New Directions in the European Union’s Regulatory Framework for Corporate Reporting, Due Diligence and Accountability: The Challenge of Complexity

Abstract Climate change and the pursuit of sustainability and sustainable business might be regarded as among the world’s “wicked problems”, especially as they are multi-dimensional problems. Achieving corporate accountability in this context is also difficult when corporate structures are complex as they operate globally and through supply chains. At the European level, under the Green Deal, the Sustainable Finance Initiative and the Sustainable Corporate Governance Initiative include new reporting requirements to amend and expand the scope and application of the 2014 Non-Financial Reporting Directive, alongside changes to directors’ duties to ensure they take account of stakeholders’ needs and environmental and human rights due diligence requirements. This paper will argue that these legislative and regulatory efforts are to be welcomed, but the complexity of the regulation threatens to undermine its potential impact. It may therefore be necessary to reduce some of the complexity of the regulatory arrangements. However, some complexity may increase resilience and adaptability for responding to the risks involved in the uncertainty and unpredictability of climate change and in dealing with complex corporate structures. The answer is to provide robust regulation that will prompt the corporate behaviours required to avoid the catastrophic trajectory we currently face.


I. Introduction
Climate change and the pursuit of sustainability and sustainable business might be regarded as among the world's "wicked problems" 1 because, conceptually, we might not fully know what we are looking for, 2 with competing definitions, 3 constantly evolving scientific evidence and data and dynamic interconnections combining "networks, uncertainty, nonlinearity, thresholds, feedback, and resilience". 4 Corporate structures are complex when they operate globally and through supply chains. Amid these challenges, major effort is being dedicated to shaping new laws to ensure corporate accountability and sustainability. At the European level, the Sustainable Finance Initiative 5 and the Sustainable Corporate Governance Initiative 6 include new reporting requirements to amend and expand the scope and application of the 2014 Non-Financial Reporting Directive (NFRD), alongside changes to directors' duties to ensure they take account of stakeholders' needs and environmental and human rights due diligence requirements. 7 These measures fit in with the global normative agenda laid out in the United Nations (UN) 2030 Agenda 8 and the UN Guiding Principles on Business and Human Rights (UNGPs), 9 and they promise to deepen and strengthen the regulatory framework to drive forward the agenda for sustainable business and finance under the European Union's (EU) Green Deal. 10 This paper will argue that the complexity of the regulation threatens to undermine its potential. 11 Indeed, excessive regulatory complexity may be counterproductive if, in practice, the requirements are too costly and difficult to work with. However, some complexity may be necessary to increase resilience and adaptability for responding to the risks involved in the uncertainty and unpredictability of climate change and in dealing with complex corporate structures and complex issues such as social justice. 12 The answer is therefore not so simple as merely reducing or simplifying the regulation. Most important of all is providing robust regulation 13 to prompt the corporate behaviours required to avoid the catastrophic trajectory we currently face.
Faced with a three-dimensional picture of complexityclimate change and sustainability, organisational corporate complexity and regulatory complexityone of the dimensions, climate change, is predominantly naturally complex, requiring an appropriate response at the other dimensions. This paper focuses on those two other dimensions: organisational complexity (connected to corporate and business structures) and regulatory and legal complexity (connected to the development and structure of the regulatory approach), and it asks to what extent they might, individually and together interactively, stand in the way of achieving business sustainability. Suggestions are made for reducing those barriers, recognising also that a complete simplification on either dimension is unrealistic. The paper next describes the implications of complex global business structures. 4 J Wells, Complexity and Sustainability (Abingdon-on-Thames, Routledge 2012) Introduction, abstract. 5 European Commission, Sustainable Finance <https://ec.europa.eu/info/business-economy-euro/banking-andfinance/sustainable-finance_en> (last accessed 3 May 2022). 6 European Commission, Sustainable Corporate Governance <https://ec.europa.eu/info/law/better-regulation/ have-your-say/initiatives/12548-Sustainable-corporate-governance_en> (last accessed 3 May 2022). 7 Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions, EU Taxonomy, Corporate Sustainability Reporting, Sustainability Preferences and Fiduciary Duties: Directing finance towards the European Green Deal COM/2021/ 188 final. 8 UNDESA, "Sustainable Development: Transforming our world: the 2030 Agenda for Sustainable Development" <https://sdgs.un.org/2030agenda> (last accessed 1 September 2022). 9 United Nations, "Guiding Principles on Business and Human Rights" <https://www.ohchr.org/sites/default/ files/documents/publications/guidingprinciplesbusinesshr_en.pdf> (last accessed 1 September 2022). 10 European Commission, A European Green Deal <https://ec.europa.eu/info/strategy/priorities-2019-2024/ european-green-deal_en> (last accessed 3 May 2022). 11 In this way, the paper complements the argument in the article by Clemens Kaupa in this special issue. 12 See, eg, E Thrift and J Sugarman, "What Is Social Justice? Implications for Psychology" (2019) 39(1) Journal of Theoretical and Philosophical Psychology 1. 13 P Gai, M Kemp, AS Serrano and I Schnabel, "Regulatory complexity and the quest for robust regulation" (2019) Report of the Advisory Scientific Committee, No. 8, European Systemic Risk Board <https://www.esrb. europa.eu/pub/pdf/asc/esrb.asc190604_8_regulatorycomplexityquestrobustregulation∼e63a7136c7.en.pdf> (last accessed 3 May 2022). Section III, IV and V highlight how complexities impact the reporting framework and due diligence requirements and the extent to which those complexities are exacerbated or resolved within the new European sustainability initiatives. In Section VI, the paper proposes how EU policy actors and legislators might respond.

