The Corporate Sustainability Reporting Directive (CSRD — Directive 2022/2464/EU) is the European policy instrument that fundamentally reshapes ESG transparency obligations for European companies. Published in the Official Journal of the EU in December 2022, it replaced the earlier Non-Financial Reporting Directive (NFRD) and exponentially increased both the number of companies covered and the depth of information required.
What the CSRD Is and Why It Represents a Qualitative Leap from the NFRD
The NFRD (Directive 2014/95/EU) applied only to large public-interest entities with more than 500 employees — approximately 11,700 companies across the EU. The CSRD extends coverage to more than 50,000 companies in Europe, including large non-listed companies that exceed certain size thresholds.
The principal differences from the NFRD are:
- Harmonised standards: The CSRD requires use of the European Sustainability Reporting Standards (ESRS), adopted by the European Commission in July 2023. These standards are mandatory and replace the previous voluntary frameworks (GRI, SASB, TCFD).
- Double materiality: Companies must assess both the impact of sustainability factors on their financial results (financial materiality) and the impact of their activities on people and the environment (impact materiality). This dual perspective substantially broadens the scope of information to be reported.
- Mandatory external assurance: The sustainability report must be verified by an independent external auditor or verifier, initially at a limited assurance level and transitioning to reasonable assurance from 2028.
- Integration into the management report: Sustainability information is not a standalone report but a specific section of the annual management report, carrying the same legal weight as financial information.
Scope of Application in Spain: A Phased Timeline
The CSRD was transposed into Spanish law through Royal Decree-Law 9/2023 and the subsequent Law 18/2022, with the following phased implementation schedule:
Phase 1 — Fiscal year 2024 (first report in 2025): Large public-interest entities with more than 500 employees in fiscal year 2023 that were already subject to the NFRD. In Spain, this group primarily includes companies listed on the Mercado Continuo, credit institutions, insurers and certain public service companies.
Phase 2 — Fiscal year 2025 (first report in 2026): Large companies that are not public-interest entities but exceed two of three thresholds: more than 250 employees, more than €50m in net turnover, or more than €25m in total assets. This is the largest and most diverse group in Spain and the one requiring the most urgent preparation.
Phase 3 — Fiscal year 2026 (first report in 2027): SMEs listed on regulated European markets, with the exception of micro-enterprises. These companies may use a simplified ESRS standard (VSME).
Non-EU companies: Spanish subsidiaries of non-EU parent groups with more than €500m in EU turnover will also be subject to consolidated group-level reporting obligations.
The ESRS Standards: Structure and Key Requirements
The ESRS adopted in July 2023 are structured in two blocks:
Cross-cutting ESRS (applicable to all companies):
- ESRS 1: General requirements (principles, structure and presentation of the report)
- ESRS 2: General disclosures on governance, strategy, impact management, risks and opportunities
Thematic ESRS (subject to the double materiality assessment):
- Environmental: ESRS E1 (climate change), E2 (pollution), E3 (water and marine resources), E4 (biodiversity), E5 (resource use and circular economy)
- Social: ESRS S1 (own workforce), S2 (workers in the value chain), S3 (affected communities), S4 (consumers and end-users)
- Governance: ESRS G1 (business conduct)
The double materiality assessment determines which thematic standards are applicable to each company. An industrial company operating in water-stressed areas will apply ESRS E1, E3 and possibly E4; a professional services firm without significant physical assets may exclude several environmental standards after documenting its materiality analysis.
Sanctions and Consequences of Non-Compliance
The CSRD requires member states to establish effective, proportionate and dissuasive sanctions for non-compliance. In Spain, the sanctions framework will operate through the Audit Act (LAC) and the National Securities Market Commission (CNMV) for listed companies.
Beyond formal sanctions, the practical consequences of non-compliance are potentially more significant:
- Financing restriction: The EU Taxonomy for Sustainable Activities (Regulation 2020/852) and the SFDR financial services disclosure regulation create growing demand for verified ESG data from banks and investors. Companies without a CSRD-compliant report will be excluded from sustainable investment portfolios and green financial products.
- Supply chain pressure: Large companies subject to the CSRD will transmit ESG information requirements to their suppliers and subcontractors. An SME that is a supplier to a large obligated company may receive sustainability questionnaires as a condition for maintaining its supply chain position.
- M&A due diligence: Auditors and investors are incorporating CSRD reports into due diligence processes. The absence of verified ESG data may reduce the company’s valuation or condition the closing of a transaction.
How to Prepare for the CSRD: Where to Start
CSRD preparation involves a structured process that must begin with sufficient lead time:
Double materiality analysis. The first step is to identify which impacts, risks and opportunities the company has in relation to each ESRS standard. This analysis requires the participation of internal and external stakeholders and must be rigorously documented.
Existing data inventory. The second phase involves identifying which ESG data is already managed internally — energy consumption, emissions, workplace accidents, diversity metrics, governance data — and which gaps exist relative to the applicable ESRS requirements.
Data collection and management system. The CSRD requires verifiable data. Companies must implement data management systems that enable traceability and auditability for each reported indicator.
External assurance. Identifying the external assurer early — which may be the statutory auditor or another accredited provider — and defining the assurance scope from the first reporting year reduces both the cost and the lead time of the verification process.
The CSRD and the EU Corporate Sustainability Due Diligence Directive (CS3D)
The CSRD should not be read in isolation from the Corporate Sustainability Due Diligence Directive (CS3D, Directive 2024/1760/EU), which imposes obligations on large companies to identify, prevent, mitigate and account for adverse human rights and environmental impacts in their own operations and throughout their value chains. While the CSRD focuses on disclosure, the CS3D focuses on action. Together, these two directives create a comprehensive ESG governance framework that requires companies to align their reporting systems with their operational risk management processes.
At BMC we guide companies through every stage of CSRD preparation and reporting, from the double materiality analysis to external assurance of the sustainability report. See our ESG and sustainability services.
