EU’s Regulatory Retreat? The Omnibus Package’s Impact on Sustainability Reporting

The past few years have seen concerted efforts — both domestically and globally — advancing the reporting and disclosure of various climate- and sustainability-related metrics by businesses and investors. One of the most notable efforts is the European Union’s Corporate Sustainability Reporting Directive (CSRD), which requires companies to disclose the impact of their activities upon the environment through the reporting of various ESG metrics, including greenhouse gas emissions (GHG). The CSRD is often partnered with the Corporate Sustainability Due Diligence Directive (CSDDD), another regime that creates further reporting requirements for companies with respect to their operations and global value chains.

The EU has moved forward with partial approval of changes to its sustainability reporting frameworks, specifically extending implementation deadlines while broader reforms remain under consideration.

In February 2025, the European Commission proposed a comprehensive “omnibus package” to address widespread concerns about the complexity and reach of its sustainability regulations. This package included two key components: timeline extensions and substantive reforms to the reporting requirements.

The timeline portion, known as the “stop-the-clock” directive, approved in March, postpones the CSRD for new companies by two years and delays CSDDD by one year. The European Parliament subsequently voted to approve these postponements on April 3, 2025, returning the proposal to the European Council for final formalization.

However, the substantive portions of the omnibus package, which would significantly change reporting thresholds, reduce regulatory scope and decrease required data points, remain under consideration and subject to further negotiations within EU governance bodies.

Companies potentially affected by these regulations should note the extended timelines while continuing to prepare for compliance, as the final scope and requirements remain under development.

Opinion

Sustainability Belongs Everywhere

by Alekhya Reddy

April 2, 2025

Climate-related compliance extends beyond reporting mandates to address strategic business continuity challenges

Read moreDetails

The CSRD

The CSRD entered in force in 2023, with a deadline for transposition into national law by each EU member state of July 6, 2024. Although some countries missed that deadline, for the most part, the current text of the CSRD has now been implemented in most member states. To that end, many US companies subject to the CSRD have already begun preparations for compliance. However, the proposed changes introduce some uncertainty as to scope, applicability and reporting obligations.

Reporting thresholds

The omnibus package proposes to raise the reporting thresholds of the CSRD, which could result in many US-based companies no longer finding themselves within the scope of the directive. In fact, the drafters of the omnibus package expect that it would reduce the number of undertakings currently subject to the CSRD’s reporting requirements by about 80%.

Many US-based multinational companies find themselves currently phased into the CSRD based on one of two coverage categories: as a large undertaking or as a non-EU parent (also known as a third-country undertaking). The omnibus package would change the thresholds for these categories as follows:

Large undertakings

Current (meeting two of the following)

• Turnover over €50 million
• Balance sheet above €25 million
• More than 250 employees

Omnibus revision (EU entities with 1,000 employees and either)

• Turnover over €50 million 
• Balance sheet above €25 million

Third-country undertakings

Current (Any entities with net EU turnover of at least €150 million and either)

• A subsidiary in the EU within scope of CSRD
• An EU branch with turnover of at least €40 million

Omnibus revision (Any entities with net EU turnover of at least €450 million and either)

• An EU subsidiary that qualifies as a large undertaking
• An EU branch with turnover of at least €50 million

Other changes

In addition to the paring back of companies subject to CSRD reporting, the package also proposes adjusting the timeline for compliance with the directive’s reporting requirements. “Wave II” entities, which include large undertakings, are currently expected to submit reports beginning in 2026, reporting on Fiscal Year 2025 activities. The package proposes pushing back the Wave II requirements two years to begin with reports on Fiscal Year 2027, which would be due beginning in 2028. Companies meeting the qualifications for large undertakings should note the significantly extended window of time afforded to get into compliance with CSRD requirements.

