This chapter explores the due diligence related expectations across five pieces of EU legislation against the six-step due diligence process set out in the OECD Due Diligence Guidance on Responsible Business Conduct. The chapter explores the EU CSDDD (2024), EU CSRD (2023) and the EU Batteries Regulation (2023), which each introduce due diligence reporting and/or conduct requirements; the EU Deforestation Regulation, which sets due diligence requirements based on a narrow concept of due diligence; and the EU Forced Labour Regulation, which does not set out new due diligence conduct or reporting requirements, but where due diligence may be a useful measure to prevent, mitigate and bring to an end forced labour. It finds that the measures generally reflect aspects of the six-step framework, with some important differences and variance in detail across the steps. The chapter also highlights different approaches to topics such as traceability, responsible disengagement and stakeholder engagement.
Developing a Responsible Business Compass for Ireland
Abstract
Due diligence is the process by which business enterprises are expected to identify, prevent, mitigate, and account for actual and potential adverse impacts associated with their activities, supply chains and business relationships, consistent with international due diligence instruments: the OECD MNE Guidelines, United Nations Guiding Principles on Business and Human Rights and the International Labour Organization’s Tripartite Declaration of Principles concerning Multinational Enterprises and Social Policy (see Box 2.1).
The OECD RBC Guidance sets out a six-step process for due diligence, with sub-steps and recommended practical actions per step. The OECD standards are grounded in a “risk-based approach” and set out core principles or “key characteristics” of due diligence (see Box 2.1).
Businesses can play a major role in contributing to economic, environmental and social progress, but it is important that they minimise the adverse impacts of their activities, products and services on people and planet.
In pursuit of this, the OECD, the International Labour Organization (ILO) and the United Nations (UN), have developed aligned and complementary instruments that set out international standards on responsible business conduct: the OECD Guidelines for Multinational Enterprises on Responsible Business Conduct, the UN Guiding Principles on Business and Human Rights and the ILO Tripartite Declaration of Principles concerning Multinational Enterprises and Social Policy. These instruments establish that all companies have a responsibility to avoid and address negative consequences in which they may be involved, including those present in their supply chains and other business relationships, while making a positive contribution to the economic, environmental and social progress of the countries in which they operate.
The OECD Guidelines for Multinational Enterprises on Responsible Business Conduct (the MNE Guidelines), updated in 2023, are the most comprehensive set of government-backed recommendations to multi-national enterprises (MNEs) on what constitutes responsible business conduct. They cover all key areas of business responsibility, including human rights, labour rights, environment, bribery and corruption, consumer interests, disclosure, science and technology, competition, and taxation. They also recommend that enterprises undertake risk-based due diligence to identify, prevent, mitigate and account for how they address actual and potential adverse impacts on matters covered by the Guidelines. The OECD Due Diligence Guidance on Responsible Business Conduct (RBC Guidance) and sector-specific due diligence guidance provide practical recommendations on implementing due diligence.
The MNE Guidelines and accompanying Due Diligence Guidance on RBC (RBC Guidance) set out a six-step process for conducting due diligence that applies to all MNEs, irrespective of their size, location, and industry. Each step (and sub-step where relevant) is accompanied by a set of practical actions that provide guidance on implementing the steps.
Source: OECD (2018[1]), OECD Due Diligence Guidance for Responsible Business Conduct, https://doi.org/10.1787/15f5f4b3-en
Due diligence is a continuous, proportionate and risk-based process. It involves demonstrating progressive improvement and outcomes over time against credible targets and meaningful engagement with relevant stakeholders.
Sources: OECD (2018[1]), OECD Due Diligence Guidance for Responsible Business Conduct, https://doi.org/10.1787/15f5f4b3-en; OECD (2023[2]), OECD Guidelines for Multinational Enterprises on Responsible Business Conduct, https://doi.org/10.1787/81f92357-en; OHCHR/OECD/EU/ILO (n.d.[3]), Responsible Business: Key Messages from International Instruments, https://www.oecd.org/content/dam/oecd/en/topics/policy-sub-issues/global-engagement-on-responsible-business-conduct/Brochure-responsible-business-key-messages-from-international-instruments-ENG.pdf
In the field of due diligence, legislative measures are often broadly aimed at addressing similar goals and rooted in the same international standards, even if they differ in scope, terminology and/or specific requirements. This is important because it offers opportunities to identify existing and potential synergies to support implementation.
Due diligence legislation can be broadly categorised across three types: (i) corporate disclosure measures (e.g. EU CSRD (2023)); (ii) due diligence conduct requirements (e,g. EU CSDDD (2024) and EU Batteries Regulation (2023)); and (iii) product and market-based measures, which prohibit the import, placing on the market, export and/or use of products or commodities associated with certain risks, often subject to demonstration of adequate due diligence (e.g. EU Deforestation Regulation (2023) and Forced Labor Regulation (2024)). Given their different nature, each integrates due diligence expectations in different ways.
This Chapter primarily considers the five measures with due diligence related corporate disclosure and/or due diligence conduct expectations:
EU CSDDD (2024), EU CSRD (2023) and the EU Batteries Regulation (2023), which introduce due diligence reporting and/or conduct requirements drawing from international due diligence instruments, including OECD RBC standards.
EU Deforestation Regulation (2023), which sets due diligence requirements based on a narrower concept of due diligence, combined with a prohibition on the import, export and/or placing on the market of products associated with deforestation. It also addresses the EU Forced Labour Regulation (2024), which does not set out new due diligence conduct or reporting requirements. However, due diligence could help identify, mitigate, prevent and bring to an end the risk of forced labour in supply chains. It could also be helpful to prove an economic operators’ efforts to address forced labour risks during potential investigations.
The approach and nature of due diligence requirements varies across these measures, including in degrees of specificity and consistency with the international frameworks.
In the sections below, the requirements of the measures are considered against the six-step process set out in the OECD MNE Guidelines and RBC Guidance, with tables summarising key elements in Annex 2.A. The majority of the measures define due diligence in accordance with the requirements of the measure, while the EU Batteries Regulation and the Forced Labour Regulation include standalone definitions of “due diligence”.1 All of the measures, with the exception of the EU Deforestation Regulation (2023), draw from and refer to the OECD RBC standards and other international due diligence instruments in the context of due diligence (see Box 2.1).
