How to comply with CSRD

Unpacking the Corporate Sustainability Reporting Directive (CSRD) and its impact on companies around the world

The European Union plans to achieve net-zero emissions by 2050—and has introduced game-changing legislation to get businesses on the same track. Their biggest move so far is the Corporate Sustainability Reporting Directive (CSRD), a groundbreaking regulation that dramatically expands the scope and depth of sustainability reporting for companies that operate in the EU—and yes, that includes companies based outside the EU as well.

CSRD key points

CSRD is a game-changing climate regulation for a few key reasons:

  • Over 50,000 companies are now required to report on their impact to the environment and human rights, including companies based elsewhere that generate revenue within the EU via a local branch or subsidiary
  • The first CSRD reports are due in 2025, covering ESG data from fiscal year 2024
  • Under CSRD, companies must consider “double materiality”—the impact of ESG matters on their operations, and the impact of their operations on the environment and communities
  • Limited assurance is required under CSRD for now—from 2028 on, reasonable assurance will be required
  • Some EU member states will expand the scope and requirements of CSRD as they transpose it into local law
  • Penalties for not complying with CSRD will include enforcement actions, fines, and potential jail time depending on EU member state law

What is the Corporate Sustainability Reporting Directive (CSRD)?

CSRD is a directive that requires companies operating in the EU to report on environmental, social, and governance metrics. It is in effect as of January 1, 2024, and companies will need to begin reporting in 2025. CSRD was introduced as an update and expansion to the EU’s existing sustainability reporting regulation, the Non-Financial Reporting Directive (NFRD).

CSRD context: NFRD and the European Green Deal

The EU adopted the NFRD in 2014, requiring large, public-interest companies to publicly report their policies, risks, and KPIs related to the environment, anti-corruption and bribery, human rights, and diversity. 2018 was the first reporting year, covering 2017 data.

Just two years later, in 2020, the EU adopted the European Green Deal, a set of proposals and policies that aims to help the EU achieve its goal of cutting emissions by 55% by 2030 and arriving at net zero emissions by 2050. As part of this policy package, NFRD was expanded and updated via the introduction of CSRD—a new directive that increases the number of in-scope companies from around 12,000 to over 50,000 companies, expands the reporting requirements, and introduces mandatory third-party assurance.

Who does CSRD apply to?

CSRD applies to any company listed on an EU-regulated market, with the exception of micro-undertakings. It also applies to many other companies operating in the EU, broken up into the following categories:

Large EU-based companies that meet at least two of the following thresholds:

  • 250 employees
  • Annual turnover greater than €40 million
  • Balance sheet total greater than €25 million

Non-EU based companies:

  • Annual revenue within the EU greater than €150 million and one of the following:
    • One or more branches in the EU with turnover over €40 million,
    • An EU-based subsidiary that meets the definition of a large company (see above)
    • A subsidiary with securities listed on an EU-regulated market

It is likely that CSRD will affect companies outside of these categories as well. Workiva’s 2024 ESG Practitioner Survey found that 81 percent of companies not subject to CSRD requirements still plan to comply.

CSRD timeline: When is CSRD effective?

CSRD entered into force on January 5, 2023. Companies that were already subject to NFRD must publish reports for the 2024 financial year in 2025. Deadlines for other companies phase in over the subsequent four years.

CSRD timeline 2021-2029

What are the CSRD requirements? Unpacking the European Sustainability Reporting Standards (ESRS)

CSRD required the European Financial Reporting Advisory Group (EFRAG) to develop a framework and methodology for reporting, called the European Sustainability Reporting Standards (ESRS). This framework is intended to ensure that sustainability reports are consistent, accurate, comparable, and aligned with Task Force on Climate-Related Financial Disclosures (TCFD) recommendations. It lays out a long list of sustainability topics that each in-scope company may need to report on:


Climate change Climate change adaptation

Climate change mitigation


Pollution Pollution of air, water, soil, living organisms, and food resources

Substances of high concern or very high concern


Water and marine resources Water consumption, discharge, and withdrawals

Discharge in the oceans

Extraction and use of marine resources

Biodiversity and ecosystems Drivers of biodiversity loss (climate change, invasive species, direct exploitation, pollution, others), impacts on the state of species (population size, extinction risk), impacts on the extent and condition of ecosystems, impacts and dependencies on ecosystems services
Circular economy Resources inflows (including resources use), resources outflows related to products and services, waste
Own workforce Working conditions, equal treatment and opportunities, other work-related rights
Workers in the value chain Working conditions, equal treatment and opportunities, other work-related rights
Affected communities Communities’ economic, cultural, and social rights (housing, food, water, sanitation, etc.); civil and political rights (freedom of expression and assembly, impacts on human rights defenders); rights of indigenous peoples (free, prior, and informed consent; self-determination; cultural rights)
Consumers and end users Information-related impacts, personal safety, social inclusion
Business conduct Corporate culture, protection of whistleblowers, animal welfare, political engagement and lobbying activities, management of relationships with suppliers including payment, corruption and bribery

These topics apply across industries and market sectors. Moving forward, EFRAG will eventually introduce sector-specific standards in addition to the above topics.

Each company must discern which of the above topics are material to its operations, and only needs to report on those topics.  This will require conducting a materiality assessment. But not just any materiality assessment—CSRD requires a double materiality assessment.

What is double materiality in the context of CSRD?

When conducting a double materiality assessment, companies must consider both:

  • Financial materiality (outside in): how sustainability and environmental concerns may impact a company’s financial performance
  • Impact materiality (inside out): how a company’s activities and value chain  may impact the environment and people

An issue needs to fall under just one of the above bullets—financial OR impact materiality—to be considered material.

