By Sandra Sekuła-Barańska, counsel, head of ESG & Environmental Protection at Bird & Bird

Bird and Bird_pole

ESG compliance – a (r)evolution?

Our society is going through a paradigm shift in which environmental, social and governance (ESG) factors are no longer fuzzy ideas, but must be firmly embedded in business strategy and operations. The EU has been leading the way, by introducing sustainable development reporting requirements (known as ESG reporting or non-financial reporting) through its Corporate Sustainability Reporting Directive (CSRD), the European Sustainability Reporting Standards (ESRS), the Corporate Sustainability Due Diligence Directive (CSDDD), and many other pieces of legislation (such as the EU Deforestation Regulation (EUDR), the Sustainable Finance Disclosure Regulation (SFDR) and the Taxonomy Regulation). Companies seeking to navigate their way through this complex legal landscape have little choice now but to engage in proper ESG due diligence.

Due diligence in ESG compliance

In the ESG context, due diligence means running proactive, structured and systematic processes to identify, assess, prevent and mitigate potential or actual ESG risks and impacts.

This means making a thorough, holistic examination of the company. Internally – its business model, governance, sustainability goals, policies and codes (ESG code, code of conduct, ethical guidelines); externally – supply chains, value chains and activity chains, and so on. Beyond surface-level compliance, the aim is to uncover any gaps that might undermine the company’s ESG commitments or ethical business practices, and to look for opportunities to improve.

The new regulatory landscape

Several EU directives and regulations directly or indirectly require companies to run due diligence processes.

For instance, point 31 of the preamble to the CSRD defines due diligence (after the OECD Due Diligence Guidance for Responsible Business Conduct), as “the process that undertakings carry out to identify, monitor, prevent, mitigate, remediate or bring an end to the principal actual and potential adverse impacts connected with their activities and identifies how undertakings address those adverse impacts. Impacts connected with an undertaking’s activities include impacts directly caused by the undertaking, impacts to which the undertaking contributes, and impacts which are otherwise linked to the undertaking’s value chain. The due diligence process concerns the whole value chain of the undertaking including its own operations, its products and services, its business relationships and its supply chains.” Under Art. 1 and 29a CSRD, a company, or the parent company of a large group of companies, needs to provide a description of its sustainability due diligence process or the one implemented within the group (in line with the EU requirements on undertakings to conduct a due diligence process, where applicable).

The CSDDD specifically addresses corporate sustainability due diligence in terms of human rights and environmental impacts. It obliges companies to set up and run due diligence processes with respect to their own operations and those of their subsidiaries, as well as those of their direct and indirect business partners throughout their chains of activities. The Directive does not require companies to guarantee in all circumstances that adverse impacts will never occur or that they will be stopped. The company should, however, take measures capable of achieving its due diligence objectives, in a manner appropriate to the likelihood and severity of the impact. Account should be taken of the circumstances of a given case, the nature and extent of the adverse impact, and of relevant risk factors, including the specific nature of the company’s business operations and chain of activities, the sector or geographical area in which its business partners operate, the company’s ability to influence its direct and indirect business partners, and whether the company can increase that influence.

Some other regulations, such as the EUDR, also introduce mandatory due diligence as a basis for halting and reversing global deforestation driven by demand from EU economies. Under the EUDR, due diligence means a systematic approach to be established and implemented by each operator that includes three elements: information requirements, risk assessment and mitigation measures, complemented by reporting requirements. Due diligence systems should be designed to provide access to information on the sources and suppliers of the raw materials and products placed on the market. Operators should carry out a risk assessment based on this information. Where a risk is identified, operators should reduce that risk to zero or to negligible. The operator should only be allowed to place on the market or export relevant products if, after due diligence, the operator concludes that there is no risk or only a negligible risk that the relevant products do not comply with the EUDR.

There are numerous other pieces of legislation within the ESG legal framework that set out the obligations related to due diligence, demonstrating the interdependencies between these pieces of legislation and the increased role of due diligence in ESG compliance.

The role of due diligence in compliance – and ethics

As an attorney specialising in ESG and environmental law, I have observed the growing importance of due diligence for ensuring legal and ethical ESG compliance. It is crucial for companies to conduct a due diligence review and produce a report that can be used to address any issues identified. A report can identify gaps – a lack of clear sustainability objectives, ineffective or unethical management practices, a failure to adhere to the principles of responsible governance and ethical decision-making. Having this dual focus on both compliance and ethics helps management proactively set long-term ESG goals and achieve the company’s sustainability objectives.

It can also prove that the company is not involved in greenwashing – and this will enhance the company’s reputation as a responsible business, building trust and loyalty among consumers, and strengthening its relationships with customers, investors, regulators and other stakeholders.

Better early than late

Due diligence plays an important role in ensuring ESG compliance. It is no longer simply ‘nice to have’; it is a real legal obligation, and companies must make sure they prepare and implement such practices as soon as possible to be ready for the ESG (r)evolution that is upon us.