II. Organisational complexity as a key feature of global business
Zinkin finds complexity to be "when the whole is made up of interrelated parts so that simple 'cause and effect' chains are replaced by complicated, rapidly changing, interdependent forces and events". 14 Such complexity resides in many large corporations. 15 Some complexities will be inevitable in "diverse, dynamic and interconnected" 16 environments with many different interrelated sections or units interacting in ways that cannot be easily explained. In the context of globalisation, this complexity is exacerbated as businesses operate across a range of countries and cultures and in different legal and regulatory settings. 17 The global market is characterised by "extremely Byzantine networks of contractors and sub-contractors". 18

Different corporate complexities
Often, the boundaries between large companies, corporate groups and supply chains are blurred and parent companies may operate with subsidiaries in many different locations. 19 Multi-layered and multi-dimensional supply chains involve fragmented production with fluid and dynamic arrangements. 20 Complexities could be horizontal (width of the supply chain), vertical (depth of the supply chain) and spatial (geographical), each with uncertainties, production disruptions and regulatory challenges. 21 Imposed complexities tend to come from outside the organisation, such as through laws and industry regulations, which cannot be shaped or influenced by the corporation itself. Inherent complexity may arise from the intrinsic features of the business. Designed complexity may arise from the choice of products, locations and customers adopted for the business. Unnecessary complexity exists when the business needs and the processes supporting it are misaligned. 22  chains, companies may be able to locate their first-tier suppliers, but the suppliers in the lower tiers are frequently difficultthough arguably not impossibleto identify. 23 2. Beneficial or necessary complexities Some complexities grow organically with the business and, argue Reeves et al, they may offer the advantages of resilience, adaptability, inimitability, interconnection and coordination. 24 For example, a business with diverse staff and different technologies may adapt more easily to changing circumstances; more complexity could reduce susceptibility to imitation by competitors. 25 Diversification of suppliers and buyers and cross-border trade could also protect against disruption threats. 26 Building redundancy into the arrangement might also improve robustness and resilience to withstand supply shocks or recover from them more quickly, 27 though diversification could also slow down recovery if it is not accompanied by close working relationships. 28

Artificial or problematic complexities
Alternatively, complexity could be artificial and deliberately constructed to evade responsibilities, 29 to exploit regulatory gaps or to hide problems. Thus, while multi-national corporations might be incorporated and headquartered in a particular jurisdiction, their economic activities could occur abroad beyond the regulatory reach of their home jurisdiction, or they may operate in low-income countries with insufficient resources or structures for effective regulation, 30 freeing a corporation to pursue its activities without barriers, even at others' expense, such as with carbon leakage, giving rise to a need for EU or international regulation.
Fleming and Zyglidopoulos highlight the ethical challenges of complex corporate structures, not least that a corporation may lack full knowledge of the ethical standing of its own commodity chain, such as the fashion company, Gap, which was seemingly ignorant of the child labour employed by its Indian subcontractor. 31 This example is not unique and such ignorance is not always accidental or innocent. Indeed, such complexity may encourage and exacerbate the risks of bad behaviours, including dishonesty and corruption, allowing corporations to exploit the "invisibility" of wrongdoing in some locations. Corporations easily hide from their impacts by relocating or outsourcing those harmful and embarrassing business operations. 32 Deception derives from differentiation, compartmentalisation and specialisation in relation to profession, task, information access, 23   technology and groupthink. 33 It is also easy to shift blame or responsibility away to another section or person within an organisation and to develop ethical or social distance from where the consequences of their actions take effect. 34 Individual actors feel less personal responsibility in a so-called "fog of complexity". 35 This was famously illustrated by the collapse of Enron, in which the company adopted complicated structures using special-purpose entities and accounting devices that masked financial peril. 36 Sometimes, complicated organisational structures combine with legal complexities, leading to a further reduction of accountability, as evidenced by the frequently unsuccessful litigation involving parent and subsidiary companies. Parent corporations are rarely found liable for the conduct of their subsidiaries. 37 Blumberg highlights how corporate structures have become hugely complex within the current global marketplace that operates speedily, with sophisticated technologies and networks designed to generate high profits for the "owners" of such entities. The consequence is that "the legal system : : : is incapable : : : of dealing effectively with the problems of the multi-tiered multinational corporate group functioning with a parent corporation, sub-holding companies, and scores or hundreds of subsidiary corporations organized under the laws of countries around the globe". 38 Fisse and Braithwaite observe that "offences by subsidiaries often occur against a background of parental connivance or pressure where the attitudes of those at group headquarters may permeate a whole string of subsidiary companies. The complexity reduces transparency, allowing for possible smoke and mirrors to conceal wrongdoing and an escalation of corrupt behaviours." 39 Moreover, attempts at creating transparency can also become blighted by deception so that reporting, purportedly to increase transparency, may also become misleading and unhelpful. Indeed, as the demise of the US corporation Enron, 40 and, more recently, Carillion PLC in the UK 41 and Wirecard, the German Fintech company, 42 illustrated the potential results of complex structures and creative accounting, the financial crisis of 2008 also arose from sub-prime mortgages and bad debts manifesting as a relatively complex accounting phenomenon, so that most analysts did not anticipate the market collapse. 43 33

