Mandatry helps organisations turn CS3D obligations into structured controls, supplier evidence, remediation workflows and assurance-ready reporting. Legal requirements become a managed operating model, not a compliance document exercise.
Six core obligation areas
Directive 2024/1760/EU, as amended through the EU Omnibus I simplification process, establishes a due diligence framework focused on very large companies. Many smaller organisations may still be affected indirectly through customer, supplier and value-chain expectations.
Map actual and potential human rights and environmental harms across your own operations and those of established business relationships throughout the value chain.
Develop and implement prevention action plans. Seek contractual assurances from business partners and deploy verification mechanisms where required.
Put in place accessible complaint procedures for workers, communities and civil society organisations before enforcement deadlines.
Prepare and publish due diligence statements aligned with ESRS disclosure standards, integrated with CSRD reporting where applicable.
Adopt a plan ensuring business model compatibility with limiting global warming to 1.5°C, with periodic best-effort update obligations.
Integrate due diligence into board-level decision-making. Consider due diligence impacts when setting director variable remuneration.
Amended scope and timeline
The CS3D rules have been revised under the EU Omnibus I simplification package. Direct obligations now focus on very large companies. Application dates have moved. Penalties and enforcement will depend on national implementation, with EU-level rules setting a maximum pecuniary penalty framework for the most serious violations. Organisations should monitor transposition developments and begin internal scoping now.
Mandatry structures CS3D readiness across six obligation domains. Each area maps to specific directive articles and related frameworks, giving teams a traceable model rather than a static document.
Adverse impact identification, prevention, cessation and remediation across operations and value chains.
Scoping upstream and downstream business relationships and tiered supplier obligations.
Accessible, effective grievance channels for affected persons and legitimate representatives.
Annual reporting obligations, CSRD alignment and public communication of due diligence outcomes.
Paris-aligned transition planning obligations and compatibility with EU taxonomy requirements.
Director duties, variable remuneration linkage, and board-level oversight of due diligence.
Framework alignment
Mandatry gives teams a structured way to connect CS3D obligations to controls, supplier evidence, remediation actions, framework alignment and assurance reporting. It helps move from obligation text to an operating model that can be evidenced and reported on.
Map CS3D articles and related requirements into a structured obligation model, traceable to legal source and organisational scope.
Connect obligations to internal controls, policies, processes and accountable owners so coverage gaps are visible and manageable.
Link value chain due diligence expectations to supplier evidence, questionnaires and remediation actions in a single structured model.
Align CS3D readiness with related assurance frameworks, sustainability disclosures and digital trust controls, without rebuilding from scratch.
Give legal, procurement, sustainability, privacy, risk and assurance teams a shared view of obligation coverage and programme progress.
Produce clearer evidence trails and reporting outputs for senior oversight, assurance review and annual CS3D disclosure obligations.
Privacy Partners can support scoping, interpretation and implementation planning, while Mandatry provides the structured assurance model for managing obligations, evidence and readiness over time. Advisory expertise and structured tooling, working together.
Establish which CS3D obligations apply, assess current position against each requirement, and produce a prioritised gap register to feed into Mandatry.
Work with procurement, legal and operations teams to map business relationships, tier supplier obligations and identify high-risk exposure areas.
Design proportionate due diligence processes, policy frameworks and contractual templates suited to your operating model and Mandatry structure.
Embed alongside your team during rollout, supporting training, stakeholder engagement and evidence population inside Mandatry.
Support annual disclosure preparation and provide standing advisory as obligations, guidance and Mandatry model evolve over time.
Privacy Partners
Specialist regulatory advisory for organisations navigating CS3D, data privacy and corporate accountability obligations.
Explore Mandatry's structured compliance assurance model, contact the team directly, or visit Privacy Partners to learn more about advisory support for your organisation.