The Impact of The Future EU Legal Framework on Corporate Sustainability Due Diligence on Supply Contracts: A Shift from Traditional Contracting to Responsible Contracting?

Luísa Eckenroth Moreira

Luísa Eckenroth Moreira

Guest lecturer FDUP

Abstract: In this article we analyse the impact that the future European legal framework on corporate sustainability due diligence could have on commercial contracts (in particular, supply contracts) entered into by companies falling within its scope. With the rise of legislation imposing the obligation to carry out human rights and environmental due diligence throughout their chain of activities, we conclude that only by adopting a responsible contracting model – in line with the UN and OECD framework on responsible business conduct – will in-scope companies be free from the consequences laid down in the future legal framework for non-compliance with the above obligation.

Keywords: CSDDD; HREDD; supply contracts; responsible contracting. 


In a globalised world, modern trade is based on global value chains. These value chains are often ‘buyer-driven commodities chains’.The apparel industry can serve as an example of typical buyer-driven value chains. It is well known that these chains have been associated with environmental issues2 and human rights violations.3 As a response to society’s general call for sustainability, large buyer companies are increasingly using contracts to address human rights and environmental (HRE) issues in their supply chains.4 They often do so by inserting ‘sustainability clauses’ in their contracts and/or referring to their codes of conduct in the contracts.5

Contracts can serve as a powerful instrument to address HRE-related risks and integrate HRE due diligence (HREDD) policies and procedures throughout the supply chain.6 They have great potential to contribute to more sustainable corporate practices, thus leading to better HRE outcomes.7However, the truth is that the most common contractual practices have frequently proved ineffective (if not counterproductive) in meeting this goal, falling short on their potential.8 This is arguably because they are fundamentally based on a ‘risk-shifting approach’9, i.e., a risk management strategy that transfers HRE-related risks and obligations from one party to another – typically from large buyer companies with strong market power to economically dependent suppliers. Instead of favouring a climate of mutual trust, open communication, and cooperation between the parties in solving HRE issues, this traditional approach encourages the supplier, fearful of buyer’s reprisal, to conceal the problems and pretend everything is okay, potentially leading to an increase in HRE risks.10

With the entry into force of the future European Union (EU) legal framework on corporate sustainability due diligence – the Corporate Sustainability Due Diligence Directive (CSDDD)11 –, in-scope companies will be obliged to carry out HREDD by taking appropriate measures to identify and, where necessary, prevent, end, or mitigate adverse impacts. And they must do so not only with regard to their operations (and those of their subsidiaries), but also with regard to the operations of their business partners in the chain of activities, and may incur penalties and civil liability if they fail to do so. As we will see below, appropriate measures are measures suitable for achieving the purposes of HREDD (which are to identify, prevent, mitigate, and account for potential and actual adverse HRE impacts that may arise from the company’s own activities or throughout its chains of activities). Given their poor track record in delivering positive results and their lack of alignment with the UN Guiding Principles on Business and Human Rights (UNGPs)12 and the OECD Guidelines for Multinational Enterprises on Responsible Business Conduct (OECD Guidelines)13 (which inspired the CSDDD and in light of which the CSDDD must be read), traditional risk-shifting contractual practices will most likely not qualify as appropriate measures in this sense. This means that if they want to avoid the consequences established in the CSDDD for non-compliance, in-scope companies will have to change their approach to commercial contracting. They must start taking the sustainability clauses more seriously, worrying not only about their insertion in contracts, but also about their effectiveness. In other words: ‘contracting-as-usual’ is no longer an option, leaving the path of ‘responsible contracting’.

In this article, we firstly explain why traditional contracting based on risk-shifting approaches is not fit for the purposes of HREDD (section I.). We then summarise the still-draft mandatory EU HREDD legislation, the CSDDD (section II.). Next, we discuss how this new legal framework on HREDD (if enacted) will affect business contracting (section III.). In this section, we examine the potential of the contract (rectius, a responsibly designed contract) as an important tool for ensuring compliance with the obligations arising from the future legislation. We end with some concluding remarks. 

I. The Ineffectiveness (if not Counterproductivity) of Traditional Contracting 

As mentioned above, as a result of the growing importance of the sustainability agenda in society, ESG considerations are increasingly being incorporated into contracts. However, what typically happens is that buyer companies, taking advantage of their (de facto) superior bargaining position,14 tend to unilaterally assign suppliers sole responsibility for complying with HRE standards, thus transferring all the risks and obligations to them15 and ‘washing their hands’ of this burden.

Drawing on the distinction that the Responsible Contracting Project (RCP)16 makes between ‘traditional contracting’ and ‘responsible contracting’, we can observe that traditional contractual practices are usually characterised by the following elements: (i) representations and warranties (R&W), whereby the supplier makes promises that it is, and will always be, in perfect compliance with the buyer’s human rights standards, as set out in the buyer’s HRE policies and supplier’s code of conduct (which are usually annexed to the contract); (ii) ‘supplier-only responsibility’ provisions, whereby only the supplier assumes the responsibility for upholding HRE standards; and (iii) traditional contract remedies, whereby, if an adverse HRE impact occurs, only the supplier will be to blame (since all the responsibility fell on it) and the buyer can immediately suspend payments, terminate the contract, and sue the supplier for breach, without giving the supplier an opportunity to cure the breach (the ‘cut and run’ approach, instead of the ‘responsible exit’ approach).

