Status of CSRD transposition into national law? Not good

The deadline has passed but most EU member states are still at the draft stage – or worse

The deadline for transposing the Corporate Sustainability Reporting Directive (CSRD) into national law was July 6th. But that deadline does not seem to concern most EU member states. Only a few have completed the legislative process.

In fact, most EU states are stuck in the drafting stage with some holding out in preliminary internal consultations. Incredibly, this includes five of the six founding members of the EU, France being the notable exception.

Gold stars for transposing the Directive on time also go to the Czech Republic, Denmark, Romania, Slovakia, Ireland and Sweden. Demerits go especially to four of the five largest EU economies by GDP: Germany, Italy, Spain and the Netherlands.

According to Andreas Rasche, who looked at the EU’s analysis of transposition delays, the average delay stands at 18.3 months (which is an all-time high). That does not bode well for the pace of CSRD transposition.

Rasche stats about which EU countries transposed CSRD into law are telling:’

9 countries transposed
2 countries partially
1 legislation pending
13 draft/consultation
5 no development

The EU sees CSRD as an important part of delivering its European Green Deal – an ambitious effort whose ultimate goal is a carbon-neutral Europe. CSRD is putting sustainability reporting “on the map” so it becomes an issue of significance for companies. It defines – for the first time – a common reporting framework for non-financial data, encompassing not just climate change but broader Environmental, Social and Governance (ESG) metrics.

CSRD will dramatically increase the number of businesses that are subject to mandatory ESG disclosures from 15,000 to over 50,000. It will also impact non-EU companies, called third-country companies, that have substantial activity in the EU.

But this delay could have implications for the Directive by presenting serious challenges for companies who need to comply starting next year. It’s unclear what the European Commission will do to lagging countries. The political landscape across the EU is complicated and is likely contributing to these delays. The Commission can open an “infringement procedure” but it remains unclear whether it will initiate that process.

Want to learn more about the political makeup of the countries who are transposing the CSRD into nation law?

Download Guide to CSRD in the EU

Want to learn more about CSRD?

Download Guide to CSRD

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”