Conclusion
Overall, business operational complexities can lead to obfuscation and deception, and they can create obstacles for victims of harmful conduct if they seek redress. Yet, against the backdrop of a planet experiencing climate change, and with the potential for disruption of production and supply, it is also necessary to accept that complexity and diversification within the business structure may be necessary features to protect it against those disruptive threats. Complexity thus has a double edge: one that is threatening and problematic and another that is protective and beneficial, at least for the corporation. The regulatory response must therefore recognise and accept some complexity as a necessary by-product of producing something of societal benefit, and at the same time deter complexity that hides dishonesty or harm. Regulation is explored in the next two sections.

III. Regulatory complexity: reporting requirements
In supply chains, regulatory gaps open up where host states' legal systems are underdeveloped or the host states are concerned with attracting foreign investment, leading them to overlook domestic law violations or to hold off on passing "burdensome" human rights regulations. 44 More concerningly, governance and regulatory gaps 45 provide global value chains with opportunities for regulatory arbitrage, corruption and human rights violations. Given the nature of the challenge of climate change and sustainability, vested interests and lobbying will limit the abilities of the regulatory and supervisory authorities to be fully effective, but the role of regulation remains important.
The predominant regulatory response has been to seek greater transparency through legal reporting requirements: transparency should ensure clarity and honest behaviours by the corporate actors, especially the boardroom directors and managerssunlight is viewed as "the best disinfectant". 46 Corporate reporting should therefore provide information that is useful to present and potential investors and to creditors and other users in making rational investment, credit and similar decisions 47 and in bridging the gap emerging in the so-called separation of ownership and control of a corporation 48the agency relationship dilemma of effective monitoring. 49 In short, reporting and disclosure of information should allow shareholders and stakeholders to be confident about their investments or relationships with the company and to be able to hold boards to account. This "regulation by revelation" should reduce corruption, increase trust, encourage participation and result in a more effective administration. Trust and transparency are theoretical bedfellows, alongside accountability and integrity. 51 By disclosing information, an organisation provides recipients with an opportunity to assess its processes, behaviours and performance, 52 which is "essential for increasing trust". 53 This connection between transparency and trust underpins the corporate disclosure and reporting standards. 54 Unfortunately, this theoretical claim has never really become the reality. In fact, instead of increasing transparency, reporting requirements often lead to obfuscation and confusion, 55 allowing harmful behaviours to continue unchallengedthe opposite of what reporting is supposed to achieve. The next three subsections describe the problems in financial reporting and non-financial reporting.