These traditional contractual practices are deeply unsuitable for achieving the objectives of HREDD.17 Starting with the reasons why the ‘R&W approach’ is not appropriate and should be avoided:18 ‘Everything is perfect’ R&W clauses are, first of all, static promises made by the supplier, assuring that there are not and never will be any adverse HRE impacts. The commitment is frozen at a certain point in time (the moment the contract is signed) and is not usually accompanied by measures to follow up and monitor the commitment made. This does not reflect the fact that HREDD should be an ongoing and dynamic process, subject to constant improvement.19 These R&W clauses are also unrealistic and thus fictitious, because ‘[t]here is no such thing as a perfectly clean or pristine supply chain’ 20 (especially, but not only21, in developing countries). Something that any buyer company knows or should know (if it had been reasonably diligent). In other words, by demanding these R&W, buyer companies will in practice be putting suppliers in the position of having to lie to get or keep the contract and placing them in breach of the contract on day one, which is, at the very least, ethically questionable. But more importantly, these clauses are dangerous since their breach often acts as a trigger mechanism for termination rights and strict liability devices, which only ends up giving the supplier (afraid of losing the contract) an incentive (and a very strong one) to hide the problems from the buyer, which can increase risks for workers, communities, and the environment.22

As to ‘supplier-only responsibility’ clauses, they are disproportionate and abusive. As is well-known, compliance with HRE standards often requires large investments, meaning increased costs. By demanding that suppliers alone bear the responsibility for meeting these standards without any technical support from their side and/or cost-sharing, buyers are in practice setting suppliers up to fail, given their frequent economic inability to put in place the mechanisms needed to meet the standards and fulfil their contractual obligations. In addition, supplier-only responsibility clauses ignore the reality of the supply chain dynamics, in which the buyer’s own purchasing practices (such as imposing prices that are too low to cover production costs, jeopardising the supplier’s capacity to pay living or even minimum wages, and shortening lead times, forcing the supplier to resort to overtime work) are likely to have a negative impact on the supplier’s ability to meet the buyer’s HRE requirements23 and therefore contribute to the occurrence of adverse impacts in the supply chain.24 While demanding that the supplier complies with certain standards, the buyer, with its aggressive purchasing practices, creates the conditions that will hinder compliance, in behaviour that clearly violates the principles of good faith and fair dealing. In addition, the buyer transfers to the supplier all the negative consequences of the occurrence of an adverse impact which it may have (also) caused or to which it may at least have contributed.  

Contract remedies clauses often allow the buyer to terminate the contract at the first sign of non-compliance, without even giving the supplier a chance to remedy the non-compliance. These clauses that provide for excessive termination rights may contribute to exacerbating the HRE issues since the supplier, fearful that the buyer may terminate the contract, will never communicate openly with the buyer about the existing problems. Instead of endeavouring to resolve the problems, the supplier will tend to sweep them under the carpet in the hope that the buyer will not notice them, which, as already mentioned, could increase HRE-related risks.25 Additionally, the termination of the contract (greatly facilitated by these clauses that allow it at the slightest breach), while it may be useful for the buyer, can lead to worse HRE outcomes, because the supplier, faced with termination of the contract, may be compelled to contract with more ‘permissive’ buyers (in the sense that they don’t demand as much in terms of compliance with HRE standards), thus perpetuating situations where human rights are violated, and environmental standards are breached.26 Moreover, conventional contract remedies only flow between the contracting parties and, as such, they fail to account for HRE-related harms to stakeholders (e.g., workers and community members).27 Finally, by allowing the buyer to sue the supplier under the contract in case of a breach of HRE standards, traditional contract remedies could also result in the buyer benefiting financially from human rights violations and environmental harm,28 which can have a perverse effect.

In short, not only has this traditional ‘risk-shifting’ contracting technique not proved to be effective in addressing HRE risks in value chains, as it may also be counterproductive, contributing to a worsening of these risks. However, while traditional contracting may have been a logical strategy for managing company risk in the past, we believe that this will soon change with the entry into force of the CSDDD. We argue that it will become a company’s risk not to take HRE risks seriously, since by failing to appropriately address HRE risks, the company will not be fulfilling its legal obligation to carry out HREDD and will be exposed to administrative and civil liability29, thus increasing its own risks.

II. The Future EU Legal Framework on HREDD – the CSDDD

Following the informal trilogue held on 13 December 2023, the European Parliament (EP) and the Council reached a provisional political agreement on the proposal for a CSDDD, submitted by the European Commission (EC) on 23 February 2022.30The text resulting from this agreement was released on 30 January 2024. However, this text was amended on several points in response to objections from some EU Member States. On 15 March 2024, the Permanent Representatives’ Committee (COREPER) endorsed the final compromise text with a view to agreement.31/32

The CSDDD aims to promote sustainable and responsible corporate conduct throughout global value chains and thus strengthen the protection of human rights and the environment, not only in the EU but globally. To this end, the directive (i) imposes a set of obligations on companies that fall within its scope regarding potential or actual adverse impacts on human rights and the environment with respect to their own operations, those of their subsidiaries, and those carried out by their business partners in the companies’ chain of activities and (ii) establishes penalties for non-compliance with this set of obligations.33

The EC put forward this proposal with the following in mind: the contribution of companies to a fair and sustainable development of the European (and global) economy is essential and can no longer be dispensed with.34 Therefore, the decision on implementing measures to ensure respect for human rights and the environment along the company’s chain of activities cannot remain at the complete discretion of company management (typically driven by the pursuit of short-term financial profits and shareholder value, an objective which, as is well known, does not always lead to the adoption of ‘ESG-friendly’ practices). The existing soft law instruments (e.g., the UNGPs and the OECD Guidelines) have undoubtedly played an important role in raising awareness among companies and economic agents of the importance of responsible business conduct. However, they have not been able to solve the serious problems facing humanity today, such as modern slavery and climate change.35 There is thus an urgent need to create new mandatory instruments which, through their binding force, can bring about a real and meaningful change in corporate behaviour, while ensuring a level playing field for responsible businesses (which until now may have faced a competitive disadvantage due to the increased costs involved in addressing social and environmental issues in the supply chain).36

In terms of its scope,37 the CSDDD will apply to EU companies that: (i) have more than 1000 employees and a net worldwide turnover of more than €450 million; or (ii) have entered into franchising or licensing agreements in the EU in return for royalties with independent third-party companies, where these agreements ensure a common identity, a common business concept and the application of uniform business methods, and where these royalties amount to more than €22,5 million, and provided that the company had a net worldwide turnover of more than €80 million; or (iii) are the ultimate parent companies of groups that taken together fulfil these conditions. To fully achieve the objectives of the CSDDD, third-country companies with significant operations in the EU must also be covered. In this sense, the CSDDD will also apply to third-country companies provided that they: (i) have a net turnover of more than €450 million generated in the EU; or (ii) have entered into franchising or licensing agreements in the EU in return for royalties with independent third-party companies, where these agreements ensure a common identity, a common business concept and the application of uniform business methods, and where these royalties amount to more than €22,5 million, and provided that the company had a net turnover of more than €80 million in the EU; or (iii) are the ultimate parent companies of groups that taken together fulfil these conditions.38

