What is CSRD

The CSRD is European Union legislation, effective from 5 January 2023, that requires EU businesses, including qualifying EU subsidiaries of non-EU companies to disclose their environmental and social impacts, and how their environmental, social and governance (ESG) actions affect their business.

The goal of the CSRD is to provide clarity that will help investors, analysts, consumers and other stakeholders better evaluate EU companies’ sustainability performance and the related business impacts and risks. Introduced as part of the European Commission’s Sustainable Finance Package, the CSRD notably expands the scope, sustainability disclosures and reporting requirements of its predecessor, the Non-Financial Reporting Directive (NFRD).

CSRD reporting is based on the concept of double materiality. Organisations must disclose information on how their business activities affect the planet and its people, and how their sustainability goals, measures and risks impact the business's financial health. For example, in addition to requiring an organisation to report its energy usage and costs, CSRD requires them to report emissions metrics that detail how that energy use impacts the environment, targets for reducing that impact, and information on how achieving those targets will affect the organization’s finances.

All CSRD disclosures must be publicly available, and the CSRD mandates third-party auditing of all disclosures for accuracy and completeness.

Why was the CSRD introduced?

The European Parliamentary Research Service identified several shortcomings in 2021 after evaluating information that the NFRD collected. These shortcomings included a lack of consistent and comparable data that might negatively impact sustainability investments and cause an increase in data costs for stakeholders.

The CSRD aims to improve the disclosure process and provide investors and consumers a simpler, more consistent way to understand and compare an organisation's ESG impact, and to make better-informed decisions based on sustainability data.

Longer term, the overarching goals of the CSRD are to reduce climate risk and improve overall EU sustainability. Combined with Europe’s 2050 climate-neutrality target and European Green Deal initiatives, improved climate disclosures will support a globally competitive and resilient industry, renovated energy-efficient buildings, cleaner energy and advanced clean technological innovation.

 

Which companies must comply with the CSRD?

By 2028, all of the following organizations, or undertakings, need to comply with the CSRD:

 

Listed undertakings

These include any companies listed on an EU-regulated market exchange, except for listed ‘micro undertakings’ that fail to meet two of the following three criteria on consecutive balance sheet dates:

  •  at least EUR 450,000 in total assets

  •  at least EUR 900,000 in net turnover (revenue)

  •  at least 10 employees (average) throughout the year

 

EU-based large undertakings, listed or not

These include any listed or non-listed companies that meet two of the following three criteria on any two consecutive balance sheet dates:

  • at least EUR 25 million in total assets

  • at least EUR 50 million in net turnover

  • at least 250 employees (average) during the year.

 

Third-country  undertakings

These include non-EU parent companies, with annual EU revenues of at least EUR 150 million in the most recent two years, and also own:

  • a large EU-based undertaking, or

  • an EU-based subsidiary with securities listed on an EU-regulated market exchange, or

  • an EU branch office with at least EUR 40 million in net turnover.

 

When must companies comply with the CSRD?

CSRD compliance is being phased in from 2024 through 2029, and is based primarily on NFRD legacy or company size. Starting in financial year 2024 (and reporting in 2025). Compliance is mandated for organisations (or 'entities') already mandated to comply with the NFRD. This includes all organisations listed in an EU-regulated market with 500 or more employees.

  • Starting in financial year 2025 (reporting in 2026) compliance is mandated for large undertakings (see above) not already mandated to comply with the NFRD.

  • Starting in financial year 2026 (reporting in 2027)compliance is mandated for small and medium-sized undertakings (also called small and medium sized entities, or SMEs) listed on an EU-regulated market.

  • Starting in the financial year 2028 (reporting 2029) compliance is mandated for certain third-country undertakings.

 

CSRD reporting standards and disclosure requirements

ESRS

In 2022, the European Financial Reporting Advisory Group (EFRAG) released its first set of European Sustainability Reporting Standards (ESRS). The ESRS outline the metrics companies must report and how to report them to comply with CSRD disclosure requirements.

There are 12 ESRS in all, which detail disclosures and metrics across sustainability matters in four categories:

  • Cross-cutting: General principles and general disclosures.

  • Environmental: Climate change, pollution, water and marine resources, biodiversity and ecosystems, resource use and circular economy.

  • Social: Own workforce, workers in the value chain, affected communities, consumers and users.

  • Governance: Business conduct.