Financial reporting
Financial reporting and the legal and regulatory requirements for such reporting have a long history 56 and are widely recognised as being complex and technical, 57 with the reports being too long and containing an "overload of information" that "obscures the clear presentation of performance", 58 and with annual accounts and reports even being described as "unintelligible". 59 These problems increase for accounts covering large and complex organisational arrangements across different jurisdictions.
In recognition of the needs of companies and investors acting in global markets and of the need for global capital to flow freely, International Financial Reporting Standards (IFRS) were developed to bring transparency, accountability and efficiency to financial markets. 60 One set of globally recognised standards would enhance international comparability and quality of financial information. The aim is to ensure the clarity and comparability of financial statements, to limit administrative burdens and to provide for simple and robust accounting rules, especially for small and medium-sized enterprises (SMEs). 61 Regulators could also use the standards as a source of globally comparable 51 61 Directive 2013/34/EU on the annual financial statements, consolidated financial statements and related reports of certain types of businesses, Preamble, para 1 <https://eur-lex.europa.eu/legal-content/EN/TXT/? uri=CELEX:32013L0034> (last accessed 1 September 2022); also see "Financial reporting: EU rules on financial information disclosed by companies", available at <https://finance.ec.europa.eu/capital-markets-union-andfinancial-markets/company-reporting-and-auditing/company-reporting/financial-reporting_en> (last accessed 1 September 2022).
information and a single, trusted accounting language that lowers the cost of capital and reduces international reporting costs. 62 The EU introduced an International Accounting Standards Regulation in 2002, 63 requiring consolidated accounts of listed companies to be published in accordance with the IFRS.
Notwithstanding the existence of globally recognised reporting standards, the nature of financial reporting remains elaborate and technically complex. Shareholders and others outside the boardrooms still frequently lack the information they need to hold managers to account. 64 Detailed financial reporting standards and organisational complexity lead to elaborate but nebulous financial statements. 65 The multi-layered complexity of this reporting "mini-world", 66 involving many constitutive elements (eg standard setters, regulators, auditors, business managers), 67 can divert from the intended benefits of reporting, undermining trust and confidence in the financial reporting system. 68 Moreover, with larger companies, the reporting gets more complex, exacerbated by increasing legislative and regulatory demands for information across a broad range of business areas, going beyond requiring just the financial details. The growing legislative demands for climate risk-related information within the financial accounts following the recommendations of the Taskforce on Climate-Related Financial Disclosures represent an important development that highlights the links between financial performance and climate risks and opportunities. Important as these disclosures will be, the requirements are likely to add to the complexity involved in financial reporting and accounting, taking account also of the different demands made of these approaching additional mandatory legal requirements: investors seek greater clarity regarding their exposure to the risks; financial centres seek to benefit from the new market for climate-linked securities; and governments hope that such reporting requirements will contribute towards the reduction of corporate emissions. 69 The added complexities cannot be denied, with what has been described as a "blizzard of regulation and policy coming down the line". 70 2. Non-financial reporting Non-financial reporting covers corporate social responsibility (CSR) and sustainability reporting. With regards to CSR reporting, Tschopp and Huefner explain that the three most widely recognised CSR reporting standards are the Global Reporting Initiative's (GRI) G3 standards, Account Ability's AA1000 Series and the UN Global Compact's Communication on Progress, but that there exist hundreds of domestic CSR reporting guidelines, principles, regulations and standards, as well as other global initiatives. 71 More recent initiatives focusing on sustainability have included the commitment to include environmental, social and governance factors in investment decision-making made by signatories to the UN Principles for Responsible Investment, launched in 2006, and its Sustainable Development Goals.
These multiple initiatives lead to a complex regulatory landscape and call for harmonisation perhaps to reduce some of that complexity. At the EU level, many of the different approaches to non-financial reporting were brought together in the NFRD, 72 adopted in October 2014 with a date of implementation in all EU Member States by 2018, amending Directive 2013/34/EU as regards disclosure of non-financial and diversity information by certain large undertakings and groups. A specific objective of the NFRD is "to increase the relevance, consistency and comparability of information disclosed by certain large undertakings and groups across the Union". 73 The NFRD, together with Guidelines published in 2017, gives companies significant flexibility to disclose relevant information in the way they consider most useful. 74 This could be regarded as a positive and smart approach because it allows companies to report on what is relevant rather than providing a tick-box report full of redundant information and "noise". Undertakings can focus on what they see as relevant in terms of their own activities and impacts. However, the downside is that this approach allows for multiple forms of presentation by different companies, adding to the overall complexity of the broader collection of reports rather than reducing it, leading to "a fragmented reporting landscape" in which "the ability to engage in meaningful cross company comparisons by stakeholders is likely to be significantly hampered". 75

Integrated reporting
Integrated reporting (IR) bridges the different reporting arenas and could be viewed as a potential solution to the information overload and complexity challenge. Thus, an Integrated Reporting Framework, introduced by the International Integrated Reporting Council (IIRC), operates on the basis of a set of IR principles, including: strategic focus and future orientation; connectivity of information; stakeholder relationships; materiality; conciseness; reliability and completeness; and consistency and comparability. The goal is to improve and streamline communication and transparency, but also to improve integrated thinking and internal organisation, as well as to provide quality information on a company's value-creation processes over time. 76  structures fail to address the complexity of the contemporary and globalised business environment and the many silos within those organisations. 77 To date, IR has inspired little confidence in the benefits promised because it remains voluntary, is susceptible to regulatory capture and there is little by way of standardised methodology in the reporting practices. 78 The existence and influence of competing regimes such as the Sustainability Accounting Standards Board and the GRI, alongside the IIRC, mean that comparability remains an elusive goal for sustainability information. 79 Consequently, integrated reports are "significantly longer and less readable (i.e., less concise), and more optimistic (i.e., less complete and balanced)". 80 In addition, "firms with worse social performance provide reports that are foggier (i.e., less concise) and with less information on their sustainability performance (i.e., are less complete)". 81 Some firms use "quantity and syntactical reading ease manipulation as well as thematic content and verbal tone manipulation as impression management strategies". 82 The Integrated Reporting Framework provides for a variety of different understandings of IR's scope and content, leading to fragmentation across different institutional regimes and diversity in IR practices. 83 In short, the emergent IR landscape appears to be "fragmented, cluttered and highly contested". 84

