Book a Demo

Category: CSRD

  • CSRD Assurance: What Limited Assurance Means and How to Prepare

    CSRD assurance is the independent verification of a company’s sustainability report by a qualified third party. Under the directive, all in-scope companies must obtain at least limited assurance on their ESRS disclosures, with the EU planning a transition to reasonable assurance by 2028. This requirement applies from your first CSRD reporting year.

    What is CSRD assurance?

    Assurance is not an audit in the traditional financial sense, but it serves a similar purpose: giving stakeholders confidence that the reported information is materially accurate and prepared in accordance with the applicable standards.

    CSRD introduces two levels of assurance. Limited assurance is required initially — this involves the assurance provider reviewing your data, processes, and disclosures to conclude whether anything has come to their attention that causes them to believe the report is materially misstated. It is less intensive than reasonable assurance but still demands structured evidence and documentation.

    Reasonable assurance — the standard applied to financial statements — is planned for introduction by 2028. This requires the assurance provider to obtain sufficient evidence to positively confirm that disclosures are free from material misstatement. The gap between limited and reasonable assurance is significant in terms of evidence requirements, so organisations building their reporting processes now should design for reasonable assurance from the start.

    What do assurance providers actually check?

    Understanding what assurance providers examine helps you build processes that pass scrutiny the first time. Their focus areas typically include:

    Data accuracy and traceability

    Every figure in your sustainability report must be traceable back to its source. The assurance provider will select a sample of disclosed data points and follow the trail from the published number through your calculation methodology to the underlying activity data. If that trail is broken — because data was manually transferred between systems, or because the calculation methodology is undocumented — the finding will be flagged.

    Methodology consistency

    Have you applied the same calculation methodologies consistently across reporting entities, time periods, and data categories? Changes in methodology between years must be disclosed and justified. The assurance provider will check that emission factors, conversion rates, and estimation approaches are applied uniformly and are appropriate for your sector and geography.

    Double materiality process documentation

    Your double materiality assessment determines which ESRS standards you report against. The assurance provider will examine how you identified material topics, what scoring methodology you used, how stakeholder input was incorporated, and whether exclusion decisions are justified. A materiality assessment without documented methodology and evidence will not survive assurance review.

    Governance and internal controls

    Who approved the data? Who reviewed the calculations? What internal controls prevent errors from propagating through the report? The assurance provider expects to see defined roles, approval workflows, and segregation of duties between data entry and data review. This is where governance alignment becomes critical.

    Completeness of ESRS disclosures

    Based on your materiality assessment, certain ESRS standards apply to your organisation. The assurance provider will verify that all required disclosure points under those standards are addressed — either with reported data or with a documented explanation of why a specific disclosure is not applicable. Missing disclosures without explanation will be flagged as findings.

    How to prepare your organisation for assurance

    Build audit trails from day one. Every data entry should be timestamped, attributed to a named user, and linked to source documentation. If you are using ESG reporting software, this should be automatic. If you are using spreadsheets, you need a manual logging process — which is why most organisations undergoing CSRD assurance move to dedicated software before their first engagement.

    Document your methodology decisions. For every calculation approach, emission factor selection, and estimation technique, maintain a methodology note explaining what you chose, why you chose it, and what alternatives you considered. This documentation should be prepared as you build your reporting process, not retrospectively assembled before the assurance engagement.

    Maintain evidence for materiality conclusions. Your double materiality assessment should be supported by stakeholder engagement records, scoring matrices, threshold justifications, and minutes from governance meetings where material topics were approved. The assurance provider will ask for this documentation.

    Establish clear data ownership. Every data point in your CSRD report should have a named owner — the person responsible for its accuracy. When the assurance provider queries a figure, you need to know immediately who can provide the explanation and evidence.

    Run an internal dry run. Before engaging your external assurance provider, conduct an internal review that simulates the assurance process. Select a sample of data points, trace them back to source, check methodology consistency, and verify completeness against ESRS requirements. This identifies gaps you can fix before they become formal findings.

    Common assurance pitfalls

    Engaging the assurance provider too late. If your first conversation with the assurance provider is after your report is drafted, you have missed the window for them to review your methodology and data processes. Engage them during the preparation phase — most providers offer pre-assurance advisory services for first-time reporters.

    Assuming limited assurance is easy. Limited assurance is less intensive than reasonable assurance, but it is not a rubber stamp. Providers will still examine your data, test your calculations, and review your governance processes. Organisations that treat limited assurance casually often receive qualified opinions or management letter findings.

    Inconsistent methodology across entities. Multi-site or multi-entity organisations frequently apply different calculation approaches across locations, then struggle to reconcile them at group level. Standardise your methodology before data collection begins.

    Undocumented Scope 3 estimates. Most organisations use estimates for Scope 3 emissions, which is acceptable under both the GHG Protocol and ESRS E1. However, the estimation methodology, data sources, and assumptions must be clearly documented. An undocumented estimate is an unsupported figure.

    No separation between data entry and review. If the same person enters and approves data, you have a governance weakness. Assurance providers expect a review step between data entry and final disclosure, even in small teams.

    The timeline — when to engage your assurance provider

    For a company reporting on FY2025 with a filing date in 2026, a realistic assurance timeline looks like this:

    6-9 months before filing: Initial conversation with the assurance provider. Discuss scope, timeline, fee structure, and their expectations for documentation and access.

    4-6 months before filing: Pre-assurance advisory engagement. The provider reviews your methodology documents, data collection processes, and materiality assessment. You receive early feedback and can address gaps.

    2-3 months before filing: Data collection close. Final figures are calculated and internal review is completed.

    1-2 months before filing: Formal assurance engagement. The provider conducts their review, tests data samples, and issues their assurance opinion.

    How Horizon ESG supports assurance readiness

    Horizon ESG is designed with assurance in mind. Every data entry is automatically timestamped and attributed. Calculation methodologies are documented within the platform. Approval workflows enforce separation between data entry and review. And your assurance provider can be granted read-only access to trace any disclosed figure back to its source data without requiring your team to compile evidence packs manually.

    The result is a reporting process that is assurance-ready by design, not by afterthought. Learn more about how Horizon ESG can support your assurance readiness.

  • CSRD Readiness Checklist: 12 Steps Before Your First Report

    To prepare for CSRD, organisations should follow a structured readiness process: confirm whether they fall in scope, identify their reporting deadline, conduct a double materiality assessment, map their value chain, establish data collection workflows, and secure assurance early. This 12-step CSRD readiness checklist walks you through each stage so you can approach your first report with confidence rather than last-minute scrambling.

    What Is CSRD Readiness?

    CSRD readiness refers to the state of organisational preparedness required to produce a compliant sustainability report under the EU’s Corporate Sustainability Reporting Directive. Unlike previous non-financial reporting requirements, the CSRD demands structured, auditable disclosures aligned with the European Sustainability Reporting Standards (ESRS). That means readiness is not simply about writing a report — it is about building the internal systems, governance structures, and data pipelines that make accurate, verifiable reporting possible.

