirements of these laws.
National laws
A number of EU Member States and other European countries (including UK, France, Germany, Norway and Switzerland) have, in the last few years, introduced mandatory human rights due diligence and reporting obligations on companies. In particular, the German Act on Corporate Due Diligence Obligations in Supply Chains (Lieferkettensorgfaltspflichtengesetz), which came into force on 1 January 2023, (the "German Supply Chain Act") obliges larger companies in Germany to address human rights-related and environment-related due diligence obligations in their supply chains in an appropriate manner (please see our overview). These due diligence obligations include, amongst other requirements, setting up a risk management system, conducting annual and ad hoc risk assessments as well as other documentation and reporting requirements. If companies do not comply with these obligations, they can be punished with a fine of up to two percent of the company’s average annual turnover of the last three financial years.
These national laws substantially differ across jurisdictions in terms of their scope of application, specific obligations imposed, defences to liability, and sanctions for non-compliance. Compliance with these HRDD laws can therefore pose substantial challenges. This is particularly true for multinational companies, which are increasingly subject to multiple HRDD laws and which often have business activities and supply chains in countries with higher risks of human rights violations.
CS3D
In the EU, national HRDD requirements will be harmonized to a certain extent by the upcoming Directive on corporate sustainability due diligence (the "CS3D") which was approved by the Council of the European Union on 25 May 2024 (please see our overview). CS3D will oblige all EU Member States to adopt laws imposing HRDD obligations on companies and is intended to create a level playing field in this area in the EU. The core focus of these requirements is on identifying and limiting the human rights and environmental impacts of a company’s operations, and those of its subsidiaries and in its chain of activities.
The due diligence requirements will become binding on certain companies from 2027. CS3D will extend the existing requirements of the German Supply Chain Act and other HRDD laws already enacted by other Member States.
In particular, CS3D will: (a) apply to a much broader cohort of EU and non-EU companies (generating turnover in the EU) than the current HRDD laws; (b) broaden the scope of the human rights and environment-related issues covered by the due diligence duty (for example, by requiring the adoption climate change transition plan ); and (c) provide for both regulatory enforcement and civil liability provisions for companies which fail to comply with their due diligence obligations. Existing HRDD laws of Member States will have to be adjusted to these extended requirements.
EU HRDD regulations
In addition to national HRDD laws and CS3D, companies will increasingly have to take into account the HRDD and related due diligence requirements of other EU legislation. The European Green Deal aims to make the continent climate-neutral by 2050, and the following connected regulations and draft regulations are of particular relevance:
a. Conflict Minerals Regulation
Regulation (EU) 2017/821 lays down supply chain due diligence obligations for EU importers of tin, tantalum and tungsten, their ores, and gold originating from conflict-affected and high-risk areas (the "Conflict Minerals Regulation") and came into full force on 1 January 2021. It obliges EU-based importers of these minerals and metals to comply with prescribed HRDD obligations in the supply chain and to retain documentation demonstrating their compliance. This is to enable these companies to identify risks linked to conflict-affected and high-risk areas and to prevent / mitigate the adverse impacts associated with the sourcing activities. In particular, importers must follow the five-step framework of the OECD's Due Diligence Guidance for Responsible Supply Chains of Minerals from Conflict-Affected and High-Risk Areas, which includes a risk assessment as well as independent third-party audits to verify proper implementation of the HRDD obligations.
The competent authorities of EU Member States must check whether EU importers comply with the HRDD requirements of the Conflict Minerals Regulation. If there is non-compliance, the competent national authorities can issue a notice of remedial action to be taken by the importer. Importers of relevant minerals must comply with the Conflict Minerals Regulation in addition to the requirements of national HRDD laws such as the German Supply Chain Act.
b. Battery Regulation
On 14 June 2023, the European Parliament approved a regulation concerning batteries and waste batteries (the "Battery Regulation") which entered into force on 17 August 2023. This regulation aims to promote a circular economy and to reduce the environmental and social impact of batteries, and replaced the EU Batteries Directive of 2006. Amongst other things, the Battery Regulation obliges companies selling batteries with a capacity above 2 kWh to establish a risk-based environmental and human rights due diligence policy in their supply chains for cobalt, natural graphite, lithium and nickel. The due diligence obligations are comprehensive and include a requirement for companies to establish a system of controls and have transparency over their supply chains. In particular, companies have to conduct risk assessments, take measures to prevent / mitigate adverse impacts and establish a grievance mechanism. Compliance with these due diligence obligations must be verified by a conformity assessment body admitted in the relevant Member State.
The Battery Regulation applies in addition to the separate Conflict Minerals Regulation, which does not address the minerals and materials used in battery production. While Member States are required to lay down penalties for non-compliance, the Battery Regulation does not separately provide for civil liability and potential damages claims. That said, it is important to bear in mind that the Battery Regulation exists in parallel to other overlapping HRDD laws that do contain such civil liability provisions, most notably CS3D.
c. Deforestation Regulation
On 29 June 2023, Regulation (EU) 2023/1115 on the making available on the Union market and the export from the Union of certain commodities and products associated with deforestation and forest degradation (the "Deforestation Regulation") entered into force. The objective of this regulation is to curb deforestation and forest degradation caused by the expansion of agricultural land used to produce commodities such as cattle, wood, rubber, oil palm, soy, cocoa or coffee.
