Hogan Lovells 2024 Election Impact and Congressional Outlook Report
As the EU Corporate Sustainability Due Diligence Directive (CS3D), recently approved by the Council of the European Union, has just been published in the Official Journal of the European Union, it has been suggested by some that the financial services sector is excluded from the scope of the Directive. A closer reading of the European text reveals however that this is not wholly correct.
After a legislative initiative report by the European Parliament in 2021 and lengthy negotiations that began in 2022, the Council of the European Union definitively adopted the Corporate Sustainability Due Diligence Directive (CS3D) on 24 May 2024, following the final vote by the European Parliament on 24 April 2024. The text has since been published in the Official Journal of the European Union and entered into force on 25 July 2024. Member States now have two years to transpose it into national law. The rules will begin to apply to certain firms from 26 July 2027.
The CS3D Directive distinguishes between two categories of companies that will be subject to the obligations it lays down:
Companies subject to the directive will have to adopt appropriate measures to identify, prevent and mitigate any actual or potential adverse impact on human rights and the environment caused by their activities and those of their subsidiaries, as well as by the activities of their business partners across their chain of activities. The CS3D Directive's duty of due diligence is based on the central concept of the chain of activities, which covers both the activities of a company's upstream direct and indirect trading partners (eg contributing to product development) and the activities of downstream trading partners (distribution, transport, storage), when these partners carry out these activities for the company or on its behalf.
During the negotiations on the directive one hotly debated topic was whether the financial sector should be excluded from the scope of the directive. This could have meant that, regulated financial undertakings, in particular banks, credit institutions, investment funds and insurance companies, would not be subject to the obligations set out in the CS3D Directive.
However, the final version of the European text shows that a compromise was reached - that these firms are not completely outside its remit and there will be a review within the next two years to determine whether to bring them into scope.
The final version of the CS3D Directive excludes from its scope only the downstream part of the activities of financial undertakings. Regulated financial undertakings will therefore not be accountable under the CS3D Directive for the activities of third parties they finance and invest in.
In this regard, the definition of the chain of activities (previously called ‘value chain’), which appeared in the initial proposal for a directive presented by the European Commission in February 2022, did include downstream financial services. However, under the previous proposed text, only financed activities of borrowers and their subsidiaries (such as where linked to a credit or loan agreement) were intended to be covered by the Directive.
Thus, Article 3 of the European Commission's original proposal stated in point (h) that "the value chain relating to the provision of these specific services [included] only the activities of customers benefiting from such credit and loan services and other financial services, and of other undertakings belonging to the same group whose activities are linked to the contract in question".
As a result, some financial services were initially in-scope and therefore subject to the due diligence obligations set out in the text.
There was a concern for the financial sector that new binding obligations would be quite disproportionate and imposed at EU level as a whole, even though they may already be subject to obligations under national legislation adopted in some Member States. In France, this is the case under Law no. 2017-399 of 27 March 2017 and it is the same in Germany with the Lieferkettensorgfaltspflichtengesetz - LkSG of 22 July 2021, which has gradually come into force since 2023.
The Council of the EU, comprising the Member States, opposed the inclusion of the downstream part of the chain of activities of regulated financial undertakings within the scope of the Directive. This was one of the points strongly debated during the inter-institutional negotiations between the European Parliament, the Council and the European Commission as part of the trialogue procedure, which partly explains the length of the legislative procedure initiated in February 2022.
Recital 51 of the Preamble to the final version of the CS3D Directive adopted on 24 May 2024 clearly illustrates the compromise reached between the European Parliament and the Council. While financial services are explicitly excluded from the definition of the downstream part of the chain of activities, regulated financial undertakings are nevertheless invited to "take account of negative impacts and use their influence in relation to undertakings" subject to the Directive. It is also mentioned that "the exercise of shareholders' rights may be a means of exerting leverage".
Regulated financial undertakings that exceed the thresholds set by the CS3D Directive will be bound by the obligations arising from the duty of due diligence with regard to the upstream part of their chain of activities. In concrete terms, they will have to identify and take appropriate measures to prevent or remedy the actual or potential adverse impacts of their own activities on human rights and the environment.
