Where ESG meets AML: Why CSDDD isn’t just for sustainability teams

By Jenny Young, Principal, Avyse Partners

As the compliance landscape evolves, the line between ESG and traditional financial crime frameworks is increasingly blurred. Nowhere is this convergence more apparent than in the Corporate Sustainability Due Diligence Directive (CSDDD), a landmark EU regulation that places on companies a legal obligation to identify and mitigate adverse human rights and environmental impacts across their supply chains.

The supply chain: A growing risk frontier

From forced labour in overseas manufacturing hubs to the hidden environmental costs of logistics networks, global supply chains are becoming hotbeds of regulatory scrutiny. And while ESG teams may focus on reputational and ethical risks, the financial crime lens adds another layer: these same networks can obscure fraud, bribery, sanctions breaches and money laundering.

A recent decision by the UK Court of Appeal in Civ 715 [1] underscores this shift. The court ruled that the NCA had erred in law when it chose not to investigate allegations that goods imported into the UK were made with forced labour in China. The court was clear – where there is evidence of criminal property, including goods tainted by human rights abuses, the authorities have a duty to investigate. While the case stopped short of ordering prosecutions, it nevertheless sent a powerful signal. ESG-linked supply chain failures can now fall squarely within the realm of financial crime.

Leverage what you already have

The good news is that financial crime teams already possess many of the tools needed to support CSDDD compliance.

• KYC and third-party risk assessments can be expanded to include environmental and human rights risks.
• Transaction monitoring data can flag unusual flows that suggest not just fraud or laundering, but potentially ESG-linked abuses.
• Whistleblowing channels, already required under other frameworks, can be adapted to capture supply chain concerns.

Additionally, those firms that already report under the UK Modern Slavery Act (MSA) have a head start, as risk-mapping, supplier declarations and governance processes can all feed directly into CSDDD implementation. Reusing and building on these structures reduces duplication and increases efficiency.

The fraud link

The incoming UK Failure to Prevent Fraud offence also highlights the growing expectation that companies understand and control risks within their broader value chains. Just as CSDDD requires businesses to conduct human rights and environmental due diligence, the new fraud legislation demands similarly proactive prevention – this time for financial crime. In both cases, firms will need to demonstrate that they had appropriate systems and controls in place, or risk being held criminally liable for failings they didn’t directly commit.

Together with the MSA, these developments point to a new compliance paradigm, where ESG and financial crime obligations converge, and supply chain oversight becomes mission critical.

What now?

Despite delays and the current uncertainty around the final scope of CSDDD under the EU’s omnibus negotiations, the direction of travel is clear. Companies are expected to know (and control) their value chains. The most resilient businesses will be those that break down internal silos, embed cross-functional due diligence and recognise that ESG is no longer just about sustainability – it’s a compliance and crime prevention issue, too.