The Case for Retaining Civil Liability in the EU’s Corporate Sustainability Due Diligence Directive: A Law and Economics Perspective

[Saparya Sood is a doctoral researcher at the Max Planck Institute for Research on Collective Goods (Bonn, Germany). She is a lawyer qualified in India and received her postgraduate degree in law and economics as a recipient of an Erasmus Mundus scholarship. Views expressed are personal.]

The European Commission recently introduced the Omnibus Package on 26 February 2025. While presented as a measure to streamline corporate sustainability reporting and reduce regulatory burdens, it risks diluting transparency and weakening the EU’s ambitious sustainability goals. 

Regarding the Corporate Sustainability Due Diligence Directive (CSDDD), the most alarming watering down of the legislation in the proposal is the removal of the specific EU-wide civil liability regime and the elimination of the requirement for member states to allow civil society organizations to represent victims in court. This change represents a major transformation in the enforcement landscape for corporate human rights and sustainability obligations, raising serious concerns about the CSDDD’s effectiveness in ensuring compliance with human rights and environmental due diligence (HREDD) standards.

This blog post analyzes what the proposed changes mean for the enforcement of the CSDDD from a law and economics perspective. The debate over civil liability versus regulatory rules mirrors the broader discussion of ‘rules’ versus ‘standards’ in law and economics scholarship (Kaplow, 1992). The adoption of either approach carries distinct economic implications for companies, enforcement agencies, and affected stakeholders. Examining civil liability in the context of corporate sustainability from a law and economics lens helps understand its role in shaping compliance incentives and achieving regulatory objectives. 

This post will begin by unpacking the classic rules versus standards debate and discussing how it plays out in existing due diligence laws in Germany and France. It will then consider what the removal of civil liability from the CSDDD means in practice, focussing on its impact on compliance incentives, enforcement costs, legal certainty, and deterrence. It will conclude with reflections on how the EU can strike the right balance between simplifying regulation and preserving meaningful accountability.

Rules vs. Standards: A Theoretical Framework

Legal frameworks governing corporate sustainability obligations can be categorized as ‘rules-based’ or ‘standards-based.’ As outlined by Kaplow, the distinction lies in when the law provides guidance on compliance. While rules specify required actions ex-ante (before a violation occurs), they provide clarity on the obligations of companies to escape or prevent liability. Standards, on the other hand, are applied ex-post. An example is a test of “reasonable” conduct or care, where the adequacy of the actions taken by a company is judged ex-post, after a violation occurs. Arguably, standards allow for contextual assessments.

This distinction is particularly relevant when evaluating the German Supply Chain Act, 2021 (GSCA) versus the French Duty of Vigilance Law, 2017. While the GSCA follows a rules-based approach, prescribing detailed processes that companies must follow to address human rights risks, the French Duty of Vigilance Law employs a mixed approach, requiring companies to formulate and publish a vigilance plan while subjecting it to ex-post judicial review against standards of reasonableness and adequacy.

Implications of Removing Civil Liability – Law and Economics Perspective

The effectiveness of HREDD regulation depends on the incentives it creates for companies to align their behavior with the goals of the regulation. The removal of a specific EU-wide civil liability provision in the Omnibus Proposal represents a departure from the enforcement models employed in the French Duty of Vigilance Law.

From an economic perspective, this could lead to several unintended consequences that impact both corporate behavior and the overall effectiveness of the regulatory framework. These consequences can be broken down into four primary concerns:

Reduced Compliance Incentives

In the absence of private litigation, companies may prioritize cost-cutting over meaningful compliance with sustainability objectives. In legal systems where civil liability plays a key role, the potential for litigation serves as a powerful deterrent against non-compliance. Civil liability not only imposes financial costs but also carries reputational risks that can deter companies from engaging in harmful practices.

If civil liability is removed (p. 39), as proposed in the Omnibus Package, the financial and reputational risks for companies will diminish. The risk of litigation and reputational harm is one of the most significant deterrents for corporate misconduct. Civil liability mechanisms can play a critical role in influencing corporate decision-making by increasing the expected costs of non-compliance.

In the absence of private enforcement, businesses may view regulatory compliance more as a checklist to avoid administrative penalties, rather than an opportunity to address systemic issues in their supply chains or operations. They may find it economically rational to accept or internalize the risk of non-compliance if the expected administrative penalties are low. This reduction in compliance incentives could significantly undermine the efficacy of CSDDD. Civil liability, by contrast, increases the cost of non-compliance and creates stronger incentives for firms to implement meaningful due diligence measures.

