The Global ESG Regulatory Framework toughens up

A look at three key regulatory developments in the EU and US - proposed EU Corporate Sustainability Due Diligence and Reporting Directives and US SEC Climate Change Disclosure Rules

11 min read

Global ESG regulation is set to make a leap with new requirements for private businesses to report on and prevent adverse impacts on climate, the environment and human rights. We summarise three key regulatory developments that should be on the agenda for large companies.

  • CSDDD: The European Commission adopted its proposal for the Corporate Sustainability Due Diligence Directive1 on 23 February 2022. The CSDDD is an important component of the European Green Deal, 2 as well as a long promised initiative in the EU's human rights strategy,3 and will necessitate strategic and operational changes by businesses globally.
  • CSRD: Earlier elements of the European Green Deal focused on disclosure: in particular, under the Sustainable Finance Disclosure Regulation, the Taxonomy Regulation and, most recently, the Corporate Sustainability Reporting Directive which has received provisional political agreement and is expected to complete the final stages of formal approval by the Council and European Parliament shortly. The CSRD will update and reinforce the EU's Non-Financial Reporting Directive,4 and operate in tandem with the CSDDD. Member States are required to implement the CSRD, and its obligations will start to apply as of 1 January 2024.
  • SEC: Meanwhile across the Atlantic on March 21, 2022, the U.S. Securities Exchange Commission (SEC) proposed rules to require climate change disclosure in the annual reports and registration statements of public companies registered with the SEC, including any company (domestic or foreign) whose stock is listed on a U.S. stock exchange. The SEC proposal on climate disclosure rules was long awaited, but comes amidst deep disagreement on the role of the SEC in this area. The SEC recently closed the public comment period on the proposal and must review and respond to comments before issuing any final rules. Litigation challenging the SEC's authority is likely if the proposed rules are adopted, including arguments based on the "major questions doctrine," as recently seen in West Virginia v. EPA.5



The CSDDD, once adopted, will necessitate a paradigm shift for global business. It will lay down obligations for large companies that are impacted by it (i) to carry out due diligence to identify and address human rights and environmental adverse impacts included in a list of international conventions annexed to the CSDDD6 and (ii) to produce climate plans.7 The CSDDD will also (iii) introduce specific duties for directors regarding sustainability, obliging directors to consider their company's short, medium and long term environmental impacts and human rights impacts and (iv) impose sanctions on companies for failure to comply, and civil liability for violations of certain due diligence obligations which lead to adverse human rights or environmental impacts.8

The CSDDD applies to

  • EU companies with more than 500 employees and more than EUR 150 million global turnover, and
  • Companies in third countries with more than EUR 150 million of turnover in the EU (for both EU companies and third country companies, lower thresholds apply to businesses in certain "high impact" i.e. higher risk sectors including those related to textiles, agriculture, food, metals and mineral extraction.)9

Significantly, 'company' is defined to include corporates, banks, asset managers, funds and partnerships.10 These 'companies' will have an obligation to impose CSDDD obligations on entities in their 'value chains' with whom they have a direct business relationship through contractual assurances:11

  • For corporates, 'value chain' encompasses the activities of third parties involved in the production of goods or the provision of services by the company.
  • For banks and other regulated financial undertakings, 'value chain' means clients receiving loans or other financial services. 

Under the CSDDD, companies must integrate ESG due diligence into all of their corporate policies, which must be updated annually.12 Companies must identify actual or potential adverse human rights and environmental impacts in their own operations, those of their subsidiaries, and throughout their value chains.13 Identification of these adverse impacts is only the first step: companies would then be obligated to create prevention action plans with clear timelines to prevent or, if prevention is not possible, mitigate, these potential adverse impacts nearer term while working towards prevention.14 In the case of actual impacts identified, companies would be required to take action to end, or if not possible, minimise the extent of the impact.15 Companies in breach of their due diligence obligations under the CSDDD face both financial penalties from regulators across the EU as well as the prospect of civil liability in litigation brought by stakeholders who have been adversely impacted. 

The CSDDD as currently proposed does not expressly require companies to conduct due diligence regarding climate change impacts, but large companies must adopt a "Climate Plan" showing that the business model and strategy of the company are compatible with the transition to a sustainable economy and with limiting global warming to 1.5 C in line with the Paris Agreement.

