Demystifying ESRS: An introductory Guide to European Sustainability Reporting Standards and CSRD Disclosure Requirements

If you've spent any time trying to understand the EU's sustainability reporting landscape, you've likely encountered both "CSRD" and "ESRS" — often used interchangeably, often misunderstood, and almost always accompanied by a daunting number of data points, disclosure requirements, and compliance deadlines. This guide cuts through the complexity. It explains what CSRD and ESRS actually are, how they relate to each other, which companies are in scope, what mandatory disclosures actually require, and how the 2025 Omnibus changes have reshaped the entire regulatory picture. Whether you're preparing for your first reporting cycle or reassessing your ESG strategy in light of recent legislative shifts, this is where to start.

CSRD vs. ESRS: Understanding the Core Distinction

The confusion between CSRD and ESRS is understandable — they are deeply interconnected, they share the same implementation timeline, and they are almost always discussed together. But they serve fundamentally different functions, and conflating them leads to strategic missteps in compliance planning.

The Corporate Sustainability Reporting Directive (CSRD) is EU law. It determines who must report, when they must report, and establishes the legal obligation to disclose sustainability information. It sets the boundary conditions: scope thresholds, assurance requirements, digital tagging obligations, and the overarching principle of double materiality.

The European Sustainability Reporting Standards (ESRS) are the technical standards that define what to disclose and how. Developed by the European Financial Reporting Advisory Group (EFRAG) and adopted by the European Commission as a delegated act in July 2023, ESRS translate the CSRD's legal requirements into specific disclosure requirements, data points, and reporting structures. Without ESRS, CSRD would be an obligation without a method.

A useful analogy: think of the CSRD as the tax code that requires you to file a return, and ESRS as the actual tax form — with specific fields, calculation methods, and supporting documentation requirements. One creates the obligation; the other provides the framework for fulfilling it.

In practice, this distinction matters for project planning. When assessing whether your company is in scope, you're working with CSRD thresholds. When building your data collection architecture or assigning ownership for specific disclosures, you're working with ESRS. The two must be managed together, but they require different expertise and different organizational processes.

For a comprehensive technical walkthrough of all 12 standards, see the ESRS Standards 2026: Complete EU Sustainability Reporting Guide.

ESRS Structure: The 12 Standards Explained

The first set of ESRS comprises 12 sector-agnostic standards, organized into three layers: two cross-cutting standards that apply universally, ten topical standards covering environmental, social, and governance matters, and — separately — sector-specific standards still under development by EFRAG.

Cross-Cutting Standards (Mandatory for All)

ESRS 1 – General Requirements establishes the foundational principles for preparing sustainability statements: the concept of double materiality, the structure of the due diligence process, the relationship between impacts, risks, and opportunities, and the time horizons for reporting. It does not contain specific disclosure requirements but sets the methodological framework for everything that follows.

ESRS 2 – General Disclosures contains mandatory disclosure requirements applicable to all companies regardless of their materiality assessment. This includes governance structures for sustainability, the strategy and business model in relation to sustainability, the materiality assessment process itself, and stakeholder engagement. ESRS 2 is the one standard that no in-scope company can skip.

Environmental Standards (ESRS E1–E5)

ESRS E1 – Climate Change is typically the most resource-intensive standard. It requires disclosure of Scope 1, 2, and 3 greenhouse gas emissions, transition plans aligned with the Paris Agreement, physical and transition risk exposure, and — where applicable — internal carbon pricing mechanisms. Climate-related financial risks must also be disclosed, making this standard closely aligned with TCFD recommendations. For a deeper look at climate risk methodology, see Navigating Climate Risk: A Comprehensive Guide to Climate Risk Assessment and Management for Businesses.

ESRS E2 – Pollution covers air, water, and soil pollution — including substances of concern and substances of very high concern — with particular relevance for manufacturing, chemicals, and industrial sectors.

ESRS E3 – Water and Marine Resources addresses water consumption, withdrawal, and discharge, as well as ocean-related impacts. Companies with operations in water-stressed areas face heightened disclosure obligations. See also our guide on Water Risk Assessment: Safeguarding Business Resilience and Sustainability.

