CSDDD vs. LkSG
Learn how digital compliance software helps companies fulfill new CSDDD and LkSG diligence obligations efficiently and audit-proof.
The recent easing of Germany’s Supply Chain Due Diligence Act (LkSG) in September 2025 has given many companies a brief sense of relief. Some of the most debated reporting obligations, such as the annual publication requirement under § 10 were removed. Yet, this is far from a lasting break. On the European level, the Corporate Sustainability Due Diligence Directive (CSDDD), also known as CS3D, is introducing a new wave of regulatory duties that extend far beyond the scope of the LkSG. These diligence requirements will soon reshape how companies approach digital compliance and risk management across their business networks.
Beyond LkSG: How the CSDDD Expands Due Diligence and Corporate Sustainability Requirements
Even after the adjustments made through the EU’s Omnibus Packages I and II, the Corporate Sustainability Due Diligence Directive (CSDDD) remains significantly more ambitious than the German Supply Chain Due Diligence Act (LkSG), both in scope and depth. It extends compliance requirements across global supply chains, encompassing environmental impacts such as biodiversity loss, ecosystem protection, and the management of chemicals and waste. Additionally, it mandates a comprehensive transition plan aligned with the 1.5° target of the Paris Agreement to guide companies’ climate change mitigation efforts. The CSDDD applies to large EU companies and non-EU companies with significant turnover and employee thresholds, specifically those exceeding EUR 450 million turnover and 1000 employees worldwide.
Rooted in the UN Guiding Principles on Business and Human Rights and the OECD Due Diligence Guidance, the CSDDD broadens the definition of human rights risks to include issues like expropriation, discrimination, and freedoms of association and religion, thereby protecting the rights of trade unions and civil society organizations. The CSDDD mandates companies to engage with stakeholders and maintain a complaints mechanism for addressing concerns related to human rights and environmental impacts. The scope also covers downstream stages of the value chain, such as transport, storage, and distribution.
While the EU Commission’s Omnibus adjustments have extended deadlines and eased some evaluation obligations, such as changing due diligence evaluations from annual to every five years, the core CSDDD obligations remain intact. Member States must transpose Directive EU 2024/1760 into national law by July 2027, with phased application starting in July 2028. The directive applies to large companies exceeding thresholds of 1,000 employees and €450 million turnover, including those with operational subsidiaries and those engaged in franchising or licensing agreements ensuring common business methods.
The CSDDD enforces a structured due diligence process that obliges companies to identify adverse impacts, both human rights and environmental impacts, assess and document risks throughout their entire supply chain and value chain. This includes implementing robust due diligence policies and due diligence measures integrated into corporate risk management systems. Companies are expected to act on “plausible information” informed by factors such as industry sector, geographic context, and historical incidents, reflecting a risk-based approach.
Non-compliance with the CSDDD can lead to significant consequences. Member States will designate supervisory authorities responsible for monitoring compliance, supported by the European Network of Supervisory Authorities to ensure coordinated enforcement across the EU. Penalties may include fines of up to 5% of a company’s net global turnover and the publication of non-compliance decisions. Furthermore, companies may face civil liability for damages caused by intentional or negligent failure to meet their due diligence obligations, though liability excludes damages caused solely by business partners.
Despite some relaxations, the CSDDD remains a pivotal framework shaping responsible business conduct across the EU market, compelling companies to embed sustainability into their operations and value chains to meet evolving EU rules and contribute to a sustainable economy.
How SMEs Are Impacted by CSDDD and LkSG Compliance Requirements
Formally, the CSDDD targets large companies with more than 1,000 employees and revenues exceeding €450 million. However, SMEs are indirectly affected as well. While smaller firms face fewer legal obligations, they often feel the impact through their business relationships. Large corporations increasingly pass down their due diligence policy duties to suppliers via codes of conduct, questionnaires, audit requirements, and demands for proof such as training records or certificates to verify compliance. The voluntary VSME standard already provides guidance for these expectations.
In practice, any SME that is part of a global value chain will experience higher documentation demands, whether or not they are directly covered by the law, especially as companies align with the corporate sustainability reporting directive and other EU laws.
Digital Compliance Platforms: The Key to Managing CSDDD and LkSG Requirements
Given the complexity of modern business networks, adopting advanced technological solutions is becoming the only viable path to achieving compliance with the Corporate Sustainability Due Diligence Directive (CSDDD) and related regulation EU. Manual tracking, auditing, and verification processes are simply no longer sufficient. Here, digital compliance platforms play a decisive role by making evidence management transparent, traceable, and audit-proof.
In the past, compliance was often managed manually through endless email threads and sprawling Excel sheets, which made tracking and verifying information slow, error- and manipulation-prone, and difficult to audit. With the introduction of new due diligence obligations under the CSDDD and other European Union legislative acts, relying on such manual methods now exposes companies to significantly greater risks, including non-compliance penalties and reputational damage. Therefore, adopting digital compliance solutions is no longer optional but essential, not only for large companies and regulated financial undertakings but also for SMEs that are part of a larger global network.
Therefore, modern platforms are needed to support digital compliance as they provide:
Authentic and Audit-Proof Certification Management
- Certificates and audit reports can be created and digitally assigned directly by auditors, ensuring authenticity.
- Evidence is stored in an audit-proof way to preserve integrity and prevent manipulation.
Secure and Transparent Exchange Across Supply Chains
- Certificates can be securely exchanged between suppliers, customers, and authorities across all supply chain tiers supported by individual access management.
- All parties are verified through KYC checks, ensuring the credibility of every interaction.
Integration with Comprehensive Compliance Tools
- The platform integrates seamlessly with other GRC, training, data protection, whistleblower, and analytics tools.
By leveraging such advanced digital solutions, companies can not only fulfill their CSDDD obligations more effectively but also enhance transparency, accountability, and responsible business conduct throughout their operations and value chains. This digital transformation is essential to navigating the evolving landscape of existing laws, EU rules, and national law, ensuring compliance and positioning businesses for success in a sustainable economy.
By using digital platforms like Kevla TrustDocs, companies not only gain transparency but also significantly reduce manual work. Automated verification and certificate sharing allow them to continuously demonstrate compliance with LkSG and CSDDD requirements without overwhelming their teams.
Digital Compliance as a Competitive Advantage under CSDDD and LkSG
While the Omnibus Packages have slightly relaxed the CSDDD timeline, the overall regulatory burden remains high, especially regarding the comprehensive due diligence obligations companies must fulfill. Even smaller businesses will feel its indirect effects through their roles in complex supply chains. Companies that invest early in digital compliance platforms, software solutions, and audit-proof documentation can effectively implement their due diligence measures, including environmental due diligence and risk management systems, ensuring they identify and address adverse impacts throughout their operations and value chains.
These platforms also facilitate seamless communication with supervisory authorities, helping companies stay ahead of enforcement actions while supporting transparency and accountability. Moreover, digital tools enable companies to develop, monitor, and execute their transition plans to comply with CSDDD requirements.
In the new era of sustainability regulation, one rule stands out: If it’s not digital, it’s not compliance.
Interested in enhancing your compliance workflows? Contact us for a non-binding consultation or live demo of Kevla TrustDocS and discover how digital compliance can future-proof your business.