    A CSRD readiness assessment evaluates where your organisation currently stands against these requirements and identifies the gaps you need to close before your first filing deadline. The earlier you begin this process, the less disruptive it becomes. Companies that treat CSRD preparation as a phased project — rather than a year-end compliance exercise — consistently report smoother outcomes and fewer audit issues.

    The 12-Step CSRD Readiness Checklist

    1. Determine If You Are in Scope

    The CSRD is rolling out in waves. Large public-interest entities (over 500 employees) began reporting in 2025 on FY2024 data. The second wave, covering large companies meeting two of three thresholds — over 250 employees, EUR 50 million turnover, or EUR 25 million in assets — reports in 2026 on FY2025 data. Listed SMEs follow in 2027, with a possible opt-out until 2028. Non-EU companies generating over EUR 150 million in the EU enter scope from 2029. Check the thresholds carefully. Many mid-sized businesses are surprised to find they qualify earlier than expected, particularly subsidiaries of larger groups.

    2. Identify Your Reporting Year and First Filing Deadline

    Once you have confirmed you are in scope, pin down the exact financial year you need to report on and the corresponding filing date. Your CSRD report will be included within your management report, which means the deadline aligns with your annual financial reporting cycle. If you are in the second wave, your first report covers FY2025 data and must be filed in 2026. This distinction matters because data collection needs to begin at the start of the reporting year — not when the report is due. Work backwards from the filing date to build a realistic preparation timeline.

    3. Conduct a Gap Analysis Against ESRS Requirements

    The European Sustainability Reporting Standards comprise 12 standards spanning environmental, social, and governance topics. Each standard contains specific disclosure requirements and data points. A gap analysis maps your current ESG reporting practices against these requirements to identify what you already collect, what you partially cover, and what is entirely missing. Focus on the mandatory cross-cutting standards (ESRS 1 and ESRS 2) first, then move to the topical standards that your double materiality assessment identifies as relevant. This exercise gives you a clear remediation roadmap and helps you prioritise resource allocation.

    4. Complete Your Double Materiality Assessment

    Double materiality is the foundation of your CSRD report. It requires you to assess sustainability topics from two perspectives: financial materiality (how sustainability issues affect your business) and impact materiality (how your business affects people and the environment). This assessment determines which ESRS topical standards you must report on and which you can legitimately exclude. It also shapes your stakeholder engagement strategy. For a detailed walkthrough of the methodology, see our complete guide to double materiality under CSRD. Do not underestimate the time this step requires — most organisations need 8 to 12 weeks to complete it properly.

    5. Map Your Value Chain for Scope 3 Reporting

    ESRS E1 (Climate Change) requires disclosure of Scope 1, 2, and 3 greenhouse gas emissions. Scope 3 — covering indirect emissions across your upstream and downstream value chain — is typically the largest category and the hardest to measure. Begin by mapping your key suppliers, distributors, and end-of-life product impacts. Identify which Scope 3 categories are most material to your business. You will likely need to rely on spend-based estimates initially before transitioning to activity-based data over time. Engaging key suppliers early and establishing data-sharing agreements will improve data quality in subsequent reporting cycles.

    6. Establish Data Collection Processes Across Departments

    CSRD reporting pulls data from across the entire organisation — HR for workforce metrics, procurement for supply chain data, facilities for energy consumption, finance for climate-related financial risks. Identify every data owner and establish clear collection processes, frequencies, and quality standards. Spreadsheets may work for a first cycle, but they introduce error risk and make audit trails difficult. Investing in purpose-built ESG reporting software early reduces manual effort and improves consistency. Define data definitions clearly so that every department reports metrics in the same way.

    7. Assign Internal Ownership and Governance Structure

    CSRD compliance cannot sit with a single sustainability officer. It requires a governance structure with clear accountability at the board level, an executive sponsor, and designated owners for each ESRS topic. Consider establishing a cross-functional CSRD steering committee that includes representatives from finance, legal, operations, HR, and sustainability. Define who signs off on the final report, who is responsible for data quality, and how disputes over materiality or disclosure are resolved. Our guide on CSRD governance alignment provides a practical framework for structuring this effectively.

    8. Select Your Reporting Software Platform

    The complexity and volume of ESRS data points make manual reporting impractical at scale. Evaluate ESG reporting software platforms based on their ESRS alignment, data integration capabilities, audit trail functionality, and XBRL tagging support — since CSRD reports must be digitally tagged in European Single Electronic Format (ESEF). Consider whether the platform supports double materiality workflows, automated data validation, and multi-entity consolidation if you operate across subsidiaries. Select your platform early enough to allow for implementation, data migration, and user training before the reporting year begins.

    9. Build Your Audit Trail from Day One

    CSRD reports are subject to mandatory assurance — initially limited assurance, moving to reasonable assurance over time. Your assurance provider will need to trace every disclosed figure back to its source. This means maintaining documentation of data origins, calculation methodologies, assumptions, estimation techniques, and any manual adjustments. Build this audit trail from the very start of your data collection process, not retrospectively when the auditor arrives. Version control for documents, approval workflows for data submissions, and timestamped records of changes all contribute to a robust audit trail that will make assurance smoother and less costly.

    10. Engage Your Assurance Provider Early

    Do not wait until your report is drafted to approach an assurance provider. Engage them during the preparation phase so they can review your methodology, flag potential issues with data quality or materiality conclusions, and confirm that your processes meet assurance standards. Many audit firms are experiencing significant demand as thousands of companies enter CSRD scope simultaneously, so early engagement also secures capacity. If your financial auditor offers sustainability assurance, there may be efficiencies in using the same firm, but evaluate independence and expertise carefully. A pre-assurance readiness review can save considerable time and cost later.

    11. Train Your Team on ESRS Disclosure Requirements

    CSRD reporting is not just a sustainability team exercise. Finance teams need to understand climate-related financial disclosures. HR must know what workforce data is required and how to report it consistently. Board members need sufficient literacy to oversee and approve the report. Invest in targeted training that is role-specific rather than generic. Focus on the practical mechanics: what data each team needs to provide, in what format, by what deadline, and to what quality standard. Regular briefings throughout the reporting cycle keep teams aligned and reduce the risk of last-minute data gaps or inconsistencies.

    12. Create a Reporting Timeline with Internal Milestones

    Your CSRD preparation needs a detailed project plan with clear milestones, not just a filing deadline. Work backwards from your submission date and build in time for data collection close, internal review cycles, management sign-off, assurance fieldwork, and XBRL tagging. Allow buffer time — first-year reporting always takes longer than expected. Key milestones should include: completion of the double materiality assessment, data collection cut-off dates for each quarter, first draft review, assurance readiness review, board approval, and final submission. Assign owners to each milestone and track progress through regular steering committee meetings.

