Death by Omnibus? The European Commission’s Proposal and the Fate of the Corporate Sustainability Due Diligence Directive (Part III): Beyond the Omnibus – The Persistent HRDD Patchwork

[Jacob Bogart (X: @BogartJacob) is Counsel at Perseus Strategies, a 2025 Salzburg Global International Law Fellow and graduate of Columbia Law School]

This post is the second part in a three-part series on the EU’s Corporate Sustainability Due Diligence Directive (CSDDD). Part I dissects the Omnibus and other reform proposals. Part II maps the reactions to and legal implications of these proposals. Part III argues that companies should adopt a UNGP/OECD-based model even if the CSDDD itself is delayed and diluted.

A Pause, Not a Pivot

On April 3, 2025 the European Parliament approved—and the Council confirmed on 14 April—a stand-alone “Stop-the-Clock Directive.” The measure does nothing to the substance of either law, it simply postpones the Corporate Sustainability Reporting Directive (CSRD) second and third reporting waves by two years and shifts the CSDDD’s transposition deadline and first application phase one year forward to July 26, 2027 and July 26, 2028, respectively. The Directive delays implementation in order “to avoid … unnecessary and avoidable costs” and to give companies “more time to prepare … and to take into account the guidelines to be issued by the Commission on how they should fulfil their due diligence obligations in a practical manner.” As explained in Part I, the Commission tabled an Omnibus proposal that would severely narrow CSDDD coverage to firms with more than 1,000 employees, confine supplier scrutiny largely to direct (Tier-1) business partners, and reduce compliance obligations, among other changes that remain under negotiation.

Yet even if the parallel Omnibus package ultimately pares back the CSDDD’s scope—undermining its original promise of a harmonized EU baseline—the broader push for mandatory human rights and environmental due diligence will not stop. National laws, sector-specific EU regulations, and extra-European import bans already impose overlapping, sometimes stricter, duties on firms operating in Europe. Indeed, these fragmented laws were the very impetus for the CSDDD in the first place. Weakening the Directive may therefore widen, rather than close, the compliance vacuum for mid-sized companies and deeper-tier suppliers—space that these other regimes will continue to fill. The analysis that follows traces how this persistent patchwork is poised to assert itself if EU-level ambitions recede, and why companies that scale back their HRDD programs now risk colliding with these parallel legal forces tomorrow.

National Due Diligence Laws Inside Europe

France – Duty of Vigilance Law

France’s Loi relative au devoir de vigilance of 2017 (“Duty of Vigilance Law”), remains the strongest national HRDD statute in Europe. Its civil liability design enables NGOs and affected communities to sue multinationals directly; since its passage into law, at least 13 actions have been brought, including those against a banking group over Amazon-deforestation finance and TotalEnergies for its subsidiaries’ projects in Uganda. Because claimants may target the French parent even for harms occurring abroad—and because French courts have accepted jurisdiction over non-French subsidiaries—the law offers an attractive venue independent of any EU-wide directive.

Germany – Supply Chain Due Diligence Act

Much like France, Germany also has a strong HRDD regulation that is currently in force: the Germany’s Supply Chain Due Diligence Act (known as Lieferkettensorgfaltspflichtengesetz (‘LkSG’) in German). The LkSG required large companies headquartered or with branches in Germany to conduct human rights and certain environmental due diligence in their supply chains, with fines of up to €8 million ($9.3 milllion) (or 2% of global turnover) for non-compliance. On May 5, 2025 the CDU, CSU and SPD—the parties poised to form the next federal government—signed off on a coalition agreement that includes their intention to abolish the LkSG, suspend reporting and fines except for “grave human rights violations,” and fold obligations into a future CSDDD. Formal repeal still needs Bundestag approval and cannot take effect before an EU directive is transposed (likely 2027–28), leaving companies in a compliance limbo: existing duties technically remain, while civil-tort exposure, forced labour import bans and investor scrutiny continue to apply.

