 |
| Image created by ChatGPT |
By now virtually everyone with an interest in a number of related fields--business and human rights, supply chains, surveillance, systems theory and regulatory governance, national security, data and tech, and macro-economic policy within national and international domains--has heard of and probably tried to digest the European Commission's innocuous sounding "Omnibus Simplification Proposal." (for official explanations and justifications, built around a "competitiveness compass" produced to facilitate those ends, see, Commission proposes to cut red tape and simplify business environment; Questions and answers on simplification omnibus I and II; Simplifying EU rules and boosting competitiveness – Omnibus I; InvestEU - European Union – Omnibus II; Clean Industrial Deal; Press
release: Commission simplifies rules on sustainability and EU
investments, delivering over €6 billion in administrative relief). Omnibus I was released (after the usual leakage common to hot-house self-reflective techno-bureaucratic cultures and serving as an instrument of its internal politics) on 25 February 2025 and had in its cross hairs the essence of the global business and human rights regulatory project hubbed in Europe: the Corporate
Sustainability Reporting Directive (“CSRD”), the Taxonomy Regulation, the Corporate Sustainability Due
Diligence Directive (“CSDDD”), and the Carbon Border Adjustment Mechanism (“CBAM”) (text may be accessed here).
On its face, an effort to simplify (and sold that way for as long as possible), the project has always been about reformulating the years long regulatory projects that had been enacted over the last decade or so. Yet, perhaps, the easiest way to understand the path from regulatory cages developing over the last quarter century (including its increasingly orthodox academic theorization to enhance both authority and legitimacy within Europe) to retrenchment is fear. What sort of fear? The fear expressed by EU Commission President von der Leyen in her speech at Davo (considered here) that flowed from the (official) warning in the Draghi Report, “The Future of European Competitiveness," a 400 or so page document detailing what might be understood as a notice of a potential hard turn in the regulatory project of Europe, and thus in the template for the construction of the structures of a policy driven regulatory governance of economic activity more broadly). It was a fear that was the grandchild of the fear of Europe in 1945, stuck between largely intact powers with an appetite for consuming lesser states within new structures of dependence and inter-connection. It was a fear, as well, of the long term relevance of Europe as a near apex power within whatever was emerging as the post-global global order. And it was a fear that in an environment in which Europe would be shrinking the resulting political. social, ethnic and religious instabilities would increase in prominence in ways that could spiral out of control in the absence of foreign intervention of some sort of other.
 |
| Pix credit here |
It is with this in mind that one might read the extremely useful analysis of The European Commission’s ‘Omnibus Simplification Proposal’: Shift’s Preliminary Reflections, prepared by Shift--an organization that John Ruggie helped create and that has remained an influential voice in the evolution and adaptation of the UN Guiding Principles for Business and Human Rights in an altering environment (certainly an environment which is in some respects has been radically altered from that taken for granted during the rime of the development of the UNGP). The analysis follows below and may be accessed online. A few brief analytical points worth considering perhaps.
 |
| Pix Credit Tomb of Sancho Sánchez Carillo (Burgos, 1295) Catalan Museum |
1. Timelines matter. Radical change generally is undertaken gradually. That had been the approach advocated by John Ruggie and embedded in the UNGP)--principled pragmatism. But impatience can be a potent political force. Radical change, then, also might be undertaken swiftly. Yet that requires a sufficient enough control of the power apparatus to enforce radical change; and the ruthlessness to let nothing stand in the way of change. The European seeking accelerated change chose a middle ground--moderate speed and the suffocation of regulatory compliance that might have been complex enough to effectively shift discretionary authority either from the private to the public sector, or to transfer it to interlocking compliance bureaucracies in public and private entities to which overall decision making authority would be vested. One speaks, of course, of political risk in framing regulatory objectives. It was a pity, ironically of course, that those responsible for the cluster of measures now in the cross hairs of simplification that no one bothered to undertake the sort of risk-based due diligence with respect to regulatory reform strategies the implementation of which is the critical at-risk element of the simplified regulations. Perhaps they did; in that case the suggestion that risk based assessments are neither perfoect nor can they avoid catastrophe is made clearer.
2. Complexity as a political instrument. It might follow, then, that regulatory complexity is not a "thing" in itself but rather a means to an ends. One might, then, wish to consider the value of complexity--layered regulations that might or might not align, traps for the unwary, shift of operationalization from regulatory text to officials and decision making bodies, assessment and sanctions schemes that mask shifts in authority and risk allocation, and the like. In this sense the debate about complexity may actually be a debate about something quite different--a debate about the face of power and the means of its assertion in the service of higher objectives. In addition, time as a function of measurement also represents a political choice when reduced to regulation. This mirrors the challenge in the field of corporate governance through the nudging of financial reporting rules. Focusing on immediate effect and immediate right in relation to a narrowly defined event will produce quite distinct consequential risk avoidance behaviors, and value assessment, than one in which the focus is on middle to long term risk effects across a broader scope against which effects are measured.