    Common CSRD Readiness Mistakes

    Even well-resourced organisations stumble during CSRD preparation. These are the mistakes we see most frequently:

    1. Starting too late. Companies that begin their readiness assessment less than 12 months before their filing deadline consistently struggle with data gaps and rushed disclosures. CSRD preparation is a multi-year journey, not a quarter-end sprint.
    2. Treating it as a sustainability-only project. Without buy-in and active participation from finance, legal, HR, and operations, data collection stalls and governance gaps appear during assurance.
    3. Underestimating double materiality. A superficial materiality assessment leads to either over-reporting (wasting resources on immaterial topics) or under-reporting (creating compliance risk). Invest the time to do it properly.
    4. Ignoring the audit trail. Collecting data without documenting sources, methodologies, and assumptions creates enormous problems when assurance providers request evidence. Retrofitting audit trails is far more expensive than building them from the start.
    5. Choosing software too late. Implementing a reporting platform mid-cycle forces dual processes and increases error risk. Select and configure your platform before the reporting year begins.
    6. Neglecting value chain data. Scope 3 and supply chain disclosures require supplier engagement that takes months to establish. Start building those relationships and data-sharing agreements early.

    How Horizon ESG Supports CSRD Preparation

    Horizon ESG provides a structured platform designed to guide organisations through each stage of CSRD compliance. From automated double materiality workflows to ESRS-aligned data collection templates, the platform helps teams move from readiness assessment to published report without relying on disconnected spreadsheets or manual processes.

    Key capabilities include built-in audit trail functionality, cross-departmental data collection with automated validation, Scope 1-3 emissions calculation, and XBRL-ready output. For organisations in the second and third CSRD waves, Horizon ESG offers a phased onboarding approach that aligns platform implementation with your reporting timeline — so you are collecting data in the right format from day one.

    Learn more about how the platform supports your reporting obligations on our CSRD solutions page, or explore our guide to selecting best-practice ESG reporting software.

  • CSRD Timeline 2025-2028: Who Reports When and What You Need to Know

    CSRD reporting began in financial year 2024, with the first sustainability reports due in 2025 from large public-interest entities. The directive then rolls out in four waves through to 2029, progressively bringing large companies, listed SMEs, and non-EU businesses into scope. This guide sets out the exact deadlines, who falls into each wave, and what the EU Omnibus proposal means for your timeline.

    CSRD Implementation Timeline at a Glance

    The table below summarises all four CSRD reporting waves. If you are unsure which wave applies to your organisation, see the decision tree further down this page.

    Wave Who Is in Scope Financial Years Covered First Report Due Key Details
    Wave 1 Large public-interest entities already subject to the NFRD (>500 employees) FY 2024 2025 Approx. 11,700 companies across the EU. Reports must follow the full European Sustainability Reporting Standards (ESRS).
    Wave 2 Other large undertakings meeting at least 2 of 3 criteria: >250 employees, >€50m turnover, >€25m balance sheet total FY 2025 2026 The largest new cohort — an estimated 35,000+ companies. Includes private companies meeting the size thresholds. First time many mid-market businesses face mandatory sustainability reporting.
    Wave 3 Listed SMEs, small and non-complex credit institutions, and captive insurance undertakings FY 2026 2027 Listed SMEs may opt out until FY 2028 (reporting in 2029). Simplified ESRS standards (LSME ESRS) will apply. Subject to potential delay under the Omnibus proposal — see below.
    Wave 4 Non-EU (third-country) companies with >€150m net turnover in the EU and at least one EU subsidiary or branch FY 2028 2029 Reports prepared by the EU subsidiary or branch on behalf of the third-country parent. A dedicated third-country ESRS is expected.

    For a deeper look at how Wave 2 affects mid-sized businesses specifically, read our CSRD guide for medium-sized businesses.

    What Changed in 2025-2026?

    In February 2025 the European Commission published the Omnibus Simplification Package, a sweeping proposal to reduce regulatory burden across several EU sustainability directives, including the CSRD. The key proposed changes are as follows:

    • Wave 2 two-year delay: The Commission proposed postponing the first reporting deadline for Wave 2 companies by two years — from FY 2025 (report in 2026) to FY 2027 (report in 2028). As of early 2026, this delay has not been formally adopted into law, but the European Parliament and Council are actively negotiating it.
    • Wave 3 may be removed entirely: Under certain versions of the Omnibus text, listed SMEs could be taken out of mandatory CSRD scope altogether. This remains under discussion.
    • Scope thresholds raised: The proposal would increase the size thresholds for “large undertaking” status, potentially excluding a significant number of companies currently assumed to be in Wave 2.
    • Simplified value chain reporting: Companies may no longer be required to collect detailed sustainability data from SME suppliers, which would ease the indirect burden on smaller businesses in the supply chain.
    • Voluntary reporting encouraged: Companies falling below the revised thresholds would still be able to report voluntarily using simplified standards.

    What this means in practice: If your company sits in Wave 2 or Wave 3, you should continue preparing as though the original deadlines stand. Legislative delays are possible but not guaranteed, and companies that wait risk falling behind if the Omnibus amendments are diluted or rejected. Investors and customers will still expect sustainability data regardless of regulatory shifts.

    For guidance on how governance structures should evolve alongside reporting obligations, see our article on CSRD governance alignment and reporting.

    UK Companies — Does CSRD Apply to You?

    Post-Brexit, the CSRD is not directly transposed into UK law. However, UK businesses can still fall within its reach in three ways:

    1. Direct scope through EU presence

    If your UK-headquartered group has a subsidiary incorporated in an EU member state that meets the relevant size thresholds, that subsidiary must report under the CSRD according to its wave. Alternatively, if you are listed on an EU-regulated market, you are directly in scope.

    2. Wave 4 — third-country reporting

    UK companies generating more than €150 million in net turnover within the EU will fall into Wave 4 (FY 2028, reporting in 2029), provided they have at least one EU branch or subsidiary above the applicable thresholds.

    3. Indirect scope — value chain data requests

    Even if your company is not directly captured, EU customers reporting under the CSRD will need sustainability data from their value chain. If you supply goods or services to companies in Waves 1 or 2, expect to receive data requests covering environmental metrics, human rights due diligence, and governance practices. Being unable to respond may put commercial relationships at risk.

    UK Sustainability Disclosure Standards (UK SDS)

    The UK Government has confirmed it will introduce its own sustainability reporting regime based on the ISSB standards (IFRS S1 and S2). The current expectation is that mandatory UK SDS reporting will begin from 2027 for the largest UK-listed companies and financial institutions, with potential phased extension to large private companies thereafter. While UK SDS differs from the ESRS in structure, there is significant overlap in the underlying data requirements. Companies preparing for CSRD will find much of that work transferable to UK SDS compliance.