The CSDDD remains subject to approval by the European Parliament and Council, and must then be implemented into national legislation. Both institutions have issued strong support for such legislation, but reflecting the controversy of this proposal to date, further amendments are likely in the adoption process.16 The political will in the European Commission to accelerate the passage of the European Green Deal has increased since the war in Ukraine,17 and there is significant pressure in the EU for stronger rules in the area of corporate sustainability disclosure and due diligence. Obligations could go into effect in 2025/2026 – and will require substantial advance preparation.



The CSRD requires large companies to report on "sustainability matters", but does not itself require the due diligence processes needed to obtain the information to disclose, so it will operate alongside the CSDDD. 

The CSRD introduces the majority of new sustainability reporting obligations in a new Article 19a in the Accounting Directive.18 It will require management reports to include: the resilience of the company's business model and strategy to risks related to sustainability matters; plans ensuring compatibility with the Paris Agreement; sustainability targets, progress and processes. Companies will also have to include principal actual or potential adverse impacts in the company's value chain and own operations, as well as the actions taken to prevent, mitigate or remediate these adverse impacts.19 Companies should also report both forward-looking and retrospective information; all information reported must be verifiable.20

Article 19b imposes more granular reporting obligations relating to environmental, social and governance standards, which should be aligned with the information needed by sell side counterparts under the Sustainable Finance Disclosure Regulation ("SFDR") and Taxonomy Regulation ("TR").

It is not yet clear how the disclosure of "sustainability matters" will operate with the SFDR, which requires disclosures from financial market participants on sustainable investments. Together with the TR, these key elements in the reporting aspects of the European Green Deal are intended to create a "consistent and coherent flow of sustainability information throughout the financial value chain."21 The TR itself will be complemented by the European Commission Complementary Climate Delegated Act, which includes, under specific conditions, nuclear and natural gas energy activities in the list of environmentally sustainable economic activities.22

The CSRD amends four existing pieces of legislation and aims to revise and strengthen the Non-Financial Reporting Directive. The CSRD applies more widely than the CSDDD to include large undertakings with EUR 40 million+ turnover, EUR 20 million+ balance sheet and 250+ employees.23 The CSRD also applies to all undertakings listed on EU regulated markets,24 including small and medium-sized enterprises.25

Significantly, EU subsidiaries of a non-EU parent will be exempt from the requirement to prepare sustainability reports if the non-EU parent company prepares consolidated management reports that may be considered equivalent in scope. If the non-EU parent does not produce an equivalent management report on sustainability matters, then in scope EU subsidiaries shall be required to prepare their own reports.26

The CSRD places collective responsibility on the administrative, management and supervisory bodies of a company to ensure that it reports in accordance with EU standards in the required digital format.27 All disclosures made will have to be externally accredited and certified by an independent auditor, to ensure the sustainability information provided by the disclosing companies complies with certification standards that have been adopted by the EU. Pascal Durand, who led negotiations on the CSRD on behalf of the European Parliament, has indicated that it will be open to "new certified players" to carry out this auditing process and not just the traditional 'big four'.28

Like the CSDDD, under the CSRD, Members States may impose pecuniary sanctions on companies for non-compliance.29


The SEC proposal on climate disclosure

The SEC proposal on climate disclosure rules30 as discussed in our client alert was long awaited, but faces deep disagreement on the role of the SEC in this area. Thousands of public comments were submitted to the SEC, many expressing support of the proposal and others asserting legal and policy reasons in opposition. Certain commenters responded that a final rule would implicate the major questions doctrine, an argument that has gained substantial momentum in U.S. administrative law when challenging regulatory action, including in the recent U.S. Supreme Court decision which held that the Environmental Protection Agency (EPA) does not have authority to require "generation shifting" of power generation from coal and natural gas to lower-emitting sources absent "clear congressional authorization."31 The SEC will review comments before issuing any final rules. Implementation of final rules is likely to be delayed as a result of legal challenges to EPA's authority to mandate expansive climate disclosures without clear congressional authorization to do so.  

The table below compares some of the key provisions across the CSDDD, the CSRD and the SEC proposal.

  CSDDD: EU companies (incl. EU subsidiaries of foreign companies) CSDDD: non-EU companies CSRD SEC proposal

Which companies are in scope?

EU companies with > 500 employees and > EUR 150m worldwide net turnover; OR > 250 employees and > EUR 40m worldwide net turnover with 50% or more of their revenue from high risk sectors

Companies in third countries with > EUR 150m net turnover in the EU; OR > EUR 40m net turnover in the EU and > 50% of their worldwide net revenue from high risk sectors

Large undertakings with two of EUR 40m+ turnover, EUR 20m+ balance sheet and 250+ employees. All companies listed on EU regulated markets, including SMEs

Public companies, including foreign private issuers

Applicable to value chains?