ESRS E4 – Biodiversity and Ecosystems requires disclosure of impacts and dependencies on biodiversity, including the alignment with the Kunming-Montreal Global Biodiversity Framework. This is one of the more technically demanding standards, particularly for companies with land-use-intensive supply chains. The TNFD framework provides a complementary lens for nature-related financial disclosures.

ESRS E5 – Resource Use and Circular Economy covers material consumption, waste generation, and the transition toward circular business models.

Social Standards (ESRS S1–S4)

ESRS S1 – Own Workforce is consistently among the most data-intensive social standards, requiring detailed breakdowns of workforce composition, remuneration, health and safety metrics, and collective bargaining coverage. ESRS S2 extends these requirements into the value chain (workers in supply chains). ESRS S3 addresses affected communities, while ESRS S4 covers consumers and end-users.

Governance Standard (ESRS G1)

ESRS G1 – Business Conduct addresses anti-corruption and anti-bribery policies, lobbying and political influence, and payment practices. Governance disclosures are often underestimated in their complexity — particularly for companies without established compliance functions.

Each topical standard follows a fixed four-part structure: Strategy, Policies, Actions, and Targets. This ensures that companies don't simply report on current performance but also articulate how they are managing material sustainability topics over time. For companies approaching their first CSRD reporting cycle, this structure provides a useful scaffolding for internal workstreams.

CSRD Reporting Requirements: Scope Criteria and Implementation Timeline

Understanding who must report — and when — has become significantly more complex following the 2025 Omnibus package. The original CSRD scope has been substantially narrowed, and the implementation timeline has shifted for the majority of originally in-scope companies.

Current Scope Thresholds (Post-Omnibus)

Under the Omnibus I package approved by the European Parliament in December 2025, the CSRD will apply to companies meeting both of the following criteria: more than 1,000 employees and more than €450 million in net annual turnover. This represents a dramatic reduction from the original thresholds — the revised scope is estimated to cover roughly 80% fewer companies than originally planned.

Listed SMEs, which were previously included in the scope as a separate wave, are now effectively excluded under the revised framework. Non-EU companies with significant EU business activity (net turnover exceeding €450 million in the EU) remain in scope, with reporting obligations starting from financial years beginning on or after January 1, 2028.

Implementation Timeline

Wave 1 (already reporting): Large listed companies, banks, and insurance undertakings with more than 500 employees were required to apply CSRD for the first time for the 2024 financial year, with reports published in 2025. These companies are already operating under the full ESRS framework.

Wave 2 and Wave 3 (delayed by Stop-the-Clock): The "Stop-the-Clock" Directive postponed reporting requirements for companies originally scheduled to report for financial years 2025 or 2026. Under the revised Omnibus timeline, EU companies in the expanded scope will begin reporting for financial years starting on or after January 1, 2027, with reports published in 2028.

Tatsächlich, the timeline uncertainty created by the Omnibus process has been one of the more disruptive elements for compliance planning — particularly for companies that had already invested significantly in CSRD readiness. The experience shows that building a modular, phased approach to ESG data infrastructure pays off precisely in situations like this.

For companies navigating scope determination alongside broader ESG strategy, the ESG Implementation Strategy: A Step-by-Step Guide provides a structured framework for sequencing compliance work alongside strategic sustainability initiatives.

CSRD Data Points: A Taxonomy of What You Actually Need to Report

The concept of "CSRD data points" refers to the individual pieces of information — quantitative metrics, qualitative descriptions, policies, targets — that companies must disclose under the ESRS framework. Understanding the taxonomy of data points is essential for scoping your reporting project and building the right data collection infrastructure.

The Numbers: Before and After Omnibus

In the original ESRS Set 1, the CSRD framework contained 82 disclosure requirements and 1,144 individual data points. Of these:

• 161 data points are mandatory irrespective of the materiality assessment — these must be disclosed by all in-scope companies
• 622 data points are subject to the materiality assessment — companies must disclose these only if the relevant topic is determined to be material
• 269 data points are marked as voluntary ("may disclose") — these are optional reporting elements indicated by the use of "may" rather than "shall" in the legal text

The Omnibus proposals, currently moving through final consultation, are expected to reduce mandatory data points by approximately 61% and eliminate voluntary disclosures entirely from the mandatory framework. A delegated act revising the ESRS is expected within six months of the finalization of the Omnibus II proposal.