    How to Determine Your CSRD Reporting Wave

    Use the following decision tree to identify which wave — if any — applies to your organisation:

    1. Are you an EU public-interest entity with more than 500 employees, already subject to the Non-Financial Reporting Directive (NFRD)?
      Yes → Wave 1. You should already be reporting on FY 2024.
      No → Continue.
    2. Are you an EU-incorporated company (or EU subsidiary of a non-EU group) meeting at least two of the following: >250 employees, >€50m turnover, >€25m balance sheet total?
      Yes → Wave 2. Your first reporting year is FY 2025, with the report due in 2026 (subject to potential Omnibus delay).
      No → Continue.
    3. Are you a listed SME on an EU-regulated market, a small and non-complex credit institution, or a captive insurance undertaking?
      Yes → Wave 3. First reporting year is FY 2026 (report in 2027), with an opt-out available until FY 2028. Subject to Omnibus changes.
      No → Continue.
    4. Are you a non-EU company with more than €150m net turnover generated in the EU, with at least one EU subsidiary or branch?
      Yes → Wave 4. First reporting year is FY 2028, with the report due in 2029.
      No → Continue.
    5. None of the above apply.
      You are not currently in direct scope of the CSRD. However, you may face indirect obligations through value chain data requests from EU customers or through forthcoming UK SDS requirements. Voluntary reporting using the ESRS is an option worth considering.

    If you are uncertain about your classification, particularly around consolidated vs. individual reporting, consult the full CSRD overview on our dedicated page.

    What to Do Now Based on Your Wave

    Wave 1 — Already Reporting (FY 2024)

    Your first CSRD-aligned report should already be published or in final review. Focus now on:

    • Reviewing assurance findings from your limited assurance engagement and addressing any gaps.
    • Strengthening data collection processes for your second reporting cycle, especially around Scope 3 emissions and value chain metrics.
    • Starting to embed ESRS datapoints into internal management reporting, not just annual disclosure.

    Wave 2 — Preparing Now (FY 2025, Report in 2026)

    This is the critical preparation window. You should have already completed or be actively working on:

    • Double materiality assessment: This is the foundation of your entire CSRD report. If you have not completed this, it should be your immediate priority.
    • Gap analysis against the ESRS: Map your current sustainability data collection against the required disclosure requirements and datapoints.
    • Selecting reporting software: Manual spreadsheet-based approaches will not scale. Evaluate CSRD reporting software that can handle ESRS taxonomy tagging, data aggregation, and audit trails.
    • Governance alignment: Ensure your board and management body have defined roles and responsibilities for sustainability oversight, as required by ESRS 2.
    • Engaging your value chain: Begin requesting environmental and social data from key suppliers and customers now — do not wait until the reporting deadline is upon you.

    Wave 3 — Listed SMEs (FY 2026, Report in 2027)

    Although the Omnibus proposal may delay or remove your obligations, waiting carries risk. Practical steps for now:

    • Monitor the legislative progress of the Omnibus Simplification Package closely.
    • Conduct a preliminary materiality assessment, even if simplified.
    • Begin collecting baseline environmental data (energy consumption, emissions, waste) so you are not starting from scratch if and when reporting becomes mandatory.
    • Consider voluntary reporting as a competitive differentiator with investors.

    Wave 4 — Non-EU Companies (FY 2028, Report in 2029)

    You have more lead time, but the preparation effort is substantial:

    • Confirm whether your EU revenue exceeds the €150m threshold and identify which EU subsidiaries or branches will carry the reporting obligation.
    • Start aligning group-level sustainability data collection with ESRS requirements, even if your home jurisdiction uses a different framework.
    • Use the intervening years to run a pilot CSRD report — the complexity of consolidating cross-border data should not be underestimated.

    Whichever wave you fall into, choosing the right ESG reporting software early will significantly reduce the workload and risk of non-compliance.

    How Horizon ESG Helps You Meet Your CSRD Deadline

    At Horizon ESG, we work with sustainability teams, CFOs, and compliance officers to turn CSRD obligations into a structured, manageable process. Our platform is designed specifically for companies navigating the ESRS for the first time.

    • Double materiality assessment tooling that guides you through stakeholder engagement, impact identification, and financial risk scoring.
    • ESRS-aligned data collection with built-in disclosure requirement mapping, so you know exactly which datapoints you need and where the gaps are.
    • Automated XBRL/iXBRL tagging for digital submission in line with the ESEF regulation.
    • Audit-ready outputs with full data provenance and version control, ready for your limited assurance provider.

    Whether you are in Wave 1 refining your second report or in Wave 2 preparing your first, we can help you get there. Learn more about our CSRD solution or explore our reporting software.

  • ESRS Reporting: Complete Guide for 2026

    ESRS Reporting: Complete Guide for 2026

    What Are the European Sustainability Reporting Standards?

    The European Sustainability Reporting Standards, known as ESRS, are the mandatory disclosure standards that underpin the Corporate Sustainability Reporting Directive. Developed by EFRAG and adopted by the European Commission, these standards define exactly what information companies must disclose about their environmental, social, and governance performance. Understanding ESRS is essential for any organisation that falls within CSRD scope — and increasingly relevant for companies in global supply chains that need to provide data to their European partners.

    ESRS Structure: The Complete Framework

    The ESRS framework consists of twelve standards organised into three groups, plus two cross-cutting standards that apply to every reporting organisation.

    Cross-Cutting Standards

    ESRS 1 — General Requirements. Defines the architecture of the standards, including the concepts of double materiality, due diligence, and the reporting boundary. Every organisation subject to CSRD must understand and apply ESRS 1.

    ESRS 2 — General Disclosures. Requires all in-scope companies to disclose information about governance, strategy, impact and risk management, and metrics and targets. ESRS 2 disclosures are mandatory for every reporting entity regardless of materiality assessment results.

    Environmental Standards (E1 through E5)

    • E1 — Climate Change. Covers greenhouse gas emissions (Scope 1, 2, and 3), transition plans, climate-related risks and opportunities, and energy consumption. For most organisations, this is the most data-intensive standard.
    • E2 — Pollution. Addresses air, water, and soil pollution, including substances of concern and microplastics.
    • E3 — Water and Marine Resources. Covers water consumption, withdrawal, discharge, and impacts on marine ecosystems.
    • E4 — Biodiversity and Ecosystems. Addresses impacts on biodiversity, land use change, and ecosystem services.
    • E5 — Resource Use and Circular Economy. Covers material flows, waste management, and circular economy practices.

    Social Standards (S1 through S4)

    • S1 — Own Workforce. Covers employment practices, working conditions, diversity, health and safety, and labour rights for direct employees.
    • S2 — Workers in the Value Chain. Extends workforce disclosures to workers in the supply chain and downstream value chain.
    • S3 — Affected Communities. Addresses impacts on communities where the company operates or sources materials.
    • S4 — Consumers and End-Users. Covers product safety, data privacy, and responsible marketing practices.

    Governance Standard

    • G1 — Business Conduct. Covers corporate culture, anti-corruption, whistleblowing, political engagement, and payment practices.

