Policies and due diligence

Legal base

Article 1 of the DIRECTIVE sets out that the non-financial statement contains information including:

b. "a description of the policies pursued by the undertaking in relation to those matters, including due diligence processes implemented;"

Companies should provide a fair and comprehensive view of their policies.

Companies may consider appropriate disclosures on their approaches to key non-financial aspects, main objectives, and how they are planning to deliver on those objectives. In doing so, companies may explain how management decisions and resource allocations relate to objectives, risk management and intended outcomes. For example, companies may explain their governance risks and opportunities (for instance, on aspect related to climate-related risks and opportunities, or employment conditions), including the oversight of such risks and opportunities by the board.

• A company may consider disclosing information on who in its organisation and governance structure is responsible for setting a specific policy, implement and monitor it, and how investors and other stakeholders may be involved.
  

Due diligence processes

 Due diligence processes relate to policies, and also to risk management and intended (and actual) outcomes. It is commonly understood that due diligence processes are undertaken by a company with the objective of ensuring that it delivers against a concrete objective (e.g.: to ensure that carbon emissions are below a certain level). The objective of due diligence processes may be to identify, prevent and mitigate existing and potential adverse impacts.

Companies should provide disclosures on due diligence processes implemented, and may consider including appropriate information on the decision process to set them up, and how they are intended to work, in particular as regards prevention and mitigation of adverse impacts. Companies may also consider relevant information on setting targets and measuring progress.

• A company may consider disclosures on company policies aiming at avoiding the use of hazardous chemicals, substances of very high concern or biocides, in its products, operationsand supply chain; and on company policies on research, development and use of safe alternatives. Companies may explain how they approach quality, safety and environmental impact of the chemicals that they use, and how they meet the requirements of legislation on chemical safety (e.g.: REACH, CLP).
  
• A company may consider disclosures on company policies aiming at preserving the crucial data (customer data or production data etc.) or the data center according to GDPR. Companies may explain how they approach the protection of personal data or the data center and how they meet the criteria of GDP Regulation.
  

Material changes

Companies are expected to highlight and explain when material changes to their main policies and due diligence processes have taken place in the reporting year.

A company may consider disclosing the following information as regards health and safety:

• Policies in the workplace
• Contractual obligations negotiated with suppliers and sub-contractors
• Resources allocated to risk management, training, monitoring, internal and external auditing
• Resources allocated to Cyber Risks accordind to GDPR
  

Companies may not have developed policies on certain matters that they still consider material. Then, as regards disclosures relating to policies on those specific matters, companies should provide a clear and reasoned explanation. {Article 1 of the DIRECTIVE sets out that "where the undertaking does not pursue policies in relation to one or more of those matters, the non-financial statement shall provide a clear and reasoned explanation for not doing so."}.