Home Topics CSRD What is the Corporate Sustainability Reporting Directive (CSRD)?
Take the CSRD reporting guided tour Explore CSRD reporting
Aerial view of buildings and parked cars around roundabout on street
What is the CSRD?

The CSRD is European Union (EU) legislation, effective from 5 January 2023, that requires EU businesses—including qualifying EU subsidiaries of non-EU companies—to disclose their environmental and social impacts, and how their environmental, social and governance (ESG) actions affect their business.

The goal of the CSRD is to provide clarity that will help investors, analysts, consumers and other stakeholders better evaluate EU companies’ sustainability performance and the related business impacts and risks. Introduced as part of the European Commission’s Sustainable Finance Package, the CSRD notably expands the scope, sustainability disclosures and reporting requirements of its predecessor, the Non-Financial Reporting Directive (NFRD).

CSRD reporting is based on the concept of double materiality. Organizations must disclose information on how their business activities affect the planet and its people, and how their sustainability goals, measures and risks impact the business's financial health. For example, in addition to requiring an organization to report its energy usage and costs, CSRD requires them to report emissions metrics that detail how that energy use impacts the environment, targets for reducing that impact, and information on how achieving those targets will affect the organization’s finances.

All CSRD disclosures must be publicly available, and the CSRD mandates third-party auditing of all disclosures for accuracy and completeness.

Prepare climate risk insights for disclosure

Follow a sustainability manager and a risk manager preparing to disclose climate risk insights by using Envizi in this interactive product tour.

Prepare with the CSRD ebook

Why was the CSRD introduced?

The European Parliamentary Research Service identified several shortcomings1 in 2021 after evaluating information that the NFRD collected. These shortcomings included a lack of consistent and comparable data that might negatively impact sustainability investments and cause an increase in data costs for stakeholders.

The CSRD aims to improve the disclosure process and provide investors and consumers a simpler, more consistent way to understand and compare an organization's ESG impact, and to make better-informed decisions based on sustainability data.

Longer term, the overarching goals of the CSRD are to reduce climate risk and improve overall EU sustainability. Combined with Europe’s 2050 climate-neutrality target and European Green Deal initiatives, improved climate disclosures will support a globally competitive and resilient industry, renovated energy-efficient buildings, cleaner energy and advanced clean technological innovation.

Which companies must comply with the CSRD?

By 2028, all of the following organizations, or undertakings, need to comply with the CSRD:

Listed undertakings

These include any companies listed on an EU-regulated market exchange—except for listed ‘micro undertakings’ that fail to meet two of the following three criteria on consecutive balance sheet dates:

  •  at least EUR 450,000 in total assets
  •  at least EUR 900,000 in net turnover (revenue)
  • at least 10 employees (average) throughout the year
EU-based large undertakings, listed or not

These include any listed or non-listed companies that meet two of the following three criteria on any two consecutive balance sheet dates:

  • at least EUR 25 million in total assets
  • at least EUR 50 million in net turnover
  • at least 250 employees (average) during the year.
"Third-country" undertakings

These include non-EU parent companies, with annual EU revenues of at least EUR 150 million in the most recent two years, and also own:

  • a large EU-based undertaking, or

  • an EU-based subsidiary with securities listed on an EU-regulated market exchange, or

  • an EU branch office with at least EUR 40 million in net turnover.

The above includes recently updated thresholds of the EU Accounting Directive (link resides outside ibm.com) for determining the size category of a company.

When must companies comply with the CSRD?

CSRD compliance is being phased in from 2024 through 2029, and is based primarily on NFRD legacy or company size.

Starting in financial year 2024 (and reporting in 2025)

Compliance is mandated for organizations (or 'entities') already mandated to comply with the NFRD. This includes all organizations listed in an EU-regulated market with 500 or more employees.

Starting in financial year 2025 (reporting in 2026)

Compliance is mandated for large undertakings (see above) not already mandated to comply with the NFRD.

