Enterprises will scrutinise their entire value chain. Your supplier management will be visible.
CSDDD requires large EU companies to identify and manage environmental and human rights risks at their suppliers. That means your sustainability work will be scrutinised, not in theory, but in practice. The directive phases in from July 2028, and the EU Omnibus proposals may adjust details, but the direction is clear.
CSDDD vs CSRD
Two EU regulations that complement each other. CSRD is about reporting. CSDDD is about acting. You likely need to handle both.
CSDDD
Act
Identify, prevent, and remediate adverse impacts on human rights and the environment across the entire value chain. Civil liability if you fall short. Requires active measures, not just transparency.
CSRD
Report
Report on sustainability impact according to ESRS standards. Scope 3 data requires supplier documentation. Focus on transparency and comparability: disclose what you do and how it is going.
Six steps for due diligence
CSDDD builds on an internationally recognised model. In-scope companies must integrate these steps into their operations.
- Integrate into policies and management systems: embed due diligence in corporate governance
- Identify adverse impacts: map human rights and environmental risks across the entire value chain
- Prevent and mitigate: take measures to stop or reduce adverse impacts
- Remediate: address actual harm that has occurred
- Engage stakeholders: consult affected parties and handle grievances
- Monitor and report: track effectiveness of measures and report publicly
What enterprises will ask from you
The ~6,000 companies gradually brought into CSDDD scope (Phase 1 from July 2028, Phase 2 from July 2029) must scrutinise their suppliers. This is what they will want to see.
Supplier assessments
Your customers will send questionnaires about your sustainability work. They need to know how you assess and follow up on your own suppliers, not just that you have a policy.
Environmental assessments
Identification of environmental aspects, risk assessments, and action plans. Enterprises want to see that you have systematic environmental work, not just good intentions.
Risk management
Structured risk assessment showing how you identify, prioritise, and manage risks to human rights and the environment in your operations.
Documented traceability
Audit history, decisions, actions: everything must be traceable. CSDDD introduces civil liability, so "we thought it was enough" is not a defence.
Grievance handling
Processes for receiving and managing complaints from affected parties. CSDDD requires it explicitly, and your customers will ask how you handle it.
Improvement work
Documented improvements over time. Enterprises want to see that you identify problems, act on them, and can prove it.
The tools you need, already in place
AmpliFlow gives you a structured management system covering the operational aspects of CSDDD. Not legal advice, but the tools to work systematically.
Supplier Register
Keep track of suppliers with contact information in the register. Document your due diligence process in Pages (wiki) and link to risk assessments.
Risk Assessment
Identify, assess, and prioritise human rights and environmental risks. Link risks to suppliers and corrective actions.
Environmental Aspects
Map environmental aspects and link to risks and actions. The data your customers need for their environmental due diligence.
Pages (wiki)
Policies, procedures, reports, gathered in AmpliFlow's wiki feature. Accessible to all employees who need the information.
Deviation Handling
Receive and manage complaints and deviations in a structured way. Each case is linked to actions and follow-up, ready to present during review.
Audit Management
Plan and conduct internal and supplier audits. Document findings and link to corrective actions.
Questions about CSDDD
What is CSDDD?
CSDDD (Corporate Sustainability Due Diligence Directive) is the EU directive on due diligence. It requires large companies to identify, prevent, and manage adverse impacts on human rights and the environment across their entire value chain. Unlike CSRD which is about reporting, CSDDD is about taking action. The directive phases in gradually: Phase 1 (July 2028) covers companies with more than 3,000 employees and €900 million turnover, Phase 2 (July 2029) extends to companies with more than 1,000 employees and €450 million. The directive also requires in-scope companies to adopt a climate transition plan (Article 22). The EU Omnibus proposals may adjust the scope, so follow developments closely.
What is the difference between CSDDD and CSRD?
CSRD = report. CSDDD = act. CSRD requires companies to disclose their sustainability impact. CSDDD requires them to actually do something about it: identify risks, prevent harm, and remediate problems. Many companies are covered by both.
Does CSDDD apply to us?
CSDDD phases in across two stages. Phase 1 (July 2028) covers companies with more than 3,000 employees and €900 million turnover. Phase 2 (July 2029) extends to companies with more than 1,000 employees and €450 million. The Stop-the-Clock Directive (2025/794) changed the timeline and thresholds, and the Omnibus proposal may adjust further. Even if your company is not directly in scope: those that are must scrutinise their entire value chain. If you supply a large EU company, you will be scrutinised.
What are the penalties and liability?
CSDDD has two separate enforcement mechanisms. Administrative penalties (Article 27): supervisory authorities can impose fines of up to 5% of global net turnover. Civil liability (Article 29): affected persons have the right to sue companies that fail in their due diligence and claim damages through national courts. Having policies is not enough. You must show that you have actually taken action.
How does AmpliFlow help with CSDDD?
AmpliFlow gives you the structure to work systematically with the operational aspects of CSDDD: supplier assessments, risk management, documentation, deviation handling, and auditing. We do not replace legal advice, but give you the tools to show that you take it seriously.
Be ready before the scrutiny begins
Book a demo and we will show you how AmpliFlow helps with supplier management, risk assessment, and documentation for due diligence.