Norway – Transparency Act

Norway’s 2022 Transparency Act couples OECD-style due diligence duties with a statutory public access right. In September 2024 the Consumer Protection Authority issued the Act’s first penalty—NOK 450,000 ($44,500) against a retailer that twice ignored information requests. The law and the case illustrate a different mechanism by which human rights enforcement may occur—reputational exposure plus administrative fines triggered not by audits but by stakeholder questions. The case further demonstrates that the law has teeth, moving from soft-law principles to hard-law enforcement.

Spain and the Netherlands 

Madrid’s center-left government, wary of Omnibus dilution, publicly warned that watering down due diligence rules “risks sending a dangerous signal” and has kept its own draft law on the agenda. In November 2022 four Dutch opposition parties re-submitted a private member bill—the Responsible and Sustainable International Business Act—to introduce mandatory HRDD. The bill lapsed with the 2023 election, but supporters could revive it if the CSDDD is significantly weakened. 

The Dutch already have other due diligence laws on the books: the Child Labour Due Diligence Act (Wet Zorgplicht Kinderarbeid) was adopted in 2019 but is still awaiting a royal decree to enter into force. It will require any company—domestic or foreign—that sells goods or services to Dutch consumers to investigate child labor risks, draft a remediation plan where “reasonable suspicion” exists, and file declarations or else face stiff fines and a potential prison sentence. When the CSDDD’s future seemed imperiled in 2024, Dutch policymakers signaled that, if the CSDDD stalls, they would activate—and potentially expand—the Child Labour Due Diligence Act.

Sector-Specific EU Product Rules

Even a slimmed-down CSDDD cannot dilute the suite of product-based rules that already impose UNGP-style due diligence duties on companies placing certain goods on the EU market. First, the EU Deforestation Regulation 2023/1115 obliges operators and traders of cattle (beef), soy, cocoa, palm oil, timber and coffee (and derived products) to geolocate every plot of origin, classify risks, take mitigation measures, and file compliance statements. Its application date was pushed back by one year in December 2024 in response to member-state and industry concerns: large and medium-sized companies must comply from December 30, 2025, while micro and small undertakings have until June 30, 2026.

More demanding still is the EU Batteries Regulation 2023/1542. Under the Commission’s Omnibus IV proposal—endorsed by the Council on June 19, 2025—the due diligence provisions would begin on August 18, 2027, two years later than the Regulation’s original 2025 start. From that date, every “economic operator” that manufactures, imports, distributes, repurposes or places batteries on the market will have to keep a UNGP/OECD-aligned battery due diligence policy, establish a grievance mechanism with early-warning system and remediation mechanism, guarantee full mineral traceability down to mine of origin when sourcing from high-risk areas and third-party reports are not available, and have the entire system periodically audited by an independent notified body. If enforced, the EUBR will create cascading HRDD throughout value chains that rely on batteries in the EU market.

The older Conflict Minerals Regulation 2017/821, in force since 1 January 2021, continues to require importers of tin, tantalum, tungsten, and gold (3TG) from high-risk areas to operate risk-based due diligence in line with the OECD Guide. Similarly, the recently adopted Regulation on Prohibiting Products Made with Forced Labour on the Union Market 2024/3015 empowers authorities to block any good made with forced labor from entering, circulating within, or leaving the EU market, order their recall, direct that perishable items be donated, and require non-perishables to be recycled—or, if recycling is impossible, destroyed or otherwise disposed of—all irrespective of the company’s size or sector.

All of these regulations are size-agnostic and market-access driven: companies that escape the CSDDD head-count threshold cannot escape these rules if they trade the covered goods. Together they leave few supply chain segments untouched. In practice, the EUBR sets the functional high-water mark—mandating comprehensive, audited HRDD and product-level traceability—while the deforestation and forced labor bans permit outright market exclusion for actors that violate their terms. Diluting the CSDDD therefore shifts, rather than removes, compliance pressure for firms subject to one or more of these laws. 

