The EU Corporate Sustainability Due Diligence Directive (CS3D or the Directive) is a significant piece of legislation as it mandates obligations on in-scope “companies” to enhance the protection of the environment and human rights both within the EU and globally through responsible business conduct.
In particular, the CS3D:
- lays down due diligence obligations with respect to the operations of (i) the in-scope company, (ii) its subsidiaries, and (iii) its business partners in the company’s “chain of activities;”
- requires companies to identify, prevent, mitigate, and remediate actual and potential adverse impacts on people and the environment; and
- requires companies to implement a transition plan for climate change mitigation aligned with the Paris Agreement goal of limiting global warming to 1.5C.
For general information about the provisions of CS3D, please see our Sidley Update Unprecedented ESG Due Diligence Obligations — EU Adopts Corporate Sustainability Due Diligence Directive.
Overall scope of CS3D
The obligations in the CS3D apply equally to an EU “company” or non-EU “company” if the company falls within scope; that is, non-EU companies are subject to the same demands, despite being incorporated outside the EU.
Application to individual “companies”
The CS3D applies to “companies,” broadly defined to include companies meeting certain quantitative thresholds on turnover, employee numbers, and royalties in at least two consecutive financial years (the quantitative thresholds). In particular, the Directive applies to
(1) companies incorporated in the EU (EU companies) having:
(a) more than 1,000 employees on average (employee threshold), and (b) a net worldwide turnover of more than €450 million in the past financial year for which annual financial statements have been adopted (worldwide turnover threshold); or
(a) generated royalties in the EU of more than €22.5 million and (b) net worldwide turnover of more than €80 million, in the last financial year for which annual financial statements have been adopted; and
(2) companies incorporated outside the EU (non-EU companies) having:
(a) a net turnover of more than €450 million in the EU in the financial year preceding the past financial year (EU turnover threshold); or
(a) generated royalties in the EU of more than €22.5 million, and (b) net turnover of more than €80 million in the EU, in the financial year preceding the last financial year.
|
Sidley comment The CS3D as noted above has significantly higher thresholds than those under the Corporate Sustainability Reporting Directive (CSRD). As a reminder, the CSRD relates to corporate reporting on sustainability matters whereas the CS3D mandates corporate obligations and accountability for for the protection of the environment and human rights. By way of contrast to the CS3D thresholds noted above, the CSRD applies as follows:
Another key difference is that the CS3D applies directly to both EU and non-EU companies, whereas the CSRD applies directly to EU companies only. Although the CSRD may impact non-EU parent companies (meeting the thresholds above), the relevant EU subsidiary or branch remains responsible for publishing the sustainability report for such non-EU parent companies at a consolidated level. For further details on the scope of the CSRD, please see our Sidley Update: EU Corporate Sustainability Reporting Directive — What Do UK- and U.S.- Headquartered Companies Need to Know? |
Application to group structures
If a company does not meet the respective EU or non-EU quantitative thresholds on a standalone basis but is the ultimate parent company of a group that reached the relevant thresholds in the last financial year on a consolidated basis, then the Directive applies to such company (whether EU or non-EU). Note also that within a group structure, the CS3D may very well apply directly to more than one entity on a standalone basis, including the ultimate parent company.
No direct application in the UK
The CS3D does not directly apply in the United Kingdom (UK) as the CS3D came into force after the UK left the EU, but UK companies may be in scope as non-EU companies if they meet the quantitative thresholds.
Scope of “company” includes “regulated financial undertakings”
For the purposes of CS3D, the definition of “company” includes regulated financial undertakings as well as public and private companies. And as noted in the next section, the term “company” also includes partnerships and limited partnerships (but not limited liability partnerships).
A “company” is defined as in the following chart:
| Definition of “company” | Types of entities included |
| (a) Certain legal forms (referred to herein as the “corporate legal form criteria”) |
Annexes I and II provide different types of undertaking by jurisdiction.
|
| (b) Regulated financial undertakings (regardless of their legal form) (referred to herein as the “regulated financial undertaking criteria”) |
This list includes:
|
We discuss the relevance of each category for businesses in the financial services sector below.