Starting in financial year 2026 (reporting in 2027)

Compliance is mandated for small and medium-sized undertakings (also called small and medium sized entities, or SMEs) listed on an EU-regulated market.

Starting in the financial year 2028 (reporting 2029)

Compliance is mandated for certain third-country undertakings.

CSRD reporting standards and disclosure requirements
ESRS

In 2022, the European Financial Reporting Advisory Group (EFRAG) released its first set of European Sustainability Reporting Standards (ESRS). The ESRS outline the metrics companies must report and how to report them to comply with CSRD disclosure requirements.

There are 12 ESRS in all, which detail disclosures and metrics across sustainability matters in four categories:

  • Cross-cutting: General principles and general disclosures.

  • Environmental: Climate change, pollution, water and marine resources, biodiversity and ecosystems, resource use and circular economy.

  • Social: Own workforce, workers in the value chain, affected communities, consumers and users.

  • Governance: Business conduct.

Cross-cutting reporting is required of all organizations governed by the CSRD, while ESG reporting is mandatory for those organizations that consider them material.

In December 2023, the ESRS were published in the Official Journal of the EU as legally binding.

In February 2024, the UE institutions agreed to postpone by two years the deadline for adopting sector-specific European Sustainability Reporting Standards (ESRS). Sector specific ESRS are expected to be released by June 2026, what does not impact the CSRD effective dates.

Double materiality

All CSRD reporting must meet the standard of double materiality. This means organizations must report on both of the following:

Impact materiality
The impact their businesses have or are likely to have on sustainability matters (for example, carbon emissions, workforce diversity, respect for human rights).

Financial materiality
The impact that sustainability matters have or are likely to have on the organization’s finances (for example, cash flows, risk, access to funding).

Most organizations conduct a double materiality assessment as a first step toward CSRD compliance.

Specific disclosures

Organizations need to share data and provide management commentary on various topics, including (but not limited to):

Sustainability policies and due diligence

Companies need to outline specific policies pertaining to several sustainability matters and describe due diligence for tracking and enforcing these policies. These sustainability matters might include:

  • Environmental protection
  • Treatment of employees
  • Management and corporate board diversity
  • Social responsibility
  • Human rights
  • Anti-corruption
  • Anti-bribery

Target metrics and transition plans

Companies must share their sustainability targets, progress toward achieving them, and how those targets support a transition to a sustainable economy and achieving net-zero emissions by 2050, as EU laws require.

Value and supply chains

Companies must disclose their due diligence process for identifying and mitigating the social and environmental impacts in their value chains and supply chains.

Sustainability risks

Companies must document the risks posed by various sustainability matters, such as climate change and fossil fuel dependence. This includes detailing the resilience of their business model to these risks and the potential impact on stakeholders, shareholders, business operations, and financial results.

Third-party auditing

The CSRD requires a third party to audit and assure the sustainability information and data included in the report. Initially, compliance will require the auditor to provide limited assurance, mainly based on the organization's own statements. However, within the next three years, the CSRD will introduce a requirement for reasonable assurance, relying on the auditor's examination and understanding of the organization's operations, processes, and controls.

Who defines CSRD reporting standards?

The EFRAG is responsible for the new directive standards on behalf of the European Commission. A private association financed primarily by the EU, EFRAG advises the European Commission on adopting international reporting standards for EU legislation. 

To achieve this, EFRAG collaborates with several entities for technical advice, including:

  • The European Banking Authority
  • The European Environment Agency
  • The European Insurance and Occupational Pensions Authority
  • The European Securities and Markets Authority

This collaboration aims to ensure coherence between the CSRD standards and EU laws.

As soon as the standards are set, EFRAG provides companies with the specific reporting requirements in the ESRS. Companies must gather this information and include these disclosures in company management reports to improve stakeholder accessibility. Companies must file an annual report via the European Single Electronic Format (ESEF), and digitally tag information by using iXBRL so it is machine-readable for use in the European Single Access Point.