Emerging Non-European Regimes

Europe is not alone in passing regulations for companies to conduct due diligence. The U.S. Uyghur Forced Labor Prevention Act (UFLPA) creates a rebuttable presumption that any goods mined, produced, or manufactured—in whole or in part—in Xinjiang, China (or by firms on the UFLPA Entity List) are tainted by forced labor; importers may secure entry only if they supply “clear and convincing” evidence that their shipment is free of forced labor. To date, U.S. customs have denied over 9,700 shipments—worth about US $.87 billion—across electronics, apparel, solar, auto parts and aluminum.

Canada’s 2024 Fighting Against Forced Labour and Child Labour in Supply Chains Act (Bill S-211) requires companies with at least C$40 million ($55 million) revenue or 250 employees to publish annual forced labor reports, in addition to fines and executive liability. Australia is in the process of amending its Modern Slavery Act to enhance mandatory due diligence, remediation, and civil penalties, while the UK recently updated its guidance for complying with its own Modern Slavery Act requirements as part of an effort to strengthen enforcement of the Act’s provisions. 

Momentum is also building in Asia. On June 13, 2025, South Korea reintroduced its HRDD proposal under the new government. The HRDD bill was initially introduced in September 2023 but has since been revised. Borrowing elements from European HRDD laws, the bill would for the first time impose mandatory obligations for companies to incorporate due diligence across their supply chains. The bill defines a supply chain broadly as a value chain: encompassing activities from raw material acquisition upstream to final consumption downstream and covers both direct and indirect business relationships. According to the current draft, companies who fail to meet their obligations are subject to corrective orders, and failure to respond to corrective orders can result in criminal penalties. 

In March 2025, Thailand began the process of drafting a HRDD law. The law will cover all businesses operating in Thailand, but other details are being negotiated, such as: 1) whether implementation will be gradual or immediate; 2) the extent to which SMEs will have to comply, and 3) how to strengthen capacity building efforts and enforce the law. Bangkok first signaled its interest in such legislation during its 2021 Universal Periodic Review at the UN, and lawmakers see the project as bolstering Thailand’s bid for obtaining OECD membership. 

Finally, Japan’s Ministry of Economy, Trade and Industry released cross-industry “Guidelines on Respecting Human Rights in Responsible Supply Chains” in 2022, urging companies to carry out full HRDD across global value chains.

Convergence Through Fragmentation

The Omnibus package—now in its fourth iteration—together with Jörgen Warborn’s draft and the Council’s June text, threatens to strip the CSDDD of much of its reach: a ceiling of 5,000 employees and €1.5 billion ($1.75 billion) turnover would capture only the very largest multinationals and abandon the mid-tier firms originally meant to benefit from a level EU playing field. Yet the analysis above shows that shrinking the Directive will not eliminate compliance pressure; it will simply hand the initiative back to the patchwork of national statutes, product-specific EU rules and extra-European import bans that the CSDDD was designed to harmonize. Fragmentation is therefore not solved, but magnified, and the burden will fall most heavily on the businesses left inside that patchwork, to say nothing of the rightsholders who will face additional burdens in receiving an effective remedy for adverse impacts caused by European firms.

Against this backdrop, plans to delay or down-scale internal due diligence systems are short-sighted. Whether or not a diluted CSDDD ultimately applies to a given company, UNGP- and OECD-aligned practices—risk-to-people assessments, due diligence of tier-n suppliers based on salient risks, effective grievance mechanisms, and public reporting of efforts and impacts—remain the safest foundation for navigating the interlocking regimes already in force. A company that builds to the highest common denominator now will be ready for any future standard; one that waits risks scrambling later under litigation, customs holds or investor pressure. In today’s regulatory patchwork, robust HRDD is no longer a nice-to-have, it is a baseline business necessity, regardless of the status of the CSDDD.