Cross-cutting reporting is required of all organisations governed by the CSRD, while ESG reporting is mandatory for those organisations that consider them material. In December 2023, the ESRS were published in the Official Journal of the EU as legally binding. In February 2024, the UE institutions agreed to postpone by two years the deadline for adopting sector-specific European Sustainability Reporting Standards (ESRS). Sector specific ESRS are expected to be released by June 2026, what does not impact the CSRD effective dates.

Double materiality

All CSRD reporting must meet the standard of double materiality. This means organisations must report on both of the following:

Impact materiality

The impact their businesses have or are likely to have on sustainability matters (for example, carbon emissions, workforce diversity, respect for human rights).

Financial materiality

The impact that sustainability matters have or are likely to have on the organisation’s finances (for example, cash flows, risk, access to funding). Most organizations conduct a double materiality assessment as a first step toward CSRD compliance.

 

Specific disclosures

Organisations need to share data and provide management commentary on various topics, including (but not limited to):

Sustainability policies and due diligence

Companies need to outline specific policies pertaining to several sustainability matters and describe due diligence for tracking and enforcing these policies. These sustainability matters might include:

  • Environmental protection

  • Treatment of employees

  • Management and corporate board diversity

  • Social responsibility

  • Human rights

  • Anti-corruption

  • Anti-bribery

Target metrics and transition plans

Companies must share their sustainability targets, progress toward achieving them, and how those targets support a transition to a sustainable economy and achieving net-zero emissions by 2050, as EU laws require.

Value and supply chains

Companies must disclose their due diligence process for identifying and mitigating the social and environmental impacts in their value chains and supply chains.

Sustainability risks

Companies must document the risks posed by various sustainability matters, such as climate change and fossil fuel dependence. This includes detailing the resilience of their business model to these risks and the potential impact on stakeholders, shareholders, business operations, and financial results.

 

Third-party auditing

The CSRD requires a third party to audit and assure the sustainability information and data included in the report. Initially, compliance will require the auditor to provide limited assurance, mainly based on the organisation's own statements. However, within the next three years, the CSRD will introduce a requirement for reasonable assurance, relying on the auditor's examination and understanding of the organization's operations, processes, and controls.

Who defines CSRD reporting standards?

The EFRAG is responsible for the new directive standards on behalf of the European Commission. A private association financed primarily by the EU, EFRAG advises the European Commission on adopting international reporting standards for EU legislation. 

To achieve this, EFRAG collaborates with several entities for technical advice, including:

  • The European Banking Authority

  • The European Environment Agency

  • The European Insurance and Occupational Pensions Authority

  • The European Securities and Markets Authority

This collaboration aims to ensure coherence between the CSRD standards and EU laws.

As soon as the standards are set, EFRAG provides companies with the specific reporting requirements in the ESRS. Companies must gather this information and include these disclosures in company management reports to improve stakeholder accessibility. Companies must file an annual report via the European Single Electronic Format (ESEF), and digitally tag information by using iXBRL so it is machine-readable for use in the European Single Access Point.

 

The CSRD versus the NFRD

The European Commission adopted the NFRD in 2014 to provide investors and stakeholders more insight into the ESG performance of companies.

The CSRD builds on the NFRD in several important ways:

 

The CSRD applies to many more businesses

The focus of the NFRD was mostly on the public interest entities and listed companies. The CSRD extends that scope to cover also large non-listed undertakings, regardless of the business sector of the company operations. As a result, many more enterprises are in scope of the mandatory reporting.

 

The CSRD requires third-party auditing

A third party must audit CSRD reporting. Under the NFRD, third-party auditing is optional for most businesses.

 

CSRD reporting is broader in scope

CSRD reports must cover sustainability targets, risk and opportunity management, with a focus on forward planning. The NFRD allows companies more flexibility in how the report sustainability information.

 

CSRD requires a stand-alone report

Businesses can include NFRD reporting as part of a their annual report.

 

CSRD requires a specific electronic format

Companies must submit CSRD reports in ESEF/XHTML format, whereas the NFRD allows companies to choose their preferred format.

 

Penalties for noncompliance

The CSRD requires EU member states to have an investigative and compliance entity in place to impose effective, proportionate and dissuasive penalties. These penalties are based on several factors, including the gravity and duration of the breach and the financial standing of the company. Individual member states determine CSRD non-compliance penalties based on relevant state laws. Every company should stay up to date on any changes in legislation and obtain legal advice to ensure compliance and to avoid investigations and potential penalties.

To comply with the CSRD, companies need to gather and consolidate large volumes of data. A strong ESG data foundation can help ease reporting, make CSRD disclosures auditable, and help organisations be better prepared for the changes coming into effect from 2024 onwards.