CSDDD and the Future of Supply Chain Traceability in Metals and Mining

• The CSDDD introduces a legally binding duty to identify, prevent, and mitigate human rights and environmental risks in raw material supply chains.
• The Omnibus I simplification package (adopted by the European Parliament in November 2025) narrows the directive’s scope, yet core expectations around traceability, documentation, and supplier oversight remain unchanged.
• The first CSDDD obligations are expected to apply from July 2028, following national transposition in mid-2027.
• Metals and mining supply chains face inherent risk exposure, making origin visibility and material-level data essential for credible due diligence.
• Other EU frameworks, including CSRD, CBAM Phase 2, Digital Battery Passport, and Conflict Minerals Regulation reinforce the need for structured procurement data.
• Digital procurement systems provide the internal controls, audit trails, and data structures required to meet emerging EU compliance expectations.

European sustainability regulation is undergoing substantial revision. Yet, despite ongoing negotiations to simplify requirements and reduce the administrative burden on companies, the direction of travel is unmistakable: supply chain responsibility is becoming a structural expectation for steel mills, mining companies, traders, and producers operating in and supplying to the EU market. The Corporate Sustainability Due Diligence Directive (CSDDD) stands at the centre of this shift.

CSDDD introduces a binding system of human rights and environmental due diligence that extends across a company’s activities and those of its business partners. It establishes a duty to understand where materials come from, under which conditions they are produced, and how risks are mitigated. The scope and technical detail remain under negotiation, yet its strategic implications for metals and mining supply chains are already clear. The EU is signalling that visibility over origin, production practices, and potential impacts is essential for responsible procurement.

For companies buying, selling, or processing raw materials, CSDDD transforms supply chain traceability from an aspirational sustainability concept into an operational requirement, positioning procurement teams as central actors in how organisations identify, assess, and document their supply chain risks.

The CSDDD was adopted in 2024 with a broad scope. It originally:

• Applied to companies with more than 1,000 employees and €450 million in global turnover
• Required due diligence across both direct and indirect suppliers
• Introduced a mandatory climate transition plan
• Established a maximum fine of 5% of global turnover

These foundations created a far-reaching framework that placed responsibility for upstream and downstream impacts directly on companies.

However, the landscape changed significantly with the Omnibus I simplification package. The EU institutions are now negotiating a narrower and more focused directive aimed at reducing administrative burden while preserving the core objectives of responsible supply chain conduct.

Based on the current negotiating position adopted by the European Parliament in late 2025, CSDDD will likely apply only to:

• Companies with more than 5,000 employees
• Companies with more than €1.5 billion in annual turnover

Due diligence obligations would be limited to direct suppliers (Tier 1), with indirect suppliers assessed only when there are concrete indications of risk. These indications would be credible signals that a potential human rights or environmental issue may exist beyond the Tier-1 supplier. In practice, this includes recognised sector risks, documented issues linked to specific regions or facilities, inconsistencies in supplier documentation, or new information from external sources such as NGOs, industry associations, or public authorities. When such indications arise, companies are expected to look beyond their direct suppliers and assess whether further upstream checks are necessary.

For buyers of raw materials, this can occur when the origin of a material is associated with known governance or labour risks. A steel mill purchasing ferrosilicon, for example, may not need to conduct due diligence on the quartzite mine supplying the silicon when the Tier-1 supplier provides reliable documentation. If credible information emerges indicating that the mine operates under high-risk conditions, the steel mill would be expected to request clarifications and assess whether additional steps are required. The obligation extends only when risk signals are present, yet these signals are common in metals supply chains.

Furthermore, the requirement to prepare and implement a climate transition plan would be moved to the Corporate Sustainability Reporting Directive (CSRD), rather than remaining within CSDDD. The monitoring frequency may be reduced from annual to every five years, and the mandatory termination of business relationships would be replaced with a more flexible suspension-based approach. Civil liability would be left to national legislators rather than enforced uniformly at the EU level.

The timeline is also shifting. Due diligence obligations are postponed by one year, with the first companies expected to apply CSDDD from July 26, 2028, following their transposition into national law by mid-2027. These discussions may continue through the trilogue negotiations; yet, the overall direction is that CSDDD will focus on the largest companies, adopting a more risk-oriented and targeted approach to due diligence.