Under OECD RBC standards, Step 1 expects multi-national enterprises to devise, adopt and disseminate policies on responsible business conduct issues and plans for implementing due diligence relevant to the enterprise’s own operations, supply chain and other business relationships (1.1); to embed these policies into oversight bodies and management systems (1.2); and to incorporate RBC expectations into engagement with suppliers and other business relationships (1.3).
The main aim of Step 1 is to ensure that companies have the systems in place to implement an effective due diligence process, with appropriate policies, staff, resources, management and oversight systems and operating procedures in place. Companies are expected to assign oversight and responsibility for due diligence to relevant senior management and assign board level responsibilities for RBC more broadly. Due diligence policies should reflect a company’s most significant risks, building on findings from risk assessments (Step 2) and as business relationships and operational contexts change.
Whilst the measures all integrate elements of Step 1, they differ regarding the requirement for and specificities of a due diligence policy, the ways in which due diligence is embedded into oversight and management systems, and the specificities of incorporating due diligence expectations into engagement with suppliers and other business relationships. This section evaluates some of the key synergies and differences in how the measures approach Step 1. See Table 2.1 below for an overview and Annex Table 2.A.1 for more detail.
Note: Darker blue indicates explicit reference in text; light blue indicates strong inference; green indicates disclosure requirement on the topic; yellow indicates due diligence as a useful measure to prevent, mitigate and bring to an end forced labour, to ensure economic operators do not place or make available products made with forced labour on the Union market.
Source: OECD
Step 1.1 – Devising, adopting and disseminating policies
The measures take different approaches to due diligence policy expectations. For example:
Requirements for development or disclosure of due diligence policy (or policies): All three measures setting out due diligence conduct requirements include policy requirements, with two of the measures specifically requiring a due diligence policy (EU CSDDD (2024); EU Batteries Regulation (2023)). The EU Deforestation Regulation (2023) requires policies and procedures more generally as part of risk mitigation efforts,2 without reference to a specific due diligence policy. The EU CSRD (2023), as a reporting measure, does not require policies in the same way, although this is somewhat implicit as it requires description of the policy. None of the measures explicitly require the policy to focus on the entity’s most significant risks, however this is somewhat implicit; for example, the CSDDD makes clear that the policy should describe the company’s approach to and “ensure” a “risk-based due diligence”.
Level of specificity, including for reviewing and updating the due diligence policy: The measures vary in detail, with the EU CSDDD most specific on aspects such as the role of consultation with employees and their representatives in developing the due diligence policy, and on requirements for the content of the policy. It also specifically requires review of the due diligence policy, providing for review and if necessary, update, after significant changes and at least every 24 months.3 The EU Deforestation Regulation (2023) requires the due diligence system as a whole be reviewed every 12 months,4 whilst the EU Batteries Regulation (2023) does not require specific update of the policy, but does require periodic audit of the due diligence policy, without defining what periodic means.5
Publication: The EU Batteries Regulation (2023) requires that entities ‘adopt, and clearly communicate to suppliers and the public, a company battery due diligence policy’,6 however the other measures do not explicitly require the publication of due diligence policies.
The EU Corporate Sustainability Reporting Directive (2023), through the ESRS 2 (mandatory) requires companies to disclose a statement on due diligence, which comprise five “core elements of due diligence”. In addition, ESRS 2 requires companies to disclose the policies adopted to manage the sustainability matters (i.e. impacts, risks and opportunities) identified through the double materiality assessment.7
Step 1.2 – Embedding policies in management systems and oversight bodies
Whilst the three measures containing due diligence conduct obligations require embedding of due diligence into management systems, they do so in different ways. For example:
Management systems: All three measures require companies to integrate due diligence (as defined by the law) into management systems or to more generally have adequate management systems in place to support due diligence.8
Oversight: The measures vary in how far they expect companies to assign oversight and responsibility for due diligence to relevant senior management.9 The EU Batteries Regulation (2023) and EU Deforestation Regulation (2023) address this, with the former specifying assigning responsibility at top level management,10 whilst the latter states risk mitigation shall include appointment of a compliance officer at management level for non-SME operators.11 The EU CSRD (2023) and EU CSDDD (2024) do not require this, although the EU CSRD (2023) requires disclosure of the sustainability matters addressed by administrative management and supervisory bodies.12 See Annex Table 2.A.1.
Step 1.3 – Incorporating expectations and policies into engagement with suppliers and other business relationships
The conduct measures differ over how specifically they require entities in scope to incorporate RBC expectations into engagement with suppliers and other business relationships and whether expectations extend to direct or also indirect suppliers. For example:
Role of contracts: The EU CSDDD (2024) requires that the due diligence policy include a code of conduct to be followed throughout the company, its subsidiaries, and direct or indirect business partners.13 Prevention and mitigation requirements (Step 3) expect companies to, where relevant, seek contractual assurances from direct business partners based on compliance with the code, including through corresponding contractual assurances from their own business partners.14 The EU Batteries Regulation (2023) requires incorporation of the due diligence policy into contracts with direct suppliers.15
Other avenues of engagement: provisions on risk mitigation and prevention also address broader topics relating to supplier engagement, controls against non-compliance, purchasing practices, design and distribution practices, and support for suppliers (e.g. EU Deforestation Regulation (2023) and EU CSDDD (2024)). See Step 3: Cease, prevent and mitigate adverse impacts.
Step 2 of the OECD standards expects enterprises to carry out a high level risk scoping where RBC risks are most likely to be present and most significant (2.1); carry out iterative risk assessments of prioritised operations, suppliers and other business relationships (2.2); evaluate the enterprise’s involvement with the actual or potential impacts (2.3); and prioritise the most significant RBC risks and impacts for action, based on severity and likelihood (2.4).
Step 2 aims to address how enterprises identify, assess and prioritise RBC risks and impacts for action, focusing on the criteria of severity and likelihood. A high-level scoping ensures that businesses first identify general areas of the business where risks are greatest, before carrying out iterative and increasingly in-depth risk assessments in prioritised areas to identify and assess specific impacts.
Enterprises are expected to assess their “involvement’ with specific risks and impacts to determine the appropriate response, based on whether they have caused, contributed or are directly linked to the risk or impact (see Step 3).1
Note: (1) See also: OECD (2022[4]), Translating a risk-based due diligence approach into law: Background note on Regulatory Developments concerning Due Diligence for Responsible Business Conduct, https://www.oecd.org/content/dam/oecd/en/topics/policy-sub-issues/due-diligence-guidance-for-responsible-business-conduct/translating-a-risk-based-due-diligence-approach-into-law.pdf
The conduct-based due diligence measures each embed a requirement for entities to assess risks and impacts, but differ in the level of granularity of this requirement and in their approach to prioritisation. This section evaluates some of the key synergies and differences in how the measures approach Step 2. See Table 2.2 below for an overview and Annex Table 2.A.2 for more detail.
