The European Union, long viewed as the global standard-bearer for ambitious corporate sustainability regulation, is now orchestrating a significant strategic retreat from its initial, far-reaching proposals. This recalibration is dramatically reshaping two of the bloc’s legislative cornerstones: the Corporate Sustainability Reporting Directive (CSRD) and the Corporate Sustainability Due Diligence Directive (CSDDD). A wave of amendments introduced through the Omnibus I directive signals a clear pivot away from an expansive and prescriptive approach toward a more focused and pragmatic framework. The overarching goal is to alleviate the mounting administrative and financial pressures on businesses, a direct response to widespread industry feedback and economic anxieties. This shift represents not just a technical adjustment but a fundamental rethinking of the balance between environmental goals and commercial reality, with profound implications for companies operating within and beyond the EU’s borders. The changes collectively point to a less onerous, more targeted regulatory landscape, aiming to make compliance more manageable while still advancing sustainability objectives.
The Corporate Sustainability Reporting Directive: A Sharper, Narrower Focus
Shrinking the Pool of Reporting Companies
A central objective of the revisions to the CSRD is to dramatically curtail the number of companies subject to its stringent mandatory reporting obligations, a goal accomplished primarily by establishing significantly higher thresholds for inclusion. The scope is now strictly confined to large EU companies that have more than 1,000 employees and a net turnover exceeding EUR 450 million. This marks a substantial increase from previous versions, effectively removing a vast number of businesses from the directive’s immediate purview. For companies based outside the EU, the criteria are even more specific, requiring a dual test to be met: the ultimate parent entity must generate a global net turnover of over EUR 450 million for two consecutive years, while its subsidiary or branch within the Union must simultaneously have a net turnover of more than EUR 200 million. This ensures that only non-EU corporations with a truly significant economic presence in the European market are brought into the fold. This narrowing of scope is a direct acknowledgment of the complexity and cost associated with comprehensive sustainability reporting.
In a further move to reduce the regulatory burden, the amended directive makes several key exclusions that fundamentally alter its application. In a significant departure from the original text, listed small and medium-sized enterprises (SMEs) are now explicitly removed from the mandatory reporting scope. This change addresses widespread concerns that the extensive and costly requirements of the CSRD would place a disproportionate and potentially crippling burden on smaller public companies, hindering their growth and access to capital markets. Similarly, financial holding companies are also now specifically excluded from the directive’s requirements. Moreover, the rules governing corporate groups have been radically simplified through a new universal subsidiary exemption. Previously, even listed subsidiaries were often required to produce their own sustainability reports, regardless of their parent company’s consolidated reporting. The new text allows all subsidiaries, including those publicly listed, to forgo individual reporting, provided their information is adequately covered in the consolidated sustainability report of a parent company. This change is a major victory for large corporate groups, as it promises to eliminate a significant source of duplicative and inefficient reporting efforts, streamlining compliance across complex organizational structures.
Protecting the Value Chain and Easing Reporting Burdens
To address concerns about the ripple effect of reporting obligations on smaller businesses, the revised CSRD introduces a novel legal concept known as the “protected undertaking.” This designation applies to any entity within a reporting company’s value chain that has no more than 1,000 employees. These smaller partners are granted a legal right to refuse information requests from their larger, reporting-obligated customers when those requests exceed the scope of what would be required under the forthcoming voluntary reporting standards. This provision is designed to act as a shield, preventing large corporations from simply passing down their full compliance burden to their smaller suppliers and partners. To give this protection teeth, the directive explicitly prohibits reporting companies from using contractual clauses to compel protected undertakings to provide more extensive sustainability information than the voluntary standards would dictate; any such clauses are rendered legally non-binding. Furthermore, when a reporting company does request information that goes beyond these standards, it has an affirmative duty to inform the protected undertaking of this fact and of its right to ignore the non-compliant portion of the request, empowering smaller entities to push back against excessive data demands.
The intensity of the reporting and assurance mandates has also been significantly scaled back to provide greater flexibility and reduce costs. The European Commission’s authority to impose legally binding, sector-specific European Sustainability Reporting Standards (ESRS) has been rescinded. This power is replaced with the ability to issue non-binding, sector-specific guidelines. This crucial shift moves away from a rigid, one-size-fits-all approach, acknowledging that different industries face unique sustainability challenges and opportunities, and allows for more tailored and less prescriptive reporting. In what is perhaps the most significant concession, the future obligation for companies to obtain “reasonable assurance” on their sustainability reports has been completely removed from the directive. “Reasonable assurance” is a high-level, audit-like standard that is both complex and expensive to achieve. Instead, the requirement for “limited assurance”—a less intensive and less costly form of third-party verification—will remain the sole mandatory level of external assurance. Despite these rollbacks, companies remaining within the CSRD’s stricter scope are still fully obliged to comply with Article 8 of the Taxonomy Regulation, requiring them to report on the alignment of their economic activities with the EU’s definition of environmental sustainability.