Companies that fall within the CSDDD’s scope of application will be required to conduct risk-based HREDD by taking appropriate measures to identify and, where necessary, prevent, end, or mitigate adverse impacts of their activities, the activities of their subsidiaries and the activities of their business relationships throughout their chain of activities39 on human rights (e.g., child labour and exploitation of workers), and on the environment (e.g., greenhouse gas emissions and biodiversity loss).40

In order to comply with their HREDD duty, in-scope companies will have to cover in their due diligence processes the following steps (in line with the OECD Due Diligence Guidance for Responsible Business Conduct): (i) integrate due diligence into their policies and risk-management systems; (ii) identify and assess actual and potential adverse HRE impacts; (iii) prevent or (where prevention is not possible) mitigate potential adverse HRE impacts; (iv) bring actual adverse HRE impacts to an end or (where the impacts cannot be brought to an end) minimise their extent; (v) establish and maintain a complaints procedure; (vi) monitor the effectiveness of their due diligence policy and measures; and (vii) publicly communicate on due diligence.41

Pursuant to recital 15 of CSDDD, the main obligations on due diligence set out in the directive are ‘obligations of means’ (and not ‘obligations of result’). I.e.: companies will not be obliged to ‘guarantee, in all circumstances, that adverse impacts will never occur or that they will be stopped’ (recital 15); they will only be required to ‘take appropriate measures with respect to the identification, prevention, bringing to an end, minimisations and remediation of adverse impacts’ (recital 29) on human rights and the environment.42 For a measure to be considered ‘appropriate’, it must pass a threefold test:43 firstly, the measure must be capable of achieving the objectives of HREDD, which are to identify and effectively address adverse impacts. Secondly, the measure must effectively address the adverse impacts in a manner commensurate to the degree of severity and the likelihood of the adverse impact. Thirdly and finally, the measure must be reasonably available to the company, considering the circumstances of the specific case, including the nature and extent of the adverse impact and relevant risk factors. 

In addition to the HREDD obligations, companies in scope will be required to adopt and put into effect a ‘transition plan for climate change mitigation’ aimed at ensuring, through best efforts, that their business model and strategy are compatible with the transition to a sustainable economy and with the limiting of global warming to 1.5 °C in line with the Paris Agreement and the objective of achieving climate neutrality.44

To ensure compliance with its provisions, the CSDDD provides for a set of enforcement mechanisms, combining public and private enforcement: administrative oversight and judicial enforcement through civil liability.45

Member States shall appoint one or more supervisory authorities to supervise compliance with the obligations created by the CSDDD.46 These national administrative authorities shall have powers to investigate potential breaches and to impose penalties in case of breach (pecuniary penalties with a minimum maximum limit of 5% of the company’s net worldwide turnover and ‘naming and shaming’ penalties if the company fails to comply with the decision imposing a pecuniary penalty within the applicable time-limit).47

In addition, Member States shall ensure that a company may be held liable for a damage caused to a natural or legal person as a result of the company’s intentional or negligent failure to comply with its HREDD obligations.48/49A company cannot be held liable if the damage was caused only by its business partners in its chain of activities. Where a company was held liable, the affected person shall have a right to full compensation for the damage occurred. The CSDDD also provides for a set of measures to facilitate victims’ access to compensation. For instance, Member States shall ensure that the costs of proceedings are not prohibitively expensive, that the burden of proof on victims is not excessively heavy and that courts may order the disclosure of confidential information when relevant to the action for damages (while establishing safeguards for the protection of the information disclosed). Furthermore, Member States shall regulate the terms under which it is possible for trade unions, NGOs, and other institutions to bring actions to enforce victim’s rights. The CSDDD also makes it clear that the limitation period for bringing actions for damages should not be less than 5 years. Moreover, when the damage was caused jointly by the company and its subsidiary, direct or indirect business partner, the CSDDD establishes that they shall be liable jointly and severally. Also very important is the following: Member States shall ensure that the provisions of national law transposing the directive’s rules on civil liability are of overriding mandatory application in cases where the law applicable to claims to that effect is not the law of a Member State.

III. The Impact of the CSDDD on the Commercial Contracts Entered Into by In-scope Companies: the Need to Take Responsible Contracting Seriously 

As we have seen above, in-scope companies that fail to fulfil their HREDD obligations along their chain of activities are subject to penalties and civil liability (not to mention reputational harm).50

Contracts are key instruments for companies to carry out HREDD throughout their value chains as they allow companies to contractually subject their business partners to the same requirements to which they are subject by law. In this sense, they will play an important role in companies’ compliance with their HREDD obligations stemming from the CSDDD. But it's important to stress that not just any contract will do.

The EC is aware of the ‘power of the contract’ and seeks to harness it by including express references to contracts in the CSDDD proposal:51/52 in their efforts to prevent potential adverse impacts and stop actual adverse impacts, companies shall seek contractual assurances from their direct business partners to ensure compliance with their codes of conduct and, as necessary, their prevention and/or correction plans (as the case may be).53 As part of these plans, companies may require their business partners to seek equivalent contractual assurances from their partners that are part of the companies’ chains of activities (in a phenomenon known as ‘contractual cascading’). When such assurances are obtained from SMEs, the terms shall be ‘fair, reasonable and non-discriminatory’.54

But it is not enough for companies to demand contractual assurances from their business partners regarding compliance with codes of conduct and prevention and/or correction plans. These assurances must be accompanied by the appropriate measures to verify compliance. For the purposes of verifying compliance, companies may refer to independent third-party verification, including through industry or multi-stakeholder initiatives.55 Where measures to verify compliance are carried out in relation to SMEs, companies must bear the cost of the independent third-party verification.