From 30 December 2024, companies must ensure that commodities placed on – or exported from – the EU market are "deforestation-free", meaning they were produced on land that has not been subject to deforestation after 31 December 2020. The due diligence obligations imposed on companies include carrying out regular risk assessments and record keeping. The competent authorities of Member States will carry out checks to establish whether companies are complying with their obligations under the regulation. Member States can determine the penalties for infringements, including fines of up to 4% of the company’s annual turnover in the Member States concerned and confiscation of the relevant commodities and products. Following the entry into force of the due diligence obligations, companies trading in the relevant products and commodities will have to comply with the specific requirements of the regulation in addition to the general due diligence requirements of Member States. In certain cases, the scope of the application of the Deforestation Regulation is likely to overlap with that of the national HRDD laws – for example, where the conversion of forest to agricultural use (as prohibited by the Deforestation Regulation) at the same time constitutes unlawful taking of forests, the use of which secures the livelihood of a person (as prohibited by HRDD laws).
d. Forced Labour Regulation
On 23 April 2024, the European Parliament adopted a regulation to prohibit products made with forced labour from the EU market (the "Forced Labour Regulation"). This regulation prohibits companies (wherever incorporated) from placing products made with forced labour on the EU market or exporting them from the EU. To achieve this, competent authorities of the Member States are required to assess the likelihood of forced labour violations based on available information and, where appropriate, initiate investigations into the products and companies concerned. Where the competent authorities establish a violation, they can order the company subject to the investigation to withdraw the relevant products from the EU market and dispose of them in accordance with national law. The Member States will lay down the rules for penalties for non-compliance.
While the Forced Labour Regulation does not impose specific due diligence obligations on companies, if a company has carried out effective HRDD on its supply chains, including regarding the risk of forced labour, this should be taken into account by the authorities in their assessment of whether a product is likely to have been made with forced labour. A number of companies are already obliged to carry out this HRDD in accordance with national laws such as the German Supply Chain Act. CS3D will oblige all EU Member States to introduce such HRDD requirements. The Forced Labour Regulation will complement these requirements with additional, product-related sanctions.
e. European Raw Materials Act
Another relevant legislative development is the regulation to establish a framework for ensuring a secure and sustainable supply of critical raw materials (the "European Raw Materials Act"). The regulation was adopted by the Council of the EU on 18 March 2024, and aims to ensure the EU's supply of critical raw materials such as lithium and cobalt which are important for the EU's green and digital aims. As part of the measures to strengthen European critical raw materials capacities along the entire value chain, the regulation introduces a new framework to select and implement strategic projects. These strategic projects, which can be developed in the EU or in third countries, will benefit from streamlined permitting and access to finance.
Similar to the Forced Labour Regulation, the European Raw Materials Act does not provide for specific due diligence obligations on companies. However, one criterion for the recognition of a project as a “strategic project” is whether it can be implemented sustainably, including concerning the use of socially responsible practices and respect for human rights. Satisfaction of this criterion is assessed taking into account compliance with CS3D. Therefore, companies seeking “strategic project” recognition will likely have to demonstrate compliance with CS3D’s HRDD obligations - including as regards identifying the project’s actual and potential adverse impacts and then taking appropriate steps to prevent, mitigate and remediate such impacts.
Fulfilment of HRDD obligations
Many companies operating in the EU already need to comply with the HRDD requirements of national HRDD laws, such as the German Supply Chain Act, as well as other EU legislation, in particular the Conflict Minerals Regulation. As new legislation emerges in different jurisdictions, multinational companies with business operations in several countries are required to navigate and implement the overlapping but differing requirements of HRDD laws both inside and outside the EU. These HRDD laws differ in terms of the scope of their application, the extent of their applicability to companies’ subsidiaries and the value chain, triggers for liability, substantive due diligence obligations, and available defences. As such, even where multi-national companies are implementing ever more developed group-level human rights programmes, the specific HRDD obligations imposed by national and EU level laws need to be understood to ensure compliance and avoid the risk of civil liability and (potentially) hefty fines.
The upcoming CS3D will extend the scope of application of existing national HRDD laws to additional companies, and supplement specific HRDD obligations. At the same time, CS3D will harmonize HRDD obligations and sanctions of individual Member States which could significantly simplify HRDD requirements for companies across the EU. On the other hand, notwithstanding this shift towards more consistent HRDD requirements, businesses will need to respond to other closely related but distinct due diligence requirements imposed by other EU regulations in specific contexts and individual industry sectors, such as the Battery Regulation and Deforestation Regulation.
What should multinational companies do?
Given the variety of current and upcoming HRDD requirements in the EU and its Member States as well as in third countries, multinational companies should:
- Check on a regular basis the applicable HRDD requirements of the EU and its Member States as well as, if applicable, of third countries for each business unit, jurisdiction, project and subsidiary;
- Establish and fulfil separately the individual HRDD obligations according to each applicable legislative act;
- Fulfil similar HRDD obligations of several legislative acts jointly (e.g. conducting a risk analysis or setting up a grievance mechanism) only after thoroughly comparing the specific requirements of the relevant acts; and
- Document (and if applicable, report publicly on) how the HRDD requirements of each applicable legislative act have been fulfilled separately for each act.