Olga Rivas, Iberian Technical Manager and Sustainability Specialist at LRQA, explains the key implications of the EU Corporate Sustainability Reporting Directive (CSRD) for businesses and stakeholders.
Trust and business success are intrinsically linked; to the extent that dips in consumer confidence and brand reputation can significantly impact a company’s profitability or even its very existence. As a result, there now exists a ‘prove it’ culture. This extends to the ever-intensifying spotlight on sustainability commitments. Real action is required.
With the focus shifting towards the validity of environmental and social impact claims, greater business transparency and increased accountability are crucial. Independent verification of sustainability data is increasingly regarded as an essential tool for transparency and supply chain visibility. However, only 46% of sustainability professionals are having their data and information independently verified. This is worrying given that any sign of a lack of transparency could have detrimental consequences.
Independent verification can help build business credibility and consumer confidence. Those organisations delivering ESG declarations backed by robust assurance are much less likely to experience dips in brand reputation or fall foul of incoming rules under the EU Corporate Sustainability Reporting Directive (CSRD).
A dual approach
Part of the benefit of having data independently substantiated is that verification can be a protective barrier against being publicly named and shamed. In some cases, organisations are called out for not having their information corroborated by an outside body, thus weakening the likelihood of continued or new investment.
This notion is mirrored in government policy and regulation on a global scale. Over the last few years, evolution of the ESG elements of the Non-Financial Reporting Directive (NFRD) has been recognised by the European Commission (EC) as not going far enough. This dual approach from industry and government means evidence-based claims are the future of business best practice.
The absence of a standardised approach to the collation of data under existing rules means the users of the data and information – whether it be investors or other stakeholders – can’t compare. Thus, the CSRD seeks to improve reporting, moving the European single market toward a more consistent process.
The new directive expands non-financial reporting obligations well beyond those set out in the NFRD. Its scope will extend to all large companies as well as small and medium-sized enterprises (SMEs). The planned rollout is as follows:
- First cohort to report on 2023 data with a view to submit data in 2024. This affects companies currently covered by the NFRD.
- Second cohort will be working to a deadline of 2025. Within this group is medium sized companies.
- The final stage of implementation is for non-EU companies, who must submit data by 2026. Any companies registered on the European market, or those non-European companies with a European branch that is of significant size, will also be required to comply.
The EC, Members of the European Parliament (MEPs) and the various member states adopted the proposal in November 2022, after a year of discussion and negotiation. In that same period, LRQA carried out its Climate Focus study, revealing that almost all (93%) of the sustainability leaders surveyed identified at least one internal barrier to achieving environmental sustainability targets. While there is still ongoing debate to finalise the exact requirements of the CSRD, pending the European Financial Reporting Advisory Group’s (EFRAG) development and finalisation of European sustainability reporting standards (ESRS), there are several steps organisations can take to be prepared ahead of the final legislation draft.
How to prepare
Businesses must look to embed ESG into their extended supply chains, endorse a code of conduct covering issues such as carbon reduction or environmental performance, and then perform due diligence. In the past, approaches to supply chain due diligence simply involved yearly checks. However, the CSRD requires reported information to be audited and digitally tagged to feed into the European single access point. As such, a year-round risk-based monitoring and mitigation programme is recommended. This is especially important when you consider that reputations are at stake for brands connected to unsustainable practices or human rights violations.
With the focus very much on third-party verification, businesses can assess the readiness of their systems before the beginning of the process. By completing a risk assessment, organisations can identify what remedial action – if any – needs to be taken. Businesses should ask themselves if they are prepared for the new directive, identifying gaps in policy, corporate governance, and business culture. If any major deficiencies are highlighted, a period of consolidation and maturity is vital.
To be successful, all team members must be engaged. Without appropriate workforce collaboration, the processes of data collection, reporting and verification will be hindered. As such, organisations must consider what this looks like from an organisational planning perspective; asking themselves whether they need to change anything about current data collection methodologies.
With January 2023 marking the start line for data collection, it’s crucial that organisations and stakeholders understand how the CSRD will affect them. Overall, those who start reviewing their existing strategies, methodologies, and processes will give themselves a head start in the race for third-party verification.