CS3D – are you ready?
Within the next two years, the EU Corporate Sustainability Due Diligence Directive (CS3D) will become law in the EU. If our experience at Kumi shows anything, it’s that most companies do not currently comply with expectations. When the law is in force, we anticipate that many companies will still not comply.
We say “most companies” because a large proportion of “out of scope” companies will also have to align with the legislation: they are in the supply chains of companies that are in scope, or their investors or other key stakeholders will require it of them. This will include companies outside of the EU, as the bloc becomes an increasingly influential global regulator, as has already happened with the spread outside of the EU’s border of expectations set by Conflict Minerals and Battery Regulations. We have already been commissioned by American, Bolivian, British and Middle Eastern companies on this topic, as well as CS3D.
However daunting this may appear, responsible sourcing regulations are designed as a journey, not a destination. Most companies will have some systems in place already and although there are no standard “off-the-shelf” models, there are known components that companies will have to have to comply.
Taking the first steps
The first step is to understand what exists today to develop a roadmap for regulatory alignment. Through doing this for European manufacturers, Asian smelters, American and British fashion companies, Middle Eastern refiners, and multinational steel manufacturers and service providers, what we see most regularly is that companies often focus on specific activities to address sustainability challenges rather than thinking of responsible sourcing as a management system. Examples of common problems include:
- A focus on resource-intense “flagship” projects on specific risks, such as living wage pilots or limited capacity building programmes. This is in lieu of developing a consistent and risk-based approach to responsible sourcing where specific interventions can be developed once a baseline of effective risk management has been established.
- An over-reliance on social compliance audits to “fill the gaps,” rather than using them strategically (risk-based) to understand where adverse impacts are actually occurring.
- An expectation that industry initiatives deliver due diligence rather than supporting a company’s own activities.
- Approaches driven by isolated sustainability teams which lead to gaps between policies and implementation. In the worst cases, production and procurement teams fail to follow the most basic policies, rather than an integrated system that cuts across all departments and is overseen by sustainability teams.
Thinking about due diligence as a system that evolves
Regulatory expectations today require companies to be proactive in their due diligence efforts and to take a systems-based approach to responsible sourcing. As companies embark on this journey, some key things to remember are:
- It’s about continuous improvement. No one is expecting perfection at first and anyone that offers it is not telling the truth. Companies can legitimately say “we don’t have systems but we are doing X, Y and Z to build them” and that should be deemed acceptable, as long as the timelines are reasonable, the aims coherent and implementation occurs.
- Despite the existence of national legislation such as the French Duty of Vigilance Law or the German Supply Chain Act, the whole approach is relatively new which means now is a perfect opportunity to shape it. This is especially true as regulators themselves are still getting to grips with laws in force, let alone laws that haven’t yet been implemented.
- The outcome isn’t one-size-fits all. Yes, companies should follow the OECD Guidelines 6-step framework to understand the basics, but they should also look at the OECD’s characteristics of due diligence. These 11 key criteria establish how the system should function, ultimately. This means, whichever system is adopted, it should be adapted to the company’s size and position in the supply chain, it should be dynamic and flexible, agile and risk-based. This ultimately means that companies should look to build a system set up for them, not one straight from a box, no matter how strong the appeal may be.
Ultimately, many companies are not ready for the CS3D and that’s okay. What isn’t okay, and will never be, is to not do anything. Wherever you are on the journey, now is the time to start.
Get in touch if you would like to find out more about how we can support you.