The CSDDD has been introduced: What are the additional requirements for banks and savings banks?

As of 2023, the German government has enacted the Supply Chain Due Diligence Act (SCDDA, in German: Lieferkettensorgfaltspflichtengesetz, LkSG). Despite sparking controversial political debates, this law has applied to all companies with 1,000 or more employees since the start of 2024, as reported in our BankingHub article from February 2, 2024 (Only available in the German version).

To date, there has been a lack of comparable regulation at the EU level. The Corporate Sustainability Due Diligence Directive (CSDDD, document no. 6145/24, March 15, 2024) aims to prevent human rights violations and environmental harm during product and service manufacturing within the EU.
Getting your Trinity Audio player ready...
Listen to this article

About the Corporate Sustainability Due Diligence Directive (CSDDD)

This regulation fosters fair competitive conditions and provides legal assurance within the EU single market, which, however, have been distorted to the detriment of German companies, including banks, since the SCDDA. The CSDDD applies to large companies with 1,000 or more employees (in full-time equivalents) and a turnover of EUR 450 m (Art. 2) – with an incremental application from 2027 to 2029 – thus extending also to the financial sector (Art. 3).

Similar to the SCDDA, the CSDDD mandates the inclusion of affiliates when the parent company holds decision-making power over their management, operations, or financial affairs. In contrast to the SCDDA, the CSDDD also considers franchisors if their turnover exceeds EUR 22.5 m (EU) and EUR 80 m (worldwide) when granting rights to self-employed persons. Furthermore, the CSDDD extends its reach to companies established beyond the EU, with turnover thresholds exclusively tied to EU-based revenue.

What will change with the CSDDD?

The CSDDD significantly amplifies or modifies specific requirements for affected banks and savings banks in several areas, as we show below.

Expansion of the risk types taken into account and consideration of climate aspects

In contrast to the SCDDA, the CSDDD expands its scope to include risks related to environmental and human rights violations (see Figure 1).

CSDDD: Risk types and climate aspects Figure 1: Risk types and climate aspects

These new considerations demand targeted strategic management. Art. 1, for instance, mandates the alignment of the companies’ business models with the Paris Climate Agreement’s goal of limiting global warming to 1.5 degrees Celsius. Companies subject to the CSDDD must draw up a so-called transition plan based on their respective strategy and business model (Art. 15). This plan aims to achieve the 1.5-degree target. Separate reporting, however, is not universally mandated (see the paragraph on reporting obligations).

Redefinition of the activity chain

In contrast to the SCDDA, the CSDDD not only considers direct suppliers but also indirect suppliers under Art. 3 lit. e. The latter become relevant if their activities are linked to the obligated company. At the same time, both upstream and downstream activities must be evaluated. The CSDDD therefore focuses on the value chain in two directions: downstream (upstream to suppliers) and upstream (downstream to suppliers) within the framework of the activity chain referred to therein (Art. 3 lit. g). However, downstream companies are only relevant if they carry out activities on behalf of or for the obligated company.

Companies from the financial sector, such as banks, need only assess their own activities and the upstream value chain (especially Annex 36b), similar to the SCDDA. The downstream value chain (e.g. in connection with the granting of loans) is excluded for the time being.

Due diligence obligations

The CSDDD places significant emphasis on companies’ duty of care concerning due diligence obligations. As part of a due diligence policy, for example, the due diligence-related strategies, a code of conduct and a process description must be firmly established. Similar to the SCDDA, the CSDDD addresses critical points such as risk assessment and prioritization, prevention, remediation, complaints procedures, documentation, effectiveness monitoring and reporting. Given the broader scope of risks covered by the CSDDD, it is reasonable to expect increased administrative efforts in risk management.

Stakeholder participation

While the SCDDA has only minimally addressed stakeholder consultation (e.g. involving a company’s own employees), the CSDDD imposes significantly more extensive requirements. Before creating a due diligence guideline, companies must either consult their employees or seek expert advice (Art. 5). The participation process may impact the speed of CSDDD implementation. The increased need for coordination should therefore be taken into account from the outset.