As for other Steps, the EU CSRD (2024) and EU Forced Labour Regulation (2024) do not require risk identification and assessments in the same way as the conduct-based measures, but introduce expectations indirectly (CSRD) or as a means to support compliance (Forced Labour Regulation). For example:
The CSRD requires entities to disclose a double materiality assessment16 that encompasses ‘impact materiality’ (impact on people and planet) and ‘financial materiality’ to identify ‘material’ impacts, risks and opportunities in the value chain. In this way it is broader than the risk identification exercise under CSDDD and the international standards, which focus on impact materiality. The materiality assessment of a negative impact is informed by the due diligence process defined in the international instruments, with materiality based on the concepts of severity and likelihood.17 EFRAG has published specific implementation guidance to support companies in conducting their double materiality assessments.18
Under the EU Forced Labour Regulation (2024), evidence of an entity's efforts to identify and assess forced labour risks can be requested during preliminary investigations into concerns of forced labour.19 Notably for Step 2, the Commission is required to establish a database about forced labour risks and guidance on risk indicators, which could contribute to an entity’s scoping exercise and more in-depth risk assessments, and inform authorities’ preliminary investigations.20
Note: Dark blue indicates explicit reference in text; light blue indicates strong inference; green indicates disclosure requirement on the topic; yellow indicates due diligence as a useful measure to prevent, mitigate and bring to an end forced labour, to ensure economic operators do not place or make available products made with forced labour on the Union market.
Source: OECD
Step 2.1– Broad scoping of where risks are most likely to be present and most significant
The three due diligence conduct measures each embed a requirement for entities to assess defined risks and impacts, however the EU CSDDD (2024) is the only measure to explicitly distinguish an initial high level scoping exercise21, and the subsequent risk assessment. The measure requires entities to first “identify general areas” where adverse impacts are most likely to occur and to be most severe; this exercise then informs how enterprises prioritise operations and business partners for in-depth risk assessments.22
Step 2.2 – Iterative and in-depth risk assessments
The measures differ in the scope of the risk assessment requirements. The EU CSDDD (2024) requires in-depth risk assessments where adverse impacts were identified to be most likely and severe under the scoping exercise. Companies are expected to take into account relevant risk factors and use a variety of information sources, including independent reports and information gathered through the notification mechanism and complaints procedure required under the law.23 See also Step 2.4 below on prioritisation.
The EU Deforestation Regulation (2023) and EU Batteries Regulation (2023) place much more emphasis on the role of traceability compared to the EU CSDDD (2024) and the OECD RBC standards. The EU Deforestation Regulation (2023) introduces strict traceability and information requirements including geolocation,24 which form the basis for the entity’s risk assessment. The EU Batteries Regulation requires a chain of custody or traceability system as part of the entity’s management system.25
While there exists no single common international definition of “traceability”, the term is generally understood as the capacity to trace, that is, to determine where a particular product originates, where it has travelled, who has handled it, and what modifications it has undergone.
Traceability can also be used to pass on certain information on a product’s ESG performance. Traceability is however not equivalent to due diligence. Even with advanced technologies, traceability on its own cannot guarantee responsible production and trade. A product may be completely traceable while still having been produced in problematic circumstances. Instead, traceability is one approach towards achieving a level of transparency necessary to identify, prevent, mitigate and account for how companies address actual and potential adverse impacts in their own operations, their supply chains and other business relationships.
To work effectively, traceability systems must be carefully designed – balancing standardisation and context, maintaining data quality, and adapting to varying supply chain complexities. They also require strong collaboration among companies, governments and civil society, backed by cost-sharing, reliable verification and secure data-sharing protocols. Above all, traceability should be embedded into a wider risk-based due diligence process and serve clear objectives rather than become an end in itself.
Source: IEA (2025[5]), The Role of Traceability in Critical Mineral Supply Chains, https://www.iea.org/reports/the-role-of-traceability-in-critical-mineral-supply-chains.
Step 2.3 – Assessment of involvement26
Both the EU CSDDD (2024) and CSRD (2023) address an entity’s involvement with risks or impacts, per the international standards. The other measures do not explicitly make this distinction. See Step 3.
Step 2.4 – Prioritisation based on severity and likelihood
The requirements around how companies should prioritise across their environmental and social risks and impacts differs between horizontal measures addressing a range of RBC issues, and those targeting specific risks.
Measures with broad issue coverage: The EU CSDDD (2024) explicitly requires entities to prioritise identified impacts according to severity and likelihood, addressing the most severe and likely impacts first, before moving to address the less severe and likely impacts.27 Severity (or severe adverse impacts) are defined in the law. The EU CSRD (2023) requires entities to disclose how they prioritised on basis of severity and likelihood.
Measures that target specific risks: The EU Batteries Regulation (2023), Deforestation Regulation (2023) and Forced Labour Regulation (2024) effectively prioritise the issues and commodities that enterprises are expected to focus on, and do not expect companies to prioritise beyond this. The EU Deforestation Regulation (2023) and Forced Labour Regulation (2024) take a different approach due their prohibition on the placing on the market, or exporting, of products linked to deforestation or forced labour. See Box 2.3 below.
Whilst the OECD RBC standards focus on identifying, preventing, mitigating and remediating RBC risks and impacts through a process of progressive improvement over time, the EU Deforestation Regulation (2023) and EU Forced Labour Regulation (2024) take an approach that focuses on ensuring products are free from specific risks (deforestation and forced labour).
Under these two measures, the prioritisation process is effectively undertaken for entities. The regulations inherently require entities to prioritise deforestation and forced labour risks. Each regulation introduces indicators, guidance or benchmarks on risks, further prioritising risk areas for companies. The EU Deforestation Regulation (2023) also asks companies to prioritise specific commodities and products over others. There is no distinct requirement for entities to prioritise beyond this, as the measures prohibits the placing on the market (or export) of any product linked to deforestation.