As regards potential adverse impacts that could not be prevented or mitigated, as a last resort, the company must refrain from entering into new or extending existing relations with business partners in connection with or in the chain of activities of which the impact has arisen and must take the following actions: (i) adopt and implement an enhanced prevention action plan for the specific adverse impact without undue delay, by using or increasing the company’s leverage through the temporary suspension of business relationships with respect to the activities concerned; and (ii) if there is no reasonable expectation that these efforts would succeed, or if the implementation of the enhanced prevention action plan failed to prevent or mitigate the adverse impact, terminate the business relationship with respect to the activities concerned if the potential adverse impact is severe. It is important to note that the CSDDD requires that, before resorting to these measures, the company must consider whether the adverse impacts of suspending or terminating the relationship can be reasonably expected to be manifestly more severe than the ones who could not be prevented or mitigated. If so, the company does not have to suspend or terminate the relationship.56The same applies, mutatis mutandis, to cases of actual adverse impacts that could not be brought to an end.57 The damaging consequences of irresponsible exits are well known. The CSDDD therefore seeks to enshrine a model of ‘responsible disengagement’, providing for the suspension or termination of the business relationship only as a last resort measure (ultima ratio). Member States shall provide for the availability of an option to temporarily suspend or terminate the business relationship in contracts governed by their laws (except for contracts where the parties are obliged by law to enter into them).58 We emphasise that, in our view, this remedy will only be available to companies when the (stringent) requirements for suspending or terminating the relationship are met. Thus, it is our opinion that if these requirements are not met, and a company unilaterally suspends/terminates a contract by invoking this option, the suspension/termination of the contract will be unlawful and may give rise to an obligation to pay compensation. This could, for example, be the case if a company were to terminate its relationship with a business partner (economically dependent on it) simply for fear of exposure to liability without first trying other avenues (which could perhaps allow the relationship to be preserved) (e.g., support and financial assistance to the supplier, temporary suspension of the relationship).

The EC, in consultation with Member States and stakeholders, shall adopt guidance about voluntary model contractual clauses to assist companies in fulfilling their legal obligations under the CSDDD.59

Against this background, we will now look at the precautions in-scope companies should take when designing their contracts.

The first precaution should be taken when choosing a business partner. Companies should diligently select their suppliers and avoid sourcing from bad suppliers with problematic HRE track records. This will hopefully create pressure for these suppliers to change their behaviour. Prior to entering into a contract with potential suppliers, companies should dialogue with them to ensure that they understand what will be expected of them regarding compliance with HRE standards.

Many companies don’t formalise their arrangements with their business partners in written contracts. Research shows that lack of written contracts can have a negative influence on supplier’s behaviour and contribute to adverse impacts on human rights.[60] Considering the future EU legal framework, formalisation of agreements in writing is essential. As well as providing certainty and stability for the suppliers (which can be important for encouraging investments in better social practices that they may have to make), formalising the contract in writing makes it possible to document the company’s efforts to achieve the directive’s objectives, which may be relevant if/when it comes to proving compliance with the CSDDD.61

But it’s not the inclusion of any contractual provision in companies’ contracts that will suffice to fulfil the CSDDD’s requirements. Only contractual provisions that are formulated in such a way that they can be considered ‘appropriate measures’ for conducting HREDD along the company’s chain of activities (in the sense described above) will do.

This means that companies, as we have already mentioned, will have to rethink the way they design their contracts. Risk-shifting approaches may have made sense in the past (from a strict company risk management point of view), at a time when the rules imposing responsible business conduct were voluntary (soft law) and it was therefore possible to dissociate HRE risks from the company’s risk. This will soon no longer be the case (at least) for in-scope companies. With the ‘hardening’ of soft law standards and guidelines, HRE risks will become a company’s risk.62 And it’s a risk that can no longer be ignored nor passed on to others. It cannot be ignored, given the seriousness of the penalties provided for in the CSDDD for failure to fulfil HREDD obligations. And it cannot be passed on to others, since passing on the risk does not fulfil the requirements of the CSDDD and would result in non-compliance, exposing the company to the abovementioned penalties.

Traditional approaches to commercial contracting, having already proved unsatisfactory (if not counterproductive) in the past, are very unlikely to fulfil the requirements to qualify as ‘appropriate measures’. For example, because it has been extensively shown that ‘perfect compliance’ and ‘no-risk situations’ R&W encourage the supplier to hide problems from the buyer (rather than to collaborate with the buyer to resolve them), a company that resorts only to this type of contractual assurances will not be able, should an adverse impact occur, to demonstrate that it has fulfilled its legal obligation, since the measure used was not at all suitable for achieving the CSDDD’s purposes. To avoid the legal consequences of non-compliance with the directive, companies will have to endeavour not to find new and creative ways of transferring HRE-related risks to their partners, but to effectively address these risks (in cooperation with their partners and in consultation with stakeholders).

The CSDDD, along with other national laws,63 is part of a movement to translate the requirements contained in the UNGPs (a soft law instrument) into hard law64. The UNGPs and OECD Guidelines served as inspiration for the CSDDD.65 As such, the CSDDD should be interpreted in accordance with them.66 Moreover, it is likely that future enforcers of the CSDDD will refer to the UNGPs and the OECD Guidelines for interpretation guidance when ruling on company compliance.67 Therefore, it is essential that companies, in the contracts they enter into with their business partners, comply with the guidelines contained in these soft law instruments on responsible contracting. In other words, companies must align their contracts with the UNGPs and the OECD Guidance.

On the basis of the UNGPs and OECD Guidance, and once again drawing on the RCP, it is possible to identify 3 basic principles that companies must observe if they want to move from so-called traditional contracting to responsible contracting: (i) HREDD, whereby both parties (and not just the supplier) commit to take, in cooperation with one another, and in meaningful consultation with stakeholders, proactive and ongoing measures to identify and address potential and actual adverse impacts on human rights and the environment for as long as they are in business together; (ii) shared responsibility, whereby the buyer and the supplier share responsibility for upholding HRE standards; and (iii) prioritization of remediation, whereby, if an actual human rights or environmental adverse impact occurs, remediation of the victims or affected stakeholders comes ahead of traditional contract remedies (such as termination and damages compensation).

Companies should endeavour to translate these principles into their contracts. Pending the adoption by the EC of the guidelines on model contractual clauses mentioned above, the RCP Toolkit can provide relevant support to companies and serve as blueprint for them. The RCP Toolkit (which, as stated, includes inter alia the EMCs) is a dynamic product that operationalizes and implements the 3 basic responsible contracting principles described above. The EMCs, in particular, could play an important role here, as they are a set of model contract clauses specifically designed to support the implementation of mandatory HREDD legislation, such as the proposed CSDDD.