How Data Points Are Structured

EFRAG published Implementation Guidance 3 (IG 3) in May 2024 — a non-authoritative but practically essential document that maps all ESRS data points across topics and standards. The data points are organized by sustainability topic and fall into several categories:

Narrative and policy disclosures describe a company's approach to a given sustainability topic — its policies, due diligence processes, and governance structures. These tend to be qualitative and are often the starting point for first-time reporters.

Target and action disclosures require companies to report on specific, time-bound commitments and the measures taken to achieve them. These connect directly to strategy disclosures and are scrutinized heavily during assurance processes.

Quantitative metrics are the most technically demanding category — GHG emissions in tonnes of CO₂e, energy consumption in MWh, headcount breakdowns, injury rates, remuneration ratios. Many of these require new data collection processes and IT system integrations.

A frequently overlooked aspect: many data points are only triggered if a company identifies a given topic as material. This is why a robust double materiality assessment is not just a compliance exercise — it directly determines the total volume of data points your organization needs to manage. Getting the materiality assessment wrong in either direction creates significant downstream problems.

For companies with complex Scope 3 supply chains — where data point requirements under ESRS E1 are particularly demanding — the practical challenges of data collection are substantial. The SBTi guide on Scope 3 emissions offers relevant context for the measurement methodology underpinning these disclosures.

The Digital Tagging Requirement

All CSRD-required sustainability disclosures must be tagged using ESRS XBRL taxonomy — converting narrative and quantitative disclosures into machine-readable digital format. This requirement applies from the first reporting cycle and significantly affects how sustainability reports are structured and published. It is one of the more technically underestimated aspects of CSRD compliance.

CSRD Mandatory Disclosures: What Is Actually Required

One of the most common misconceptions about CSRD is that all disclosures are mandatory. They are not. The distinction between unconditionally mandatory disclosures and materiality-dependent disclosures is central to scoping your compliance project accurately.

Unconditionally Mandatory: ESRS 2

ESRS 2 contains the only standard where all disclosure requirements apply regardless of materiality. Specifically, every in-scope company must disclose:

• Governance: The role of administrative, management, and supervisory bodies in sustainability oversight; integration of sustainability into incentive structures
• Strategy: How the company's business model and strategy interact with material sustainability topics; resilience assessment under different scenarios
• Materiality Assessment Process: How the company determined material topics, including the process for identifying impacts, risks, and opportunities
• Metrics and Targets: The basis for preparing sustainability statements, including the value chain boundary and applicable standards

Climate Disclosures: Effectively Mandatory in Practice

ESRS E1 (Climate Change) contains a provision that requires companies to disclose the results of their climate-related materiality assessment if they conclude that climate change is not material. In practice, this opt-out is rarely available — and regulators, investors, and auditors will scrutinize any such conclusion carefully. The substantive climate disclosures under ESRS E1 include Scope 1, 2, and 3 GHG emissions, energy consumption and mix, transition plan commitments, and physical and transition risk exposure. For companies working through climate scenario analysis, the methodology described in using RCP and SSP data for corporate climate risk assessment is directly applicable.

What Materiality-Dependent Disclosures Mean in Practice

For all topical standards other than ESRS E1, companies apply their double materiality assessment to determine which topics are material and therefore which disclosure requirements apply. A manufacturing company with a complex supply chain may find ESRS S2 (Workers in the Value Chain) highly material, while a pure-play software business may reasonably conclude it is not. The key is that the assessment process itself must be documented and auditable — it is not simply a matter of excluding inconvenient topics.

Spätestens when your first auditor review or investor due diligence arrives, the quality of your materiality assessment documentation becomes a critical risk factor. The ESG Questionnaire: 20 Critical Questions for CSRD Compliance provides a practical starting point for stress-testing your current data coverage against disclosure requirements.

Assurance Requirements

All sustainability information disclosed under CSRD is subject to limited assurance by an external auditor from the first reporting cycle. This has significant implications for data quality requirements — anecdotal or estimation-heavy approaches that may have been acceptable in voluntary reporting contexts will not survive a formal assurance process. Companies that have relied on Activity-based carbon accounting, for example, may find that auditors require primary data or more defensible proxy methods.

Double Materiality as the Foundation of CSRD Disclosure

The concept of double materiality underpins the entire CSRD/ESRS framework and distinguishes it from most other sustainability reporting approaches. It requires companies to assess materiality from two directions simultaneously.