The omnibus package would also affect the scope of data reporting along supply chains. As it stands, the CSRD requires companies to seek data from all stakeholders that are up- and downstream of their value chains for reporting. The omnibus package proposes limiting value chain reporting only to sizable suppliers — those with at least 1,000 employees. Beyond this, covered entities are encouraged to seek information already disclosed in certain voluntary reporting standards, as well as any sustainability information that is commonly shared in the relevant business sector.

The CSRD also sought to utilize all European Sustainability Reporting Standards (ESRS) in its framework requirements. The ESRS have already developed extensive, uniform reporting standards to apply across the EU, and initially intended to develop mandatory, sector-specific reporting standards in the future for utilization in the CSRD. The omnibus package proposes to end the incorporation of sector-specific standards into the CSRD and further reduce the number of mandatory data points required in uniform ESRS disclosures. These changes would reduce the regulatory burden on covered entities and eliminate the uncertainty created by the looming development of additional sector-specific standards.

Double materiality remains

The most noteworthy aspect of the CSRD that is not touched by the omnibus package is the double materiality standard. Covered entities would still be required to report both on the potential financial impacts they face from sustainability matters as well as the outward impacts of their business on stakeholders, including communities and the planet. There are also minimal changes proposed to the assurance requirements on CSRD reports. The current CSRD requires covered entities to obtain limited assurance on their reports, with plans to transition to a reasonable assurance standard in the future. 

The omnibus package proposes retaining the limited assurance standard indefinitely. These consistencies should inform covered entities to continue to pursue double materiality assessments in anticipation of the CSRD rollout, even if timelines are deferred and the scope of reporting is pared back.

The double materiality standard poses particular challenges for US companies as the focus on external stakeholder impacts is seemingly at odds with traditional notions of financial materiality commonly seen in US securities reporting contexts.

CSDDD

While the CSRD focuses on requiring entities to report information about sustainability risks and impacts, the CSDDD is meant to encourage companies to implement due diligence procedures within their own business activities to mitigate risks along their supply chains. The CSDDD is narrower in scope with regard to the entities it applies to — already focusing solely on larger companies — but requires a deeper analysis into covered businesses, as it lacks a materiality threshold like the CSRD.

Timelines

The CSDDD entered into force July 25, 2024, with EU member states obliged to transpose it into national law within two years. The earliest compliance date for the current CSDDD is July 26, 2027 (applying to its large company subcategory). However, the omnibus package proposes extending this application date by one year. This would compress the CSDDD’s phase-in to two application waves, as follows:

• Wave 1: EU entities with at least 3,000 employees and greater than €900 million in worldwide net turnover, as well as non-EU entities with EU net turnover greater than €900 million, are covered by CSDDD beginning July 2028. Their first reports, covering FY2029 activities, are due in 2030.
• Wave 2: EU entities with at least 1,000 employees and greater than €450 million in worldwide net turnover, as well as non-EU entities with EU net turnover greater than €450 million, are covered by CSDDD beginning July 2029. Their first reports, covering FY2030 activities, are due in 2031.

This change simplifies the phase-in schedule of the CSDDD and provides some additional time for large corporations to prepare for compliance with the directive.

Other changes

Like the CSRD, the omnibus package proposes limiting value chain reporting obligations for the CSDDD. Currently, covered entities must perform in-depth risk assessments on all of their business partners; the omnibus package proposes limiting the scope of assessment to direct suppliers only. There are also proposals to reduce the frequency of required supplier monitoring reports from the current annual basis to a five-year basis. These changes would reduce the data collection burden on covered companies, particularly in situations where the data may be difficult to access due to a distant relation through the value chain.

The package would also ease the CSDDD’s requirement that entities adopt climate transition plans aligned with the Paris Agreement. Instead of requiring companies to “put [the plans] into effect,” the companies would be asked to outline “implementing actions” that aim to achieve the goals of their plans. This offers companies more breathing room in the commitments included in their climate transition plans but may reduce the “teeth” of plans to enforce change in business activities.