The Corporate Sustainability Due Diligence Directive: A Radical Overhaul
Drastically Curtailing the Directive’s Reach
The Corporate Sustainability Due Diligence Directive (CSDDD) has undergone an even more profound transformation than the CSRD, with its scope dramatically narrowed to ensure it applies only to the very largest global corporations. The new thresholds for inclusion are now set at EU companies with more than 5,000 employees and a worldwide net turnover exceeding EUR 1.5 billion. For companies from third countries, the trigger is a net turnover of more than EUR 1.5 billion generated within the European market. These figures represent a monumental increase from the previous thresholds of 1,000 employees and EUR 450 million turnover, a change that will substantially reduce the number of in-scope companies from tens of thousands to a much smaller, more manageable cohort of corporate giants. This radical narrowing reflects a political consensus that the immense administrative challenge of mapping and managing global value chain risks should be shouldered only by companies with the most significant resources and largest global footprints.
The directive’s reach has been further curtailed by the targeted removal of specific clauses that previously broadened its application. The provision that brought companies operating in designated “high-risk sectors”—such as textiles, agriculture, and minerals—into the CSDDD’s scope based on lower thresholds has been entirely removed. While the Commission retains the right to make future recommendations on this issue in a 2031 review, the automatic inclusion of these sectors is gone, providing immediate relief to many companies in these industries. This change simplifies the directive’s application, moving it away from a sector-specific approach to one based purely on size and turnover. In a similar vein, a specific clause related to the due diligence obligations of financial companies has also been deleted from the final text. This removes a layer of complexity and potential conflict with existing financial sector regulations, though the financial industry will still be subject to the directive if they meet the new, higher general thresholds. These exclusions collectively ensure that the CSDDD is now a directive aimed squarely at the top tier of the corporate world.
Softening Core Obligations and Liability
The very process of conducting due diligence has been made less prescriptive and more risk-based, granting companies greater flexibility in how they identify and address negative impacts within their value chains. The mandatory requirement for a detailed “mapping exercise”—a process that would have involved identifying every entity and potential impact throughout the supply chain—has been replaced with a higher-level “scoping exercise.” Under this revised approach, companies are now expected to assess general areas of risk, such as human rights vulnerabilities in a specific agricultural region, rather than being obligated to track every individual business partner down to the lowest tier. To further prevent an overwhelming information burden, companies are now instructed to base their risk assessments on “reasonably available information.” This change is intended to stop the cascade of extensive data requests down the supply chain, particularly to smaller business partners who lack the resources to comply. Information can now only be requested from partners when it is deemed necessary, and if that partner has fewer than 5,000 employees, the request is only permissible if the information cannot be reasonably obtained through other means, such as industry reports or third-party audits.
Several of the CSDDD’s most prominent and demanding requirements have been entirely eliminated, while the legal consequences for non-compliance have been fundamentally weakened. Most notably, the obligation for companies to develop, adopt, and implement a climate transition plan has been completely deleted from the directive. This removes a key pillar of the CSDDD’s original climate-focused agenda and significantly lessens the strategic planning and reporting burden on in-scope companies. The requirements for stakeholder engagement have also been reduced; for instance, consulting with stakeholders on decisions to suspend business relationships or on the indicators used to review due diligence policies is no longer mandatory. In a similar move to lessen the administrative load, the mandatory review of a company’s due diligence policy has been changed from an annual requirement to one that is only necessary every five years, unless significant changes warrant an earlier review. Crucially, the harmonized, EU-wide civil liability regime has been scrapped. The directive now simply requires Member States to ensure that liability for CSDDD violations is possible under their own national legal systems. This decentralization will likely lead to significant variation in enforcement and the success of legal claims across the EU, and it critically limits the ability to hold EU parent companies liable for damages caused by their non-EU subsidiaries.
A Pragmatic Pivot and the Path Forward
The extensive amendments to both the CSRD and CSDDD culminated in a legislative package that was significantly more business-friendly than originally conceived. This strategic pivot reflected a pragmatic response to intense lobbying from industry groups and member states who had warned that the initial, highly ambitious proposals would stifle competitiveness and impose unmanageable compliance burdens, particularly in a challenging global economic climate. The adjustments to penalties and timelines further underscored this less aggressive approach. The maximum potential fine for non-compliance with the CSDDD was lowered, with the ceiling now set at a figure not to exceed 3% of a company’s global net turnover, a reduction from the previously proposed 5%. Finally, the implementation timeline was pushed back significantly, with the application date for companies now set for July 26, 2029. This extended runway was designed to give businesses ample time to understand, prepare for, and adapt to the revised, less onerous rules, ensuring a smoother transition into the new, more focused era of EU sustainability governance.
