In March 2020, the European Commission introduced the groundbreaking Circular Economy Action Plan (CEAP), which includes 54 actions to transform business practices and promote sustainable growth across the region.
The CEAP includes the introduction of new sweeping legislation such as the Ecodesign for Sustainable Products Legislation (ESPR) to revolutionise how products are designed and managed with sustainability at their core.
It also contains updates to strengthen existing sustainability legislation, making businesses more accountable for the sustainability of their operations and external supply chains – the Corporate Sustainability Reporting Directive (CSRD) is one such regulation.
In this article, we’ll explore what the CSRD is and what it demands, which organisations it affects, and how Digital Product Passports (DPPs) can enable CSRD compliance.
Origins of the CSRD
On 21st April 2021, the adoption of the new CSRD was announced by the European Commission as an expansion of (and ultimately a replacement for) the existing Non-Financial Reporting Directive (NFRD).
The NFRD, approved in 2015, required companies to start disclosing non-financial information relating to their operations, including environmental impact, social data such as the treatment of their employees and so on.
Critics of the NFRD saw it as insufficient for improving sustainability, as it allowed organisations to omit information that investors and customers might deem important for decision-making. Therefore, when the EU agreed on the CEAP, the NFRD was strengthened and turned into the CSRD.
Officially entering into force on 5 January 2023, EU member states have 18 months from then to transpose the CSRD into their national law. This means the first reporting deadlines are due in 2025, which doesn’t give affected businesses a huge amount of time to organise themselves for CSRD compliance.
Which businesses require CSRD compliance?
The CSRD has an expanded scope for compliance, covering approximately 11,700 companies across the EU and increasing the total amount of businesses subject to sustainability reporting in the EU to around 49,000.
However, the timeline and scope of reporting vary depending on factors such as business size, classification, and revenue. For large companies, the CSRD applies if they meet 2 of the 3 following requirements:
- €50+ million in net turnover
- €25+ million in assets
- 250+ employees
For SMEs listed in Europe, the CSRD applies if they meet 2 of the 3 following conditions:
- €50+ million in net turnover
- €25+ million in assets
- 250+ employees
The timelines differ for each designation of business. For example, large companies operating within the EU identified as public interest entities with more than 500 employees have to start reporting from 2025 onwards for the financial year starting on or after 1st January 2024.
However, SMEs meeting certain requirements only have to start reporting in 2027 and have the potential to opt out until 2028. The CSRD also covers subsidiaries of large, non-EU organisations where the presence in the EU results in a turnover of more than €150 Million, helping to avoid an inevitable loophole.
Exemptions
There are also exemptions for certain businesses. For example, the CSRD doesn’t apply to providers of Accredited Investment Fiduciary (AIF) or Undertakings for the Collective Investment in Transferable Securities (UCITS) financial products.
Exemptions for subsidiaries may also be applied under certain circumstances, such as when the subsidiary is included in the consolidated report of the parent company.
Penalties
The CSRD itself doesn’t contain specific penalties within the legislation and leaves the responsibility for punishment for non-compliance up to the EU member states themselves when transposing it into law; as of 10th May 2024, only 5 EU countries have done so.
So far, there are limited instances of penalties being imposed. However, France is leading the way on that front. The potential punishments in France for non-compliance with the CSRD are as follows:
- Non-publication: liable to a €3,750 fine + public communication + exclusion from public procurement procedures and concession contracts (law on green industry)
- Non-audit: liable to a €30,000 fine + 2 years’ imprisonment
- Obstructing an audit: liable to a €75,000 fine + 5 years’ imprisonment
In addition to the financial penalties, CSRD information will be published on a European Union platform and made available to the public, which could represent a reputational risk.
What information needs to be reported?
The CSRD requires many businesses operating within the EU to report their sustainability and social data in line with the European Sustainability Reporting Standard (ESRS). This can be broadly split into 3 categories: environmental, social, and governance.
Environmental examples:
- Greenhouse gas emissions
- Waste levels
- Water usage
Social examples:
- Employee count
- Working conditions
- Community impact
Governance examples:
- Risk management
- Company structure
Not only are organisations required to report data in the above categories, but they must also show evidence that they’re making efforts towards increasing the sustainability of their business. Copious amounts of data gathering, management, and diligence are required to ensure CSRD compliance – this is where Digital Product Passports can lend a hand.
What are Digital Product Passports?
Digital Product Passports are a platform for sharing critical information about physical products with stakeholders throughout the value chain. This data can span the entire product lifecycle – from manufacture to recycling and disposal – giving a holistic, comprehensive, and valuable overview.
The driving force behind the adoption of Digital Product Passports (DPPs) is the Ecodesign for Sustainable Products Regulation (ESPR) which sets ecodesign requirements for products manufactured or sold within the EU, aiming to create a sustainability standard for physical products.
The ESPR came into force on 18th July 2024. The first working plan for the regulation is set to be released in Spring 2025 and will outline the proposed timeline for delegated acts for priority industries.
