The Corporate Sustainability Due Diligence Directive (CSDDD): What Businesses Need to Know

The Corporate Sustainability Due Diligence Directive (CSDDD) is one of the EU's most significant pieces of supply chain legislation. While most businesses outside the EU might not think they’re directly in scope, its reach extends further than many realise. We've broken down everything you need to know below, covering what it is, who it applies to, and what it means for your business.

What is the CSDDD?

The Corporate Sustainability Due Diligence Directive (CSDDD, also referred to as CS3D) is EU legislation that requires large companies to identify, prevent, and address human rights and environmental risks across their operations and supply chains.

The simplest way to understand it is through the contrast with CSRD, the EU's sustainability reporting directive:

• CSRD is about reporting: disclosing what your sustainability position looks like.
• CSDDD is about action: actively identifying and managing risks throughout your value chain, not just writing about them.

Think of it this way: CSRD asks "what is your environmental impact?". CSDDD asks "what are you actually doing about it, and what about your suppliers?"

The original directive (Directive 2024/1760) was published in the EU's Official Journal in July 2024. It has since been amended by the EU's Omnibus simplification package, which was formally adopted in February 2026.

What does the CSDDD actually require?

For companies that fall within its scope, the CSDDD creates a set of ongoing due diligence obligations. Unlike CSRD, which is primarily about disclosure, the CSDDD requires companies to actively identify and address environmental and human rights risks across their value chain and to be able to demonstrate they are doing so.

From a carbon and environmental perspective, the key obligations are:

• Identify climate and environmental risks across your supply chain. This means looking beyond your own operations to understand where adverse impacts occur, including emissions, pollution, and resource use at a supplier level.
• Take action to prevent or mitigate those impacts. A risk assessment that sits in a drawer does not satisfy the directive. Companies need to show they are acting on what they find.
• Adopt and implement a climate transition plan. In-scope companies must have a plan aligned to the Paris Agreement's 1.5°C goal and they must be putting it into effect, not just publishing it. This means real emissions reduction targets and a credible roadmap to meet them.
• Embed due diligence into governance. This is not a one-off compliance exercise. It needs to be built into how the business is managed year on year.

One important update from the Omnibus amendments: the requirement to publicly report on due diligence processes has been pushed back to financial years starting on or after 1 January 2030. The obligation to actually conduct that due diligence, however, remains in place from 2029.

Who does the CSDDD apply to?

Following the Omnibus simplification package, the scope of the CSDDD is narrower than originally planned. The directive now applies to:

• EU companies (or groups headed by an EU parent) with more than 5,000 employees and net worldwide turnover exceeding €1.5 billion.
• Non-EU companies, including those headquartered in the UK, US, or elsewhere, with more than €1.5 billion in net turnover generated within the EU (no employee threshold applies to non-EU businesses).

This is a significant reduction from the original proposals, which would eventually have captured companies with over 1,000 employees and €450 million in turnover. Fewer businesses are now directly in scope, but the supply chain implications remain real, as we will come to.

What are the key timelines?

26 July 2028: EU member states must transpose the directive into national law.

26 July 2029: Substantive due diligence obligations begin to apply to in-scope companies.

1 January 2030: Public reporting obligations (Article 16) apply for financial years starting from this date.

These dates were pushed back significantly by the Omnibus process. The original directive had set earlier application dates, but the broader EU simplification agenda led to material delays across both CSDDD and CSRD.

Does the CSDDD apply to your business?

The CSDDD is EU legislation, but its reach is not limited to EU-based companies. Whether it affects your business comes down to two questions.

Are you directly in scope?

If your business generates more than €1.5 billion in net turnover within the EU, you fall within scope regardless of where you are headquartered. The same obligations apply to you as to an in-scope EU company.

Are you indirectly affected?

This is the more relevant question for most SME to mid-market businesses. Even if you are not directly in scope, your large EU customers likely are. Under the CSDDD, those customers must conduct due diligence on their supply chains, which means they will be asking their suppliers (you) for information about emissions, environmental practices, and human rights standards.

The directive does include a value chain cap, introduced through the Omnibus amendments. This limits the sustainability information that in-scope companies can request from suppliers with fewer than 1,000 employees, anchoring requests to the EU's VSME voluntary standard rather than allowing open-ended questionnaires. In practice, this should make the information requests you receive more structured and proportionate, but it does not make them go away.

How does CSDDD relate to CSRD?

CSRD and CSDDD are separate pieces of legislation, but they work together and affect many of the same large companies. Here is the clearest way to distinguish them:

• CSRD requires eligible companies to disclose their sustainability data in annual reports, using the European Sustainability Reporting Standards (ESRS).
• CSDDD requires eligible companies to act, to embed due diligence processes and take meaningful steps to address risks across their value chains.

The point where they connect most directly is around transition plans. CSRD requires companies to disclose a climate transition plan. CSDDD requires them to implement one. You cannot satisfy CSDDD simply by writing a good report.