Environmental disclosure obligations?

✔ (complementary to CSRD)

✔ (complementary to CSRD)

Human Rights disclosure obligations?

✔ (complementary to CSRD)

✔ (complementary to CSRD)

Obligation to prevent adverse impacts?

Plan for Paris Agreement alignment?

✔ (if turnover > 150m)

✔ (if turnover > 150m)

✔ (Although this is not specified, the rules would require disclosure of transition plans, targets or goals and Scope 1, Scope 2 and, if material, Scope 3 GHG emissions)

Attestation/Verification or Certification Requirements?

Civil liability?

Directors' duties?



As highlighted in the table, the CSDDD represents a paradigm shift in global ESG regulation. By extending to businesses globally – through EU-generated turnover or supply chain cascade – and imposing hard obligations to ultimately prevent both human rights adverse impacts and environmental adverse impacts, we are looking at a new and radical phase in global ESG regulation. This seismic change will be accompanied by new and far reaching disclosure obligations. Companies in scope would be well advised to review their existing strategies, policies and procedures to prepare for these incoming regulations.


1 European Commission, Proposal for a Directive of the European Parliament and of the Council on Corporate Sustainability Due Diligence and amending Directive (EU) 2019/1937 ("CSDDD"); European Commission issues major proposal on due diligence obligations to protect human rights and the environment across supply chains | White & Case LLP (
2 See 2019 Communication on European Green Deal
3 Separate from the CSDDD, the EU is preparing a proposal regarding a ban on sales in the EU of products made with forced labour.  The formal Commission Proposal is expected in September, and the EP has issued a resolution detailing what it would like to see in such an instrument
4 Directive 2014/95/EU of the European Parliament and of the Council of 22 October 2014 amending Directive 2013/34/EU as regards disclosure of non-financial and diversity information by certain large undertakings and groups ('Non-Financial Reporting Directive') 
5 No. 20-1530, slip op. (June 30, 2022)
6 Art. 6 - 7, CSDDD; Annex to the proposal for a Directive on Corporate Sustainability Due Diligence and amending Directive (EU) 2019/1937
7 Art. 15, CSDDD
8 Art. 22, CSDDD
9 Art. 2, CSDDD
10 Art. 3(a), CSDDD
11 Art. 7, CSDDD
12 Art. 5, CSDDD
13 Art. 6, CSDDD
14 Art. 7, CSDDD
15 Art. 8, CSDDD
16 A Commission proposal is rarely withdrawn or rejected in full during the legislative proposal, but amendments are highly likely for controversial legislation
17 Speech by European Commission President Ursula von der Leyen: Russian aggression against Ukraine (
18 Art. 1(3), Proposal for a Directive of the European Parliament and of the Council amending Directive 2013/34/EU, Directive 2004/109/EC, Directive 2006/43/EC and Regulation (EU) No 537/2014, as regards corporate sustainability reporting ("CSRD"), see for the compromise text reached on 21 June 2022
19 Ibid
20 Ibid
21 Explanatory Memorandum of the CSRD proposal, p. 4.
22 See European Commission, EU taxonomy: Complementary Climate Delegated Act to accelerate decarbonisation, 2 February 2022. On 6 July 2022, the European Parliament voted not to oppose the Complementary Climate Delegated Act
23 Art. 3 of Directive 2013/34/EU ("Accounting Directive")
24 Art. 2(1)(a), Accounting Directive
25 SMEs are required to start reporting in accordance with the CSRD from 1 January 2026
26 Art. 19(a), paragraph 7 of the Accounting Directive
27 Art. 1(9), CSRD
28 See the European Parliament's press release here, 21 June 2022
29 Art. 20, CSDDD and Art. 1(12), CSRD
30 SEC Proposes Long-Awaited Climate Change Disclosure Rules | White & Case LLP (
31 Slip op. at 19


Chloe Edwards (Legal Assistant, White & Case, London) contributed to the development of this publication.

White & Case means the international legal practice comprising White & Case LLP, a New York State registered limited liability partnership, White & Case LLP, a limited liability partnership incorporated under English law and all other affiliated partnerships, companies and entities.

This article is prepared for the general information of interested persons. It is not, and does not attempt to be, comprehensive in nature. Due to the general nature of its content, it should not be regarded as legal advice.

© 2022 White & Case LLP