However, and the definition and purpose of due diligence differs under the two measures. Under the Deforestation Regulation, due diligence, narrowly defined, is a tool to demonstrate that products have no or negligible risk of deforestation. There are no requirements to prevent or remediate deforestation impacts, or to support suppliers in doing so. In contrast, under the EU Forced Labour Regulation, it is not necessary for economic operators to prove no or negligible risk. Instead, a company’s wider due diligence, broadly defined to include mitigation, prevention and remediation measures, is considered by authorities. See Steps 3 and 6.
Step 3 expects enterprises to stop activities that are causing or contributing1 to adverse impacts based on the enterprise’s assessment of its involvement and develop prevention and mitigation plans (3.1); and to develop and implement plans to seek to prevent or mitigate actual or potential adverse impacts which are directly linked2 to the enterprise’s operations, products or services by business relationships (3.2).
The focus of Step 3 is on how companies respond to the risks and impacts that they have identified. Responsibilities differ according to the company’s level of involvement with the risk or impact, with heightened responsibilities where a company causes or contributes to (or may cause or contribute to) an adverse impact through its own activities, compared to where it is ‘directly linked’ (i.e. a business partner causes the impact).
Notes: (1) Cause, contribute have distinct meanings. The OECD RBC Guidance (OECD, 2018, p. 70[1]) clarifies that an enterprise “causes” an adverse impact if the enterprise's activities on their own are sufficient to result in the adverse impact, whilst ít “contributes to” an impact if its activities, in combination with the activities of other entities cause the impact, or if the activities of the enterprise cause, facilitate or incentivise another entity to cause an adverse impact. Contribution must be substantial. (2) According to the OECD RBC Guidance (OECD, 2018, p. 71[1]), ‘”[l]inkage” is defined by the relationship between the adverse impact and the enterprise’s products, services or operations through another entity (i.e. business relationship)’ and ‘“Directly linked” is not defined by direct contractual relationships.
Whilst the measures generally require entities to carry out adequate or proportionate measures to prevent and mitigate risks, they differ in levels of specificity and in emphasis, including whether or not they require a prevention and mitigation plan, the level of detail they provide on prevention and mitigation actions and the extent to which they address responsible disengagement. This section evaluates some of the key synergies and differences in how the measures approach Step 3. See Table 2.3 for an overview and Annex Table 2.A.3 for more detail.
As for other Steps, the EU CSRD (2024) and EU Forced Labour Regulation (2024) do not require risk prevention and mitigation in the same way as the conduct-based measures, but introduce expectations indirectly (CSRD) or as a means to support compliance (Forced Labour Regulation). For example:
The EU CSRD (2023) requires entities to disclose key actions taken and/or planned to prevent and mitigate actual and potential impacts on topical ESRS identified through the double materiality assessment process. Specific datapoints on what such actions or measures look like are presented in each topical ESRS.28
Under the Forced Labour Regulation, evidence of an entity's efforts to prevent and mitigate forced labour risks and impacts can be requested during preliminary investigations into concerns of forced labour.
Note: Dark blue indicates explicit reference in text; light blue indicates strong inference; green indicates disclosure requirement on the topic; yellow indicates due diligence as a useful measure to prevent, mitigate and bring to an end forced labour, to ensure economic operators do not place or make available products made with forced labour on the Union market. Source: OECD
Step 3.1 – Causing or contributing to adverse impacts associated with own operations
The measures differ in the extent to which they specifically address situations where companies cause or contribute to adverse impacts through their own activities, or are directly linked to them, in line with the international standards. For example:
Cause, contribute and direct linkage: As mentioned in Step 2, the EU CSDDD (2024) and CSRD (2023) both address an entity’s involvement with risks or impacts, per the international standards. The EU CSDDD (2024) is more explicit and refers to the international frameworks, including the concepts of causation and contribution.29
Prevention and mitigation requirements: Generally, the measures apply the concepts of adequacy and/or appropriateness and proportionality to the requirements to address and manage identified risks and impacts, though with varying degrees of specificity and different emphases. For example:
a. The EU CSDDD (2024) lists mandatory and optional prevention and mitigation measures, and places emphasis on, for example, entities modifying their own activities such as purchasing and design practices to avoid and mitigate contributing to harms in the supply chain.30 The CSDDD also includes specific requirements on entities to adopt measures aimed at preventing, mitigating, or bringing to an end to (i.e. cease) adverse impacts through “appropriate measures”, consistent with the international standards.31
b. In contrast, the EU Batteries Regulation (2023) includes a very broad requirement that entities adopt risk management measures that are consistent with international standards, with no further specificity in the law.32
Step 3.2 – Preventing and mitigating actual or potential adverse impacts associated with business partners (i.e. to which the enterprise is ‘directly linked’)
Direct linkage: As mentioned above, the EU CSDDD and CSRD distinguishes between different levels of involvement. The CSDDD specifically distinguishes situations where entities are ‘directly linked’ to an impact (i.e. where a business partner causes or may cause an adverse impact).
Prevention and mitigation requirements: As for Step 3.1, the measures all broadly expect companies to put in place appropriate and/or proportionate risk prevention and mitigation measures, but differ in levels of specificity. The EU CSDDD’s (2024) lists both mandatory and optional measures, including activities directed at suppliers, such as targeted and proportionate support to SME business partners. The EU Batteries Regulation (2023) does not include this type of specificity. The EU Deforestation Regulation (2023) requires economic operators to carry out risk mitigation procedures and measures “that are adequate to achieve no or only a negligible risk” (unless the risk assessment found no or negligible risk of deforestation i.e. non-compliance). The measure lists optional measures (e.g. independent surveys or audits and support to suppliers, particularly smallholders), and emphasises the role of adequate and proportionate policies, controls and procedures for effective mitigation, listing a number of mandatory measures.
Use of leverage:33 The EU CSDDD (2024), EU Batteries Regulation (2023), and EU CSRD (2023) each incorporate the concept of leverage in different ways. Under the EU CSDDD (2024), influence is a factor in determining appropriate response measures and in prevention, mitigation and bringing to and end adverse impacts (for example, when companies are not causing adverse impacts themselves, they should aim to use their influence to prevent, mitigate, bring to an end or minimise the extent of adverse impacts caused by their business partners or increase their influence to do so).. Entities are also expected to use or increase their leverage over business partners through temporary suspension in certain circumstances. The EU Batteries Regulation (2023) frames an entity’s influence and ability to exert pressure on suppliers, their subsidiaries and subcontractors as a factor to consider in risk management.34 Under the EU CSRD (2023), disclosure of actions taken to address negative imparts may include use of leverage.35
Responsible disengagement: The EU CSDDD (2024) and the EU Batteries Regulation (2023) incorporate requirements on suspending and/or (in the case of the EU Batteries Regulation) terminating engagement with suppliers, although only the CSDDD includes expectations on “responsible” disengagement. The EU Deforestation Regulation (2023) and EU Forced Labour Regulation (2024) do not include specific requirements or refer to termination or suspension of contracts. See Box 2.4 below for further detail, including on the approach of the OECD RBC standards to responsible disengagement.