Resulting practices within a complex regulatory landscape of financial and sustainability reporting
The above discussion has shown that complexity is a prominent feature of reporting. Lack of standardised or clear regulatory requirements contributes to unclear, minimalist and low-level comparability of corporate sustainability and non-financial reports. 85 The result is that companies find it difficult to report on different issues relevant to specific stakeholders, 86 and both reporters and recipients may suffer information overload 87 and confusion.
These problems are worsened in the context of climate change and the pursuit of sustainability, in which complexity and susceptibility to different understandings 88 may contribute to neutralised reporting and impression management tactics. 89 It may in fact be impossible to present simplistically what is inherently complex. 90 Conversely, some firms also engage in impression management through providing minimal disclosures. 91 Ultimately, companies may lean towards presenting "an illusion of transparency"more information, but with less understanding, and maybe less trust. 92 Despite these observations, the European Commission conducted a "Fitness Check" of the International Accounting Standards Regulation as well as the Accounting, Transparency and Non-Financial Reporting Directives and reported in April 2021 that the regulatory framework is broadly fit for purpose. 93 The fitness check identified some caveats, including lacunae in the Accounting Directive with regards to a lack of standardisation on some accounting treatments, leading to a lack of relevance and comparability of reports and a lack of timeliness. And with regards to sustainability information requirements, the NFRD may no longer be an adequate response to new challenges, in particular the growing needs of investors and other stakeholders for information relating to sustainability.
While the Commission's Fitness Check does raise the issue of complexity for preparers of reports, with regards to the IFRS, such complexity arises more from the activities being reported upon than from the standards themselves, and from the level of optionality that the preparers have asked for. 94 The Fitness Check may justify the conclusion that the EU law-reporting regulation to date is complex but manageable given the variety of corporate activities to be reported upon. Moreover, in terms of responding to the new sustainability challenges, the Fitness Check makes clear that reforms are required to ensure that the NRFD stays relevant and to enable preparers and users to respond adequately and effectively. The next section explores the recent EU-level efforts to address the challenges faced.

IV. The European Union's sustainability project
The EU has been busy with efforts to tackle climate change and address social and economic sustainability challenges, developing a regulatory framework that seeks to make business practices more sustainable. The aim is to enable companies to focus on long-term sustainable value creation rather than on short-term benefits and to align better the interests of companies, their shareholders, managers, stakeholders and society. The project is two-fold: (1) a new sustainable reporting directive and (2) a sustainable corporate governance initiative to "help companies to better manage sustainability-related matters in their own operations and value chains as regards social and human rights, climate change, environment, etc.", 95 with a proposal for a new directors' duty to stakeholders and a directive requiring environmental and human rights due diligence. This section asks whether these two proposals will manage to overcome the problems identified. 90

The sustainability reporting directive
As part of its European Green Deal 96 and Sustainable Finance Action Plan 97 and in furtherance of the UN Sustainable Development Goals, 98 on 21 April 2021, the European Commission adopted a proposal for a Corporate Sustainability Reporting Directive (CSRD), amending the existing reporting requirements of the NFRD to include information on a broader range of environmental, social and governance factors and for such information to be provided in line with new reporting standards created by the European Commission through its European Financial Reporting Advisory Group. Adopting a shift in terminology from non-financial information to sustainability information (to reflect that such information does have financial relevance), the CSRD seeks better data from companies regarding their sustainability risks and impacts and to improve the reliability, comparability and relevance of the information provided by companies regarding their sustainability risks, opportunities and impacts. The proposed CSRD, covering all large companies and all companies listed on regulated markets (except listed micro-enterprises), aims also to tackle the "lack of precision in the current requirements, and the large number of private standards and frameworks in existence", 99 and to "bring clarity and certainty on what sustainability information to report, and make it easier for preparers to get the information they need for reporting purposes from their own business partners". 100 Reported information will have to be audited and companies will need to digitally "tag" the reported information to make it machine readable and feedable into a European single access point envisaged in the Capital Markets Union Action Plan.
The proposal builds on and revises the sustainability reporting requirements set out in the NFRD in order to make sustainability reporting requirements more consistent with the broader sustainable finance legal framework, including the Sustainable Financial Disclosure Regulation 101 and the Regulation on the establishment of a framework to facilitate sustainable investment (the Taxonomy Regulation), 102 as well as to them tie in with the objectives of the European Green Deal. The proposal will also amend the Audit Directive, the Audit Regulation and the Transparency Directive. The Taxonomy Regulation requires relevant companies to disclose certain indicators regarding the extent to which their activities are environmentally sustainable. These disclosure obligations will be specified by a separate Commission delegated act -Level 2 technical reporting standardsand they are likely to retain the double materiality requirement in the NFRD so that companies will have to report on the risks to companies and the impacts of companies on society and the environment. These indicators are complementary to the information that companies must disclose to comply with the NFRD itself.
A striking feature of this effort at the EU level is the multiple layers and interrelated legislative instruments involved in the proposed new reporting framework, covering financial and non-financial entities in their sustainability reporting requirements. The new sustainability reporting directive will amend and complement already-existing directives. In addition, the list of sustainability matters to be reported on has grown significantly, taking into account multiple aspects of environmental, social and governance issues. The technical and legal details of the EU measures on sustainability reporting are not trivial. The new provisions are likely to advance reporting and disclosures relating to sustainability, extending the scope to 49,000 companies, providing standardisation of sustainability reporting through the implementation of standards, introducing mandatory assurance, requiring the inclusion of such information in management reports and requiring the reporting format to be in accordance with the European Single Electronic Format Regulation. 103 However, the expansion and complexity of these additional and extensive reporting requirements are likely to present challenges for reporting companies, and they are also likely to overlap or possibly conflict with other developing reporting requirements and frameworks such as the International Sustainability Standards Board prototype climate standard, the Task Force on Climate-related Financial Disclosures, the Sustainability Accounting Standards Board and the GRI Universal Standards. Multiple standards are being created by the European Financial Reporting Advisory Group under a detailed reporting architecture. One potential risk is that this newly developing EU reporting legislation will result in too many standards and a lack of consistency of disclosures across companies. 104 Clearly, they are likely to require professional training for lawyers and accountants, analysts and financial advisers to get up to speed on the requirements. Working through the layers of regulation is likely to be challenging and might result in longer and still more complicated corporate reports.
As reporting itself does not necessarily lead to full transparency, nor full protection against risks and impacts, there has also been a turn towards due diligence that will require corporations to identify and mitigate risks in their processes. To what extent could this further move lead to more effective accountability given the complexity that has been highlighted in this discussion? This is explored in the following section.

