What IT Leaders Need to Know About the EU’s New Corporate Sustainability Reporting Directive (CSRD)
IT leaders across the globe need to understand the European Union’s new sustainability reporting directive and prepare for the potential impact on their businesses
The Corporate Sustainability Reporting Directive (CSRD) is a European Union regulation that will impact global organizations of all types. The directive requires publicly traded companies to disclose their sustainability reporting data and is designed to increase transparency, reliability, and comparability of corporate sustainability initiatives.
This new directive is a major concern for technology stakeholders. CIO and CTO titles have already found themselves at the forefront of corporate net zero initiatives. The IT industry is a significant contributor to greenhouse gas emissions and electronic waste, and reducing those numbers become increasingly important to investors and consumers. More than 3,000 organizations worldwide have committed to – or are in the process of committing to – emission reduction goals.
IT leaders with a granular understanding of IT infrastructure and enterprise technology usage are uniquely positioned to measure carbon emissions and pollutants from digital operations and develop strategies for reducing them. However, even the most advanced sustainability measures will be challenged by the rigorous standards and timelines demanded by the CSRD.
What are the Requirements of the CSRD?
The CSRD applies to companies with securities listed on an EU-regulated market, including listed small and medium-sized enterprises (SMEs). The first reports are expected to be produced in 2025 for financial years starting on or after 1 January 2024. Companies must report on sustainability matters that affect the company, as well as the impacts of the company on sustainability matters. This information must be reported in a dedicated section of the company’s management report, which must be made publicly available.
The directive will require companies to make disclosures using a detailed set of sustainability reporting standards, which the European Commission will adopt in final form by 30 June 2024. These standards will include qualitative and quantitative, forward-looking and retrospective information taking into account short, medium and long-term time horizons. Companies must also provide a description of due diligence processes implemented in relation to sustainability matters, such as identifying principal actual or potential adverse impacts and measures taken to prevent or mitigate them. The CSRD also contains detailed provisions on third-party audit assurance.
Which Organizations Will Be Impacted by the CSRD?
The CSRD rollout is in progress and moving swiftly toward full deployment. The directive was provisionally agreed upon by the Council and European Parliament on June 22, 2022 and will impact the following:
- All listed companies in the EU, including listed SMEs (not including micro-undertakings)
- Organizations that are outside of the EU if they generate a net turnover within the EU that exceeds €150 million (in two consecutive years) and have one more large or EU-listed presence that generates €40 million (or more) in the EU.
- All large undertakings (including parent undertakings of a large group) which exceed two of the three following criteria in two consecutive financial years:
- €20 million balance sheet total
- €40 million net turnover
- An average of 250 employees
Building Resilient IT Environments
However, smaller organizations also need to be aware of their place within the supply chain if they have a vendor/supplier relationship with any organization that meets the above criteria. In an interview in late 2021, the EU’s Head of Corporate Reporting stated that the CSRD could impact 50,000 companies – as smaller organizations face more stringent emissions reporting and requirements demands from suppliers. Those suppliers may not be directly required to adhere to the CSRD but will need to produce sufficient reporting to ensure that their customers are compliant.
What Is the Timeline for Implementation?
The CSRD will be applicable on four different dates depending on the status of the organization:
- FY 2024: For large EU public interest entities (that already follow NFRD)
- FY 2025: Large undertakings, including parent undertakings of a large group
- FY 2026: Listed SMEs
- FY 2028: All non-EU undertakings as described above
The implementation of the CSRD poses a significant challenge due to the lack of current reporting on their impact – especially as there are financial penalties for non-compliance. The nature of these penalties is not yet clearly defined, but it is expected that non-compliant eligible organizations will be forced to pay a meaningful fine.
Get the Data You Need
Want to know how your organization can become more sustainable and improve digital experiences? Request a custom demo today.