Preparing for the EU’s CSDDD regime across your value chain

Katherine O’Connell outlines the steps Irish entities must take now to prepare for the EU’s amended Corporate Sustainability Due Diligence Directive

Windmills in a field against a sunset

Following months of negotiation, European Union (EU) legislators officially adopted the Omnibus Directive on 24 February 2026, narrowing the scope of the Corporate Sustainability Due Diligence Directive (CSDDD) and focusing mandatory due diligence on the largest market actors while easing expectations for smaller companies.

Ireland will be required to transpose this Directive by July 2028 and companies will have to comply with the new measures by July 2029. The Directive will apply to EU entities with more than 5,000 employees and a net global turnover of €1.5 billion.

Non-EU entities will also fall under the scope if they generate equivalent turnover within the EU market.

For Irish entities, this Directive has far-reaching implications. Even if not directly in scope, local subsidiaries or suppliers of EU companies will find themselves subject to rising expectations to demonstrate compliance with due diligence standards.

This means providing transparency on their labour practices, environmental management, governance systems—and, ultimately, adapting to meet the heightened sustainability expectations of buyers and investors in the EU.

In addition to responding to expectations, focusing on these areas will help companies reduce reputational risk and build resilience.

The Directive and the changes ahead

CSDDD requires companies to identify, prevent, mitigate and end actual and potential adverse human rights and environmental impacts in their own operations, subsidiaries and chains of activity while embedding due diligence into corporate governance and decision-making.

The Omnibus introduces several changes:

  • Narrowed scope;
  • Risk-based impact identification and assessment;
  • Stronger safeguards for smaller companies against information requests;
  • Removal of EU-level civil liability;
  • Removal of the requirement to prepare a climate transition plan; and
  • Expanded monitoring requirement to (at least) every five years and after any significant changes occur.

These adjustments signal intent to preserve the core of the Directive while easing certain obligations and increasing corporate protections.

Given the scale of the revisions, a new review clause has been added, requiring a reassessment of both scope and enforcement mechanisms in 2031.

The business case for due diligence

It may be tempting to treat due diligence in the areas of sustainability and human rights as optional, yet the CSDDD’s core principle remains unchanged: a company can create value without relying on forced labour, unsafe working conditions or destructive environmental practices.

In practice, this means asking not only whether your operations are profitable but whether this profit depends on harm to workers, communities or ecosystems.

International standards make it clear that the responsibility to respect human rights applies to all companies, regardless of size or legal thresholds.

These standards include the United Nations’ Guiding Principles on Business and Human Rights and the Organisation for Economic Co-operation and Development’s Guidelines for Multinational Enterprises on Responsible Business Conduct.

Voluntary alignment with emerging standards can position companies ahead of the regulatory curve. Laws will continue to evolve and building systems now will be less costly than hurried compliance at a later time.

Introducing greater due diligence remains a strong strategic and responsible decision. It allows companies outside the immediate scope of the CSDDD to build resilience, secure commercial opportunities and maintain legitimacy with stakeholders, while also contributing to more sustainable and responsible value chains globally.

Next steps in and out of scope

Entities should now take the necessary steps to prepare for the introduction of the CSDDD, depending on whether they are in or out of scope of the Directive.

If your entity is in scope:

  • Revisit your overall due diligence roadmap in light of updated thresholds and altered requirements.
  • Build a governance and accountability structure: designate responsible person(s), integrate due diligence into risk management.
  • Perform an impact assessment and scoping exercise to identify potential adverse impacts within your own value chain, leveraging any existing double materiality assessment, or other reporting requirements, where relevant.
  • Prioritise engagement with high-risk suppliers and affected stakeholders to identify adverse impacts and introduce effective remediation where necessary.
  • Engage proactively with those in your chain of activities. Clarify expectations and new requirements. Update your contracts and supplier policy/code of conduct to align with due diligence requirements.

If your entity is out of scope:

  • Reassess whether your entity falls within the revised CSDDD thresholds and identify any foreseeable changes (such as acquisitions or expected growth) that may pull you into scope.
  • Begin risk mapping your operations and key suppliers: identify high-risk areas (e.g. labour practices, environment, health and safety) and prioritise.
  • Develop a supplier policy/code of conduct aligned with major buyer expectations and the CSDDD framework.
  • Establish or improve data collection and traceability systems from upstream inputs to final product so you can provide information when it is requested.
  • Engage proactively with all those in your chain of activities that fall under the scope of CSDDD: clarify expectations, share your action plan and highlight your readiness as a differentiator.

Katherine O’Connell is Director of Sustainability Reporting & Assurance at PwC Ireland