V. Due diligence
The EU's sustainable corporate governance plan includes the possibility of due diligence following the example set in the UNGPs 105 and the Organisation for Economic Co-operation and Development (OECD) Guidelines for Multinational Enterprises and based on key process requirements regarding the identification, prevention and mitigation of relevant risks and negative impacts on the part of the company. 106 In the sustainable business context, due diligence should constitute a thorough analysis of a firm's business, assets, performance, relationships and impacts to identify any potential risks arising from its activities and processes. Then the company should include details of its due diligence process and findingsregarding its risks, impacts and responsesin its reports. 107 The European Parliament views due diligence as a preventative process through which companies will take proportionate measures to avoid negative impacts resulting from their business activities. 108 The European Commission recently published its proposed Directive, delayed beyond the original schedule of publication in June 2021. 109 The riskbased approach inherent in this proposed due diligence regulation requires a corporation actively to look for relevant risks and to show how it has taken steps to erase or mitigate those risks.
While research evidence at the EU level indicates that due diligence is likely to result in reductions in negative impacts, 110 there are still some problems that can be identified. The risk-based approach, while acknowledging the "complexity of corporate decision-making and global supply chains", 111 may potentially result in a "plurality of law-making mechanisms, and the complex landscape featuring the legal centre, the legal periphery and the social environments of law". 112 The aspirational quality of the due diligence plans means that "there is no single answer" to how businesses should conduct human rights due diligence, and this is likely to "vary greatly with different contexts". 113 Importantly, the scope of the proposed Directive could have been much more extensive but instead is limited to "established business relationships" and leaves out SMEs, even though some of those could conduct riskier activities. Similarly, companies within the financial sector are also excluded from some of the key obligations applying to other sectors. The Directive also fails to provide for strong stakeholder engagement when this could be a helpful way of limiting some of these riskier activities. Ultimately, corporations retain significant freedom to conduct their due diligence in ways that remain compatible with their commercial interests, potentially at the expense of more far-reaching improvements. Furthermore, litigants face multiple problems when pursuing claims against companies: time limitations are often stringent, and they may not have access to the documentation data to support their claims. 114 In conclusion, while the proposed human rights due diligence directive will help to level the playing field and erase the existing divergent and fragmented legislation, this complex EU-level (and global and harmonised) regulatory landscape could still include overlapping and redundant regulations (unnecessary red tape), wasted budgets and human resources, information and regulatory overload and unpredictability. 115 Such fragmentation could produce the opposite of what was intended. A parallel exampleand a warningmight be found in the work of Andrijasevic and Novitz, who find in the context of "unfree labor" that regulations have not protected workers as they were intended to do, instead creating "a complex "overregulated" legal and codified regulatory landscape". 116 The combination of international, regional and corporate regulation has established a "system of institutional exploitation". 117 How might some of these problems be resolved?

VI. Some possible solutions
This paper has highlighted problems of complexity on three dimensions. The sustainability challenge and climate change problems are clear and obvious, 118 but given the multiplicity of interests involved, the solutions to these are deemed inherently complex and evolving, necessitating constant learning and collaboration between scientists and business, policy and regulatory actors and institutions. Efforts to strive towards clearer, universally accepted definitions and understandings of sustainabilitysuch as with the UN 2030 Agenda for Sustainable Developmentmight also lead to changes in structural arrangements and to policies and regulations that get closer to targeting the right issues. Given the observations above, there need to be responses at both the corporate operational level and the regulatory level, considering also the possible interactions between them. Removal of unnecessary or wasteful redundancies is required, but at the same time their provision must be resilient and adaptable so that reliability is maintained and goals are met.

