The Corporate Sustainability Due Diligence Directive (CSDDD), also known as the “European Supply Chain Act” or CS3D, came into force on 25th July 2024. EU Member States must transpose the CSDDD into national law by 26th July 2026, and the requirements will be introduced gradually over five years. The directive aims to ensure compliance with human rights and environmental standards throughout companies' entire value chains. It obliges large companies to identify, assess, and rectify risks within their supply chains. Although SMEs are not directly affected by the CSDDD, the directive will become indirectly significant for them — especially as suppliers in the supply chains of large companies.  
 
In Germany, the Supply Chain Due Diligence Act (LkSG) has been in force since 2023, posing the question for many companies as to what additional impacts the introduction of a Europe-wide supply chain act will have. The answer depends heavily on the role SMEs play in the supply chains of their customers — particularly if these are major customers from other European countries. 

1. CSDDD: Who is affected? 

CSDDD adopts a phased approach and affects EU companies based on the number of employees and turnover as follows:  

The initial plan to include companies in high-risk sectors was removed, making the CSDDD solely dependent on company size and turnover. 

2. Reporting Requirements and Data Demands Compared: CSDDD vs. LkSG 

The CSDDD expands the requirements compared to the LkSG in several aspects, which can also affect SMEs as suppliers. 

LkSG Requirements: 

• Primarily Direct Suppliers: Companies must primarily analyze human rights and environmental risks at direct suppliers and only address indirect suppliers when there is a specific occasion. 

• Risk Assessment and Prevention: Companies are required to regularly assess risks and implement preventive measures. 

• Documentation and Policy Statement: Companies must establish and document a clear policy for the protection of human rights. 

CSDDD Requirements: 

• Comprehensive Supply Chain Responsibility: The CSDDD requires an annual, systematic risk analysis across the entire supply chain and more extensive environmental standards beyond the requirements of the LkSG. 

• Transparency and Reporting Obligations: Companies must publicly report on compliance with due diligence obligations and document measures to prevent harm. 

• Preventive and Remedial Measures: In addition to prevention, the CSDDD will require the immediate initiation of remedial measures for identified violations across the entire supply chain. 

SMEs acting as suppliers to large companies must therefore anticipate increased demands on their reporting and compliance to meet the requirements of their business partners. 

3. Indirect Impact on SMEs and Their Role in the Supply Chain 

Although SMEs are formally not directly subject to the CSDDD, the directive will have significant indirect demands for them. Companies required to comply with the CSDDD will increasingly request data and evidence from their suppliers — including SMEs — to meet legal due diligence obligations. 

What SMEs Can Expect: 

• Increase in Evidence Requests: SMEs will likely be required to provide detailed evidence of human rights and environmental standards in their production and business processes more frequently. 

• More Transparency Demands: EU-wide obligated companies will want to ensure compliance with the CSDDD throughout their entire supply chain, leading to SMEs providing regular information and updates on specific sustainability measures. 

• Additional Contractual Obligations: Large companies from other EU countries may increasingly require SMEs to contractually adhere to and document standards to ensure that their products and services meet the new European requirements. 

SMEs in Germany, which act as suppliers for large customers from other European countries, could face a significant increase in requests for information. The introduction of the directive brings additional obligations for large companies across the entire EU, including those previously unaffected by the German LkSG. These companies will now also demand evidence of compliance with human rights and environmental standards from their suppliers to fulfil their own compliance obligations. 

How turnus.ai Supports SMEs with CSDDD Requirements 

The introduction of the CSDDD will bring significant additional transparency and reporting demands for SMEs. turnus.ai offers a solution to efficiently and reliably meet these increased requirements: 

• Regular Compliance Monitoring: turnus.ai ensures that the provided data meets legal requirements and continuously checks compliance with standards. 

• Automated Response Generation: turnus.ai helps SMEs respond quickly and systematically to their customers' information requirements and provide relevant evidence. 

• Central Data Storage and Management: All important information and documentation are collected systematically and securely in one place and are accessible at any time. 

The CSDDD presents companies, as well as their indirect suppliers like SMEs, with expanded compliance requirements that will continuously increase over the next few years. With turnus.ai, SMEs can minimize documentation efforts while effectively meeting the demands of their customers and business partners.