Sustainable due diligence

The term ‘due diligence‘ is still often associated with the thorough scrutiny of a company’s financial data in order to ultimately reach an opinion on it. But today, due diligence encompasses a broader perspective, in the context of which it is also necessary to identify various non-financial facets of a company and its value chain. It is no longer enough to ‘only’ audit financial accounts. The degree of ‘corporate social responsibility’ (CSR) and the impact the company has on people and the environment are increasingly determined by factors beyond traditional financial parameters.

Due diligence and corporate sustainability

One element that is becoming increasingly important is sustainability information. Mapping and understanding a company’s existing sustainability practices and performance has become as important as analysing its financial health. That health, especially in the somewhat longer term, also depends on practices and performance. This shift reflects the growing recognition that a company’s success and resilience is determined not only by its profitability, but also by its ability to responsibly deal with environmental issues, social impact and good corporate governance (governance). In short, due diligence has evolved into a more holistic approach that encompasses the broader corporate activities, with sustainability information an integral part of the assessment process.

What is the sustainability due diligence process under the CSRD?

Due diligence is the process by which companies identify, prevent and mitigate their actual and potential negative impacts on people and the environment, and account for how they manage these impacts. This process includes the negative impacts of their own activities, but also those within the value chain, both upstream and downstream, and of business relationships, through products or services supplied and their own operations.

Due diligence is a continuous process that can initiate changes in strategy, business model, activities, business relationships, and purchasing and sales context of the company. Its outcomes form the basis for the company’s evaluation of material effects or ‘impacts‘, risks and opportunities (IRO) in the context of sustainability reporting. The severity and likelihood of these risks determine the assessment of the company’s material impacts on people and the environment. Their identification also supports the identification of material sustainability risks and opportunities, which often arise from these impacts.

Both the UN Guiding Principles on Business and Human Rights (UNGPs) and the OECD Guidelines for Multinational Enterprises describe this due diligence process, emphasising the importance of identifying and assessing negative impacts. When the company cannot address them all at once, the process allows for prioritising actions based on their severity and likelihood. This aspect of the process underpins the assessment of material impacts, as described in section 3.4 of sustainability reporting standard (ESRS) 1 under the CSRD (general requirements). And also helps identify material sustainability risks and opportunities that often arise from these.

Assessment of material impacts

When identifying and estimating IRO in the value chain, the company should focus on areas where the IRO are likely to materialise, based on the nature of its activities, business relationships, geographical locations or other risk factors.

The essential aspects of the due diligence process are also reflected in the disclosure requirements of ESRS 2 (General Disclosures) and the 10 thematic ESRS.

These disclosure requirements include:

  • integrating due diligence into corporate governance, strategy and business model;
  • involving (affected) stakeholders;
  • identifying and assessing negative impacts on people and the environment;
  • taking measures to address those impacts; and
  • monitoring the effectiveness of these efforts.

What is the value chain?

The company’s sustainability report must include information on material IROs related to direct and indirect business relationships within the value chain (value chain information), both upstream and downstream. This is shown schematically below for a metal manufacturer.

Source: SER & RJ, 10-10-2023 webinar, CSRD & ESRS: ‘Getting started with your value chain’.

Thus, in providing information on material IRO, the company also reports on the stakeholders in its value chain. This through the outcomes of its due diligence process and materiality assessment and in line with specific requirements in thematic ESRS related to that value chain.

Information is not required on every party in the value chain, only the information that is considered material to stakeholders. Different sustainability topics may be material to different parts of the company’s value chain. Therefore, reporting companies do not need to report on every party in their value chain, but only on those parties where material IRO (may) occur.

The due diligence process should also focus on business relationships that are likely to be related to material IRO, such as parties:

  • that are associated with ‘hotspots’ that expose to the likelihood of actual and potential impacts (and thereby generate impacts on people and/or the environment, which may in turn be sources of risks and opportunities); or
  • with which the company’s business model exhibits critical dependencies in terms of products or services (and therefore generates or may generate material IRO).