Corporate operational and organisational solutions
Corporate operational and organisational responses alone will not resolve the climate change problems, but they may contribute positively to their solution. While some redundancy is required to ensure that corporations and supply chains can withstand economic, environmental or other shocks, it is still important to seek structural arrangements that allow for real transparency and integrity and that do not cover up dishonest, fraudulent or other harmful practices. Can supply chains be shortened in a way that does not create more risks such as over-lean supplies? Could more centralisation within a chain help to improve, standardise or manage constrained resources across units? Master-data management across subfunctions may, for example, help to improve process and compliance oversight 119 if it is built into effective corporate governance systems.
Gold and Heikkurinen highlight the challenges that supply chain size and complexity present for those aiming to achieve transparency. They recommend shortening those chains and reducing the distance of the economic organisation to make them more comprehensible. By localising the supply chains, they argue, stakeholders would then more easily be effective monitors, 120 though not always if the interventions are not well 116 R Andrijasevic and T Novitz, "Supply Chains and Unfree Labor: Regulatory Failure in the Case of Samsung Electronics in Slovakia" (2020) 6 Journal of Human Trafficking 195, at 206. Similar criticisms might be made of the corporate and investment capital regulation landscape more generally. Space limitations prevent further elaboration, but for a discussion of this issue, see Basel Committee on Banking Supervision, "Discussion paper: The regulatory framework: balancing risk sensitivity, simplicity and comparability" (July 2013). 117 Andrijasevic and Novitz, supra, note 116. 118 As made clear in the IPCC reports on the causes of climate change and its potential impacts: see <https:// www.ipcc.ch/reports/> (last accessed 1 September 2022). 119 K Alicke, E Dumitrescu, M Leopoldseder and M Schlichter, "How great supply-chain organizations work" (McKinsey, 24 September 2020) <https://www.mckinsey.com/business-functions/operations/our-insights/howgreat-supply-chain-organizations-work> (last accessed 3 May 2022). 120 Gold and Heikkurinen, supra, note 16. coordinated. 121 Gold and Heikkurinen's argument is inspired by the work of environmental economists such as Schumacher, 122 Daly 123 and Latouche, 124 and more recently by those active in campaigns for local produce. 125 Again, any shortening of the supply chain should not put resilience and reliability of the supply chain at risk by causing the chain to be too small or too localised. 126 Degrowth itself should not viewed in an oversimplified way. It requires a shift towards more qualitative goals and the human relationships involved in production activities, and it may also require that, societally and economically, there is a shift of focus towards the relationship between humans and nature in their business and production activities. 127 Mitigation against excessive supply chain complexity could include the use of blockchain technology, which increasingly presents real opportunities for supply chains to become more transparent, flexible and secure. Moreover, blockchain plays a crucial role in building mutual trust with supply chain stakeholders, 128 at least by collecting relevant data, though governance structures and actors will determine how such data are used. Manuj and Sahin suggest additional mitigation strategies including maintaining flexibility within the workforce, building buffers against logistical or supply shocks, knowledge management and relations management together with integration, collaboration and cultural alignment. 129 Utilisation of supplier relations management techniques could also help to ensure that purchasing companies are able to conduct clear and effective due diligence of the risks with which they are concerned and to maintain long-term relationships with their suppliers. 130 The regulatory framework will play an important role in influencing decisions made in large corporations and supply chains. The next subsection returns to focusing on addressing the regulatory issues.