Companies will have to establish in their contracts a clear and equitable distribution of tasks between the parties, and cannot design them in a way that results in a transfer of responsibility for carrying out HREDD (and of the liability for failing to do so) to business partners.

In practice, this means that companies should include in their contracts joint HREDD-related obligations. Article 1 of the EMCs can serve as an example here, since it establishes mutual obligations with respect to HREDD in the supply chain. For instance, Article 1.1 (a) states the following: ‘Buyer and Supplier each covenants to cooperate with each other to establish and maintain a Human Rights and Environmental Due Diligence process in connection with the Goods and services governed by this Agreement appropriate to its size and circumstances to identify, prevent, mitigate, cease, minimize, track and communicate how each of Buyer and Supplier addresses the potential and actual Adverse Impacts of its activities directly or through their supply chains. (…)’. Article 1.1 (b)-(e) then specifies how this HREDD process shall de conducted (namely, with meaningful and ongoing stakeholder engagement, etc.).

Cooperation in establishing and maintaining the HREDD process may involve buyer companies providing the necessary assistance (within reason) to suppliers in implementing the process. Such assistance may include supplier training, upgrading facilities, etc. This matter is addressed in Article 1.3. (b): ‘If Buyer’s risk analysis determines Supplier requires assistance to implement Human Rights and Environmental Due Diligence, or after a reasonable and substantiated request from the Supplier for this assistance, Buyer shall employ commercially reasonable efforts to provide such assistance [, which may include Supplier training, upgrading facilities, advice on measures to verify compliance [and] strengthening management systems (…) to the extent legally permitted’.

Also, as explained above, poor purchasing practices can sometimes undermine the supplier’s efforts to uphold HRE standards. For this reason, companies should also include in their contracts commitments to engage in responsible purchasing practices. Article 1.3 (a) provides for just that: ‘Buyer commits to support Supplier’s implementation of Human Rights and Environmental Due Diligence by engaging in responsible purchasing practices [in accordance with Schedule Q]68 and only imposing fair, reasonable and non-discriminatory obligations on SMEs’. Responsible purchasing practices include setting reasonable commercial terms (regarding, among other aspects, prices, delivery times, procedures in the event of orders changes) that enable the supplier to comply with HRE standards. Thus, companies must assume responsibilities in this regard in the contracts. In this sense, see, for example, Article 1.3.(c) to (f).

As mentioned above, when faced with adverse impacts that cannot be prevented or stopped, the CSDDD requires companies to disengage responsibly. Article 1.3 (h) offers a ‘responsible exit’ model clause: ‘In any termination of this Agreement, whether due to a failure by a party to comply with this Agreement or for any other reason (including the occurrence of a force majeure event or any other event that lies beyond the control of the parties), the terminating party shall (i) consider the potential Adverse Impacts [, including meaningful consultation of (representatives of) impacted stakeholders,] and employ achievable, proportionate and reasonable efforts to avoid or mitigate them; and (ii) provide reasonable notice to the other party of its intent to terminate this Agreement, unless the non-compliance with this Agreement by the other party is intentional (…)’.


Concluding Remarks

We are witnessing a paradigm shift: soft law instruments on responsible business conduct are increasingly being translated into mandatory corporate sustainability due diligence laws, in an attempt to more effectively ensure corporate accountability in terms of respect for human rights and the environment, putting an end to corporate abuses. A process of gradual ‘hardening of soft law’ seems to be underway.

The CSDDD is, to date, one of the most ambitious laws (if not the most ambitious) in this area. With its entry into force, in-scope companies will be obliged to carry out HREDD throughout their chain of activities and will, if they fail to do so, be subject to severe penalties as well as civil liability.

If until now, under only non-binding instruments, it was possible to perceive the risks to companies and the risks to human rights and the environment as two separate compartments, with the rise of mandatory HREDD legislation risks to human rights and the environment will become risks to the company. It becomes, therefore, in the company’s interest to mitigate these risks, since mitigating its own risk depends on it. And the mitigation of these (now unified) risks can only be achieved using so-called responsible contracting techniques, based on the principles of shared-responsibility, prioritisation of remediation and responsible disengagement. That said, companies will have to rethink the way they design their contracts. If risk-shifting strategies have made sense until now, with the entry into force of the CSDDD they will become a risky option for the companies in scope, because they do not fulfil the requirements to qualify as ‘appropriate measures’ within the meaning of the directive and, as such, they will not serve to shield companies from exposure to the risk of administrative and civil liability.

Until the EC issues its guidelines on model contractual clauses, the EMC could serve as a good starting point for companies committed to moving towards a responsible contracting model.

Recalling the lyrics of one of Bob Dylan’s all-time greatest songs, may the times be a-changing? It is true that only large companies that exceed the above thresholds will have to comply with the CSDDD’s rules. But it’s a start and one can hope for a contagion effect…


Luísa Eckenroth Moreira

Luísa Eckenroth Moreira

Guest lecturer FDUP

What would you like to do?