Impact materiality considers the company's impacts on people and the environment — both positive and negative, actual and potential, across the value chain. A company that sources raw materials from regions with high deforestation risk has material impacts whether or not those impacts currently affect its financial performance.

Financial materiality considers how sustainability-related factors create risks or opportunities that could affect the company's financial performance, cash flows, access to capital, or cost of capital. Physical climate risks to a coastal facility, transition risks from carbon pricing, or reputational risks from supply chain labor issues — these are financial materiality considerations.

Interestingly, these two dimensions do not always overlap. A company may have significant impact materiality in a topic without it being financially material in the short term — and vice versa. The CSRD requires disclosure of both. The Omnibus package maintains the double materiality requirement even as it simplifies other aspects of the framework — a signal that this principle is considered foundational to the EU's sustainability disclosure architecture.

For companies approaching their first double materiality assessment, the practical complexity lies in stakeholder engagement, impact identification across the value chain, and documentation standards that will withstand auditor scrutiny. The ESG Integration and CSRD Reporting guide for medium-sized companies addresses the operational challenges involved.

The Omnibus Package: What Changed in 2025

The European Commission's February 2025 Omnibus I proposal and the subsequent December 2025 European Parliament position represent the most significant reshaping of the CSRD since its adoption. Companies that had been preparing for compliance under the original framework need to reassess their plans — but they should do so carefully, as the details continue to evolve.

Scope Reduction

The Omnibus narrows the CSRD to companies with more than 1,000 employees and more than €450 million in net annual turnover. This removes approximately 80% of originally in-scope companies from mandatory reporting obligations. However, there is an important nuance: many of these companies will still face indirect CSRD exposure through their relationships with larger customers or investors who remain in scope and require value chain data.

Data Point Reduction

The proposed revision to ESRS aims to reduce mandatory data points by approximately 61%. Voluntary data points are expected to be eliminated from the mandatory framework entirely. EFRAG is expected to deliver draft revised standards, with a delegated act following within six months of the finalization of the Omnibus II proposal.

The Strategic Concern

From a strategic advisory perspective, the scope reduction creates a genuine tension. Reducing the administrative burden on smaller companies is a legitimate goal — particularly given the capacity constraints many mid-sized businesses face. However, a large-scale reduction in the scope of companies covered risks creating material data gaps in supply chain transparency, and removing critical climate and biodiversity data points from the framework increases financial risk for investors who rely on comparable, audited sustainability information. The most important data points — particularly around climate transition plans, Scope 3 emissions, and biodiversity impact — should be preserved even in a simplified framework.

For companies navigating related regulatory complexity across the EU Green Deal ecosystem, understanding how CSRD intersects with instruments like the EUDR, the EU ETS 2, and the EU Taxonomy is essential for avoiding duplicated effort and building integrated compliance architectures.

Practical Guidance for Getting Started

The experience from implementation projects shows that companies consistently underestimate two things: the time required to build reliable data collection processes, and the importance of early cross-functional alignment on ownership and accountability for sustainability data.

Step 1: Scope Determination and Gap Analysis

Before investing in data infrastructure, confirm your actual regulatory position — both today and under the revised Omnibus thresholds. If you are in scope, a gap analysis against ESRS 2 mandatory disclosures and your likely material topics will give you the clearest picture of the work ahead. The ESG Metrics for 2026: Required and Best Practice guide provides useful benchmark context for data point prioritization.

Step 2: Double Materiality Assessment

This is the foundation of your entire reporting architecture. A well-executed materiality assessment will scope your data collection requirements, prioritize your resource allocation, and provide the documented rationale that auditors and investors will scrutinize. A rushed or inadequately documented assessment creates compliance risk across the entire framework.

Step 3: Data Architecture and Collection

Map required data points to existing data sources — finance systems, HR platforms, operational reporting, procurement systems. Identify gaps and build collection processes that can produce audit-quality data. For GHG emissions, this typically means moving from estimation-based to primary data approaches, at least for Scope 1 and 2.

Step 4: Governance and Internal Controls

ESRS 2 requires disclosure of how sustainability is integrated into governance structures. Building the right internal controls for sustainability data before the first assurance review is significantly less painful than retrofitting them afterward. This also means integrating sustainability data into existing financial reporting workflows — something that requires close coordination between finance, legal, and sustainability functions.