Legal and regulatory solutions
Climate change and sustainability have large spatial and time spans, with challenges for resource and economic redistribution socially, geographically and generationally, and they present major hurdles for policy actors and legislators to create effective law: they give rise to "moments" for the "enactment of provisions specifically designed to maintain the legislation's ability to achieve its long-term objectives over the longer term". 131 Both short-term and long-term interests must be respected, especially because, as Lazarus observes, climate change (and sustainability) legislation "imposes costs on the short term for the realization of benefits many decades and sometimes centuries later", with the risk that it will simply be "unraveled" over time. 132 The challenge is to develop a legal framework that is both "flexible in certain respects and steadfast in others. Flexibility is necessary to allow for the modification of legal requirements over time in light of new information. Steadfastness or 'stickiness' is important to maintain the stability of a law's requirements over time." 133 What is the right balance to strike for these legislative and regulatory efforts? As with corporate structures, the legal and regulatory framework must respond to the organisational and system complexities without over-regulating so much as to hinder accessibility or claritya fine balancing exercise! For sustainability reporting and due diligence, all interested parties need to adopt at least a collective understanding of the risks and work on establishing common goals and objectives, and some streamlining and rationalising is required to "clean up" many of the overlapping and potentially contradictory reporting requirements. 134 It is necessary to distinguish the redundancies that are "inefficient" and those that are "constructive and reinforcing", removing the former and retaining the latter in order to allow the system to be reliable and adaptable. 135 A systemic approach is necessary while providing certainty about the connections and the objectives between the sustainability goals and the legislative provisions. In the words of the European Systemic Risk Board 2019: [R]egulation should be complex (state-contingent, risk-sensitive, case-dependent) enough to appropriately capture the heterogeneity of institutions, risks and circumstances, but not so convoluted and onerous to comply with and enforce that it results in unnecessary cost burdens, discourages competition and innovation, leaves room for regulatory arbitrage or induces hard-to-anticipate behaviours that can increase systemic risk. 136 As noted above, some overlap could help to overcome the resilience and reliability issues in the policy and legislative arenas, such as having multiple regulatory bodies who can monitor corporate behaviours and each other's actions, providing a regulatory safety net and a support for regulatory innovation, allowing for the more effective rules and regulatory responses ultimately to be given preference. 137 Of course, multiple regulatory actors and institutions, may give rise to misunderstandings and goal divergences. Communication and agreements about specific roles and goals are therefore essential to avoid additional unhelpful complexity emerging. 138 The relevant laws need to be robust and capable of promulgating the desired behaviours and outcomes. To attain this regulatory quality, Gai et al recommend seven principles according to which the financial regulatory framework should be designed, which could perhaps be applied more broadly to reporting and sustainability-focused regulation: 139 (1) Adaptability: ability to evolve and not hinder innovation; (2) Diversity: varied institutions and business models with substitutability through redundancies; (3) Proportionality: self-regulation proportionate with market imperfections; (4) Resolvability: regulate not to avoid failure but to ensure failure does not disrupt; (5) Systemic perspective: ensure provision of services rather than seeking institutional survival; (6) Information availability: access to information to identify vulnerabilities and contagion risks; (7) Non-regulatory discipline: market discipline, corporate governance and managerial ethics to complement regulation.
The combined CSRD and Corporate Sustainability and Due Diligence Directive (CSDD) regimes should at the least be in alignment with each otherfor example, on the scope of companies covered. In their current proposed formats, the proposed CSRD will apply to a much more extensive number of companies than the CSDD. Arguably, the CSDD's scope should be extended to mirror that of the CSRD and with less opportunity for companies to make use of loopholes that have emerged (eg through the contractual assurances provisions that could be used as a way to avoid responsibilities). 140 Indeed, the steps towards mandatory due diligence requirements at the EU level signify that reporting itself is not enough. Due diligence necessitates a more fulsome and active approach on the part of the corporations as they must show that they have acted to eradicate or mitigate any risks to stakeholders identified in their internal examination processes. Further clarification of some of these details is also required to ensure that the legislation has the intended impacts. For example, what does mitigation really entail? The due diligence legislation will also require measurement of the impacts and the results of the efforts made. One risk is that such due diligence requirements might, in the long term, incentivise corporations to shorten their supply chains so that they can cope with these demands. While this might reduce complexity, it might also encourage shifting of relationships in order to avoid established business relationships and would bring companies into contact within the boundaries of the Directive. A more robust regime, as envisaged by Gai et al, might also require more effective enforcement, with more meaningful stakeholder engagement and greater access to justice and remedies, than is currently presented. Closer alignment with some existing frameworks such as the UN and OECD human rights due diligence standards would also make for a more coherent universal body of requirements that might in themselves go some way towards reducing some of the complexity within the system. 141 Overall, it is currently early days for human rights or sustainability-related due diligence, but researchers have identified at least three prerequisites for success: transparency; external participation and verification; and monitoring and review. 142

VII. Conclusion
This paper has observed the impacts of the complexities of multinational corporations, corporate groups and supply chains: while their redundancies can protect them and their customers from supply shocks and unnecessary costs, they also provide opportunities to hide exploitative or harmful practices. Despite many reporting and disclosure requirements, these have not necessarily improved those corporate practices sufficiently. Moreover, the reporting requirements are themselves complex, leading to "over-regulation", lack of clarity and information overload and cost. Ongoing reform efforts at the EU level, while important and worth pursuing as efforts to harmonise and simplify the regulatory landscape, in fact risk increasing the complexity already burdening this regime. In this realm, due diligence legislation could represent an advance for reporting, going further than voluntary measures and requiring more proactive and responsive vigilance from the corporate actorsfirms must probe their internal structures and processes to dig out and minimise or prevent potential negative impacts on people and the environment resulting from their business operations throughout their networks. This may add further complexity, but it might represent a necessary new layer of regulation if it pushes corporate actors meaningfully to examine and reflect on their risks and impacts. In addition, due diligence is not an entirely novel phenomenon to many firms who already use it as a guard against issues such as corruption and money laundering. 143 Nevertheless, many questions remain for further research: how do these global and operational complexities interact with the regulatory complexities? Does one complexity create the other? Should we tackle one complexity first and then the other? If we tackle the regulatory complexity, will that make a difference to corporate behaviours? If we tackle the operational, structural complexities, might that naturally bring about a simpler regulatory approach?
The overall message is that complex systems present immense challenges for regulatory actors. While some complexity might provide safety nets that would be lost through oversimplification, it is also necessary to remove those complexities that give rise to opportunities for obfuscation or that cause the regulatory framework to become too costly and unworkable or inaccessible. With the new EU-level developments in progress, efforts should be made to achieve the right balance now to avoid yet more regulatory and information overload and to ensure that the goal of sustainable business is met.