Beyond surface governance: how CS3D exposes what your board cannot ignore

From visibility to accountability in sustainability leadership

When the Corporate Sustainability Due Diligence Directive (CS3D) was first introduced, many saw it as a compliance exercise.

Something for the legal team. A new set of disclosures. A risk register item.

But CS3D is not just about compliance. It is a stress test for your entire governance system.

And increasingly, it is revealing what sits beneath the surface - or, more worryingly, what doesn’t.

This week I take a deeper look at how CS3D will change the nature of governance in corporate thoughts and actions. You can download my latest toolkit, Beyond Compliance: The CS3D Readiness Blueprint here.

---

From box-ticking to boardroom reality

At its core, CS3D forces businesses to answer one question:

If this issue is material - who is responsible for it, and how do we know it’s being managed?

This question, deceptively simple, is where most organisations stumble.

• Policies may be in place, but processes are missing.

• Risk owners may exist in name, but not in accountability.

• Boards may hear about ESG topics, but don’t act when red flags emerge.

CS3D demands that companies connect visibility with action. That directors turn disclosure into ownership.

---

Cross-functional ESG: what it really looks like

Unsurprisingly, governance is not effective when it sits entirely wihtin the sustainability team. It lives across procurement, finance, risk and legal. It doesn’t operate in silos - nor should it. When I was an audit director, the first thing I’d look for when working with a new client was how well the different teams worked together. My heart would always sink at the sight of a siloed business - because I knew it would mean poor performance across the board.

That’s why CS3D isn’t just a sustainability challenge but a governance test for the entire company. When every part of the business contributes, here’s what that looks like:

• Procurement flags supplier risks and validates controls

• Finance challenges emissions data and climate assumptions

• Legal owns escalation routes and contract clauses

• Risk integrates ESG into enterprise frameworks

• Boards interrogate the whole system, not the press release

CS3D reveals the weak spots. And if your teams aren’t integrated, they’ll be exposed.

---

Escalation is where governance breaks - or works

Most sustainability failures are not surprises, but missed signals:

• An ignored whistleblower report

• A supply chain partner failing audit… again

• Human rights risks that remain on the same red list month after month

The real question is:

What happens in your business when an ESG risk emerges?

Does it stay buried in middle management? Or does it trigger escalation, ownership, and action?

CS3D expects escalation processes that work. Effective boards demand visibility, and act on what the reporting shows.

---

Governance maturity: what ‘good’ looks like

Drawing from the CS3D Readiness Blueprint, here’s what mature ESG risk governance looks like:

---

What boards should ask next week

1. Do we know who owns our ESG risks and how they’re managing them?

2. Can we prove control over our CS3D obligations?

3. What was the last ESG issue escalated to the board, and how did we respond?

4. Are our suppliers subject to due diligence… or just clauses?

5. If the regulator arrived tomorrow, what would we hand them?

These are not scare tactics. They are survival strategies.

---

The role of narrative: reporting versus story

CS3D doesn’t want your best story. It wants your best evidence.

But that doesn’t mean narrative isn’t important. The organisations leading the field are those that:

• Build governance systems that work, and

• Know how to explain those systems clearly, internally and externally

If your report says a topic is material, but your teams can’t describe what’s being done about it - that’s where credibility fractures.

---

Final thoughts: governance is resilience

Governance is often misunderstood as a checkbox. In truth, it’s the connective tissue between your operations, your values, and your obligations.

The businesses that thrive under CS3D will be those that:

• Accept the discomfort of scrutiny

• Share the load across teams

• Design systems that escalate, adapt, and improve

If that sounds like a marathon - not a sprint - that’s because it is.

And it’s one worth running.

📘 Download the CS3D Readiness Blueprint
✉️ Subscribe for the next toolkit drop → ancoram.substack.com