    How Double Materiality Determines Your Scope

    Not every topical standard applies to every organisation. The ESRS framework uses double materiality to determine which standards and data points are material to your business. You must assess both impact materiality — your organisation’s actual or potential impacts on people and the environment — and financial materiality — how sustainability matters create risks or opportunities that affect your financial position.

    Standards and data points deemed non-material through a rigorous, documented assessment can be excluded from your report. However, ESRS 2 general disclosures and E1 climate change disclosures carry a rebuttable presumption of materiality, meaning you must provide a detailed explanation if you exclude them.

    Phased Adoption Timeline

    CSRD and ESRS are being implemented in waves:

    • 2025 reporting (FY 2024): Large public-interest entities already subject to the Non-Financial Reporting Directive.
    • 2026 reporting (FY 2025): Other large undertakings meeting two of three criteria — more than 250 employees, more than EUR 50 million turnover, or more than EUR 25 million total assets.
    • 2027 reporting (FY 2026): Listed SMEs, with an option to opt out for up to two additional years.
    • 2029 reporting (FY 2028): Non-EU companies with significant EU operations meeting specified thresholds.

    What Data Do You Need?

    The data requirements for ESRS reporting are extensive. At a minimum, organisations need to prepare the following:

    • Greenhouse gas emissions data across all three scopes with supporting activity data and emission factors.
    • Energy consumption broken down by renewable and non-renewable sources.
    • Workforce metrics including headcount, diversity breakdowns, training hours, and health and safety statistics.
    • Governance data covering board composition, sustainability oversight structures, and business conduct policies.
    • Policies, targets, and action plans for each material topic.
    • Financial effects of sustainability risks and opportunities.

    How Software Helps with ESRS Compliance

    Managing over one thousand data points across twelve standards in spreadsheets is a recipe for errors, missed deadlines, and audit failures. Dedicated CSRD reporting software addresses these challenges by providing structured data collection workflows mapped to each ESRS standard, automated emission calculations with up-to-date factor databases, materiality assessment tools that determine your reporting scope, progress dashboards that show completion status across all standards, assurance-ready audit trails for every data point, and report generation in the required European Single Electronic Format.

    The right ESG reporting software does not just make compliance possible — it makes it efficient, reducing the cost and effort of annual reporting while improving data quality and stakeholder confidence.

    Preparing Your Organisation

    Start with these practical steps:

    1. Determine your reporting timeline. Identify which wave of CSRD applies to your organisation and work backwards to set internal milestones.
    2. Conduct a gap analysis. Compare your current data collection and reporting processes against ESRS requirements to identify what you already have and what you need.
    3. Complete your double materiality assessment. This determines the scope of your report and should involve internal and external stakeholders.
    4. Select your technology platform. Choose software that covers all applicable ESRS standards and integrates with your data sources.
    5. Build your data collection network. Identify data owners across the organisation and establish collection workflows and timelines.
    6. Engage your auditor early. Discuss your reporting approach and data management processes with your assurance provider before the reporting deadline.

    Related reading: CSRD Software Comparison and Automated ESG Reporting with AI.

    Start Your ESRS Reporting Journey

    ESRS reporting is a significant undertaking, but with the right preparation and tools, it is entirely manageable. Horizon ESG provides purpose-built software for ESRS compliance, covering every standard from E1 through G1 with structured workflows, automated calculations, and assurance-ready documentation. Book a demo to see how we can help your organisation meet its CSRD obligations with confidence.

  • CSRD Software Comparison: What to Look For

    CSRD Software Comparison: What to Look For

    Why CSRD Software Selection Matters Now

    The Corporate Sustainability Reporting Directive is reshaping how European and international companies disclose sustainability information. With the first wave of reporting obligations already underway and subsequent waves bringing thousands more companies into scope, choosing the right CSRD software is one of the most consequential technology decisions your organisation will make in 2026.

    This guide provides a structured framework for comparing CSRD software options based on the capabilities that genuinely matter for compliance, efficiency, and long-term value.

    Core Capabilities Every CSRD Platform Needs

    Full ESRS Coverage

    The European Sustainability Reporting Standards are the backbone of CSRD compliance. Your software must cover all twelve standards — the cross-cutting standards (ESRS 1 and ESRS 2) as well as the topical standards spanning environmental (E1 through E5), social (S1 through S4), and governance (G1). Partial coverage creates gaps that auditors will flag. Review our detailed breakdown of CSRD requirements to understand the full scope of what your software must address.

    Double Materiality Assessment Support

    CSRD requires organisations to conduct a double materiality assessment — evaluating both financial materiality (how sustainability issues affect the business) and impact materiality (how the business affects people and the environment). The best platforms provide structured workflows for stakeholder engagement, materiality mapping, and threshold setting, rather than leaving you to manage this critical process in standalone documents.

    Data Point Management

    CSRD reporting involves over one thousand individual data points. Your software should map each data point to the relevant ESRS standard, track completion status, assign ownership to data contributors across the organisation, and flag mandatory versus voluntary disclosures based on your materiality results. Without this granular management layer, teams lose track of requirements and deadlines.

    Feature Comparison Framework

    When evaluating multiple platforms, use this framework to score each option consistently:

    1. Regulatory Intelligence

    How quickly does the platform incorporate regulatory updates? ESRS standards are still evolving, with sector-specific standards and SME standards in development. Platforms that maintain a dedicated regulatory team and push updates automatically score highest in this category.

    2. Workflow and Collaboration

    CSRD reporting involves dozens of contributors across departments. Evaluate task assignment, approval workflows, role-based access controls, and notification systems. The platform should make it easy for non-sustainability staff to contribute data without extensive training.

    3. Assurance Readiness

    Limited assurance is already required, with reasonable assurance on the horizon. Your software must maintain a complete audit trail — every data entry, edit, approval, and source document should be logged with timestamps and user attribution. Some platforms offer auditor portals that give external assurance providers direct read-only access, significantly reducing audit preparation time.

    4. Integration Capabilities

    CSRD data comes from ERP systems, HR platforms, energy management tools, procurement databases, and more. Evaluate the breadth and depth of available integrations, API flexibility, and whether the vendor supports custom connectors for proprietary systems.

    5. Reporting Output

    The platform should generate XHTML-tagged reports compatible with the European Single Electronic Format. Evaluate the quality of narrative templates, data visualisations, and the ability to export reports in multiple formats for different audiences — regulators, investors, and internal stakeholders.

    What Separates Good CSRD Software from Great

    Good software checks the compliance boxes. Great software accelerates your entire sustainability programme. Look for platforms that connect CSRD reporting to operational improvement — using the data you collect not just for disclosure but for identifying reduction opportunities, benchmarking performance, and supporting strategic decisions.

    Dedicated CSRD reporting software should also handle the transition from voluntary to mandatory reporting gracefully, allowing organisations that previously reported under GRI or TCFD to map existing data to ESRS requirements without starting from scratch.