OECD RBC Standards
The OECD RBC standards acknowledge that business enterprises may sometimes need to temporarily suspend a supplier relationship or disengage when mitigation attempts have failed, where mitigation is not feasible or due to the severity of the impact. However, the standards emphasise that disengagement should generally be considered as a measure of last resort, and that the potential adverse social and economic impacts of disengagement should also be taken into consideration. They also recognise that disengagement may not be legally or practically feasible or an appropriate response in certain contexts. Where a decision to disengage is made, it should done responsibly, in accordance with the standards.
Suspension under the EU Corporate Sustainability Due Diligence Directive (2024)
The EU CSDDD (2024) provides that suspending a business relationship may be an appropriate measure for responding to adverse impacts, but only as a last resort and where impacts could not be prevented, adequately mitigated or brought to an end and only until the impact is addressed. In these situations, entities must refrain from entering into new relations or extending existing relations with business partners connected to adverse impacts and implement an enhanced action plan.
Suspension is also a process and should be undertaken responsibly. Under EU CSDDD (2024), companies are not expected to suspend a relationship if the consequences of suspension are “’manifestly more severe” than the adverse impact to be addressed but should report such decisions to the supervisory authority. Where entities do decide to disengage, they are required to provide reasonable notice to the business partner and take steps to prevent/mitigate/end any adverse impacts of suspension.
Disengagement under other measures
The EU Batteries Regulation (2023) addresses disengagement as a feature of risk management obligations, requiring that entities consider ‘suspending or discontinuing engagement with a supplier or its subsidiary or subcontractor after failed attempts at mitigation’, based on relevant contracts and agreements with suppliers. If economic operators pursue risk mitigation while temporarily suspending trade, they are required to consult with suppliers and stakeholders concerned, including local and national government authorities, international or civil society organisations and affected third parties such as local communities. There are no provisions on responsible disengagement.
Under the EU Forced Labour Regulation (2024), the nature of the measure means that it does not set out conduct requirements in the same way, including on responsible disengagement. However, the Commission will issue guidance on responsible disengagement and the recitals guide national competent authorities to consider the risks and consequences of disengagement and support entities to carry out measures to bring forced labour to an end.
Sources: OECD (2018[1]), OECD Due Diligence Guidance for Responsible Business Conduct, https://doi.org/10.1787/ 15f5f4b3-en; OECD (2023[2]), OECD Guidelines for Multinational Enterprises on Responsible Business Conduct, https://doi.org/10.1787/81f92357-en; EU Corporate Sustainability Due Diligence Directive 2024/1760: Article 10(1)(c), 10(6), Article 11(1)(c), 11(7); EU Batteries Regulation 2023/1542: Article 50(1)(b)(iii) ; Article 50(2).
Under the OECD RBC standards, Step 4 expects enterprises to track the implementation (verification) and effectiveness (validation) of their due diligence activities, i.e. measures to identify, prevent, mitigate and, where appropriate, support remediation of impacts. Monitoring activities should be tailored to the nature and severity of the impacts and relevant stakeholders should be involved in target setting and monitoring. Lessons learned should be used to improve future due diligence efforts and outcomes.
Step 4 aims to ensure that companies have systems in place to track and evaluate progress against the targets and indicators it set under Step 3, and to assess effectiveness of its due diligence. It is a central part of promoting meaningful efforts towards continual improvement over time.
This section evaluates some of the key synergies and differences in how the measures approach Step 4. See Table 2.4 for an overview and Annex Table 2.A.4 for more detail.
As for other Steps, the EU CSRD (2024) and EU Forced Labour Regulation (2024) do not require tracking in the same way as the conduct-based measures, but introduce expectations indirectly (CSRD) or as a means to support compliance (Forced Labour Regulation). For example:
The EU CSRD (2023) requires companies to disclose metrics that it uses to evaluate performance and effectiveness, in relation to a material impact, risk or opportunity. In particular, companies have to disclose measurable time-bound outcome-oriented targets and their relationship to policy objectives, defined target value, baseline level, scope of target and period. If the undertaking has not set measurable time-bound outcome-oriented targets, it must disclose whether and how it nevertheless tracks the effectiveness of its policies and actions.36
Note: Dark blue indicates explicit reference in text; light blue indicates strong inference; green indicates disclosure requirement on the topic; yellow indicates due diligence as a useful measure to prevent, mitigate and bring to an end forced labour, to ensure economic operators do not place or make available products made with forced labour on the Union market.
Source: OECD
Whilst the three measures containing due diligence conduct obligations require some element of monitoring and tracking due diligence activities, they differ in specificity and over the extent to which the measures require monitoring of how the system performs (effectiveness) as well as monitoring of due diligence activities (implementation).
Implementation and effectiveness: only the EU CSDDD (2024) requires monitoring and assessment of both implementation and effectiveness of due diligence activities.37 The EU Batteries Regulation (2023) requires assessment of performance of due diligence,38 but makes no specific reference to the effectiveness of the system.
Integration of lessons learned: the EU CSDDD (2024) specifically requires due diligence actions to be updated on the basis of monitoring outputs where appropriate and with due consideration of relevant information of relevant stakeholders.39 Other measures do not specifically require this, although the EU Batteries Regulation (2023) refers to third party verification efforts including identifying areas of potential improvement to due diligence systems.40
Stakeholder engagement: the EU CSDDD refers to considering relevant information from stakeholders as part of the monitoring process.41 See Box 2.5 on stakeholder engagement.
Step 5 expects enterprises to publicly communicate relevant information on due diligence policies, processes, and activities. OECD RBC standards provide more detail, recommending that companies publicly report on significant adverse impacts or risks identified, prioritised and assessed, prioritisation criteria, prevention and mitigation actions, findings and outcomes, including any remediation. The practical actions advise, with respect to human rights impacts, that entities communicate with actually or potentially impacted rightsholders information relevant to them.