CS3D may apply to certain EU and non-EU partnerships and limited partnerships if they meet the quantitative thresholds
Corporate legal form criteria
The CS3D applies to legal forms listed in or comparable to Annex I and Annex II, thereby extending the legal forms in scope to include partnerships and limited partnerships.
|
Sidley comment Notably, the Directive expressly excludes alternative investment funds (AIFs) and UCITS funds from its scope. However, AIFMs and UCITS management companies are in scope as “regulated financial undertakings” (see below). However, other EU and non-EU financial entities constituted as partnerships and limited partnerships are potentially in scope of CS3D (subject to meeting the quantitative thresholds at an individual or consolidated group level). For example, this may include certain non-EU AIFMs that are constituted as limited partnerships. |
CS3D applies to “regulated financial undertakings”: EU and non-EU businesses in the financial services sector will need to consider if they fall within the exhaustive list
Regulated financial undertaking criteria
The regulated financial undertaking criteria refer to specific types of entities derived from other EU legal frameworks governing regulated financial activity – for example, AIFMs under the Alternative Investment Fund Managers Directive (AIFMD), payment institutions under the Payment Services Directive (PSD2), and securitisation special purpose entities under the EU Securitisation Regulation.
Narrow exemption for in-scope parent companies
A limited exemption from falling into scope of CS3D may apply to certain parent companies of investment groups.
Subject to the conditions below, ultimate parent companies that have as their main activity the “holding of shares in operational subsidiaries and which do not engage in management, operational, or financial decisions affecting the group or one or more subsidiaries” are exempted from carrying out the obligations in CS3D.
Conditions:
- One of the ultimate parent company’s subsidiaries established in the EU needs to be designated to fulfil the due diligence and transition plan obligations on behalf of the ultimate parent company.
- The designated subsidiary needs to be given “all the necessary means and legal authority to fulfil those obligations in an effective manner, in particular to ensure that the designated subsidiary obtains from the companies of the group the relevant information and documents to fulfil the obligations of the ultimate parent company.”
- The ultimate parent company needs to apply to the national competent authority for a determination that the group meets the conditions and the exemption can apply.
The CS3D provides that the ultimate parent company remains jointly liable with the designated subsidiary for a failure of the subsidiary to comply with the relevant obligations.
|
Sidley comment The effect of this exemption is that certain EU and non-EU financial holding companies may be exempted from the practical and administrative obligations (but not liability provisions) in CS3D. However, the availability of this exemption would depend on whether a portfolio company can fulfil the group’s obligations on the parent’s behalf (and the exemption from the national competent authority is confirmed in advance). |
Responsibility for the activity of subsidiaries may cause complications for certain asset managers
As noted above, in-scope companies must also fulfil due diligence obligations under CS3D with respect to the operations of its subsidiaries. The definition of a “subsidiary” in CS3D incorporates definitions from two different EU directives:
(a) a “legal person” meaning “an undertaking controlled by a parent undertaking, including any subsidiary undertaking of an ultimate parent undertaking” (as defined in the EU Accounting Directive); and
(b) a “legal person” through which the activity of a “controlled undertaking” is exercised (as defined in the EU Transparency Directive).
“Controlled undertaking,” broadly speaking, includes any undertaking in which a person or legal entity:
(i) has a majority of the voting rights;
(ii) is a shareholder and has the right to appoint or remove a majority of the members of the administrative, management or supervisory body;
(iii) is a shareholder and controls a majority of the shareholders’ or members’ voting rights, pursuant to a shareholders’ agreement; or
(iv) has the power to exercise, or actually exercises, dominant influence or control.
|
Sidley comment This incorporation of “controlled undertaking” in the definition of “subsidiary” could mean that if a parent/subsidiary relationship does exist between, for example, an in-scope financial sponsor and an investee company (e.g., where the financial sponsor is a general partner entrenched in a limited partnership), the in-scope financial sponsor may be obliged to apply its mandatory due diligence policies to the operations of the relevant investee company (as its subsidiary). This is an issue that trade bodies such as Invest Europe have commented on.2 |
Temporary relief for regulated financial undertakings from covering downstream activities
In-scope firms: downstream “chain of activities”
Generally, in-scope companies must also fulfil due diligence obligations under CS3D with respect to the operations of its business partners in the “chain of activities” (which is understood to be more limited than the concept of “value chain”).