    Evaluation Process Best Practices

    • Define your scope first. Know which ESRS standards apply based on your materiality assessment before evaluating software.
    • Involve IT early. Integration requirements and security reviews take time — start these conversations during the evaluation, not after selection.
    • Request a proof of concept. Load real data into the platform and test end-to-end workflows for at least one reporting topic.
    • Check the vendor roadmap. Ask about plans for sector-specific ESRS standards, AI capabilities, and assurance features.
    • Talk to existing customers. References from organisations with similar complexity and reporting obligations are invaluable.

    Timeline Considerations

    Implementation timelines for CSRD software typically range from six to sixteen weeks depending on organisational complexity, data source integration, and internal readiness. Start your evaluation at least six months before your first reporting deadline to allow for selection, implementation, data migration, and team training.

    Related reading: How to Choose ESG Reporting Software, ESRS Reporting Guide, and Automated ESG Reporting with AI.

    Take the Next Step

    Choosing CSRD software is a decision that will shape your compliance programme for years. Make it with clarity. Book a demo of Horizon ESG to see how our platform delivers full ESRS coverage, double materiality support, assurance-ready audit trails, and seamless integration — purpose-built for CSRD compliance.

  • CSRD for Medium-Sized Businesses: 2026 Guide

    CSRD for Medium-Sized Businesses: 2026 Guide

    If you are running or advising a medium-sized business based in the UK or EU, you may be asking: Are we affected by CSRD? When do we need to start preparing? What if we are not directly reporting, but our clients are?

    As of 2026, the Corporate Sustainability Reporting Directive (CSRD) is reshaping how sustainability data flows through the entire European business ecosystem. Even with shifting deadlines and ongoing exemptions, medium-sized businesses are already feeling the impact.

    This guide is for business owners, CFOs, operations leads and sustainability managers who want clear answers and practical next steps — without getting lost in regulatory language.

    Who Needs to Report Under CSRD — and When?

    Here is a simple breakdown of the current timeline:

    • Large EU companies and those listed on EU-regulated markets began reporting in 2025.
    • Listed medium-sized companies (SMEs) were originally required to start reporting in 2027 (based on FY2026), though recent EU proposals may exempt many entirely or push obligations to 2029.
    • Non-listed medium-sized companies are not directly in scope, but many are indirectly affected through their roles in the supply chains of larger reporting entities.

    Bottom line: Even if you are not mandated to publish a CSRD report yet, your customers or investors might already be asking you for sustainability data.

    And if you are UK-based? You are not subject to CSRD directly, but if you have EU subsidiaries, clients or investment relationships, expect similar expectations and data requests.

    Why Medium-Sized Businesses Cannot Afford to Wait

    You may not have to publish a report in 2026, but that does not mean you are off the hook. CSRD requires large companies to report ESG data across their entire value chain — and that includes you.

    If your business provides products or services to CSRD-regulated companies, they will need data from you to meet their obligations. Already in 2025:

    • Over 60% of mid-size EU suppliers were asked to provide ESG metrics aligned with CSRD.
    • Sustainability questionnaires are now being embedded into procurement and vendor onboarding processes.

    Whether you are in manufacturing, logistics, B2B services or technology — if you are in the value chain, you are in the frame.

    What You Should Be Doing in 2026

    The biggest risk for medium-sized businesses is waiting too long to prepare. Here is how to start:

    1. Assess Your Status

    • Are you listed in the EU?
    • Do you operate in EU countries or serve EU-headquartered clients?
    • Are you receiving ESG data requests from customers or investors?

    2. Evaluate Your Current Data

    • Do you know your Scope 1 and 2 emissions?
    • Do you have any supplier data for Scope 3?
    • Are you tracking employee data such as diversity, turnover and training?
    • Do you have policies in place on governance, anti-bribery and sustainability?

    3. Talk to Key Stakeholders

    • What are your top customers or investors asking for?
    • Are banks or lenders requesting ESG disclosures?

    4. Outline a Simple CSRD Roadmap

    • Begin with a materiality assessment.
    • Identify your key data gaps.
    • Assign responsibility internally — even if it is just one person coordinating efforts.

    This Is Not Just About Regulation — It Is Strategy

    Many companies start CSRD preparation because they feel they have to. But the businesses that benefit the most see it as an opportunity:

    • Stronger customer relationships: Show key clients that you are reliable and future-ready.
    • Competitive advantage: Meet ESG expectations ahead of competitors.
    • Operational clarity: Build a clearer view of your business’s risks and impacts.
    • Future-proofing: Position your company to respond to future UK or EU regulatory shifts.

    By investing early — even with simple steps — you reduce risk, avoid late-stage panic and gain control over your sustainability narrative.

    Where to Start Today

    If you have read this far, you are likely looking for practical guidance. We recommend starting with:

    • A 60-minute materiality workshop to define what matters most for your business.
    • A data gap assessment — what you already track, what you will need and what can wait.
    • A client-focused strategy — identifying who will be asking you for data and when.

    The rules may still evolve, but the direction of travel is clear. Whether you are in scope today or not until 2028, your customers and partners will expect CSRD-aligned data soon.

    Final Takeaway

    Sustainability reporting is not just for the big players anymore. If you are a medium-sized company in Europe or the UK, now is the time to take small, smart steps. Do not wait for a formal obligation to start preparing. Start with what you can control — clarity, data and planning.

    Get Your Free CSRD Readiness Check

    Horizon ESG helps medium-sized businesses build tailored, low-friction sustainability reporting strategies aligned with CSRD and other frameworks. Book a free CSRD readiness check — no fluff, just clear next steps.

  • Double Materiality Under CSRD: What Teams Get Wrong

    Double Materiality Under CSRD: What Teams Get Wrong

    When most teams reach the double materiality stage, there is often a sense of relief. “Good. We’ll run a workshop, score the topics, build the matrix and move on.” On paper, it sounds manageable — and technically, it is. That is, until you start asking one or two slightly deeper questions. That is usually where the pause happens.

    What Double Materiality Actually Asks

    Stripped back, double materiality asks two questions:

    1. Financial materiality: Which sustainability issues could affect your financial performance?
    2. Impact materiality: Which environmental or social impacts from your business are significant enough to matter externally?

    Those questions sound simple. However, answering them properly is not, because you are no longer just discussing themes — you are making governance decisions about:

    • Risk exposure
    • Time horizons
    • Financial resilience
    • Operational impact
    • Stakeholder expectations

    And once something is declared “material,” it drives disclosure, KPIs, targets and reporting effort — and becomes embedded in your governance.

    Where It Starts to Feel Less Straightforward

    Here is what we commonly see. A workshop is held. A long list of topics is brainstormed. Participants score them. A matrix is produced.

    Then someone asks:

    “How did we define the scoring scale? Why was that threshold chosen? Did finance validate the financial risk dimension? How are stakeholder views evidenced?”

