The EU’s Corporate Sustainable Due Diligence Directive aims to internalize human-rights and environmental compliance in global value chains by holding large firms accountable for supply chain breaches in third countries. In response to criticism over compliance costs, the European Commission has amended the regulation through the ‘Omnibus Package,’ which limits company liability to direct suppliers and delays the initial application. While this reduces bureaucratic costs, it undermines the regulation’s effectiveness, as potential breaches rather occur in lower tiers. High due diligence costs and opaque supply chains further complicate the issue. Adopting systemic solutions for supply chain regulation, rather than non-standardised due diligence procedures, would more effectively address the trade-off between regulatory efficiency and effectiveness.

The European Union (EU) introduced the Corporate Sustainability Due Diligence Directive (CS3D) to promote sustainable and responsible corporate behaviour. Initially proposed by the European Commission (EC) in 2022, the directive came into force in July 2024. Its objective is to compel companies to integrate human rights and environmental considerations into their core management systems and governance models. CS3D holds companies operating within the EU accountable for adverse impacts arising from their own operations, their subsidiaries, and their global value chains. This approach addresses regulatory gaps in third countries, where human right and environmental standards are often inadequately enforced. Companies operating in the EU take responsibility for sustainable and responsible practices throughout their supply chain.

The CS3D applies to large EU companies with more than 1,000 employees and a net worldwide turnover exceeding €450 million. It also applies to companies outside the EU that generate a net turnover of at least €450 million within the single market. The regulation requires these companies to implement comprehensive risk management systems, establish grievance mechanisms, and publish annual reports detailing the effectiveness of their due diligence efforts. The initial debates surrounding the directive revealed a tension between the European Council, which advocated for higher thresholds to limit the number of companies covered, and the European Parliament, which pushed for a broader scope to maximise the regulation’s impact. EU member states must enforce the directive through administrative oversight and sanctions, including financial penalties of up to 2% of a company’s net global turnover for non-compliance.

The directive’s scope and expected costs of compliance sparked intense debate among stakeholders. Critics argued that extensive due diligence across entire value chains would impose an unsustainable administrative and financial burden on businesses. A 2020 study by the EC estimated that the annual costs for companies for supply chain due diligence procedures could range from €37,000 for large SMEs with an annual revenue of 50 million Euro to over €500,000 for companies with a revenue of 10 billion Euro (Smit et al. 2020). In response, the EC released the ‘Omnibus Package’ on 26 February 2025, which introduced significant amendments, aiming to simplify and harmonize EU regulations. The Omnibus Package entered into force on 17 April 2025, largely exempting indirect business partners from due diligence obligations and postponing full application until 2028. It also removed the obligation for companies to terminate business relationships with non-compliant suppliers as a last resort, limited information requests to partners, and delegated the terms of civil liability to national laws. These changes reflect a policy choice to prioritise cost reduction. However, regulation must not only be cost-efficient but also change corporate behaviour by creating incentives for firms to “stay and improve” relationships with suppliers, a goal undermined by a narrow focus on only the first tier of the supply chain.

This policy brief appraises the amended directive. It uses recent research on the structure, complexity, and dynamics of global supply networks. We argue that the Omnibus Package’s narrowing of liability to first-tier suppliers fundamentally weakens the regulation’s potential impact, as many of the most severe environmental and human rights violations occur in the lower, less visible tiers of the supply chain. For example, a significant portion of the world’s cobalt, a critical component in batteries for electronics and electric vehicles, is mined in the Democratic Republic of Congo under conditions that frequently involve child labour and severe safety hazards. This is often several supplier tiers away from the final corporate buyer. We propose a shift in regulatory thinking. Instead of relying on idiosyncratic, firm-by-firm due diligence, which is costly, and often inefficient and ineffective, policymakers should foster systemic, evidence-based solutions to create transparency and accountability across entire industries.