Reading time: ~5 minutes | Series: PEARL on ESG | Audience: SME leaders, procurement teams
If post 1 was the good news, this one is the small print. The EU's Corporate Sustainability Due Diligence Directive, CSDDD, or CS3D as supply-chain professionals tend to call it, does not directly regulate SMEs. But it is going to shape what your customers ask of you for years to come.
Here is how the ripple reaches you, and what to do about it now.
CSDDD requires large companies to identify, prevent, mitigate and account for adverse human rights and environmental impacts across their value chain. Boards must integrate due diligence into strategy. By the end of 2026, companies with more than 3,000 employees are expected to complete a first full risk mapping cycle and pilot a grievance mechanism. By 2027, second-tier in-scope companies should have governance structures and initial policies in place. By 2029, all in-scope companies should be running fully operational due diligence systems.
Roughly 17,000 companies are expected to fall under CSDDD globally, around 9,400 large EU companies, 3,400 risk-sector companies, and 4,000 non-EU companies with significant European business. SMEs are explicitly not in direct scope.
Large companies cannot do due diligence without information from their suppliers. And the substance of CSDDD, modern slavery, child labour, deforestation, pollution, water stress, climate transition plans, is exactly the kind of thing that requires visibility deep into the supply chain.
The result, as supply-chain professionals are already documenting in early 2026, is a quiet but profound shift: due diligence has moved from a compliance exercise to a commercial filter. If you cannot answer due-diligence questions credibly, you risk losing the contract, regardless of whether any regulator ever audits you.
None of this is exotic. Much of it is good business practice that SMEs already do, often without realising it counts. The challenge is documentation.
Pick the biggest. Ask them what their CSDDD roadmap looks like and what specific data they will need. Many large companies are sending early-stage questionnaires already; engaging proactively shows initiative and gives you time to fix gaps before the audit window.
Where do your top inputs come from? Which suppliers represent more than 80% of your purchasing? Names, countries, and a brief assessment of any obvious risk (sanctions, conflict-affected regions, sectors with high modern-slavery prevalence). One spreadsheet is enough to start.
Manual answers in email chains do not survive an audit. Even a simple shared folder with policy documents, supplier declarations, energy invoices, and a basic risk register is a step change. Affordable digital platforms exist for this, you don't need enterprise software.
In most SMEs, one person, sometimes the owner, sometimes an office manager, sometimes a procurement lead, ends up handling sustainability questionnaires. Equipping that person with foundational ESG literacy is one of the highest-return training investments a small business can make. This is exactly what the PEARL Modular Learning Materials and the Interactive Knowledge Hub are built to support.
Here is what the most forward-thinking European SMEs are noticing: customers who require due diligence data are not just trying to police suppliers. They are looking for partners they can rely on for the long term. Being able to answer the questions quickly, with evidence, makes you easier to do business with than the next supplier on the list. In several sectors, automotive, fashion, food, construction materials, "ESG-ready" is becoming a procurement advantage, not just a procurement hurdle.
The directive may not be aimed at you. The opportunity it creates is.
Next in the series: Beyond Compliance — how SMEs across Europe are turning ESG performance into a sales advantage.