    Silence at this stage is normal — not because the team did not think carefully, but because the structure was not designed with scrutiny in mind. Double materiality is not just about reaching a conclusion; it is about being able to calmly explain how you reached it.

    What Assurance Providers Typically Look For

    This is where organisations often underestimate the rigour required. Assurance providers will not just look at the matrix. They will typically examine:

    • The methodology behind the scoring
    • How financial materiality links to enterprise risk
    • Whether thresholds were predefined or adjusted afterwards
    • How stakeholder input was captured and weighted
    • Why certain topics were excluded

    They are testing consistency, not perfection. If your methodology is clearly documented and traceable, conversations are straightforward. If documentation is fragmented, the process becomes uncomfortable.

    Weaker vs. Stronger Approaches: A Practical Comparison

    A weaker approach often looks like:

    • Scoring criteria defined during the workshop
    • Financial risk discussed but not clearly linked to financial planning
    • Stakeholder engagement informal or undocumented
    • Rationale captured in slide notes
    • Version history unclear

    A stronger approach looks like:

    • Predefined and documented scoring scales
    • Clear separation of impact and financial risk dimensions
    • Financial risk aligned with existing risk registers
    • Stakeholder groups formally identified and input recorded
    • Thresholds agreed before scoring
    • Decisions and exclusions documented in a central system
    • Version control and audit trail maintained

    Notice: the difference is not complexity — it is structure.

    Why Finance Must Be Involved Early

    Double materiality directly influences:

    • What risks are disclosed
    • What metrics are tracked
    • What investments are prioritised
    • How transition risks are communicated

    If financial materiality is scored without finance input, alignment gaps can appear later. For example: if climate transition risk is declared material, but financial planning does not reflect that exposure, leadership conversations become misaligned.

    When finance is involved early, double materiality becomes integrated rather than layered on top. That is when it feels strategic instead of procedural.

    Real-World Example: From Clear Matrix to Defensible Process

    One organisation we worked with had already completed their double materiality assessment internally. The matrix looked clear, but when they began preparing their CSRD disclosures, several issues emerged:

    • Financial risk scores were not explicitly linked to the company’s risk register.
    • Stakeholder engagement had taken place, but there was no formal record of weighting decisions.
    • Threshold levels had been adjusted after scoring discussions, but that change was not documented.

    Nothing was fundamentally wrong, but it was not defensible enough. Rather than redo the entire process, they focused on strengthening structure:

    • Clarifying and documenting scoring methodology
    • Linking financial risks directly to enterprise risk documentation
    • Recording stakeholder categories and input formally
    • Storing decisions and rationales in a single central environment

    The outcome was not a different matrix — it was greater confidence in explaining it.

    How Horizon ESG Makes Double Materiality Easier

    Double materiality becomes difficult not because leaders lack judgement — it becomes difficult because coordination and documentation are fragmented. Horizon ESG’s platform is designed to bring structure to this process, enabling organisations to:

    • Define and standardise scoring criteria before assessment begins
    • Separate financial and impact dimensions clearly
    • Capture stakeholder input within a structured framework
    • Link financial materiality directly to risk registers and reporting workflows
    • Document assumptions and threshold decisions
    • Maintain version control and a clear audit trail
    • Align material topics directly to CSRD and ESRS disclosures

    Instead of relying on slide decks and shared folders, decisions are captured in one secure, structured environment — so leadership can focus on conversations and documentation becomes robust.

    The Strategic Value of Getting It Right

    When double materiality is done well, it does more than satisfy regulation. It can:

    • Highlight emerging supply chain vulnerabilities
    • Reveal transition risks earlier
    • Clarify where capital allocation needs to adapt
    • Improve investor discussions
    • Align sustainability and finance in practical terms

    It becomes a lens for risk and resilience, not just compliance.

    Double materiality is not meant to complicate things. It is meant to create clarity about what truly matters. The key is not rushing to produce a matrix — it is designing the structure behind it.

    With a clear methodology and the right systems in place, double materiality becomes a calm governance exercise rather than a stressful reporting milestone.

    Bring Structure to Your Double Materiality Process

    If you want to bring structure and clarity to your double materiality process before reporting pressure builds, explore how Horizon ESG’s platform can help your team move forward with confidence. Book a free demo today.

  • CSRD Governance: Why Alignment Matters More Than Reporting

    CSRD Governance: Why Alignment Matters More Than Reporting

    When leadership teams first hear about CSRD, the natural question is usually very practical: “What exactly do we need to report?” It is a completely reasonable place to start.

    However, after a few internal discussions, something else often becomes apparent. The challenge is rarely the reporting template itself. Instead, it is about how connected the organisation truly is beneath the surface.

    CSRD does not simply require more disclosure. It asks organisations to demonstrate clarity around ownership, process and reasoning. It prompts questions such as:

    • Who owns this data?
    • How is it reviewed?
    • How do we know it is accurate?
    • Why have we decided that this issue is material?
    • Could we confidently explain and evidence that decision if challenged?

    This is the point where the conversation shifts. What initially appeared to be a reporting exercise becomes something broader — a question of governance and alignment.

    Why CSRD Often Feels More Complex Than Expected

    Many organisations initially assume that CSRD will sit neatly within the sustainability function. In reality, it touches multiple areas of the business. Finance, risk, operations, procurement, HR and strategy all become involved — not because the regulation explicitly assigns responsibility to each function, but because the data and decisions it relies on already sit across those teams.

    • Carbon data may sit within operations.
    • Supplier risk may sit within procurement.
    • Policies often sit within HR.
    • Financial exposure and risk assessment naturally sit within finance.

    When those areas already work closely together, CSRD feels structured and manageable. When they operate in silos, the process can quickly feel fragmented.

    “We have the data, we just need to bring it together.”

    “We can tidy this up before submission.”

    We hear these comments frequently. However, once teams begin mapping how information flows between departments, additional questions tend to arise:

    • Is this data consistently reviewed?
    • Is there a defined approval process?
    • Are we relying on spreadsheets being shared between teams?
    • If we were asked to show the audit trail, could we do so easily?

    None of this suggests that something is wrong. It simply highlights how connected — or disconnected — governance processes may be in practice.

    Double Materiality, Explained Clearly

    Double materiality can sound technical, but the core questions are straightforward:

    1. Financial materiality: Where could sustainability issues affect the organisation’s financial performance?
    2. Impact materiality: Where could the organisation’s activities create environmental or social impacts that carry regulatory, reputational or strategic risk?

    Answering these questions requires more than discussion. It requires structure:

    • A clear methodology must be defined.
    • Scoring criteria should be agreed in advance.
    • Stakeholder input should be captured and recorded.
    • The rationale behind decisions should be documented.

    When these elements are scattered across workshop slides, emails and notes, leadership confidence can weaken. When they are centralised and structured, the process becomes far more controlled and transparent.

    What We Are Hearing From Businesses

    Across many mid-sized organisations, we are hearing similar themes. Teams have already invested time in running materiality workshops. Thoughtful discussions have taken place. Matrices have been created. The work itself is often strong.

