What are CSDDD “value networks?”

Everstream Analytics

The Corporate Sustainability Due Diligence Directive, or CSDDD, takes aim at big businesses and compels them to take responsibility their entire “value networks.” What does this mean? Like many sustainability-focused regulations, the EU is not only focused on singular companies but also the entire process that a company uses to create and sell their product, otherwise known as a value network or chain.

The CSDDD aims to lift businesses of all sizes out of harmful practices by requiring in-scope companies to exert their influence with a range of support packages and contractual obligations. The legislation focuses on environmental and labor best practices that businesses must follow, or risk facing costly fines and damages to reputation.

Businesses can’t pretend to turn a blind eye to noncompliance in their value networks. A company must have a clear, ongoing understanding of their entire value network to recognize potential or ongoing compliance risks.




Visualizing a business’s value network is only half the battle. Luckily, there are tools that make mapping a business’s value network much easier, instead of handing your supply chain management team a never-ending task. However, once the network is clear, companies must know what they are looking for when monitoring sustainability risk, and what to do when they find it.

CSDDD value networks versus supply chains

Third-party suppliers and outsourcing processes typically fall under the bracket of supply chain management. So, what are value networks or value chains, and why does the EU use this term instead of supply chains?

The EU defines the chain of activities within a value network as:

“The chain of activities should cover activities of a company’s upstream business partners related to the production of goods or the provision of services by the company, including the design, extraction, sourcing, manufacture, transport, storage and supply of raw materials, products or parts of the products and development of the product or service, and activities of a company’s downstream business partners related to the distribution, transport and storage of the product, where the business partners carry out those activities for the company or on behalf of the company.”

diagram showing CSDDD value network elements including upstream and downstream business partnersFigure 1: The CSDDD defines “value networks” as both upstream and downstream partners.

For companies in scope, a value network is characterized by its inclusion of both upstream and downstream activities, as well as the processes involved in developing a product or service. Put simply, a value chain is not just made up of the Tier-1 suppliers that aid a company in creating their offering. Value networks for in-scope companies will include indirect third parties or partners, otherwise known as sub-tier suppliers. These are the suppliers of suppliers, or the third parties that suppliers use to carry out their services. Sub-tier suppliers can be difficult to visualize, as the number of supply tiers can multiply exponentially for large businesses with multiple product lines.

A value network encompasses every participant and process within the full end-to-end business system or product lifecycle, with two major exceptions: The CSDDD does not include provisions for the disposal or end use of a product. And for financial firms, the CSDDD only applies to upstream activities.

Tools such as Everstream’s Discover make mapping out a value chain’s tiers easy, but seeing the complex web of suppliers, operations, and logistics is only starter information. What matters is what companies do next – how they search for and rank sustainability risks within their value networks, and what action they take as a result. Everstream Discover allows businesses to simultaneously track global events and independent risk data, highlighting any issues that are already impacting or could impact value network members.




Crucially, businesses can use Discover to focus their attention on their most valuable or highest-risk value network elements, ensuring that management teams are using their time efficiently and effectively to protect critical resources.

Mapping your value network

Each value network will look slightly different, depending on the business and industry of the company. However, all in-scope companies will be responsible for monitoring:

  • Direct (Tier-1) suppliers: Third parties that work directly with the in-scope company at any point within the business process.
  • Indirect (sub-tier) suppliers: Third parties that make up the supply chain of the business partners of the in-scope company; this can be tracked to multiple levels as there is no set number of suppliers than any given company may engage.

For in-scope companies, direct and indirect upstream suppliers could include:

  • Raw material sources
  • Manufacturing partners
  • Transportation suppliers
  • Design and development partners
  • Technology suppliers
  • Business operations partners

While direct and indirect downstream third parties could include:

  • Transportation suppliers
  • Storage partners
  • Distribution partners
  • Customer service partners
  • Business operations partners

Remember, financial firms are exempt from monitoring their downstream activities within the scope of the CSDDD.

Dealing with risk within CSDDD value networks

Ping! A risk alert pops up in your value chain management system – time to take action. The CSDDD emphasizes cooperation and support for struggling suppliers or processes, so don’t take a risk alert as a notification to simply send notice to your supplier. The CSDDD outlines specific ways that businesses should attempt to work with at-risk value chain elements, including in-kind support or training, or financial support such as loans or aiding in finding further funding.

infographic shows the extent of a company’s value network as defined by the CSDDD

Figure 2: The CSDDD requires in-scope companies to manage environmental and human rights risk across their value networks.

As the CSDDD requires businesses to clearly define their code of conduct in regard to sustainability, businesses must prove that they have exhausted every reasonable option to help non-compliant suppliers reach their contracted sustainability levels. A code of conduct includes established sustainability markers to accurately track a company’s compliance, and applies to the whole of a company’s business operation and processes, and must also be included in new and renewed supplier contracts.

Remember, not all risks are equal. Depending on your company’s priorities, industry, and inherent risk level, alerts can include both potential and confirmed risks. Using a risk-scoring tool is key to focusing on the most pressing issues and taking effective action. Though not all alerts will require immediate action, it’s important to keep an eye on potential risks, so your company can be prepared to implement swift mitigation measures if necessary.

Implementing sustainable changes within your value network

CSDDD implementation is coming up fast. EU member countries have two years to port the legislation into their individual law books, meaning that some companies will be subject to the Directive starting in 2027. Organizational changes of this scale are rarely simple and never quick, so it’s important to begin preparing now.

Take stock of your current state of play, including your current processes and suppliers, and their respective sustainability statuses. Create your code of conduct, and make sure that you have buy-in from stakeholders across your business to achieve your desired level of sustainability. This will likely take some time, as your company will have to assess current processes to understand what changes will need to be made, and how those changes can be realized. Then, communicate your new sustainability expectations to new and existing third parties, and implement any necessary contractual obligations.

Ensure that you have visibility of your value network, so you can understand the risk landscape. Put tools into place to automatically rank and score risk according to business impact. Finally, recognize what risk mitigation options are available to you, and what kind of support your business may be able to offer non-compliant third parties.

Though these changes are long-term, and will require substantial work, the reality is that the CSDDD is one of many sustainability legislations that will necessitate major business improvements. Getting ahead of the curve on these changes may feel painful at first, but will ultimately make compliance with other global ESG regulations easier in the long run.

Plus, there’s no reason for these changes to be manual. With AI and advanced analytics, businesses can automate risk data gathering and value network visualization with ease, leaving management teams to focus on making the right sustainability decisions.

The CSDDD’s focus on value networks expands in-scope business’s responsibility. Simply proving their own sustainability bona fides won’t be enough anymore; instead, businesses will be expected to use their influence to push for more sustainable practices within and outside of their companies. Starting sooner rather than later will ease the transition into CSDDD implementation, and using advanced technologies will be key to effective value network monitoring and risk mitigation.


Share this post