CSRD reporting: How to report

Once your company has conducted a materiality assessment and determined which sustainability topics are material, you are responsible for identifying company activities that relate to those issues. This will require compiling, validating, and recording a large amount of data from around the business. Step-by-step, here is what the process should entail:

  1. Conduct a double materiality assessment: Determine which of the ESRS 1 topics (and subsequent ESRS standards) are material to your company
  2. Map existing data and identify gaps: Review existing sustainability reports, list ESG metrics that you’re already tracking, and cross-reference with ESRS standards to identify gaps
  3. Build or improve data collection system: Upgrade your existing ESG data management platform or implement a new one to ensure that data is consistent and auditable
  4. Prepare data and report content: Draft disclosures for each material ESRS topic identified in the double materiality assessment and ensure information aligns with reporting standards (machine-readable format with sustainability topics tagged using XBRL)
  5. Prepare for and complete third-party assurance: Implement internal controls, review internally, and kick off external assurance process
  6. Publish and file: Publish your sustainability report within the annual management report and file with the relevant authorities, including the National Competent Authority (NCA) for each EU member state where you operate and, for publicly traded companies, the relevant stock exchange

CSRD third-party assurance

Prior to submitting the annual report, companies must prepare for and attain third-party assurance. Limited assurance will be required for the first two years that CSRD is in effect. Starting in 2028, reasonable assurance will be required.

Key changes between NFRD and CSRD

Scope 11,000+ companies
Large, public-interest companies with 500+ employees
50,000+ companies
Public-interest companies, companies with over 250 employees and at least €40 annual turnover, companies based outside the EU with franchises or subsidiaries within the EU
Reporting framework Unspecified Specified via ESRS
Reporting topics ESG ESG, supply chain, biodiversity, human rights
Assurance Not required Required (limited 2025-2027; reasonable 2028 onward)

While the NFRD did not specify reporting requirements, CSRD establishes a required reporting methodology and framework via the ESRS, which will standardize reporting across companies and across industries. The ESRS standards are much more expansive than what was required under NFRD, including supply chain considerations, biodiversity, and human rights.

In addition, CSRD requires that disclosures be included in the company’s management report, unlike NFRD which allowed a separate sustainability report.

CSRD also introduces assurance requirements, which were not part of NFRD.


Scope 50,000+ companies
Public-interest companies, companies with over 250 employees and at least €40m annual turnover, companies based outside the EU with franchises or subsidiaries within the EU
5,500 companies
Companies with over 1,000 employees and at least €450m annual turnover, companies based outside the EU with franchising or licensing agreements in the EU or EU-based revenue of at least €450 million
Main focus Impact assessment and reporting Impact prevention, remediation, and mitigation
Reporting topics ESG, supply chain, biodiversity, human rights ESG, supply chain, biodiversity, human rights
Value chain Full value chain, upstream and downstream Full upstream value chain; downstream value chain only including transportation, distribution, and storage

CSRD and CSDDD are complementary pieces of EU legislation. While CSRD requires assessing and reporting on impact, CSDDD focuses on due diligence and mitigation, prevention, and developing a plan for each company to align with the Paris Agreement’s 1.5 degree pathway.

While the scope of CSDDD is narrower (companies with over €450 million in revenue, versus revenue of €40 million for CSRD), it requires compliance throughout a company’s value chain, similar to CSRD, though with fewer downstream categories covered.

The primary difference between these two directives is that CSRD requires companies to report on their impacts while CSDDD requires companies to report and act on their impacts, either ending their negative impacts, mitigating them, or preventing them in the first place. For more on the similarities and differences between CSRD and CSDDD, check out this article from BSR.

EU member state implementation of CSRD

As a directive, CSRD must be transposed into law within each EU member state, with a transposition deadline of July 6, 2024. As of July 1, 2024, only a handful of countries have completed CSRD transposition (Slovakia, Hungary, France, Denmark, Finland, Romania, and Liechtenstein), though nearly all have published draft legislation.

The language of CSRD sets a “floor” for member state law, but each country has the ability to extend the scope or increase the requirements of the directive as they transpose it, known as “goldplating.” So far, about half of the EU member states have opted to goldplate their transposition of CSRD in draft or final legislation: Czechia, Denmark, Finland, France, Germany, Hungary, Ireland, Italy, Latvia, Luxembourg, Norway, Romania, Slovakia, Spain, and Sweden.

The most common form of goldplating CSRD is extending the definition of in-scope companies.

Penalties for CSRD non-compliance

CSRD non-compliance penalties have been left to member state discretion. As such, penalties will vary across the EU, but are likely to include enforcement actions and fines in many countries. For example, Czechia will impose fines of up to 3 percent (for an incomplete report)  or up to 6 percent  (for failure to report) of a company’s assets. France has introduced personal liability, with fines and jail time for company directors.

Tools for complying with CSRD

CSRD itself is a complex directive, to say nothing of its overlap with CSDDD and other climate regulations. Most corporate sustainability teams will need additional resources, expertise, and tools in order to achieve CSRD compliance.

Companies must collect, assess, and report thousands of pieces of data, so a robust data management system is an absolute must. That data must be audit-ready to meet third-party assurance requirements, and needs to be tagged in XBRL format. A carbon accounting software solution can help.

Consider working with a partner like Optera—our combination of software and expert services has helped our customers achieve 100% verification success. Get in touch today to get started.

Previous Back to all posts

Sign up to stay up to date with Optera and the latest developments in corporate sustainability.