A European retailer of wooden toys produced in a factory outside the EU, where legal (production) requirements are less stringent.

The toy production process poses several environmental and health risks, due to dust and chemicals. As a result, there is a significant risk of exposing workers and local communities to serious occupational hazards and health risks, which is important when considering material impact. From a financial perspective, if the local government starts enforcing laws instead of accepting bribes, as is currently the case, this could lead to significant fines or even possible closure of the manufacturer’s plant. This could have a direct and significant financial impact on this European retailer.

The manufacturer qualifies as a ‘hotspot’ because workers and local communities are exposed to occupational hazards and health risks (impact materiality), but also the dependence of the European retailer’s business model on the manufacturer potentially generates financial risks (financial materiality).

To assess potential and actual impacts, it is important that the company identifies the following hotspots in particular:

  • the location and characteristics of suppliers, including outside the first link in their upstream value chain or supply chain;
  • the users of their supplied services and/or goods;
  • how those goods are subsequently handled up to and including their end-of-life (including waste issues); and
  • who is (or could be) potentially negatively affected by their services and/or goods.

The ESRS require only some data to be collected on parties in the value chain, the vast majority of data points relate to own operations. That said, if a company determines that a material IRK in the value chain is not adequately covered by a thematic ESRS, it must provide additional – so-called ‘entity-specific’ – information for this material sustainability topic.

These additional, entity-specific disclosure requirements, including relevant targets and metrics, should be reported to enable users of that information to understand material IRK of the company. Where gathering information from the (primary) value chain is not (yet) reasonably possible, the company should estimate missing information using all reasonable and available supporting information. This includes the use of proxies, industry data and other information from (reliable) indirect sources, and without incurring unnecessary costs and effort. The company should then describe the estimation method(s) used and the level of accuracy of the value chain statistics to reveal any shortcomings of the methodology applied.

Corporate Sustainability Due Diligence Directive (CSDDD)

From Europe comes a separate directive on due diligence in the value chains of large companies: the Corporate Sustainability Due Diligence Directive (CSDDD/CS3D). These companies must identify, prevent, mitigate or eliminate negative human rights and environmental impacts associated with their activities (including those of their subsidiaries) within their value chain. Reporting on the results of the due diligence policy in place makes it easier to identify and address negative human rights and environmental impacts. It also gives stakeholders an insight into the company’s performance and progress in this area and creates a level playing field for European companies. In addition, the CSDD has a transnational impact, as the value chains of these companies obviously do not stop at the borders of the European Union.

The CSRD is about reporting sustainability efforts (transparency), while the CSDD requires concrete efforts to identify, prevent, mitigate or eliminate actual risks in the supply chain. However, both guidelines require identifying the (negative) impact of business activities on people and the environment. Reporting by other companies in line with ESRS sustainability reporting standards (along with other reliable sources) will be able to provide important input for companies conducting due diligence under the CSDDD. Conversely, due diligence to be conducted under the CSDDD will also provide information for the reporting requirements, included in the CSRD. For this reason, it is essential that both due diligence reports are consistent and clearly indicate how they relate and complement each other. The visualisation below schematically shows how the two guidelines relate to each other.

In short, the CSDDD requires companies to take responsibility for their negative impacts, while the CSRD requires transparency on this. Consider the CSDDD as a tool that not only helps companies comply with environmental and human rights obligations, but also ties in with the CSRD’s sustainability reporting requirements. This consistency allows companies to present a complete picture of how they act in a sustainable and socially responsible manner. Not only within their own company, but across the entire value chain in which that company operates.

the CSDDD requires companies to take responsibility for their negative impacts, while the CSRD requires transparency on this.

Want to know more? 

Our consultants will be happy to help you on your way to a sustainability report that meets all the requirements of the CSRD and ESRS. Feel free to get in touch.