For UK businesses whose EU customers are subject to both directives, the practical consequence is that those customers will be asking for emissions and supply chain data for two reasons at once: to support their own CSRD reporting, and to demonstrate CSDDD compliance.

Why Scope 3 data is at the heart of this

If an in-scope company has to identify and address adverse environmental impacts across its value chain, it first needs to understand where those impacts sit. That starts with emissions data, specifically Scope 3, which covers everything that happens outside a company's own operations, including its supply chain.

For UK businesses supplying large EU corporates, this creates a clear and growing expectation:

• Being able to provide credible, GHG Protocol-aligned emissions data is increasingly part of being a competitive supplier.
• Information requests are already arriving through supplier questionnaires, procurement portals, and RFP processes, ahead of formal CSDDD deadlines.
• Businesses that can respond quickly and accurately with verified data are better placed than those that cannot.

One thing worth knowing: spend-based emissions estimates, which calculate a company's footprint by applying average factors to what was spent with suppliers, are a starting point, but they do not improve meaningfully as a business decarbonises. They track spend, not actual emissions. Activity-based data, which uses real figures like weight of materials, distance shipped, or energy consumed, gives a far more accurate and defensible picture, and is increasingly what large customers want to see.

What this means for growing businesses

Most businesses in Seedling's market are not directly in scope of the CSDDD. But the indirect implications are real and are already showing up in practice.

Here is what to expect:

• Supplier questionnaires will become more structured. Large EU customers are moving from ad hoc sustainability requests to more systematic, framework-aligned data collection. The CSDDD and VSME cap are pushing in this direction.
• Emissions data will be a prerequisite, not a nice-to-have. Carbon footprint data, particularly across Scopes 1, 2, and 3, will increasingly be part of procurement and tender processes with large EU-linked organisations.
• You will be asked about your supply chain too. It is not just your own emissions. Large customers under CSDDD will want to understand how their suppliers (you) are managing environmental risks within your own supply chain.

The good news is that the work required to respond to CSDDD-related requests overlaps significantly with other compliance and reporting priorities. If you are already building a carbon footprint for Carbon Reduction Plans, SECR, B Corp, or client questionnaires, the same underlying dataset supports CSDDD-related information requests too. You do not need a separate exercise, you need your emissions data to be in good shape.

The bottom line

The CSDDD is significant legislation, and following the Omnibus amendments it now applies to a narrower group of large companies than originally proposed. But its supply chain logic means its reach extends well beyond those that are formally in scope.

Businesses supplying large EU corporates, or sitting anywhere in global value chains with EU exposure, will face increasing due diligence expectations regardless of whether the directive formally applies to them. Getting carbon data in order, understanding your Scope 3 footprint, and being able to respond to supply chain requests accurately are practical steps that serve multiple compliance purposes at once.

Seedling helps growing businesses measure a full-scope carbon footprint, reduce emissions, and report with confidence with one-to-one expert support built in at every stage. If you want to get your carbon data in good shape ahead of increasing supply chain scrutiny, get in touch (https://www.seedling.earth/book-a-demo) with the team or explore how Seedling works (https://www.seedling.earth/).

Frequently asked questions

What does CSDDD stand for?

CSDDD stands for Corporate Sustainability Due Diligence Directive. It is also referred to as CS3D. The full title of the legislation is Directive (EU) 2024/1760, as subsequently amended by the Omnibus package (Directive (EU) 2026/470).

What is the difference between CSRD and CSDDD?

CSRD is a reporting obligation, it requires eligible companies to disclose sustainability information in their annual reports. CSDDD is an action obligation, it requires eligible companies to conduct due diligence and take meaningful steps to identify and address human rights and environmental impacts across their value chains. They are separate directives that affect many of the same large companies.

Does the CSDDD apply to non-EU businesses?

Yes, potentially. Any business, regardless of where it is headquartered, that generates more than €1.5 billion in net turnover within the EU falls directly in scope. Beyond that, businesses that supply large EU-headquartered companies may face indirect obligations, as those customers must conduct supply chain due diligence and may request emissions and environmental data from their suppliers.

When does the CSDDD apply?

Following the Omnibus amendments, member states must transpose the directive into national law by 26 July 2028, with substantive obligations applying from 26 July 2029. Public reporting obligations apply for financial years starting on or after 1 January 2030.

What did the EU Omnibus package change about the CSDDD?

The Omnibus simplification package, formally adopted in February 2026, raised the thresholds for companies in scope, extended the implementation timeline, and introduced a value chain cap limiting the sustainability information that in-scope companies can request from smaller suppliers. The obligation to conduct due diligence and implement a climate transition plan remains in place, but the timeline for public reporting has been pushed back to 2030.

What is the CSDDD value chain cap?

The value chain cap is an Omnibus amendment that limits the sustainability information that in-scope companies can request from suppliers with fewer than 1,000 employees. Those requests should be proportionate and aligned with the EU's VSME voluntary standard, rather than open-ended, which means smaller UK suppliers should receive more structured, manageable information requests rather than bespoke questionnaires.