If covered entities fail to conduct the required due diligence, the current CSDDD imposes a uniform scheme for civil liability and mandates that any administrative penalties issued must be set at no less than 5% of the violating company’s worldwide turnover. The omnibus package proposes removing the 5% floor for penalty amounts and dismantling several of the CSDDD’s harmonizing features for civil liability, allowing for member states to develop their own structures for addressing violations. These changes would create an enforcement structure that is less uniform across the EU, but potentially more flexible in meeting the needs of individual member states.

Other frameworks

Taxonomy reporting

Previously, all entities covered by the CSRD were to include EU Taxonomy disclosures with their CSRD reporting. The omnibus package proposes that only companies with more than 1,000 employees and a net EU turnover of more than €450 million will be required to report their alignment with the Taxonomy. The omnibus package further proposes a streamlining of Taxonomy reporting requirements, including reducing required data points by close to 70% and creating a materiality exemption from alignment reporting for activities that involve less than 10% of the firm’s total EU turnover, capital expenditures or assets.

The omnibus package also proposes removing mandatory Taxonomy reporting for companies with more than 1,000 employees but an EU net turnover less than €450 million and instead encouraging voluntary reporting for these entities. Voluntary reporting is also recommended for companies seeking to claim full or partial alignment with Taxonomy requirements. By lightening the burden of required reporting and adding a voluntary option for a wider range of entities, the omnibus package proposal may change the EU Taxonomy from a burden to a tool for companies who seek to highlight the sustainability of their business activities.

Carbon Border Adjustment Mechanism

The omnibus package also proposed several changes affecting the EU’s CBAM regulation, beginning with changes in its application timeline. Rollout of requiring CBAM certificates for covered goods would be delayed from 2026 to February 2027, while the schedule for filing annual CBAM declarations would be pushed back from May 31 to Aug. 31. The omnibus package also suggests changes in the scope of CBAM, broadening the existing de minimis exemption to apply to all imported goods with an annual net mass of less than 50 tons. This change is in line with the omnibus package’s consistent theme of focusing on larger companies and would exclude many smaller entities from CBAM coverage.

The omnibus package also proposes relaxing specifications on the method of emissions calculation: whereas the current CBAM allows the use of standard values in place of actual emissions data only under limited circumstances, the omnibus package proposes allowing standard values by default. There are also certain sector-specific adjustments to these calculations; for example, entities engaged in electricity importation will now only have to consider carbon dioxide in performing CBAM emissions calculations. Additionally, whereas the current CBAM requires covered entities to directly submit their required reports, the omnibus package proposes allowing the entities to authorize third-party services as declarants that can submit reports on their behalf (though the covered entities, not the third parties, remain liable for these reports).

Finally, the omnibus package would modify how the CBAM incorporates carbon prices paid by covered entities in other countries. Under the proposal, the European Commission would develop a simplified scheme for declarants to adjust their CBAM certificate obligations by accounting for carbon prices paid in third-party countries. By harmonizing CBAM with other carbon pricing schemes, the omnibus package could reduce the net compliance burden on companies while enforcing emissions accountability in a more unified and effective manner.

What does this mean for US-based companies?

The US sustainability landscape remains dynamic, and, to that end, legislation has recently been proposed to formally curtail the effects of EU regulations on US companies. On March 12, the PROTECT USA Act of 2025 was introduced in the US Senate, aiming to prohibit certain US entities from complying with non-domestic sustainability diligence regulations like the CSDDD. Relatedly, on Feb. 25, officials from 21 states sent a letter to President Donald Trump asking for an investigation into the CSRD, CSDDD and the European Green Deal and seeking consideration of the impact of these laws with respect to any federal EU trade initiatives.

Domestic developments notwithstanding, US-based companies that are captured within the scope of the current CSRD and CSDDD should continue preparing for compliance until the omnibus package is adopted. Moreover, companies should stay cognizant of the current domestic frameworks that remain in place, such as the California climate disclosure rules, which, although facing a court challenge, are still in effect and require disclosures to be made soon.

This article was first published by Vinson & Elkins; it is republished here with permission.