Each measure requires some form of public disclosure regarding due diligence, but the measures differ on the format and extent of this. This section evaluates some of the key synergies and differences in how the measures approach Step 5. See Table 2.5 for an overview and Annex Table 2.A.5 for more detail. As for other Steps, the EU Forced Labour Regulation (2024) do not require public disclosure in the same way as the conduct-based measures.
Note: Dark blue indicates explicit reference in text; light blue indicates strong inference; green indicates disclosure requirement on the topic; yellow indicates due diligence as a useful measure to prevent, mitigate and bring to an end forced labour, to ensure economic operators do not place or make available products made with forced labour on the Union market.
Source: OECD
Public reporting requirement: The three due diligence conduct measures each explicitly refer to a requirement to publish annually a report on due diligence.42 The EU CSDDD (2024), however, frames this as an annual statement.43
Format and content: The specificity of reporting format and required information differs between measures. As a measure wholly focused on disclosure, the EU CSRD (2023), via the European Sustainability Reporting Standards, has the most detailed standards. The EU CSDDD (2024) foresees aligning its reporting requirements (to be elaborated through a delegated act) with those of the ESRS. The other measures provide less specific details on the content of reports, but do give an overview of what they should contain.
Reporting on stakeholder engagement and consultation: Under the EU CSRD (2023), entities are required to disclose a description of their stakeholder engagement and their understanding of the interests and views of stakeholders (see Box 2.5) The EU Batteries Regulation (2023) requires reporting to cover, where relevant, access to information and public participation in decision making. The EU Deforestation Regulation requires, where applicable, a description of consultation indigenous peoples, local communities and other customary tenure rights holders or of the civil society organisations in the area of production as part of its reporting requirement.44
Reporting exemptions: As entities may fall within scope of multiple due diligence related measures, some provisions have been made for reporting exemptions. The EU CSDDD (2024), for example, provides that its reporting requirements do not apply to entities subject to the ESRS reporting requirements (which will be the case for the vast majority of entities subject to the EU CSDDD);45 whilst the EU Deforestation Regulation (2023) allows entities falling under the scope of other EU due diligence measures to include the relevant information in their reports under other measures.46
Some of these measures require other disclosure or information outputs directly to the European Commission or national competent authorities – these requirements are discussed in section Obligations.
Stakeholder engagement under OECD RBC Standards
Stakeholder engagement is a core feature of due diligence. The OECD Guidelines for Multinational Enterprises on Responsible Business Conduct (OECD, 2023[2]) emphasise that it is a key component of the due diligence process, as well in some cases, being a right in and of itself. The OECD Due Diligence Guidance for Responsible Business Conduct (OECD, 2018[1]) recommends engaging with stakeholders at various points throughout the due diligence process, including as relevant, when assessing risk, when developing corrective action plans and when designing and assessing operational level grievance mechanisms. Stakeholders may include impacted and potentially impacted rightsholders, human rights defenders, worker representatives, trade unions and civil society groups. The Guidance also emphasises seeking relevant external expertise when needed and the annex provides further detail on identifying and engaging with stakeholders.
Complementing these standards, the Due Diligence Guidance for Meaningful Stakeholder Engagement in the Extractive Sector provides further practical guidance in the context of mining, oil and gas operations (OECD, 2017[6]).
Stakeholder engagement in due diligence measures
The measures generally foresee stakeholder engagement and consultation as part of the due diligence obligation, however they differ in how detailed the requirements are.
Only the EU CSDDD (2024) and CSRD (2023) define ‘stakeholder’, with the CSDDD listing employees and workers’ representatives as well as stakeholder groupings whose rights may be directly affected by products, services, operations of the entity, its subsidiaries and business partners. The CSRD (2023) meanwhile distinguishes between two stakeholder groupings: affected stakeholders – whose interests are or could be affected by the entity’s activities and those of its direct and indirect business relationships – and users of sustainability statements.1
The EU CSDDD (2024) is the most expansive in its requirements, including a specific article, setting out the stages at which entities are required to engage in stakeholder consultation during the due diligence process, covering identification, assessment and prioritisation of risks; the development of (enhanced) prevention and corrective action plans, and the adoption of remediation measures.2
The EU Batteries Regulation (2023) specifies stakeholder engagement when designing risk mitigation plans, which may include consulting with local and national government authorities, international or civil society organisations3 and requires inclusion of access to information, and public participation in decision making in annual reporting.4
The EU Deforestation Regulation (2023) incorporates a requirement for consultation in good faith with indigenous peoples within the risk assessment process; and requires reporting to include a description of this process where applicable.5
Under the EU CSRD (2023), entities are required to disclose a description of their stakeholder engagement and their understanding of the interests and views of stakeholders as they relate to its business model and how interests of stakeholders were considered in setting policy, in relation to social topics.
Notes: (1) ESRS 1, 3.1, para 22-23/para. 23a, 43 (revised ESRS); (2) EU Corporate Sustainability Due Diligence Directive 2024/1760: Article 13; (3) EU Batteries Regulation 2023/1542: Article 50(2); (4) EU Batteries Regulation 2023/1542: Article 50(2), 52(3); (5) EU Deforestation Regulation 2023/1115: Article 10(2)(d), Article 12(4)(C).
Steps 6 expects enterprises to provide for or co-operate in remediation where they have caused or contributed to actual adverse impact (6.1). It also expects that enterprises, when appropriate, provide for or co-operate with legitimate remediation mechanisms through which impacted stakeholders and rightsholders can raise complaints (6.2).
Step 6 therefore aims to ensure that companies provide remediation, where appropriate, and that they have in place effective grievance mechanisms for handling complaints. The RBC Guidance acknowledges that the type or combination of remedies needed will depend on the nature and extent of the adverse impact, and makes clear that any remediation should seek to restore affected persons to the situation they would be in had the adverse impact not occurred. Complaints mechanisms should be consistent with the effectiveness criteria for non-judicial grievance mechanisms set out in the United Nations Guiding Principles for Business and Human Rights (UNGPs).
This section evaluates some of the key synergies and differences in how the measures approach Step 6. See Table 2.6 for an overview and Annex Table 2.A.6 for more detail.