The ESPR directly mandates that every product it regulates must come with a Digital Product Passport, accessible by QR code or a similar data carrier. This will help provide access to verifiable information relevant to CSRD compliance.
Digital Product Passports and CSRD Compliance
Although the CSRD doesn’t directly mandate the use of DPPs, there are benefits of implementing DPPs that could be a crucial step in achieving CSRD compliance.
1. Enriched Sustainability Data
The ESPR requires organisations across as many as 30 major industries to implement Digital Product Passports, containing a wealth of data gathered throughout a product’s lifecycle. Much of this information overlaps with the reporting requirements for the CSRD.
For example, the CSRD requires businesses to report on Scope 3 emissions as part of their overall carbon footprint disclosures. Scope 3 refers to carbon emissions generated throughout an organisation’s value chain, rather than by their direct business operations.
This includes purchased goods and services, fuel and energy-related activities, business travel, leased assets, end-of-life treatment for sold goods, and many more.
Historically, these have been very difficult to measure as organisations have limited visibility into the operations of other actors outside of their direct control, leaving them to rely on third-party data estimates such as industry averages and government statistics.
DPPs can be updated throughout a product’s lifecycle with sustainability data as it moves through the supply chain, with the ESPR requiring the information held within to be up-to-date and accurate.
This means that DPPs can act as a trustworthy measurement tool for carbon emissions at a product level, many of which fall under Scope 3, that can be extrapolated to get a more comprehensive view of an organisation’s overall emissions profile.
2. Verifiable Audit Trails
One of the CSRD’s core requirements is for organisations to generate reports for external auditors, disclosing a large amount of sustainability data with both forward-looking and retrospective qualities.
The CSRD intends to bring sustainability reporting up to the same standard as financial reporting, which means that the data contained within reports must be high quality, secure, and free of manipulation. It also requires organisations to set timebound targets for improving corporate sustainability, such as reducing GHG emissions by a certain date, and prove demonstrable progress towards these aims.
Gathering the necessary data for this purpose could be a hurdle for many large organisations with complex supply chains, as the quality of data needed from their third-party suppliers and partners can vary wildly, as can levels of cooperation.
When implementing a company-wide DPP solution, organisations must undergo a full evaluation of their data management processes, reviewing and mapping their data sources and measuring their data quality. This is a critical step that overlaps with CSRD compliance.
By working with supply chain stakeholders during their DPP implementation, organisations can foster collaboration between siloed elements of their value chain, promote a robust data management framework among their partners, and evaluate the quality of incoming data as a move towards CSRD compliance.
If a blockchain layer is added to the DPP solution, this will ensure that the data gathered is secure, verifiable, and unable to be tampered with, providing a comprehensive and unified source of information from across the supply chain which can feed directly into CSRD reporting.
The tamper-proof, transparent nature of the blockchain can help to create a verifiable audit trail for external auditors to access when necessary, helping the business prove that they’re not only complying with the law but are actively taking steps to improve their overall process related to data management and sustainability.
DPPs can also provide data in XBRL – a machine-readable format that complies with the CSRD. This can help to simplify the audit process and ensure adherence to European Sustainability Reporting Standards.
3. Resource Management and Cost Efficiency
While implementing DPPs might seem like a daunting and costly prospect (if that’s the case, check out our 7 tips to prepare for DPPs), consider how expensive it might be to duplicate that work.
For instance, how much might it cost to enlist one of the big four consultancy firms to do a comprehensive data audit for CSRD compliance, only to have to do it again in a few years’ time? These costs could be in the tens or hundreds of thousands of Euros, depending on the organisation’s size.
If you sell or produce physical goods for the EU market, there’s a high chance that you will need to comply with the ESPR and its DPP mandate. This is especially pressing if you’re in the batteries or textiles sectors, for example, which could be required to have DPPs in place as early as 2027.
DPP implementation to the scale required to satisfy the remit of the ESPR requires a deep evaluation of data management practices and data sources, in much the same way necessary for CSRD compliance.
Therefore, to avoid the duplication of efforts and associated costs, it makes sense to allocate resources towards implementing DPPs as this will help ensure compliance with the CSRD in the near term, and the ESPR in the long term.
Getting ahead of the curve in this way could help justify the budget requests to management, gain a first-mover advantage, and ultimately save on hefty duplicate consultancy costs. By implementing a Digital Product Passport solution in advance of, or in line with the CSRD deadline, your organisation could maximise your ESG costs and avoid double-spending.
Conclusion
The CSRD is a wide-reaching, comprehensive, and complex piece of legislation designed to bring sustainability reporting in line with the European Reporting Standards and give it a similar level of scrutiny as financial reporting.
With the first set of reporting deadlines for due in 2025, and as many as 49,000 companies potentially falling within its scope, organisations must act now to bolster CSRD compliance.
Digital Product Passports provide an excellent tool to aid CSRD compliance. They can enhance and enrich sustainability data for more comprehensive reporting, generate verifiable audit trails, and potentially reduce consultation costs and duplication of efforts.