Financial undertakings subject to the Directive will therefore be required to implement due diligence measures to identify, assess and prioritise according to the seriousness of the negative impacts of their own activities and those of their business partners. In accordance with Articles 10 and 11 of the CS3D Directive, financial undertakings will also have to take appropriate measures to prevent and halt these negative impacts should they become apparent. These measures may consist of, for example, requiring a business partner to undertake to comply with the rules set out by the company or, if the potential negative impacts in question persist and are severe, the financial undertaking may need to terminate the business relationship.
The obligation for all companies subject to the CS3D Directive to adopt and implement a climate change mitigation transition plan is set out in Article 1(c) and Article 22 of the Directive.
Like all companies that exceed the thresholds, regulated financial undertakings will therefore have to draw up this plan, which will have to ensure that their business model and strategy are compatible with the transition to a sustainable economy and with limiting climate change to 1.5 degrees Celsius, in line with the 2015 Paris Agreement and the objective of climate neutrality by 2050.
In particular, the plan should include time-bound targets for 2030 to 2050, a description of the levers for decarbonisation, and an explanation and quantification of the investment and financing required to implement the transition plan. The plan will have to be updated every twelve months and contain a description of the progress made.
However, under Article 12 of the CS3D Directive, companies that have already declared a sustainability plan under Directive 2022/2464 of 14th December 2022, known as the Corporate Sustainability Reporting (CSRD) Directive, will be deemed to comply with the obligation to adopt a climate change mitigation transition plan. These companies will therefore not have to adopt a new plan under the CS3D Directive if they already meet their obligation under the CSRD.
The partial exclusion of financial services activities from CS3D Directive will be reviewed within two years. This will take the form of a review report by the European Commission accompanied, if necessary, by a legislative proposal.
In this respect, as explicitly provided for in Article 36 of the CS3D Directive, the European Commission's report will consider in particular "the need to establish additional sustainability due diligence requirements which are appropriate for regulated financial undertakings in respect of the provision of financial services and investment activities". The exclusion of the downstream part of the chain of activities of financial undertakings from the scope of the CS3D Directive will therefore be re-examined by the European Commission, which could lead to a proposal to reverse this exclusion, and thus open a new round of negotiations between EU institutions.
If the inclusion of the downstream part were to be proposed, the definition of the notion of chain of activities in the Directive would have to evolve in order to include lending and credit services provided by regulated financial undertakings. Alternatively, a specific provision for financial services could be inserted into the Directive, as was the case in the European Commission's initial text of February 2022.
In conclusion, while the exclusion of regulated financial undertakings from the scope of the CS3D Directive is real for the downstream part of their activities, it could be called into question in the future. In any event, these companies remain subject to the obligations of the CS3D Directive as regards the upstream part of their activities and the adoption of a transition plan.
While certain players in the financial sector are already subject to Member States’ pre-existing national laws, regulated financial undertakings will need to follow the transposition of the CS3D Directive into domestic laws carefully and implement uplifts where necessary to ensure compliance.
Financial services firms will need to undertake significant work to ensure timely compliance with the new requirements. As a first step they need to identify which entities in their group and which activities are in scope of CSD3. They then need map their upstream activities and those of their subsidiaries, direct and indirect business partners in order to assess the actual and potential adverse environmental and human rights impacts of those activities. Once the impact has been assessed, they will need to prioritize appropriate action to prevent, mitigate or remedy that impact.
Firms may need to update internal policies and contracts with business partners and put in place governance arrangements to ensure that the new requirements are embedded into processes.
If firms do not already have a transition plan under CSRD they will also need to prepare a transition plan.
As there could be a future call for evidence in relation to downstream activities firms may want at this stage to think about how they would be able (or not) to operationalise future requirements imposed on their downstream activities.
Authored by Christelle Coslin, Rita Hunter, Sinead Meany, Laure Rosenblieh, and Edouard Olson.