    However, as reporting deadlines approach, the tone of conversation shifts:

    “Did we define our scoring criteria clearly enough?”

    “How did we link this financial risk to our enterprise risk register?”

    “If we were challenged on why we excluded this topic, could we explain it confidently?”

    These concerns are not about knowledge or capability. They are about coordination and documentation. The underlying analysis is often sound. What is missing is a structured, traceable framework that brings it all together.

    How Horizon ESG Brings Clarity and Structure

    At Horizon ESG, we focus on bringing clarity and structure to processes that often feel scattered. Our platform is designed to support organisations in:

    • Centralising ESG and carbon data within a secure environment
    • Automating data collection and validation through AI-driven processes, reducing manual effort and inconsistency
    • Creating a clear audit trail behind each data point and decision
    • Applying consistent scoring criteria across materiality assessments
    • Recording stakeholder input formally
    • Linking financial materiality directly to existing risk registers and governance workflows

    Instead of relying on separate files and memory, organisations work within one structured system. Instead of revisiting workshop notes to reconstruct decisions, leadership teams can access documented rationale and version history in real time.

    The effect is not just operational efficiency. It is increased confidence. Teams move from asking, “Are we sure?” to being able to say, “Yes, we can show how we reached that conclusion.”

    This Is Not Just Relevant to Large Corporations

    CSRD is often associated with large multinational organisations, but its impact is not limited by size. If your organisation operates across multiple departments, reports externally, supplies into larger EU businesses, tracks sustainability metrics or expects some level of assurance — governance clarity becomes important.

    CSRD simply accelerates that requirement. The encouraging reality is that this does not require building entirely new structures from scratch. In most cases, the information already exists. What is needed is structure, coordination and visibility.

    CSRD can be approached as another compliance obligation. Alternatively, it can be used as an opportunity to:

    • Strengthen internal alignment
    • Improve risk visibility
    • Increase Board confidence
    • Enhance investor credibility

    Most organisations do not struggle with sustainability ambition. They struggle with coordination. CSRD does not test values. It tests how clearly data, decisions and governance connect across the organisation.

    With the right structure in place, that connection becomes manageable. With the right tools, it becomes sustainable.

    Ready to Strengthen Your CSRD Governance?

    If you want to move from scattered processes to structured, auditable ESG governance, Horizon ESG can help. Book a free demo and see how our platform brings clarity to CSRD reporting, materiality assessments and stakeholder alignment.

  • CSRD 2026: What Companies Must Do Now

    CSRD 2026: What Companies Must Do Now

    CSRD – the challenge for reporting

    If you’re running or advising a medium-sized business based in the UK or EU, you may be asking:

    • Are we affected by CSRD?
    • When do we need to start preparing?
    • What if we’re not directly reporting, but our clients are?

    As of 2026, the Corporate Sustainability Reporting Directive (CSRD) is reshaping how sustainability data flows through the entire European business ecosystem. Even with shifting deadlines and ongoing exemptions, medium-sized businesses are already feeling the impact.

    This article is for business owners, CFOs, operations leads, and sustainability managers who want clear answers and next steps without getting lost in regulatory language.

    Who needs to report under CSRD and when?

    Here’s a simple breakdown:

    • Large companies in the EU or listed on EU-regulated markets began reporting in 2025.
    • Listed medium-sized companies (SMEs) were originally required to start reporting in 2027 (based on FY2026), though recent EU proposals may exempt many entirely or push obligations to 2029.
    • Non-listed medium-sized companies are not directly in scope, but many are indirectly affected by their roles in the supply chains of larger reporting entities.

    Bottom line: Even if you’re not mandated to publish a CSRD report yet, your customers or investors might already be asking you for sustainability data.

    And if you’re UK-based? You’re not subject to CSRD directly, but if you have EU subsidiaries, clients, or investment relationships, expect similar expectations and requests.

     

    Why Medium-Sized Businesses can’t wait

    You may not have to publish a report in 2026, but that doesn’t mean you’re off the hook.

    CSRD requires large companies to report ESG data across their entire value chain and that includes you.

    If your business provides products or services to CSRD-regulated companies, they will need data from you to meet their obligations.

    Already in 2025:

    • Over 60% of mid-size EU suppliers were asked to provide ESG metrics aligned with CSRD.
    • Sustainability questionnaires are now being baked into procurement and vendor onboarding processes.

    So whether you’re in manufacturing, logistics, B2B services, or tech, if you’re in the value chain, you’re in the frame.

     

    What you should be doing in 2026

    The biggest risk for medium-sized businesses is waiting too long to prepare. Here’s how to start:

    1. Assess your status
    2. Are you listed in the EU?
    3. Do you operate in EU countries or serve EU-headquartered clients?
    4. Are you receiving ESG data requests?
    5. Evaluate your current data
    • Do you know your Scope 1 and 2 emissions? Any supplier data for Scope 3?
    • Are you tracking employee data like diversity, turnover, and training?
    • Do you have policies in place on topics like governance, anti-bribery, or sustainability?
    1. Talk to key stakeholders
    • What are your top customers or investors asking for?
    • Are banks or lenders requesting ESG disclosures?
    1. Outline a simple CSRD roadmap
    • Begin with a materiality assessment.
    • Identify your key data gaps.
    • Assign responsibility internally, even if it’s just one person coordinating efforts.
     

    This isn’t just about regulation – It’s Strategy

    Many companies start CSRD preparation because they feel they have to. But the businesses that benefit the most see it as an opportunity:

    • Stronger customer relationships: Show key clients that you’re reliable and future-ready.
    • Competitive advantage: Meet ESG expectations ahead of competitors.
    • Operational clarity: Build a clearer view of your business’s risks and impacts.
    • Future-proofing: Position your company to respond to future UK or EU regulatory shifts.

    By investing early — even with simple steps you reduce risk, avoid late-stage panic, and gain control over your sustainability narrative.

     

    Where to start today

    If you’ve read this far, you’re likely looking for practical guidance. We recommend starting with:

    • A 60-minute materiality workshop to define what matters most for your business.
    • A data gap check – what you already track, what you’ll need, and what can wait.
    • A client-focused strategy – identifying who will be asking you for data and when.

    The rules may still evolve, but the direction of travel is clear. Whether you’re in scope today or not until 2028, your customers and partners will expect CSRD-aligned data soon.

     

    Final Takeaway

    Sustainability reporting isn’t just for the big players anymore. If you’re a medium-sized company in Europe or the UK, now is the time to take small, smart steps.

    Don’t wait for a formal obligation to start preparing. Start with what you can control — clarity, data, and planning.

     

    Horizon ESG helps medium-sized businesses build tailored, low-friction sustainability reporting strategies aligned with CSRD and other frameworks. Get in touch for a free CSRD readiness check, no fluff, just clear next steps.


    Book a free CSRD readiness check

     

Book Your Free Demo