Over the past decade, due diligence has become a central part of corporate responsibility efforts, particularly through voluntary standards, such as the UN Guiding Principles on Business and Human Rights (UNGPs) and the OECD Guidelines for Multinational Enterprises on Responsible Business Conduct. These standards now underpin many emerging regulatory frameworks, including the Corporate Sustainability Reporting Directive (CSRD) and the Corporate Sustainability Due Diligence Directive (CSDDD). Many companies have embraced these frameworks in good faith, acknowledging their responsibility to prevent harm across their operations and value chains. However, in practice, a gap has emerged between commitment and implementation.
Commitments are outpacing implementation
Many companies make public commitments to frameworks like the UNGPs, yet lack the capacity, or the will, to operationalise those commitments meaningfully. Human rights risk assessments are often superficial, stakeholder engagement is minimal or absent, and supply chain mapping remains opaque. The illusion of due diligence persists, but the substance is missing.
According to the Danish Institute for Human Rights’ 2024 Benchmark, 24 of Denmark’s 30 largest companies now formally commit to the UNGPs. Yet, more than a decade after their endorsement, and despite previous benchmarks and mounting regulation, most still fall short of demonstrating the respect for human rights that the UNGPs require.
This challenge is not unique to Denmark. Globally the World Benchmarking Alliance’s Social Benchmark reveals that 80% of the 2000 most influential companies scored zero on the key steps of human rights due diligence — identifying, assessing, and acting on their human rights risks and impacts. With the scale of these companies’ operations, this failure leaves millions of workers and communities exposed.
This gap not only undermines the credibility of corporate sustainability efforts but also exposes companies to legal, reputational, and operational risks. As regulation begins to catch up, such as through mandatory human rights due diligence laws in the EU and elsewhere, the gap between commitment and capacity is becoming harder to ignore.
The UNGPs outline three core expectations for companies:
- Commit to respect human rights
- Carry out due diligence to manage impacts
- Provide remediation when harm occurs
These principles are now the global baseline, but regulation is raising expectations.
For more on how due diligence can be applied, see our guide on sustainability due diligence and below an image illustrates the steps of the process.
The three main barriers to implementation
One reason the gap between corporate due diligence commitments and real-world impact persists is the continued reliance on soft law frameworks.
The UN Guiding Principles on Business and Human Rights and the OECD Guidelines for Multinational Enterprises have shaped global expectations for responsible business conduct. But as soft law, they are non-binding. They guide behaviour, but do not compel it. They encourage transparency, but do not require companies to prove the effectiveness of their actions or to face consequences if they fall short. This lack of enforceability weakens incentives for deep, structural change.
Moreover, these frameworks still leave companies considerable discretion over how to implement, report on, and assure their due diligence efforts. Independent scrutiny and clear accountability mechanisms are often lacking, which can allow even well-meaning commitments to fall short of providing meaningful protection for workers and communities.
Compounding the challenge is a lack of widespread understanding and ownership within companies. The interpretation of frameworks like the UNGPs often remains confined to a small group of specialists or, in some organisations, such expertise may be missing entirely.
Without broader awareness, internal buy-in, or cross-functional integration, these commitments rarely become embedded into day-to-day business practices. As a result, even companies with strong policy-level intentions can struggle to translate commitments into action.
Even as sustainability regulations gain ground, their implementation often suffers from weak or inconsistent assurance mechanisms.
For example, the EU Taxonomy’s Minimum Safeguards require alignment with international due diligence standards, but the assurance practices remain highly fragmented. In some cases, assurance is limited or superficial; in others, it is overly complex or technical, sometimes bordering on unintuitive. The absence of clear regulatory guidance leaves much of the interpretation to assurance providers, resulting in inconsistent outcomes and low comparability across companies.
How to close the gap between policy and practice
Soft law frameworks have been instrumental in shaping responsible business norms and raising awareness of corporate responsibilities. H commitment alone, without broader understanding, structured implementation, and meaningful accountability, is not enough. Bridging the gap between principles and practice will require continued investment in internal capacity, clearer regulatory expectations, and assurance systems that can help ensure due diligence leads to tangible outcomes, not just procedural compliance.
To help companies close this gap, we have identified 3 key steps:
1. Assess due diligence maturity
Use Nordic Sustainability’s due diligence maturity screening tool to evaluate your company’s practices against key frameworks such as the UN Guiding Principles, OECD Guidelines, and the CSDDD. The tool helps beginners looking for a structured “checklist” and more experienced companies to benchmark their maturity against specific requirements. This process will help you identify any gaps in your current practices that need to be addressed to meet these standards.
2. Prioritise what matters most
Once assessment findings are clear, the next step is to create a targeted implementation. It is essential to prioritise actions based on the severity of identified gaps, available resources, and potential impact, recognising that not all actions can or should be addressed at once.
3. Build capacity and ensure accountability
Invest in internal capacity by training teams on due diligence requirements and best practices. Furthermore, establish robust accountability mechanisms, including regular progress reviews and transparent reporting to ensure that commitments lead to tangible outcomes. Continuous monitoring will help refine efforts and keep due diligence integrated into everyday business operations.
Ready to begin your sustainability due diligence journey?
To learn more, reach out to our Managing Partner, Anniina Kristinsson, akr@nordicsustainability.com.
Read more
On due diligence
- Our step-by-step guide on sustainability due diligence
- Our explainer on the Forced Labour Regulation
- A new tool to support CSDDD preparation
- Learnings from Ørsted and CPH Airports on how to implement CSDDD
International guidelines
- UN Guiding Principles on Business and Human Rights
- OECD Guidelines for Multinational Enterprises on Responsible Business Conduct
- OECD Due Diligence Guidance for Responsible Business Conduct
Reports
Author details
Emma Tatham
Senior Consultant
Anna Katharina Bierre
Senior Specialist and CSDDD Lead