Companies using sustainability data to communicate with investors and customers should also be aware of the Green Claims Directive and its implications for how CSRD-disclosed data can and cannot be used in marketing and external communications.

Key Takeaway

CSRD and ESRS compliance is a multi-year organizational transformation, not a reporting project. Companies that treat it as a strategic opportunity — to improve data quality, strengthen stakeholder relationships, and build genuine resilience — consistently produce better outcomes than those focused exclusively on minimum compliance. The timeline flexibility introduced by the Omnibus should be used to build this capability thoughtfully, not to delay getting started.

For venture-backed companies and their investors, the Unlocking ESG Value for Startups and Venture Capital guide addresses how CSRD and ESRS requirements intersect with VC portfolio management and LP reporting obligations.

FAQ

What is the difference between CSRD and ESRS?

The CSRD (Corporate Sustainability Reporting Directive) is EU law that determines which companies must report on sustainability and establishes the legal framework for doing so. ESRS (European Sustainability Reporting Standards) are the technical standards that define exactly what information must be disclosed and how. CSRD creates the obligation; ESRS provides the method. Think of CSRD as the legislation requiring a sustainability report and ESRS as the detailed template and methodology for producing it.

How many CSRD data points does a company actually need to report?

The original ESRS framework contains 1,144 data points across 82 disclosure requirements. Of these, 161 are mandatory regardless of materiality, 622 are subject to the materiality assessment (meaning you only disclose them if the relevant topic is material to your business), and 269 are voluntary. Under the Omnibus proposals currently in consultation, mandatory data points are expected to be reduced by approximately 61%. The exact number any individual company needs to report depends significantly on the results of its double materiality assessment.

Which companies are subject to CSRD reporting requirements?

Following the 2025 Omnibus changes, CSRD applies to companies with more than 1,000 employees and more than €450 million in net annual turnover. This is significantly narrower than the original scope. Non-EU companies with net EU turnover above €450 million are also in scope. Wave 1 companies (large listed companies, banks, and insurers with 500+ employees) have already begun reporting for the 2024 financial year. Most other companies now face a provisional reporting start date of financial year 2027, with reports published in 2028.

What are CSRD mandatory disclosures — which metrics are always required?

ESRS 2 (General Disclosures) is unconditionally mandatory for all in-scope companies, covering governance structures for sustainability, strategy and business model alignment, the materiality assessment process, and stakeholder engagement. Beyond ESRS 2, climate-related disclosures under ESRS E1 are effectively mandatory in practice — companies claiming climate is not material must disclose and justify that conclusion, which rarely withstands scrutiny. The 161 unconditionally mandatory data points also include specific metrics within other standards that apply regardless of materiality assessment results.

What is the ESRS structure — how are the 12 standards organized?

ESRS comprises two cross-cutting standards (ESRS 1: General Requirements and ESRS 2: General Disclosures), five environmental standards (E1: Climate Change, E2: Pollution, E3: Water and Marine Resources, E4: Biodiversity and Ecosystems, E5: Resource Use and Circular Economy), four social standards (S1: Own Workforce, S2: Workers in the Value Chain, S3: Affected Communities, S4: Consumers and End-Users), and one governance standard (G1: Business Conduct). Each topical standard follows a fixed structure covering Strategy, Policies, Actions, and Targets.

How do CSRD disclosure requirements relate to double materiality?

Double materiality is the core principle determining which CSRD disclosures apply to a given company. It requires companies to assess both impact materiality (the company's effects on people and environment) and financial materiality (sustainability factors affecting the company's financial performance). Topics that are material from either or both perspectives trigger the associated ESRS disclosure requirements. ESRS 2 mandatory disclosures include the documentation of this assessment process itself — meaning the methodology must be auditable.

What did the 2025 Omnibus package change about CSRD?

The Omnibus I package approved by the European Parliament in December 2025 made two major changes: it raised the scope thresholds to companies with 1,000+ employees and €450M+ turnover (reducing the number of in-scope companies by approximately 80%), and it initiated a revision of ESRS to reduce mandatory data points by approximately 61%. The "Stop-the-Clock" directive also postponed reporting obligations for Wave 2 and Wave 3 companies. Revised ESRS standards are expected through a delegated act within six months of the finalization of the Omnibus II proposal.