Skip to Main Content

CSRD: What’s In the EU’s Latest Sustainability Disclosure Law

Berlin Cathedral (Berliner Dom) on Museum island and Spree river at sunset, Germany

With a widened scope of compliance and ambitious disclosure requirements, the European Union’s recently adopted Corporate Sustainability Reporting Directive (CSRD) affects a wide range of international organizations and operations—and with disclosure deadlines that are sooner than you may realize.

The Corporate Sustainability Reporting Directive (CSRD) that came into effect on January 5th, 2023 has been making waves in the EU and beyond. This legislation is another ambitious step from the EU towards standardized sustainability disclosure, intended to help various stakeholders including policymakers, investors, and companies ensure compliance, track progress against sustainability goals, and allow comparability across entities through data intense disclosure.

Under the new legislation, the number of companies that need to disclose quadruples and includes both EU and non-EU entities. Further, the environmental, social, and governance (ESG) reporting requirements are significantly expanded to allow the companies to tailor the disclosure to the nature of the company and provide investors and stakeholders with crucial information. The first CSRD disclosure deadline is approaching swiftly, requiring immediate and in some ways challenging reporting action from those companies who fall within scope of the new legislation.

A New Standardized Disclosure Framework

The new CSRD law requires entities to disclose their ESG-related information, and the European Sustainability Reporting Standards (ESRS) details “how” to do so. The first set of ESRS, adopted on July 31, 2023, covers general reporting principals, mandatory disclosures, and the 10 ESG topics that companies must report on according to the double materiality assessment (an assessment that considers both materiality for the company and impact on its environment).

This primary set of ESRS is not all-encompassing. Additional standards are expected to be released for the EU parent companies, small and medium entities (SMEs), and specific industry sectors like textiles. (We’ll discuss specific and differing reporting standards in greater detail in future blog posts.)

But in short, the combination of CSRD and ESRS requires companies to:

  1. Assess materiality of each of the 10 ESG topics by utilizing the double materiality principle (companies must report if a topic is considered material due to financial, environmental, or social impact)
  2. Report on impacts, risks, and opportunities of topics identified as material from the perspective of a company’s own operations, as well as operations of its value chain, both up- and downstream
  3. Provide information on a company’s sustainability targets and metrics as well as an explanation on how these relate to financial disclosure reports
  4. Perform third-party disclosure assurance prior to filing with the relevant authority

The ESRS were developed by the European Financial Reporting Advisory Group (EFRAG) specially for the CSRD. It should be noted that at the time, there were already a number of sustainability standards in the world either already developed by Switzerland’s Task Force on Climate-Related Financial Disclosures (TCFD) or also being created concurrently with ESRS by the International Sustainability Standards Board (ISSB), so it was important that the new EU standards be consistent with those frameworks.

Does Your Company Have to Comply with CSRD, and When?

Companies within the CSRD scope can be broken down into two categories: EU based and non-EU based entities. EU-based companies include SMEs, large entities, and EU-parent companies. For specific criteria the CSRD uses to define these companies, consult Table 1 under Article 19a and provision 29a respectively. Companies that fall under Article 19a have largely been mandated in the past to produce annual reports that comply with the NFRD (Non-Financial Reporting Disclosure). These companies will be expected to report in accordance with the new directive as soon as the 2024 reporting period. Even if your company is familiar with previous disclosure scope and processes, you will likely require additional coordination to ensure compliance with the new CSRD mandate.

The second group of companies under the CSRD is non-EU based entities that either:

  • Have an EU subsidiary that meets Article 19a thresholds (2/3 of the requirements), and/or
  • Have a branch in the EU that generated €40 million ($43.3 mil) net turnover in the preceding financial year

The first disclosure period for this non-EU group is FY 2028, when the company will be required to report on their EU and global operations through a consolidated report. The EFRAG is expected to produce the disclosure standards for this group in June 2024, which should make data collection more manageable yet still ensure investors and stakeholders receive the necessary information on risks and impacts.

A non-EU entity that has a branch or a subsidiary in the EU that meets criteria of Article 19a and 29a must report on their EU operations as early as FY 2024 (if these subsidiaries have been previously subjected to disclosure under NFRD). Non-EU entities may choose to disclose at a consolidated level instead and spare the subsidiaries from producing individual reports.

Quick Action Will Be Necessary (And Helpful for Future Disclosures)

The short turn-around from the CSRD’s official adoption on January 5th, 2023, and subsequent publication of ESRS on July 31st, 2023, creates a real challenge for all companies in-scope to ensure adequate preparation of disclosure materials. Even if your company might not be required to disclose until a later date, you would do well to consider today how the disclosures at the EU subsidiary level might eventually develop into a consolidated report. Stakeholders will need to coordinate internally between international subsidiaries to ensure a standardized and replicable approach to data tracking, collection, and storage.

As your company gears up to prepare its CSRD report, a few steps can help get the ball rolling. First is an assessment of where your organization’s reporting is today and where it needs to be to comply with the CSRD. A comprehensive gap analysis can identify where you’re meeting the mark and where you need to focus on improvement. The team at Coho draws on decades of experience in complex reporting scenarios and the various factors that play into effective compliance, such as thorough assessment, internal relations, external partner collaboration, and international policy navigation.

Coho can help you:

  • Facilitate stakeholder coordination to identify the right team
  • Determine if you are required to report under CSRD, and if so, which bucket you fall into
  • Assist with audit of existing reporting – identify gaps and risks
  • Work with a cross-functional group to create a plan for addressing each gap