Out-Law Guide 11 min. read

What the EU Corporate Sustainability Reporting Directive means in practice


The EU Corporate Sustainability Reporting Directive (CSRD) is a transformational piece of legislation, which revises previous EU rules concerning the environmental, social, and governance (ESG) information corporate entities must report on.

It also brings a much broader set of businesses and firms within scope for sustainability reporting, including many non-EU entities.

The CSRD is regarded as the most comprehensive sustainability reporting standard globally, applying a double materiality approach. This means that in-scope companies must report both on how sustainability issues affect their performance, position, and development (the ‘outside-in’ perspective), and on their own impact on the environment and people (the ‘inside-out’ perspective).

What should I do now?

One particular point to note that its applicability is wide in terms of the number of entities that are or will be in scope for reporting obligations and it is being implemented in stages, extending its reach every year.

Pinsent Masons has developed an online tool to indicate how urgently a business needs to start gathering lots of new data to ensure you can meet the impending reporting deadline.

What’s the purpose of the CSRD?

The EU’s action plan on sustainable finance identified a need to strengthen corporate reporting on sustainability to enable investors and other stakeholders to assess companies' long-term value creation and their sustainability risk exposure.

The CSRD aims to provide investors and other stakeholders with access to more decision-useful information about companies' sustainability risks, opportunities, and impacts. This in turn enables investors to allocate cash towards sustainable investment and increase transparency and long-termism in financial and economic activity. Identifying any adverse impacts also allows companies to cease, prevent or mitigate those adverse impacts and demonstrate progress.

What does the CSRD require in practice?

In-scope entities must report on a range of ESG topics in accordance with the European Sustainability Reporting Standards (ESRS). These are detailed within the Commission Delegated Regulation (EU) , which supplements the CSRD.

The ESRS are made up of twelve standards which cover overarching principles, general disclosures, and specific topics on ESG issues. Whilst reporting against certain standards is mandatory, the relevance of other ESRS will be subject to a double materiality assessment.

The CSRD also makes it mandatory for companies to have an audit of the sustainability information that they report. Disclosed data must be a in a digitally readable format.

Given the far-reaching nature and complex requirements of the CSRD, reporting entities must determine whether their operations at entity or group level are within scope. Those entities must then assess their readiness and take steps to ensure compliance with the CSRD.

What’s the timing of the CSRD?

The CSRD came into force on 5 January 2023, and EU member states are required reflect this in their national laws, regulations, and administrative positions by 6 July 2024.

There is a phased implementation timetable for the CSRD rules, including ESRS, to apply to specific types of corporate entity. The rules apply to the first group of companies from 1 January 2024, to begin reporting in 2025.

In addition to a staggered timetable, there are several transition measures which aim to ease the initial compliance burden associated with both the CSRD and ESRS.

Which entities are in scope of the CSRD?

If, and when, an entity comes into scope of the CSRD will depend on whether it possesses certain characteristics and meets specified thresholds. For example, in relation to net turnover, balance sheet total and average number of employees. Different requirements exist for non-EU parented groups and there is a proportionate regime for smaller companies.

A high-level indication is set out in the table below.

Type of Entity

Year CSRD applies

Date of reports

Large EU Public Interest Entities (PIEs) and Issuers

  • EU companies which are large undertakings, are EU PIEs, and have more than 500 employees
  • Non-EU companies with securities listed on an EU regulated market, which are large undertakings and have more than 500 employees

     

    Large undertakings or Parents of a large group (when consolidated) must meet 2 out of 3:

  • >€25M total assets
  • >€50M net revenues
  • More than 250 employees

EU PIEs include undertakings with/which are:

  • Securities listed on an EU regulated market
  • Banks
  • Insurance companies

 

For financial years starting on or after 1 January 2024

First reporting in 2025

Large EU entities and Issuers

  • EU companies which are large undertakings
  • Non-EU companies with securities listed on an EU regulated market which are large undertakings

 

For financial years starting on or after 1 January 2025

First reporting in 2026

Small and Medium-sized EU PIEs and Issuers

  • Listed EU companies which are SMEs
  • Small and non-complex institutions and captive insurance undertakings
  • Non-EU companies with securities listed on an EU regulated market which are SMEs

     

    Small and Medium-sized undertakings must meet 2 out of 3:

    • >€450,000 total assets
    • >€900,000 net revenues
    • More than 10 employees

 

For financial years starting on or after 1 January 2026

First reporting in 2027, with option to delay for 2 years until 2029

Non-EU Companies with EU Activity

  • Non-EU companies which derive net turnover of >€150M in the EU for each of last two consecutive financial years and have at least one of:
    • A large undertaking EU subsidiary
    • An EU SME subsidiary with securities listed on an EU regulated market; or
    • An EU branch generating net turnover >€40M in the EU.

 

Financial years starting on or after 1 January 2028

First reporting in 2029

 

Pinsent Masons’ scoping tool can be used by businesses to check if and when they will be in scope for CSRD reporting.

What are the CSRD due diligence requirements and how does the CSRD related to the CSDDD?

The CSRD and Corporate Sustainability Reporting Directive (CSDDD), which was adopted by the EU Council on 24 May 2024, are inter-linked and intended to be complementary.

However, the provisions as to which companies are in scope of the CSDDD are different to the CSRD scoping provisions. For companies that are in scope of both the CSRD and the CSDDD, the CSRD will cover the last step of the CSDDD due diligence duty, namely the reporting stage.

The CSRD due diligence requirements for in-scope reporting entities are in relation to reporting on their due diligence processes. An in-scope reporting entity must provide in their management report a description of:

  1. the due diligence process implemented by the entity with regard to sustainability matters, and, where applicable, in line with EU requirements on entities to conduct a due diligence process;
  2. the principal actual or potential adverse impacts connected with the entity’s own operations and with its value chain, including adverse impacts which the entity is required to identify pursuant to other EU requirements on entities to conduct a due diligence process;
  3. any actions taken by the entity to prevent, mitigate, remediate or bring an end to actual or potential adverse impacts, and the result of such actions.

Further provisions explaining the CSRD due diligence requirements are in ESRS 1.  The outcome of the entity’s sustainability due diligence informs its assessment of its material impacts, risks and opportunities. The ESRS do not impose any conduct requirements in relation to due diligence; nor extend or modify the role of the administrative, management or supervisory bodies of the entity with regard to the conduct of due diligence.

The CSDDD imposes a substantive corporate duty on certain companies to perform due diligence to identify, prevent, mitigate and account for external harm resulting from adverse human rights and environmental impacts in the company’s own operations, its subsidiaries and in the value chain.

We are processing your request. \n Thank you for your patience. An error occurred. This could be due to inactivity on the page - please try again.