The CSRD versus the NFRD

The European Commission adopted the NFRD in 2014 to provide investors and stakeholders more insight into the ESG performance of companies.

The CSRD builds on the NFRD in several important ways:

The CSRD applies to many more businesses

The focus of the NFRD was mostly on the public interest entities and listed companies. The CSRD extends that scope to cover also large non-listed undertakings, regardless of the business sector of the company operations. As a result, many more enterprises are in scope of the mandatory reporting.

The CSRD requires third-party auditing

A third party must audit CSRD reporting. Under the NFRD, third-party auditing is optional for most businesses.

CSRD reporting is broader in scope

CSRD reports must cover sustainability targets, risk and opportunity management, with a focus on forward planning. The NFRD allows companies more flexibility in how the report sustainability information.

CSRD requires a stand-alone report

Businesses can include NFRD reporting as part of a their annual report.

CSRD requires a specific electronic format

Companies must submit CSRD reports in ESEF/XHTML format, whereas the NFRD allows companies to choose their preferred format.

CSRD and other reporting requirements

The EFRAG developed the ESRS to align with the Task Force on Climate-related Financial Disclosures and Global Reporting Index. Furthermore, the EU Taxonomy Regulation, which took effect in 2021, requires companies to disclose the sustainability performance of their activities and must reflect this information in their CSRD disclosures.

Now, the CSRD will contain and feed information that financial entities require to comply with the Sustainable Finance Disclosure Regulation (SFDR). The information companies report for CSRD disclosure will help financial advisors and market participants meet these SFDR obligations. This creates a flow of data between agencies, which helps organizations provide accurate reporting to stay in compliance.

Achieving harmonized sustainability reporting requirements across the EU is possible through the alignment of different regulations. This coordination provides stakeholders and consumers consistent information about companies’ environment impacts.

Penalties for noncompliance

The CSRD requires EU member states to have an investigative and compliance entity in place to impose effective, proportionate and dissuasive penalties. These penalties are based on several factors, including the gravity and duration of the breach and the financial standing of the company. Individual member states determine CSRD non-compliance penalties based on relevant state laws. Every company should stay up to date on any changes in legislation and obtain legal advice to ensure compliance and to avoid investigations and potential penalties.

To comply with the CSRD, companies need to gather and consolidate large volumes of data. A strong ESG data foundation can help ease reporting, make CSRD disclosures auditable, and help organizations be better prepared for the changes coming into effect from 2024 onwards.

Related solutions
IBM® Envizi™ CSRD reporting software

Collect, manage and report on your ESG data for CSRD compliance.

Explore CSRD reporting

IBM Envizi ESG reporting frameworks

Save time and effort reporting to multiple ESG frameworks with one data set.

Explore ESG reporting frameworks

IBM Consulting® sustainability services

Use the right combination of people, process and technology to turn sustainability ambition into action and become a more responsible and profitable business.

Explore sustainability consulting services

Resources Guide to the EU CSRD

Learn about the Corporate Sustainability Directive, including compliance, reporting requirements, key dates and more. All you need to know is compiled in a downloadable ebook.

On-demand webinar: Getting real on CSR reporting

Listen to Ikano Group describe their journey in preparing for CSRD reporting, from establishing solid governance structures to building a robust data foundation for reporting, leveraging Envizi’s comprehensive ESG software doubled by Ikano Insight’s data management expertise.

What are Scope 3 emissions?

Scope 3 emissions are a category of GHG emissions originating from business operations by sources that are not directly owned or controlled by an organization.

Take the next step

Simplify the capture, consolidation, management, analysis and reporting of your environmental, social and governance (ESG) data with IBM Envizi ESG Suite.

Explore Envizi Book a live demo
Footnotes

1 "Briefing: Non-financial Reporting Directive" (link resides outside ibm.com), Nora Hahnkamper-Vandenbulcke, European Parliamentary Research Service, January 2021.

  

Disclaimer

Page last updated: 20 March 2024. 
The information contained in this website is provided for informational purposes only, and should not be construed as legal advice on any matter.