The simplification of CSDDD has prompted some to question its practical impact. For metals and mining, the implications remain clear and far-reaching.

1. High-Risk Supply Chains Demand Stronger Visibility.

Metals and minerals often originate from regions that experience well-documented risks, including inadequate labour protections, hazardous mining conditions, and environmental degradation. Even under a Tier-1-only model, companies will be expected to understand the conditions under which their suppliers operate and retain evidence to support this understanding. Suppliers will need to demonstrate how they assess their own upstream dependencies, creating a cascading effect through the value chain.

2. Due Diligence Requires Actionable & Reliable Origin Information.

To assess risks effectively, companies must know:

• Where raw materials were extracted
• How and where they were processed
• What working and environmental conditions exist at those sites
• Which impacts are likely and how they are mitigated
• What documentation supports this assessment

This is only possible through structured traceability. The metals sector also faces challenges like inconsistent declarations and attempts to obscure or misrepresent origin. Such misrepresentation exposes buyers to sanctions risks, contract disputes, and reporting inaccuracies. Situations where material produced in one jurisdiction is blended or rerouted through another illustrate how critical structured traceability has become.

Buyers need systems that help them collect origin information in a consistent format, identify anomalies, and retain documentation that can be reviewed and verified when risk signals arise. The ability to perform basic plausibility checks, such as whether a declared origin aligns with known production capacities or routes, strengthens the reliability of procurement data and supports responsible sourcing decisions.

3. Manual Sourcing Workflows are Incompatible with Due Diligence.

CSDDD expects companies to maintain verifiable documentation that supports risk identification, risk mitigation, and follow-up actions. Unstructured procurement processes produce fragmented information that cannot support a credible audit trail. This raises the operational stakes for digital procurement systems capable of capturing standardised data at the point of enquiry, negotiation, contract, delivery, and settlement.

CSDDD may be narrower than the original directive, but the logic that underpins it still makes traceability unavoidable for raw materials.

CSDDD sits within a broader regulatory environment that further strengthens the need for traceability. These frameworks influence how companies collect data, report it, and demonstrate compliance.

CSRD and ESRS: Disclosure Requires Traceability

The Corporate Sustainability Reporting Directive (CSRD) and the accompanying European Sustainability Reporting Standards (ESRS) apply to a broader group of companies than CSDDD, even under the proposed simplifications. CSRD entered into force in January 2023, with reporting requirements phased in from the 2024 financial year for the largest companies. Under the Omnibus “stop-the-clock” directive (EU 2025/794), the next reporting cohorts have been postponed by two years, shifting their first required sustainability statements from 2026–2027 to 2028–2029.

The framework remains unchanged in scope. CSRD requires disclosures on Scope 3 emissions, resource use, recycled content, and value chain dependencies. It does not mandate a specific due diligence process, yet it relies on structured and reliable information from procurement. Material origin, emissions factors, and production routes cannot be disclosed accurately without traceable supply chain data.

Credit: Worldfavor

Battery Regulation: The Digital Battery Passport

The EU Battery Regulation entered into force in August 2023. It introduces a digital passport that requires material-level information for critical raw materials used in batteries, including origin, carbon footprint, and recycled content. The Digital Battery Passport becomes mandatory from February 2027 for batteries placed on the EU market. This establishes a formal model for lifecycle traceability. The structure of the battery passport provides an early blueprint for future traceability systems that can be applied across other raw material categories. CSDDD will accelerate interest in these models.

CRMA: Europe’s Drive for Secure and Sustainable Supply

The Critical Raw Materials Act (CRMA) underscores the importance of sustainable, secure, and transparent sourcing of critical materials. It emphasises the importance of understanding extraction routes, processing capacity, and recycling flows. Data-rich reporting becomes a central part of achieving CRMA’s targets. This aligns closely with CSDDD’s expectations around supply chain visibility and responsible sourcing.

CBAM: Emissions Reporting at Installation Level

The Carbon Border Adjustment Mechanism (CBAM) requires importers of iron metallics, steel, aluminium, many ferroalloys and other materials to report embedded emissions at the installation level. While it entered into force in 2023, with quarterly emissions reporting required during its transitional phase, the next step begins with CBAM Phase 2, starting on 1 January 2026.

