The EU Corporate Sustainability Reporting Directive Explained

The European Union’s Corporate Sustainability Reporting Directive (CSRD) establishes a new standard for how companies report on their environmental and social impacts. This directive replaces the Non-Financial Reporting Directive (NFRD), broadening the scope of companies required to report and the depth of information they must disclose. The objective of the CSRD is to elevate sustainability reporting to the same level as financial reporting. This ensures that stakeholders have access to reliable, comparable, and relevant information on a company’s sustainability performance and its management of related risks.

Determining CSRD Applicability

A company’s obligation to report under the CSRD hinges on specific criteria that encompass a wide range of entities operating within the European Union. The directive’s reach extends beyond companies headquartered in the EU. The rules are designed to capture entities with a significant economic footprint, ensuring that major market participants are held to a consistent standard of sustainability disclosure.

For undertakings based in the EU, classification as “large” is a primary trigger for CSRD reporting. A company is considered large if it meets at least two of the following three criteria: a balance sheet total exceeding €25 million, a net turnover of more than €50 million, or an average of 250 or more employees during the financial year. This expansion means many private companies that previously did not provide non-financial reports now fall within the scope of the directive.

The directive also addresses companies whose securities are listed on EU regulated markets, including small and medium-sized enterprises (SMEs). Listed SMEs are brought into the scope of the CSRD but benefit from a more extended compliance timeline and will report against simplified standards. This inclusion ensures that investors in publicly traded companies of all sizes have access to standardized sustainability information.

The CSRD has an extraterritorial reach, applying to non-EU parent companies with substantial business activities within the EU. A non-EU company falls under the directive if it generates a net turnover of more than €150 million within the EU and has at least one large or listed subsidiary in the EU. A non-EU company with an EU-based branch that generates a net turnover of over €40 million is also required to report. This provision ensures that major global players with a significant presence in the EU market are subject to the same transparency requirements.

Compliance with the CSRD is being introduced through a phased timeline. Large public-interest entities already subject to the NFRD began reporting for the 2024 financial year. Other large undertakings will follow, reporting for the 2025 financial year. Listed SMEs are scheduled to begin reporting for the 2026 financial year, while in-scope non-EU companies will have their first reporting obligations for the 2028 financial year.

Required Reporting Information Under ESRS

The CSRD’s disclosure requirements are defined by the European Sustainability Reporting Standards (ESRS), which provide a detailed framework for what information companies must report. Developed by the European Financial Reporting Advisory Group (EFRAG), these standards are designed to ensure that sustainability information is high quality, comparable, and useful for decision-making. The ESRS mandate a broad range of disclosures covering environmental, social, and governance topics, moving beyond the less prescriptive requirements of the previous directive.

A foundational concept of the ESRS is “double materiality.” This principle requires companies to report on sustainability matters from two distinct perspectives. The first is impact materiality, which considers the company’s impacts on people and the environment. The second is financial materiality, which focuses on how sustainability issues create financial risks and opportunities for the company. A topic must be reported if it is material from either or both perspectives, ensuring a holistic view.

The ESRS includes two mandatory cross-cutting standards. ESRS 1 outlines the general principles for preparing and presenting sustainability statements. ESRS 2 specifies the general disclosures a company must provide about its governance, strategy, and process for identifying material impacts, risks, and opportunities. These standards establish the foundational reporting structure.

Beyond the cross-cutting standards, the ESRS are organized into topical standards under the Environmental (E), Social (S), and Governance (G) pillars. The environmental standards require detailed reporting and cover five areas:

• Climate change (ESRS E1)
• Pollution (ESRS E2)
• Water and marine resources (ESRS E3)
• Biodiversity and ecosystems (ESRS E4)
• Resource use and the circular economy (ESRS E5)

The social standards address a company’s impacts on various stakeholder groups and are divided into the following four standards:

• Own workforce (ESRS S1), which covers topics like working conditions and diversity
• Workers in the value chain (ESRS S2)
• Affected communities (ESRS S3)
• Consumers and end-users (ESRS S4)

The governance pillar includes one standard, ESRS G1, which focuses on business conduct, covering issues such as anti-corruption policies and supplier relationship management.

Preparing for CSRD Compliance

Preparing for CSRD compliance requires a proactive approach, beginning with a comprehensive double materiality assessment. This process identifies the specific sustainability impacts, risks, and opportunities that are relevant to a company’s operations and stakeholders. The outcome of this assessment directly determines which of the topical ESRS disclosures the company will be required to report on.

The double materiality assessment involves evaluating a wide range of sustainability topics. Companies must engage with internal and external stakeholders, such as employees, customers, suppliers, and investors, to gain a complete view of what is material. The process involves identifying potential issues and assessing their severity from both an impact and financial perspective to determine which topics to include in the report.

After identifying material topics, the next challenge is establishing robust processes for data collection and management. The ESRS demand a vast amount of quantitative and qualitative data, much of which may not have been previously tracked with such rigor. This data often resides in disparate systems across various departments. A new requirement is the collection of information from across the company’s entire value chain, including upstream suppliers and downstream customers.

To manage this process, companies should perform a gap analysis. This involves comparing the data requirements of the material ESRS against the company’s current data and reporting capabilities. This analysis helps pinpoint where data is missing, internal controls are weak, or new systems are needed. Identifying these gaps allows a company to create a roadmap and allocate resources to build the necessary infrastructure.

The Reporting and Assurance Process

After preparing disclosures, the final steps involve the formal reporting and verification process. The CSRD mandates that sustainability information must be included in a dedicated, clearly identifiable section of the company’s annual management report. This integration is intended to place sustainability information on equal footing with financial information.

A technical requirement of the CSRD is the digital tagging of all reported sustainability information. Companies must prepare their annual report in the European Single Electronic Format (ESEF), an XHTML format. The sustainability data must be marked up using iXBRL tags, making the information machine-readable and improving comparability for investors and regulators.

The CSRD also mandates third-party assurance of the reported sustainability information. An independent auditor must review the company’s sustainability statement and provide an opinion on its compliance with the ESRS. This step enhances the credibility and reliability of the disclosed data, much like the audit of financial statements.

Initially, the directive requires a “limited assurance” engagement. This level of assurance means the auditor concludes that no matter has been identified that would indicate the information is materially misstated. The EU plans to transition to a more stringent “reasonable assurance” standard in the future, which is equivalent to the assurance for financial reports. This phased approach gives companies and assurance providers time to adapt.