Increased Enforcement Costs

The shift from a model that incorporates civil liability to one relying more heavily on administrative enforcement has important economic implications for public agencies. In the absence of private litigation, enforcement must rest entirely with state agencies, which are tasked with monitoring and enforcing compliance. This means that public authorities would need to allocate more resources to ensure compliance, leading to higher regulatory costs.

Furthermore, administrative enforcement alone may not provide the same level of scrutiny or deterrence as private enforcement. Without private litigation as a tool, regulators bear the full burden of detecting non-compliance, despite having limited resources and oversight capabilities. Companies often have more knowledge about their internal practices than regulators, creating an information asymmetry that makes early detection of violations more challenging. Private actors – such as employees, NGOs, or affected communities – can serve as an additional layer of enforcement, bringing violations to light more quickly. Without this mechanism, regulators may struggle to identify and address non-compliance early enough to prevent significant harm. Additionally, the absence of private litigation reduces the legal and financial risks for companies, weakening their incentive to proactively comply with due diligence obligations. As a result, the state must allocate more resources to monitoring, investigation, and enforcement – potentially straining public budgets and leading to less efficient regulatory outcomes. In the absence of civil liability and without ramping up enforcement mechanisms to make them significantly more robust, the CSDDD risks becoming completely ineffective.

Legal Certainty vs. Flexibility Trade-Off

While eliminating civil liability may provide companies with greater legal certainty by establishing a more predictable regulatory environment, it also removes a flexible enforcement mechanism that allows courts to tailor decisions to specific cases. The judicial flexibility offered by civil liability can be especially important in complex cases, where the context and circumstances of the violation may differ significantly from one company to another.

Without civil liability, companies are less likely to face customized enforcement based on their unique circumstances, and instead, may be subjected to a more rigid set of administrative penalties. While this creates greater certainty for companies in terms of potential fines or penalties, it also reduces the ability of courts to enforce the law in a way that is sensitive to the specifics of each case, potentially undermining the effectiveness of the regulation.

Risk of Under-Deterrence

Finally, the absence of civil liability could lead to a risk of under-deterrence. In the absence of private enforcement mechanisms, companies may perceive the risks of non-compliance to be lower, especially if administrative penalties are relatively mild. This can create a situation where companies under-invest in due diligence measures, knowing that the consequences of failing to prevent human rights or environmental harms may be minimal.

Under a civil liability framework, companies are more likely to internalize the risks of non-compliance, as the potential for litigation provides a strong incentive to adopt more comprehensive due diligence practices. Without this deterrent, companies may become complacent, assuming that they will face only administrative fines, which they may be able to absorb into their operations. This would significantly reduce the overall effectiveness of the HREDD framework and may increase the likelihood of human rights and environmental harms going unaddressed.

Conclusion: Finding the Right Balance

The European Commission’s Omnibus Simplification Package seeks to reduce regulatory complexity, but the removal of civil liability provisions raises important concerns about the effectiveness of enforcement mechanisms. From a law and economics perspective, an optimal regulatory framework should strike a balance between ex-ante legal certainty and ex-post accountability.

The experience from the German and French HREDD laws provides valuable lessons for designing an effective enforcement framework. A purely rules-based approach offers legal clarity but risks leading to superficial compliance, as companies may focus on meeting formal requirements rather than engaging in meaningful due diligence. If the CSDDD were to adopt a purely rules-based framework, it would be crucial to significantly enhance enforcement mechanisms to ensure meaningful compliance. However, this would come at a much higher cost for governments, as regulatory agencies would need substantial resources to monitor and enforce compliance effectively. Failing to strengthen enforcement would render the regulation toothless.

Ultimately, the success of corporate sustainability regulation depends on designing enforcement mechanisms that create the right incentives for companies to align their behavior with social goals. A regulatory framework that balances ex-ante clarity with ex-post accountability offers the most effective path toward meaningful corporate compliance. While reducing regulatory complexity is a legitimate goal, the European Commission must ensure that this simplification does not undermine the effectiveness of enforcement. Weakening civil liability provisions risks creating a system where compliance becomes a mere formality rather than a substantive commitment. If companies perceive a lack of enforcement or meaningful consequences, the regulation will fail to drive real change. In its pursuit of competitiveness, the Commission must not undermine the EU’s sustainability agenda, as doing so would ultimately erode both regulatory credibility and corporate accountability.