Note: Dark blue indicates explicit reference in text; light blue indicates strong inference; green indicates disclosure requirement on the topic; yellow indicates due diligence as a useful measure to prevent, mitigate and bring to an end forced labour, to ensure economic operators do not place or make available products made with forced labour on the Union market . Source: OECD
Step 6.1 – provide for or co-operate in remediation
The requirement to remediate where an entity has caused or contributed to an adverse impact is incorporated into two of the measures: the EU CSDDD (2024) and in the EU Batteries Regulation (2023). The CSDDD requires that where a company has caused or jointly caused an adverse impact, it provides remediation and guarantees victims of harm caused by a failure to comply with due diligence obligations the right to an effective remedy and compensation.47 The EU Batteries Regulation (2023) provides that entities should have a grievance mechanism in place that includes remediation.
The EU Forced Labour Regulation (2024) and the EU CSRD (2023) do not establish remediation obligations. Under the EU Forced Labour Regulation (2024) records of an entity’s actions to remediate forced labour may be requested during preliminary phase of investigations.48 Meanwhile, the EU CSRD (2023) includes disclosure requirements on remediation and grievance mechanisms.
Step 6.2 – legitimate remediation mechanisms for complaints
Several of the measures enable some form of complaints mechanism, but not all apply this requirement to entities:
Entity-led complaints mechanisms: The EU CSDDD and Batteries Regulation both require entities to put in place some form of mechanism for receipt of complaints or notification. The EU CSDDD (2024) requires entities to enable submission of complaints, where stakeholders have concerns regarding adverse impacts in the entities’ operations or those of their subsidiaries or business partners; and that entities establish a ‘fair, publicly available, accessible, predictable and transparent procedure’ for complaints.49 The EU Batteries Regulation (2023) addresses this through requiring that the grievance mechanism also include an early-warning risk-awareness system.50
Other means of making complaints: The EU Deforestation Regulation (2023), EU CSDDD (2024) require competent national authorities to establish submission points for the receipt of information or concerns that the rules are being violated, whilst the EU Forced Labour Regulation requires a single information submission point to be set up by the Commission.51
References
[5] IEA (2025), The Role of Traceability in Critical Mineral Supply Chains, IEA, Paris, https://www.iea.org/reports/the-role-of-traceability-in-critical-mineral-supply-chains, Licence: CC BY 4.0.
[2] OECD (2023), OECD Guidelines for Multinational Enterprises on Responsible Business Conduct, OECD Publishing, Paris, https://doi.org/10.1787/81f92357-en.
[4] OECD (2022), Translating a risk-based due diligence approach into law: Background note on Regulatory Developments concerning Due Diligence for Responsible Business Conduct,, OECD Publishing, Paris, https://www.oecd.org/content/dam/oecd/en/topics/policy-sub-issues/due-diligence-gu.
[1] OECD (2018), OECD Due Diligence Guidance for Responsible Business Conduct, OECD Publishing, Paris, https://doi.org/10.1787/15f5f4b3-en.
[6] OECD (2017), OECD Due Diligence Guidance for Meaningful Stakeholder Engagement in the Extractive Sector, OECD Publishing, Paris, https://doi.org/10.1787/9789264252462-en.
[3] OHCHR, OECD, EU, ILO (n.d.), Responsible Business: Key Messages from International Instruments, https://www.oecd.org/content/dam/oecd/en/topics/policy-sub-issues/global-engagement-on-responsible-business-conduct/Brochure-responsible-business-key-messages-from-international-instruments-ENG.pdf.
Notes: (1) List of instruments includes the OECD Guidelines for Multinational Enterprises, OECD Due Diligence Guidance for Responsible Business Conduct, OECD Due Diligence Guidance for Responsible Supply Chains of Minerals from Conflict-Affected and High- Risk Areas
← 1. EU Batteries Regulation 2023/1542, Article 3(1)(42): Battery due diligence means “the obligations of an economic operator in relation to its management system, risk management, third-party verifications and surveillance by notified bodies and disclosure of information, for the purpose of identifying, preventing and addressing actual and potential social and environmental risks linked to the sourcing, processing and trading of the raw materials and secondary raw materials required for battery manufacturing, including by suppliers in the chain and their subsidiaries or subcontractors”; EU Forced Labour Regulation 2024/3015, Article 2(3): due diligence in relation to forced labour means “efforts by economic operators to implement mandatory requirements, voluntary guidelines, recommendations or practices to identify, prevent, mitigate or bring to an end the use of forced labour with respect to products that are to be placed or to be made available on the Union market or to be exported.”
← 2. EU Deforestation Regulation 2023/1115: Article 11(2).
← 3. EU Corporate Sustainability Due Diligence Directive 2024/1760: Article 7(3).
← 4. EU Deforestation Regulation 2023/1115: Article 12(2).
← 5. EU Batteries Regulation 2023/1542: Article 48(2).
← 6. EU Batteries Regulation 2023/1542: Article 49(1)(a).
← 7. ESRS 2
← 8. EU Batteries Regulation 2023/1542: Article 49(1)(c).
← 9. See Step 1.2(a), OECD Due Diligence Guidance for Responsible Business Conduct.
← 10. EU Batteries Regulation 2023/1542: Article 49(1)(c).
← 11. EU Deforestation Regulation 2023/1115: Article 11(2)(a).
← 12. ESRS 2.
← 13. The measure also includes an option to seek contractual assurances from indirect business partners. EU Corporate Sustainability Due Diligence Directive 2024/1760: Article 7(1), 7(2)(c).
← 14. EU Corporate Sustainability Due Diligence Directive 2024/1760: Article 10(2)(b); 11(3)(c) and Article 10(4); 11(5). In addition, Articles 18 requires the Commission to develop guidance on voluntary model contract clauses, in consultation with Member States and stakeholders.
← 15. EU Batteries Regulation 2023/1542: Article (49)(1)(e).
← 16. Sustainability matters are material when they pertain to actual or potential positive or negative impacts on people and environment. See ESRS 1.
← 17. See ESRS 1
← 18. https://www.efrag.org/sites/default/files/sites/webpublishing/SiteAssets/IG%201%20Materiality%20Assessment_final.pdf https://www.efrag.org/sites/default/files/sites/webpublishing/SiteAssets/IG%201%20Materiality%20Assessment_final.pdf https://www.efrag.org/sites/default/files/sites/webpublishing/SiteAssets/IG%201%20Materiality%20Assessment_final.pdf
← 19. EU Forced Labour Regulation 2024/3015: Article 17.
← 20. EU Forced Labour Regulation 2024/3015: Article 8, Article 11(e).