  1. I.e.: ‘industries in which large retailers, brand-named merchandisers, and trading companies play the pivotal role in setting up decentralized production networks in a variety of exporting countries, typically located in the Third World’. See Gary Gereffi, ‘The Organization of Buyer-Driven Global Commodity Chains: How U.S. Retailers Shape Overseas Production Networks’ in Gary Gereffi and Miguel Korzeniewicz (eds), Commodity Chains and Global Capitalism (Praeger Publishers, 1994) 97.
  2. United Nations Environment Programme (UNEP), ‘The environmental costs of fast fashion’ (Chemicals & Pollution Action, 24 November 2022) <>.
  3. Joseph Allchin and Amy Kazmin, ‘Scores dead in Bangladeshi garment factory collapse’ Financial Times (24 April 2013) <>.
  4. Studies have shown that contracts are one of the most frequently used actions undertaken by companies to carry out HREDD. See Lise Smit, Claire Bright, Robert McCorquodale, et al., ‘Study on Due Diligence Requirements through the Supply Chain’ (Study for the European Commission, January 2020) 152 <>.
  5. See Vibe Ulfbeck and Ole Hansen, ‘Sustainability clauses in an unsustainable contract law?’ [2020] 16 1 ERCL 186. See also Daniel Schönfelder, Bettina Braun and Martijn Scheltema, ‘Contracting for human rights: experiences from the US ABA MCC 2.0 and the European EMC projects’ (Nova Centre on Business, Human Rights and the Environment Blog, 1 November 2022) <>.
  6. Referring to contracts as ‘critical components for successfully managing HRE risks and integrating HREDD processes and principles throughout the supply chain’, see Sarah Dadush, Daniel Schönfelder and Bettina Braun, ‘Complying with Mandatory Human Rights Due Diligence Legislation through Shared-Responsibility Contracting: The Example of Germany’s Supply Chain Act (LkSG)’ in Susan A. Maslow and David V. Snyder (eds), Contracts for Responsible and Sustainable Supply Chains: Model Contract Clauses, Legal Analysis, and Practical Perspectives, ABA Business Law Section 2023 (ABA Publishing, 2023) 2 <>. 
  7. See the European Model Clauses (2023, 3rd draft), available at: <> (EMCs). The EMCs are ‘a set of model contract clauses that aim to improve human rights and environmental (HRE) performance in global supply chains and to support the implementation of the German Supply Chains Due Diligence Act (LkSG), the proposed EU Corporate Sustainability Due Diligence Directive (CS3D), and similar mandatory Human Rights and Environmental Due Diligence (mHREDD) legislation’. They seek ‘to improve the effectiveness of contracts as tools for preventing and addressing adverse HRE impacts, as required by the new mHREDD laws’. The goal of the EMC project is ‘to make human rights and environmental standards a central part of contractual governance for both suppliers and buyers, as envisaged by the UN Guiding Principles on Business and Human Rights and the 2023 OECD Guidelines for Responsible Business Conduct’.
  8. Ibid. The authors of the EMC state that, while contracts can be a powerful tool to improve human rights and environmental due diligence practices, their history is fraught. This is because ‘[a]s traditionally used, contracts tend to undermine the effectiveness of companies’ HREDD processes by transferring both the contractual and the financial responsibility for upholding HRE standards to other actors in the supply chain, namely their suppliers (e.g. manufacturers)’.
  9. See Dadush, Schönfelder and Braun (n 8) 2.
  10. Ibid.
  11. Proposal for a Directive of the European Parliament and the Council on Corporate Sustainability Due Diligence and amending Directive (EU) 2019/1937 COM/2022/71 final available at: <>. The European Commission’s proposal for a CSDDD responds to the calls made by the Council on 3 December 2020 and the European Parliament on 10 March 2021 upon the Commission to submit a legislative proposal on mandatory corporate due diligence along global value chains.
  12. UN Guiding Principles on Business and Human Rights (2011), available at: <>
  13. OECD Guidelines for Multinational Enterprises on Responsible Business Conduct (2023), available at <>. See also the OECD Due Diligence Guidance for Responsible Business Conduct (OECD Guidance) available at <>. The objective of the OECD Guidance is to provide practical support to enterprises on the implementation of the OECD Guidelines.
  14. For a possible explanation of why there are frequent imbalances in negotiating power between the buying companies and the suppliers and how these imbalances may lead to a race to the bottom, with suppliers competing on ever lower pricing and timings at the cost of human rights or environmental standards, see Schönfelder, Braun and Scheltema (n 7).
  15. See Dadush, Schönfelder and Braun (n 8) 3. The authors add that ‘risk-shifting approach is an entirely understandable by-product of the typical approach to commercial contracting, where contracts are designed as instruments for managing company risk, rather than human rights or environmental risk’.
  16. The Responsible Contracting Project, available at: <>. According to information available on the RCP’s website, the RCP was co-founded in 2022 by Sarah Dadush and Olivia Windham Stewart, and is housed within Rutgers Law School’s Center for Corporate Law and Governance. The mission of the RCP is ‘to improve human rights in global supply chains through innovative contracting practices’. To this end, they ‘develop and disseminate practical contractual tools to support more cooperative relations between supply chain firms and better human rights outcomes for workers’. The RCP’s team of experts (together with various stakeholders) put together a Responsible Contracting Project Toolkit (the RCP Toolkit), which seeks to align contract design more closely with the principles of human rights due diligence enshrined in the UNGPs and the OECD Guidance. The RCP Toolkit includes the following components: the abovementioned EMCs, the Supplier Model Contract Clauses 1.0 (SMCs), the ABA Working Group Model Contract Clauses 2.0 (MCCs 2.0) and the Responsible Purchasing Code of Conduct (or the Buyer Code). The RCP Toolkit, along with guidance on its implementation, is available at: <>.
  17. In this section, we will closely follow the explanation of why traditional contracting techniques fail to achieve the purposes of HREDD, presented by Dadush, Schönfelder and Braun (n 8) 3-5.
  18. Noting that traditional contracts often include static, unrealistic, and fictitious R&W provided by the supplier that everything is perfect and emphasising the perils associated with this approach, see ibid 3-4.
  19. This is because ‘(…) the human rights risks may change over time as the business enterprise’s operations and operating context evolve’. See Principle 17 of the UNGPs. The same applies to environmental risks.
  20. See Dadush, Schönfelder and Braun (n 8) 3.
  21. As some authors point out, ‘no risk’ situations are very unlikely, even in low-risk countries, like Germany, where, e.g., the gender pay is still far from being closed. See Michaela Streibelt and Daniel Schönfelder, ‘Effective and appropriate HRDD requires a shared responsibility approach, responsible contracting & purchasing’ (Nova Centre on Business, Human Rights and the Environment Blog, 8 November 2023), <>. 
  22. See Schönfelder, Braun and Scheltema (n 7).