3. Risk is not a single layered concept. The object of the regulatory projects now subject to simplification was, as Shift correctly notes, was straightforward and in its own way quite simple--to manage risk-based due diligence. That is true enough. Nonetheless thee are a number of risk distinctions that merit some consideration. One touches on the assignment of risk bearing and risk controlling functions. To some extent, the business and human rights project sought an alignment between risk bearing and risk controlling, placing both within an entity engaged in economic activity. The alignment, of course, could not be perfect, but it might be workable in markers. The alignment becomes mroe complex where the state tales to itself a measure of risk control functions. And that risk control function becomes more difficult still where what is controlled is both the nature of risk controlling decisions and the quantum of tolerable risk that may be taken. From an international human rights environment, especially one in which one starts from the premise that the risk negative human rights impacts must be prevented in the ideal state, the trajectories are toward risk avoidance cultures. That produces a conflict with risk taking cultures sometimes necessary for (1) innovation and (2) development. To sort that out a more nuanced se o distinctions between tolerable and less tolerable risks is required, but more importantly, the acceptance of the idea that one sort of negative human rights impact (short term, specifically contextual, etc.) might be balanced against positive human rights impacts (the argument of some in the "development first" camp). The idea here isn't to argue among these but rather to suggest that "risk-based" measures cover a substantial amount of ground. Indeed that is the essence of the dialectic between the Draghi Report, on the one hand, and the vision of human rights and sustainability organization, on the other. They necessarily talk past each other because they have not yet been able to align their language, objectives, goals, and the way in which "things," events, actions, consequences, are identified (much less measured). But this disjunction is as old as the Norms project on the ashes of which John Ruggie sought to find a bridge.
4. Outcomes are also not a single layered concept. The idea here mimics that of risk. It is true enough that if the sole or paramount objective was risk based due diligence measured against reductions in negative impacts (in whatever form agreement about the meaning of all of these terms is achieved, and further assuming agreement on the allocation of authority to define and to apply those meanings), then the idea of simplification ought to be equally straightforward. The difficulty here is the lack of alignment between the objectives against which measurement is possible. The case of the oppositional nature (sometimes) between a more absolutist human rights impacts objectives measured in the short or long term) and a more development oriented approaches are clear. Yet simplification in this case also suggests that the binary--positive/negative human rights impacts--is itself deeply complicated by the environment in which it is meant to have an effect.
5. At the end of any simplification process lies complexity. That is not because simplification is impossible; the challenge is that even simplification, in context, is complex and produces complexity. That is the case even when one starts from the proposition that simplification requires or is a process of shedding. Shedding might be understood as an exercise in essentialization and reduction. That produces either less detail, or a narrowing of scope. With less detail there is a shift from rules based to discretionary decision making (as well as interpretation). In either case, shedding also requires a delegation of authority to create and interpret between the elements retained. And delegation itself produces what appears be be order at the level of simplification and a devolution of complexity down (or aside) to those spaces in which what has been shed now appears. The complexity of simplicity is as much an issue in the evolution of virtual governance tools as it is in the organization of human to human regulatory structures (eg Hermann Kopetz, Simplicity is Complex (2019)).
6. What next? Shift, like many organizations committed to an architecture of business sustainability/ human rights focus on saving what they can, pushing back, arguing from logic, history or values--the values and narratives of which would appeal more to them than to their opponents. In that respect Shift offers an excellent set of ideas. Perhaps there is a little room for bargaining; that will depend less on the power of their logic than on the reality and risk of the circumstances in which Europe now finds itself. Events have overtaken, to some extent, that long and steady human rights project which needed as a base, a stable global system. It also requires a willingness to confront the larger issues within which this regulatory framework is bit a part--the question of the forms, ideologies, purposes, and manifestations of regulation (and with it the relationship between a regulatory state and autonomous individuals whose autonomy is exercised in economic, social, cultural, religious, and political market places (platforms today). I can only hoe there is a space within which both important social objectives might be aligned within a European normative space.
06 March 2025
The European Commission has launched its Omnibus Simplification Proposal to address concerns about sustainability regulations in the EU. But measured by its own objectives of simplifying requirements and reducing burdens on smaller companies, the proposals are a remarkable own goal. Negotiations in the coming months must be grounded in a practical grasp of what actually works in sustainability due diligence and reporting, if the final package is to make sense.
Why are we here?
It is not surprising that the current landscape of EU sustainability regulations has been critiqued as complex and burdensome. That is the natural consequence of developing sustainability regulations in the reverse order to what logic dictates.
The commonsense sequence would have been to set out what companies generally need to do in terms of sustainability due diligence, then what they need to report about those efforts, and finally what their investors need to report about the sustainability of their portfolios. But the EU went about it the opposite way: first setting requirements for investors under the Sustainable Finance Disclosure Regulation (SFDR), then reporting requirements for their portfolio companies under the Corporate Sustainability Reporting Directive (CSRD) and European Sustainability Reporting Standards (ESRS), and finally the due diligence conduct requirements under the Corporate Sustainability Due Diligence Directive (CSDDD). As a result, the connecting logic between each expectation and the next is lost, where they could have been streamlined, explained and cross-referenced.