← 21. Referred to as a “scoping” exercise (Article 8, para 2(a)).
← 22. Article 8(2)(a) sets out the requirement to carry out a scoping exercise, based solely on reasonably available information, to identify general areas across own operations, those of subsidiaries and those of their business partners in the chain of activities, “where adverse impacts are most likely to occur and to be most severe”; whilst Article 8(2)(b) sets out the requirement to carry out in-depth assessments on the basis of the scoping exercise in para (a).
← 23. Relevant risk factors are defined as ‘facts, situations or circumstances that relate to the severity and likelihood of an adverse impact, including facts, situations or circumstances at the level of the business partner, such as whether the business partner is not a company covered by this Directive or other comparable mandatory sustainability due diligence legislation; at the level of geography and context, such as the level of law enforcement with respect to the type of adverse impact; and at the level of sectors, of business operations, and of products and service. See EU Corporate Sustainability Due Diligence Directive 2024/1760: Article 3(1)(u). Future implementation guidance will define risk factors further.
← 24. EU Deforestation Regulation 2023/1115: see requirements in Article 9; see also Article 2(28) “‘geolocation’ means the geographical location of a plot of land described by means of latitude and longitude co-ordinates corresponding to at least one latitude and one longitude point and using at least six decimal digits; for plots of land of more than four hectares used for the production of the relevant commodities other than cattle, this shall be provided using polygons with sufficient latitude and longitude points to describe the perimeter of each plot of land”.
← 25. EU Batteries Regulation 2023/1542: Article 49(1)(d).
← 26. The “involvement framework” differentiates between the due diligence expectations for companies depending on how they are involved with a specific risk or impact – whether they caused, contributed or are directly linked, consistent with the international standards. Where companies cause or contribute to harm, they have a responsibility to stop these activities and provide for or contribute to remedy, In situations where companies are ‘directly linked’ there is more flexibility and RBC standards expect companies to seek to prevent or mitigate adverse impacts by using a range of potential measures. For more information see: OECD (2022), Translating a risk-based due diligence approach into law: Background note on Regulatory Developments concerning Due Diligence for Responsible Business Conduct, https://www.oecd.org/content/dam/oecd/en/topics/policy-sub-issues/due-diligence-guidance-for-responsible-business-conduct/translating-a-risk-based-due-diligence-approach-into-law.pdf.
← 27. EU Corporate Sustainability Due Diligence Directive 2024/1760: Article 9. Adverse impacts are defined with reference to the rights, obligations, prohibitions and international instruments listed in the annex. A ‘severe adverse impact’ and ‘severity of an adverse impact’ are defined, broadly consistent with the international frameworks (see Article 3(1)(b, c, d, l, v; see also Annex).
← 28. ESRS requires companies to describe the list of actions taken in the reporting year and planned for the future, their expected outcomes and, where relevant, how their implementation contributes to the achievement of policy objectives and targets; the scope of the key actions (i.e., coverage in terms of activities, upstream and/or downstream value chain, geographies and, where applicable, affected stakeholder groups); the time horizons under which the undertaking intends to complete each key action; if applicable, key actions taken (along with results) to provide for and co-operate in or support the provision of remedy for those harmed by actual material impacts. See ESRS 2 MDR-A/GDR-A (revised version).
← 29. EU Corporate Sustainability Due Diligence Directive 2024/1760: recitals 45, 53. See also Articles 10(1), 11(1) which refer to the level of involvement, the level of the chain where the impact occurs and the ability of the company to influence a business partner as relevant factors.
← 30. EU Corporate Sustainability Due Diligence Directive 2024/1760: Articles 10, 11.
← 31. EU Corporate Sustainability Due Diligence Directive 2024/1760: Articles 10(1), 11(1) in conjunction with Article 3(1)(o). According to the definition, “appropriate measures” are measures that are capable of achieving the objectives of due diligence in an effective manner, reasonably available to the company and commensurate to the degree of severity and likelihood of the adverse impact. The Forced Labour Regulation also includes the concept. See definition of due diligence in the EU Forced Labour Regulation 2024/3015: Article 2(3).
← 32. EU Batteries Regulation 2023/1542: Article 50(1)(b). Note that implementation guidance is pending.
← 33. Under OECD RBC standards, leverage exists “where the enterprise has the ability to effect change in the wrongful practices of the entity that causes the harm”. Use of leverage will depend on the impact in question, the degree of leverage an enterprise has and other sector specific characteristics. Where enterprises do not have sufficient leverage, they can consider ways to build, including through outreach from senior management and co-operation with other actors to build and exert collective leverage. See OECD MNE Guidelines, para 22; OECD Due Diligence Guidance, Q36-37.
← 34. EU Batteries Regulation 2023/1542: Article 50(1)(b)(ii).
← 35. ESRS S1-S4.
← 36. ESRS MDR-M and MDR-T/GDR-M and GDR-T.
← 37. EU Corporate Sustainability Due Diligence Directive 2024/1760: Article 15.
← 38. EU Batteries Regulation 2023/1542: Article 50(1)(b)(iii).
← 39. EU Corporate Sustainability Due Diligence Directive 2024/1760: Article 15.
← 40. EU Batteries Regulation 2023/1542: Article 51(1)(d).
← 41. EU Corporate Sustainability Due Diligence Directive 2024/1760: Article 15.
← 42. European Sustainability Reporting Standard 2; EU Batteries Regulation 2023/1542: Article 52; EU Deforestation Regulation 2023/1115: Article 12(3).
← 43. EU Corporate Sustainability Due Diligence Directive 2024/1760: Article 16.
← 44. EU Deforestation Regulation 2023/1115: Article 12(4)(c).
← 45. EU Corporate Sustainability Due Diligence Directive 2024/1760: Article 16(3) on delegated acts; Article 16(2) on reporting exemption.
← 46. EU Deforestation Regulation 2023/1115 Article 12(3).
← 47. EU Corporate Sustainability Due Diligence Directive 2024/1760: Article 12.
← 48. EU Forced Labour Regulation 2024/3015: Article 17.
← 49. EU Corporate Sustainability Due Diligence Directive 2024/1760 : Article 14.
← 50. EU Batteries Regulation : Article 49(1)(f).
← 51. EU Deforestation Regulation 2023/1115: Article 31; EU Forced Labour Regulation 2024/3015: Article 9; EU Corporate Sustainability Due Diligence Directive 2024/1760: Article 26.