  23. On the impact of purchasing practices on work conditions in global value chains, see Daniel Vaughan-Whitehead and Luis Pinedo Caro, ‘Purchasing Practices And Working Conditions In Global Supply Chains: Global Survey Results’ (Inwork Policy Brief No. 10, International Labour Office, 2017), available at: <>. The authors conclude that ‘business practices – and in particular, purchasing practices – used by the buyer can put pressure on suppliers in terms of timeline, prices and delivery, which can have direct effects on suppliers’ capacity to provide decent wages and working conditions’. To illustrate this conclusion, they give the example of pricing: ‘agreeing on prices that are below production costs puts the suppliers in a difficult situation with regard to paying wages, improving working conditions, and use of only declared work, and can thus even put them at high risk of bankruptcy’. The study also confirmed that ‘insufficient lead times and also inaccurate technical specifications provided by the brands directly lead to lower wages and an increased number of overtime hours’ and that, in other cases, ‘suppliers may have recourse to outsourcing, with wages and working conditions also further deteriorating along this extended chain of sub-contractors’. Lastly, the study also showed that ‘[w]hile the presence of a code of conduct can of course help in promoting better working conditions’, ‘buyers do not always accompany such standards with support and financial assistance, adding further pressure – on top of the purchasing practices mentioned above – to the suppliers’ margins’. 
  24. See Dadush, Schönfelder and Braun (n 8) 4. 
  25. See Dadush, Schönfelder and Braun (n 8) 3-4.
  26. See Schönfelder, Braun and Scheltema (n 7). The authors explain that the termination of the contract by buying companies immediately after a breach of contract by the supplier not only does not solve the human rights issues, but may even cause them to worsen. This is because ‘termination might force a supplier to contract other buyers who might be more lenient on these issues’. And the authors illustrate their point with the following example: termination based on the use of child labour hardly improves the situation as long as the families need this in order to secure their livelihood.
  27. See the RCP.
  28. Ibid.
  29. See Dadush, Schönfelder and Braun (n 8) 9-10. The authors argue that ‘until recently, it was possible – even sensible – for companies to separate the two risk buckets of company risk and human rights risk because HREDD obligations were voluntary’. But they warn that ‘now, with the rise of mandatory HREDD legislation, the two sets of risks are becoming unified’. They end by concluding that ‘to effectively manage company risks, in-scope companies must effectively manage HRE risks, including through their contracts’.
  30. The press releases issued by the EC, the Council and the EP on 14 December 2023, following the final trilogue meeting and the reaching of the agreement between the European co-legislators, can be found here: <>, <> and <>.
  31. In our summary of the content of the CSDDD, we are considering the overall compromise text that was agreed on 15 March 2024 by the COREPER. Final compromise text available at: <>. On 19 March 2024, the EP Committee on Legal Affairs (JURI) backed the compromise text of the CSDDD. The EP plenary vote is scheduled to 24 April 2024. Once formally approved by the EP and the EU Member States, the CSDDD will enter into force on the twentieth day following its publication in the EU Official Journal.
  32. As many have pointed out, with these ‘last-minute’ changes (which, after the trilogue deal reached in December, represent ‘a compromise on an already agreed compromise’, as Andreas Rashe puts it – see Andreas Rashe, ‘The CSDDD Compromise – Fewer Companies, Later Adoption (A Commentary)’, [online], LinkedIn, 6 March 2024, <>), the CSDDD has been watered down significantly, with the agreed-upon text reflecting a dilution of the directive’s initial ambition.
  33. See Article 1 of the CSDDD. 
  34. See the context of the proposal (reasons for and objectives of the proposal) contained in the explanatory memorandum accompanying the proposal presented by the EC, which states that ‘[t]he behaviour of companies across all sectors of the economy is key to succeed in the Union’s transition to a climate-neutral and green economy in line with the European Green Deal and in delivering on the UN Sustainable Development Goals, including on its human rights- and environment-related objectives’.
  35. Ibid. While it is true that, based on existing voluntary standards on responsible business conduct, more and more companies are deploying due diligence processes to identify risks in their value chains, the truth is that ‘voluntary action does not appear to have resulted in large scale improvement and, as a consequence, negative externalities from EU production and consumption are being observed both inside and outside the Union’. 
  36. And for companies that are already subject to mandatory HREDD requirements, as a result of legislation that has been enacted in the Member States in response to citizens' calls for greater corporate accountability and in the face of the EU’s lack of legislative action in this area [e.g., the French Loi relative au devoir de vigilance or the German Lieferkettensorgfaltspflichtengesetz (LkSG)].
  37. See Article 2 of the CSDDD.
  38. The final compromise text agreed by the COREPER on 15 March 2024 provides for a much narrower scope of application than the EC’s original proposal (and the text resulting from the provisional agreement reached by the EU co-legislators in December 2023). The general thresholds have been increased (from 500 employees to 1000; from €150 million turnover to €450 million). In addition, the thresholds applicable to franchisors have been adapted accordingly. Finally, the ‘high-risk’ sectors approach (which extended the scope of the directive to smaller companies active in sectors that present a high risk of adverse impact on human rights and the environment, e.g., manufacture and wholesale trade of textiles, agriculture including forestry and fisheries, etc.) has been deleted. As a result, less companies fall within the scope of the CSDDD. Furthermore, the CSDDD will follow a staggered application approach, as follows: (i) a 3-year application period for companies with more than 5000 employees and €1500 million turnover; (ii) a 4-year application period for companies with more than 3000 employees and €900 million turnover; and (iii) 5-year application period for companies with more than 1000 employees and €450 million turnover. Assuming that the directive enters into force this year, this means that we will have to wait until 2029 before all the companies in scope have to start applying the directive's provisions.
  39. For the definition of ‘chain of activities’, see Article 3(1)(g) of the CSDDD.
  40. See Article 4 of the CSDDD.
  41. See Articles 5, 6, 7, 8, 9, 10 and 11 of the CSDDD.
