Dr. Rachel Widdis:

As a long-term supporter of the Irish coalition and lecturer in business and human rights, I am pleased to make a contribution. For years, my day job has been providing guidance to large companies on their human rights and due diligence practices, and aligning with new regulations, including the CSRD and CSDDD. This is very practical, meaning I also stand in factories and on farms supplying these companies, engaging directly with workers and communities. I am the expert for Ireland on the EU Fundamental Rights Agency research into corporate sustainability due diligence, which is investigating practices and challenges across 11 EU member states.

I will comment on the CSRD and CSDDD. The CSRD is about reporting to a transparent standard. The CSDDD is about doing the due diligence, so changes to it alter the core of what due diligence is done.

The UN's Guiding Principles on Business and Human Rights, UNGPs, are recognised by the EU as the authoritative standard. Sadly, since 2011, they are not widely implemented by companies, resulting in ongoing negative impacts on people and on our planet. This is not conjecture. There is evidence of low and slow levels of implementation from credible independent benchmarks, as well as a rake of studies, including for the European Commission.

Still, companies that work to respect human rights and those that do nothing all sell their products and services across the EU.

The UNGPs and the CSDDD are explicitly risk based, meaning companies employ best efforts to find where human rights are being abused in their activities and address these. Why? It is because international standards recognise negative impacts are more likely to occur and be severe in more distant business relationships. One example is batteries, where Amnesty International found that even using the shortest supply chain line, batteries had passed through five levels before reaching a tier 1 supplier, including a Chinese smelter using raw materials sourced from mines with children as young as 12 working up to 12 hours a day. The CSDDD is already more limited than international standards. Also, these are obligations of means, meaning that companies are not required to guarantee in all circumstances that adverse impacts will not occur or that they will be stopped. It is purposefully designed to be balanced, providing companies a degree of flexibility in reaching the standard, aligned with their risks.

How does the omnibus affect this approach and balance? Companies could, as a general rule, limit due diligence to direct business relationships although negative impacts mostly occur beyond tier 1 relationships. Additionally, new limitations on information gathering from partners with fewer than 500 employees would mean that companies' due diligence would face baked in blind spots.

How would this affect dynamics in practice? Responsible companies that implement risk-based due diligence would find plausible information on impacts. However, other very large companies would be enabled to adopt a wilful ignorance approach and the responsibility to highlight issues would be pushed from companies that are connected to the issues onto NGOs to make information on the realities public. How would we expect a company that needs to comply to respond in practice? It would press more via contractual assurances on its direct suppliers. Why? It is because it needs to comply but in lieu of that company doing risk-based due diligence, it will press its suppliers and they will press downwards onto smaller sub-suppliers and so forth.

Remedy is a right recognised by the UN. States have a duty to take steps to ensure access to effective remedy and to consider reducing legal and practical barriers that could lead to a denial of remedy. Already, the CSDDD does not include criminal liability, which would frankly be appropriate given the gravity of many impacts. Under the CSDDD, all EU member states must make provision for the civil liability of companies that intentionally or negligently fail to comply. States must also remove some of the existing barriers so that justice is accessible. The review of access to remedy in Ireland, which I wrote for the Department of foreign affairs, was accepted. It lays out the detail and in short, there is neither accountability nor remedy. This has not changed since 2021. However operational, reputational and legal risks for companies have increased due to the greater awareness and concern of consumers and investors. The EU recognised this and member states including Ireland agreed to the CSDDD. The omnibus removes harmonised EU-wide civil liability, enabling 27 different liability regimes and the clear risk of forum shopping. In this way, the omnibus would enable a continuing lack of accountability for companies, negatively impacting people and the planet, and no remedy for those affected. For these reasons, risk-based due diligence, a harmonised EU-wide civil liability regime and the overriding mandatory provision on the law to be applied are critical.

I thank the committee. I am happy to answer any questions.