Importers must link specific production sites to their carbon intensity profiles. This reinforces the idea that buyers must understand the origin and process route of materials entering their supply chains. It also increases the need for accurate, supplier-specific emissions data, which is central to commercial differentiation in low-carbon supply chains.

Conflict Minerals Regulation and EUDR: Early Prototypes of Origin Verification

The Conflict Minerals Regulation requires companies to identify the smelters and refiners that process tin, tantalum, tungsten, and gold. This approach builds on global precedents such as the US Dodd–Frank Act, which established one of the first large-scale systems for mineral origin verification.

The EU Deforestation Regulation (EUDR) takes traceability further by requiring the provision of geolocation coordinates for agricultural commodities, including biomass used in industrial processes. This is directly relevant for biocoal and other reductants used in steelmaking and foundry operations. These regulations illustrate how far traceability can extend when linked to specific risk categories. They provide earlier models that anticipate the broader expectations CSDDD brings across multiple industries.

Taken together, these frameworks strengthen the case for structured procurement data. CSDDD sets the duty. CSRD, CRMA, CBAM and sector-specific regulations define the information companies must produce to demonstrate it.

Procurement teams will face rising expectations for data quality, documentation, and supplier engagement. Sourcing decisions will require deeper visibility of material origins and processing routes. The information captured at the transaction level will determine a company’s readiness to comply with CSDDD and associated legislation.
Buyers will need reliable, verifiable data at the material level. This means working with information that can be supported by documentation, checked for plausibility, and retained in a structured way that allows procurement teams to review it when necessary. It includes:

• Country, region, and site of origin
• Supplier practices and governance
• Processing steps and production routes
• Assays, certificates of analysis, and batch documentation
• Chain-of-custody records
• Emissions and relevant environmental indicators

Manual workflows increase operational and compliance risk. Email threads, disconnected spreadsheets, and supplier declarations stored across local drives cannot support due diligence processes or withstand audits. A structured, digital system becomes essential for consistent supplier evaluation and documentation.

Digital procurement becomes an internal control mechanism. Platform-based sourcing creates standardised data capture, consistent supplier onboarding and verification, structured audits of each transaction, and traceable records that support CSDDD, CSRD, and CBAM reporting. A single source of truth allows procurement, sustainability, and compliance teams to work from shared information that can be validated and retained.

Metalshub provides teams with the digital infrastructure required to align procurement practices with CSDDD’s expectations. The platform enables companies to collect, verify, and manage the data needed for due diligence, reporting, and supplier assessments.

Key capabilities include:

• Structured enquiries that capture origin, processing route, certifications, and sustainability attributes at the RFQ stage
• Centralised supplier data with verified profiles, documentation, certifications, and performance records
• Assay capture and lot-level tracking that document material composition and support chain-of-custody assessments
• Offer normalisation and analytics that enable standardised comparison of materials by specification, origin, emissions, and commercial terms
• Audit trails that document every stage of the procurement process
• Reporting integration that supports CSRD disclosures, Scope 3 calculations, and CBAM reporting requirements

CSDDD requires companies to understand their supply chains and demonstrate this understanding through evidence. Metalshub provides the structure to collect, verify, and report that information.

CSDDD is evolving, yet its influence on supply chain transparency is already reshaping expectations in the metals and mining sector. The directive places responsibility on companies to understand the origin of their materials and how risks associated with them are addressed. Recent simplification proposals may reduce the number of companies directly subject to these obligations, yet the strategic direction remains unchanged.

Traceability is becoming part of the standard procurement infrastructure. It enables companies to align with due diligence expectations, respond to customer requirements, and prepare for the broader sustainability landscape defined by CSRD, CBAM, CRMA, and the Battery Regulation.

Raw material procurement sits at the centre of this transition. The highest risks and most significant information gaps occur at the start of the value chain. Digital platforms such as Metalshub provide the visibility and structure required to build resilient, transparent, and responsible supply chains.

For more information, visit our Procurement Solution page or explore our free white paper on Sustainable Procurement for Steel Mills.

• First omnibus package to relax CSDDD, CSRD and EU taxonomy obligations – KPMG-Law
• EU-Parlament beschließt finale Verhandlungsposition zu CSRD und CSDDD – Kleeberg
• Sustainability reporting and due diligence: MEPs back simplification changes | News | European Parliament
• Corporate Sustainability Due Diligence Directive (CSDDD) – CSR