Reporting obligations

Reports submitted annually by obligated companies are published in the European Single Access Point (ESAP) (Art. 11a). In the event that a non-financial or a CSRD report is required, the legislator avoids duplication by not mandating separate reporting (Annex 44). Banks, in particular, benefit from this simplification.

Liability and compensation

Unlike the SCDDA, which relies solely on fines and exclusion from public contracts, the CSDDD introduces liability for damages. However, the fines can now reach up to 5% of the affected company’s annual turnover (Art. 20). A new for supervisory authorities to consider when calculating fines is “compensation”. Companies must factor in claims for damages as an additional ESG risk in their risk management.

When and how will the CSDDD be transposed into national legislation?

The CSDDD is anticipated to be transposed into German law through amendments to the existing SCDDA. In the interest of regulatory stability, it is reasonable to assume that stricter regulations will be integrated into the SCDDA without withdrawing any existing provisions. This alignment is supported by Art. 1 para. 2 CSDDD, which prohibits reducing a higher level of protection provided by a Member State’s law. Regarding the date and scope of application, we can infer that in Germany, as before, companies with 1,000 or more employees (in headcount) will remain subject to the regulation, irrespective of their turnover.

Conclusion: It is advisable to address the tightening measures at an early stage!

Even though the more stringent provisions of the CSDDD are not yet in effect under the German SCDDA, we recommend that banks  exceeding the 1,000-employee threshold (directly affected), or likely to do so within the next two years, address the extended CSDDD due diligence obligations early. For banks and savings banks below the 1,000-employee threshold (indirectly affected), a “trickle-down effect” applies, according to which larger companies can ensure comprehensive compliance with due diligence obligations by smaller contractual partners through contractual clauses.

From a risk orientation perspective, all banks must ensure to dovetail the topic of CSDDD is dovetailed with their respective business, risk, and sustainability strategies. This alignment is relevant for several reasons:

  • When granting loans, banks and savings banks may encounter ESG risks in the borrower’s value chain. These risks may manifest as credit risks, particularly in the form of social risk factors. For instance, customers may be subject to penalties in the event of non-compliance with due diligence obligations.
  • It is possible to exclude risk sectors (e.g. textiles) from the risk strategy as part of a blacklist. Alternatively, these sectors can be subjected to tighter ESG-related lending guidelines (e.g. additional documentation requirements).

Banks must also address the sustainable transformation of their environment as part of their business area analysis (MaRisk AT 4.2). CSRD and CSDDD offer an opportunity to gather valuable information from larger corporate customers. While only a portion of corporate customers may be impacted by the CSRD or CSDDD requirements, those “large” corporate customers in the region that are affected (possibly typical hidden champions) will also record and report on their regional and local suppliers as a factor influencing their transition plan and thus allow preliminary conclusions to be drawn about the transformation of the banks’ respective business areas.

Finally, customers can reasonably expect that their own bank – even if it employs fewer than 1,000 people – avoids environmental or human rights violations in its own value chain.

In conclusion, regardless of the financial institution’s size, we recommend thoroughly examining the CSDDD from a reputational standpoint. This recommendation holds even if policymakers consider suspending the SCDDA, as currently discussed in the press.

zeb already has extensive experience in implementing the SCDDA in banks.

If you require assistance in preparing for the CSDDD, please do not hesitate to contact us.

Feel free to contact us!

Robert Ellenbeck / author BankingHub

Dr. Robert Ellenbeck

Partner Office Münster
Dr. Vanessa Arts / author BankingHub

Dr. Vanessa Arts

Manager Office Berlin
Christian Golnik / author BankingHub

Dr. Christian Golnik

Manager Office Münster

The news you can look forward to on Mondays

Analyses, articles and interviews about trends & innovation in banking delivered right to your inbox every 2 weeks

Share article

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

BankingHub-Newsletter

Analyses, articles and interviews about trends & innovation in banking delivered right to your inbox every 2 weeks

Send this to a friend