  42. On the notion of ‘appropriateness’ under the EC’s proposal for the CSDDD, see Leonard Feld and Odile Dua, ‘How to Draw the Line? Determining the ‘Appropriateness’ of Corporate Human Rights and Environmental Due Diligence Under the Proposed Corporate Sustainability Due Diligence Directive of the European Union’, (Nova Centre on Business, Human Rights and the Environment Blog, 15 February 2023) <>. The authors argue that the type of a company’s involvement in an adverse impact should be one important criterion for determining the appropriateness of a measure in a specific case and that the due diligence obligations can take the form of obligations of means or obligations of result depending on the company’s level of involvement and control over the situation. The authors conclude that a future CSDDD should specify that causing an adverse impact, fully or jointly through the own activities (given the high level of involvement), substantially limits a company’s margin of discretion in choosing which measures to implement and renders de iure obligations of means de facto obligations of result to do no harm.
  43. For the definition of ‘appropriate measures’, see Article 3(1)(q) of the CSDDD.
  44. In the final compromise text, the obligation for in-scope companies with more than 1000 employees to promote the implementation of this plan, inter alia through financial incentives to members of the corporate bodies (e.g., by linking part of the directors' remuneration to compliance with the transition plan), has been deleted. This, together with the fact that the provisions on directors’ duties (Articles 25 and 26 of the EC’s original proposal) had already been removed (following the trilogues), means that there is little incentive for members of corporate bodies to ensure that companies comply with the directive.
  45. For a more detailed description of the enforcement mechanisms provided for in the CSDDD (although with reference to the Commission’s proposal, and not the final text released on 30 January 2024), see Stéphane Brabant, Claire Bright, Noah Neitzel and Daniel Schönfelder, ‘Enforcing Due Diligence Obligations - The Draft Directive on Corporate Sustainability Due Diligence (Part 2)’ (Verfassungsblog, 16 March 2022) <>.
  46. See Article 17 of the CSDDD.
  47. See Articles 18 and 20 of the CSDDD.
  48. As laid down in Articles 7 and 8 of the CSDDD and provided that the right, prohibition, or obligation listed in Annex I (human rights and fundamental freedoms; and prohibitions and obligations related to the protection of the environment) is aimed to protect the natural or legal person and that a damage to the natural or legal person’s legal interest protected under national law was caused.
  49. See Article 22 of the CSDDD.
  50. Reputational risks can no longer be underestimated in an age of ‘conscious capitalism’ in which consumers and investors are increasingly sensitive to ESG issues and demand more and more from companies in terms of sustainability.
  51. As the German legislator had already done in the LkSG. For a brief comparison between the EC’s draft CSDDD and several national mandatory HREDD laws (notably the French Loi relative au devoir de vigilance, the German LkSG and the Norwegian Transparency Act), see Stéphane Brabant, Claire Bright, Noah Neitzel and Daniel Schönfelder, ‘Due Diligence Around the World - The Draft Directive on Corporate Sustainability Due Diligence (Part 1)’ (Verfassungsblog, 15 March 2022) <>, and Brabant, Bright, Neitzel and Schönfelder (n 47).
  52.  See Ana Filipa Morais Antunes, ‘ESG, sustentabilidade empresarial e contratação responsável. Em especial, o papel do contrato e das “cláusulas éticas”’ (2023) RDC <> 1103, 1129.
  53. See Articles 7 (2)(b) and 8 (3)(c) of the CSDDD.
  54. See Article 7(4) and Article 8(5) of the CSDDD.
  55. Articles 7(4) and 8(5) of the CSDDD.
  56. See Article 7(5), first subparagraph of the CSDDD.
  57. See Article 8(6), first subparagraph of the CSDDD.
  58. See Articles 7(5), second subparagraph, and 8(6), second subparagraph of the CSDDD.
  59. See Article 12 of the CSDDD.
  60. According to results of the survey conducted by the International Labour Organization on the impact of purchasing practices on work conditions in global value chains, ‘[t]he type of contract signed between the buyer and the suppliers is found to be a relevant factor in terms of its influence on suppliers’ behaviour’. ‘The more comprehensive the contract, the more stable and guaranteed the overall context in which the suppliers operate’. ‘[U]nwritten contracts are usually more difficult to enforce and may lead to serious consequences for all the actors, including financial losses, performance issues and lack of job security for the workers themselves’. See Vaughan-Whitehead and Pinedo Caro (n 24) 3.
  61. Under Article 4 (3a) of the CSDDD, ‘Member States shall require companies to retain documentation regarding the actions adopted to fulfil their due diligence obligations for the purpose of demonstrating compliance, including supporting evidence, for at least 5 years from the moment when such documentation was produced or obtained’.
  62. Dadush, Schönfelder and Braun (n 8) 9-10.
  63. Beyond the legislative developments in the EU different member states have also enacted legislation on corporate sustainability due diligence. For example, France, Germany, and the Netherlands have adopted legislation on this topic. Other European countries outside the EU, like Norway, have also adopted legislation on this subject.
  64. For an in-depth analysis of some domestic-level legislative developments that seek to implement the UNGPs and translate the human rights due diligence requirements into hard law, through a process of progressive ‘hardening’ of the UNGPs, see Chiara Macchi and Claire Bright, ‘Hardening Soft Law: the Implementation of Human Rights Due Diligence Requirements in Domestic Legislation’ in Martina Buscemi, Nicole Lazzerini, Laura Magi and Deborah Russo (eds), Legal Sources in Business and Human Rights - Evolving Dynamics in International and European Law (Brill, 2020)
  65. See the explanatory memorandum and recitals 5 and 6 of the CSDDD.
  66. As Sarah Dadush, Daniel Schönfelder and Bettina Braun explain, several of the new mandatory HREDD laws refer to the UNGPs and the OECD Guidance. While some of the laws explicitly require compliance with the UNGPs and/or the OECD Guidance, which effectively converts the soft law standards into hard law (e.g., the Norwegian Transparency Act), others mention the standards in their explanatory memorandums (e.g., the LkSG, the CSDDD). For the first group of laws, to ensure legal compliance, companies must integrate the UNGPs and/or the OECD Guidance into their operations and processes, including in their contracts. For the second group of laws, the standards provide interpretive guidance, meaning that the new laws must be read considering the UNGPs and/or the OECD Guidance. [See Dadush, Schönfelder and Braun (n 8) 5]. Which, in our view, will have a similar effect. I.e.: to ensure legal compliance, companies should integrate the UNGPs and the OECD Guidance into their operations and processes, including in their contracts.
  67. In the same vein, although with reference to the enforcement of the LkSG by the Bundesamt für Wirtschaft und Ausfuhrkontrolle (the enforcer of the LkSG), see Dadush, Schönfelder and Braun (n 8) 10.
  68.  Schedule Q contains a model buyer code that sets out the steps the buyer (e.g., brands and retailers) can take to support positive human rights outcomes, in line with the buyer’s own policies. Model buyer code included in the RCP Toolkit available at: <>.