As it is, with the CSRD and CSDDD coming from different parts of the Commission on disconnected timelines, there has been no clarity for companies that both sets of expectations are grounded in the same international standards on responsible business conduct: standards that thousands of businesses have been working to implement for nearly 15 years. And for companies new to risk-based due diligence, there has been a failure to explain what it is about: that it precisely relieves companies of the burden of blanketing their direct business relationships with excessive audits and information demands, and instead affords them the agency to address the most significant risks that are particular to their operations and value chains, and therefore central to their success. It is risk-based due diligence that delivers on the ultimate purpose of the EU legislation: improved human rights and environmental outcomes.
These disconnects in the Commission’s approach have been, somewhat understandably, mirrored in many company responses – and at notable cost. Companies’ financial departments set about interpreting and applying the ESRS in their reporting processes, after which legal divisions began preparing to implement the CSDDD – often assuming this was distinct from reporting. While the internal controls and subject matter capabilities needed for both are essentially the same, legal and financial departments have often hired separate teams to support their work – sometimes funding this by firing the very sustainability staff who have real experience of dealing with the issues. Other companies have paid excessive amounts for external consultants, who have too often pitched over-complex solutions, and failed to reflect how the new requirements inter-relate.
What is being proposed?
The Commission had an opportunity in its Omnibus proposal to focus on the guidance needed to strip away the appearance of complexity and show what straightforward implementation of sustainability due diligence and reporting entails. For sure it requires work to put into practice. But conceptually, it’s not rocket science. But instead, the Commission’s Omnibus Simplification Proposal is an own goal. It would actually make life more complicated for both large and small companies.
The proposal would make it much harder for companies to ‘know and show’ that they are managing the risks they face, and leave them on the back foot when ‘named and shamed’ by the media and NGOs as things go wrong.
Proposed changes would ask companies to do risk-based due diligence, but then constrain their proactive efforts to their first tier business partners, which is typically not where the greatest risks reside. It would then make it harder to understand what is happening even within that first tier by allowing them to ask only their largest business partners for the very information that is needed to actually manage the risks.
The risks we are talking about are real: they will not be reduced by restricting companies’ efforts to identify, assess and address them.It is precisely risk-based due diligence that enables a cost-effective focus on where the most severe problems lie – not the proposal’s push towards entity-by-entity audits and assessments that don’t get the job done.
The Commission’s proposal risks creating burdens for SMEs – rather than lessening them, as intended.
Companies will now have to rely even more heavily on demanding that their first-tier business partners ‘pass back’ requirements to meet the company’s Code of Conduct to the next tier, with less freedom to engage directly in finding solutions. Risk-based due diligence enables companies to allocate resources to the most severe risks in their value chain and support solutions with targeted capacity-building, collaborative efforts that pool resources, and mutual responsibility with suppliers – for instance recognizing how a company’s own purchasing practices affect suppliers’ ability to manage risks. It’s the off-loading of requirements and remote policing of compliance that creates the primary burden on smaller companies. It’s also a poor use of resources for the businesses that do it.
The proposed changes to the CSRD will also perpetuate the complex set of data demands from financiers and others that the CSRD sought to reduce.
The Commission proposes to cut by 80% the number of companies that would have had to report against the ESRS, reducing their disclosures to highly generalized information, at most. It would then cut swaths of disclosures currently included in the ESRS for the remaining 20%. As a result, investors and lenders who have no option but to be on top of the underlying risks, and have long called for this information to be routinely available, will be compelled to keep peppering investees with their own information requests.
What next?
As we head into a new process of negotiation between Commission, Parliament and Council over the legislative changes, there needs to be a much more pragmatic grasp on what actually works.
While this process plays out, companies can take comfort in the fact that the international standards – the UN Guiding Principles on Business and Human Rights and the OECD Guidelines for Multinational Enterprises – spell out what it takes to do effective risk-based due diligence. This is still what the EU regulations refer to as their common underpinning – even if the latest proposals would make it harder for companies to deliver in practice. Moreover there are already years of experience in what it takes to implement sustainability due diligence and reporting in line with the international standards, and in ways that are both workable for business and beneficial for people and planet.
Every industry has companies experienced in implementing risk-based due diligence, and many industries have worked with stakeholders to develop guidance on how to do it well. EU governments already have action plans that call for companies to implement sustainability due diligence, and they receive complaints through their OECD National Contact Points where companies allegedly fail to do so. And investors and lenders will continue to raise these same expectations in their engagements with companies, as will trade unions and NGOs. In short, doing due diligence in line with the international standards remains the best investment that companies can make to be prepared to meet current and future demands.
As for the forthcoming Omnibus process, while simplification remains a reasonable goal for negotiators to pursue, the Commission’s proposals are not the answer. Instead, they represent a remarkable own goal. As the process moves forward, we must do better.
No comments:
Post a Comment