However, for regulated financial undertakings in particular, the CS3D places obligations only in regard to the upstream part of their chain of activities. Following heavy negotiations among EU Member States, the downstream portion is excluded (i.e., “downstream business partners that are receiving their services or products”), which therefore excludes relationships with clients.
However, the European Commission will conduct and publish a review of the Directive no later than 26 July 2026, including on the need to lay down additional due diligence requirements for regulated financial undertakings.
|
Sidley comment Given that the exemption for the financial services sector is temporary, in-scope financial sector businesses should note that their downstream operations may still be brought into scope in the future. If the European Commission concludes that a legislative proposal is needed, the report may be accompanied by a proposal as early as 26 July 2026. That being said, even if the European Commission decides to extend due diligence obligations to “downstream business partners” for the financial services sector, the resulting impact may be limited in practice, unless the EU widens the current definition of “chain of activities.” At present, the “chain of activities” in relation to “downstream business partners” is defined to capture only business partners that “carry out” activities related to the “distribution, transport, and storage of a product” for or on behalf of that company.” Accordingly, CS3D’s due diligence obligations have limited scope of application to downstream activities in relation to the provision of services in general. For completeness, however, please note that the financial services sector is not exempt from the requirement to implement a transition plan for climate change mitigation, detailing decarbonization levers and funding for the plan. This should set out how firms will reduce Scopes 1-3 emissions in line with the Paris Agreement 1.5C temperature goal, including Scope 3 emissions associated with investment portfolios. Firms are required to report on the status of their transition plan every 12 months. |
Many businesses may also be indirectly affected by CS3D even if they are not caught in scope
The CS3D aims to enhance the protection of the environment and human rights in the EU and globally. In this regard, it requires companies to identify, prevent, mitigate, and remediate actual and potential adverse impacts on people and the environment in their upstream and downstream “chain of activities.” As a result, its effects are expected to be felt indirectly by entities that engage with parties that are subject to the CS3D, even if they are not caught in scope themselves.
|
Sidley comment By virtue of the global interconnected nature of relationships in the financial services sector, these obligations may mean that CS3D obligations will be imposed contractually on many EU and non-EU businesses that are otherwise out of direct scope of the CS3D. Consequently, firms should be mindful of the resources and data gathering that may be needed by their investors, suppliers, and associates in order for those companies to meet their direct obligations. |
Timing
EU Member States have two years to implement CS3D provisions into national law by 26 July 2026. The CS3D will apply in three annual phase-in waves by revenue from 26 July 2027 (with all in-scope companies subject to the CS3D from 26 July 2029).
For further information about the reporting obligations under CS3D, please see our Sidley Update Unprecedented ESG Due Diligence Obligations — EU Adopts Corporate Sustainability Due Diligence Directive.
Asset managers that are subject to CS3D should consider how the obligations impact their ESG strategy holistically. To ensure efficiency and consistency, such asset managers should align their CS3D implementation strategy with other ESG regulations that may apply in the EU and other jurisdictions where they operate. This could include consideration of climate disclosure rules issued by the U.S. Securities and Exchange Commission (see our summary here), California (see our summary here), and the UK (see our summary here).
1 The EU Accounting Directive applied to the UK when the UK was part of the EU.
2 Invest Europe, “CS3D Comments on the inappropriateness of the use of subsidiary definition” (dated May 2023), https://www.investeurope.eu/media/6783/invest-europe_cs3d_subsidiary-definition-may-2023.pdf.
Sidley Austin LLPはクライアントおよびその他関係者へのサービスの一環として本情報を教育上の目的に限定して提供します。本情報をリーガルアドバイスとして解釈または依拠したり、弁護士・顧客間の関係を結ぶために使用することはできません。
弁護士広告 - ニューヨーク州弁護士会規則の遵守のための当法律事務所の本店所在地は、Sidley Austin LLP ニューヨーク:787 Seventh Avenue, New York, NY 10019 (+212 839 5300)、シカゴ:One South Dearborn, Chicago, IL 60603、(+312 853 7000)、ワシントン:1501 K Street, N.W., Washington, D.C. 20005 (+202 736 8000)です。
