ESG Regulation

The Complete Guide to CSRD Compliance for 2026

Mar 14, 2026

CSRD reporting waves, stop-the-clock delays, and 2026 Omnibus scope thresholds

The Complete Guide to CSRD Compliance for 2026

CSRD compliance in 2026 can feel like a moving target.

First, the “stop-the-clock” delayed entire waves of companies. Then the Omnibus I Directive narrowed the scope, removed sector standards, reshaped the “value‑chain cap”, and introduced a new voluntary reporting track. Meanwhile, regulators are already signalling where they will focus enforcement: materiality, structure, and auditability. 

So what should a Legal Manager/Director, Auditor (internal/external), or ESG lead do this year to stay compliant—and defensible?

This guide breaks CSRD compliance for 2026 into clear, practical steps: scope, obligations, double materiality, audit readiness, digital requirements, and a checklist you can run with your team.

Important: This article is educational, not legal advice. CSRD is implemented through national transposition, and 2026 changes may apply differently depending on your Member State and structure. 

CSRD compliance in 2026: what’s new and why it matters

The three changes that define 2026

One: Scope has changed—materially.
The Omnibus I Directive (EU) 2026/470 (published 26 February 2026; entry into force 18 March 2026) amends the regime so that (in the Accounting Directive framework) sustainability reporting applies to undertakings that exceed both: €450m net turnover and 1,000 average employees (and equivalent group thresholds). 

Two: Timelines are delayed for waves 2 and 3.
The “stop‑the‑clock” Directive (EU) 2025/794 moved wave‑2 and wave‑3 start dates to financial years starting on or after 1 Jan 2027 and 1 Jan 2028 respectively. 

Three: The ESRS burden is being managed short-term—and reworked longer-term.
For companies already reporting (wave 1), the Commission adopted a July 2025 “quick fix” that extends key phase‑ins across FY 2025–2026, so wave‑1 companies don’t suddenly face a spike in required disclosures compared to FY2024. 

What this means in plain language

In 2026, organisations are typically in one of these realities:

  • Already reporting under ESRS (wave 1): your 2026 priority is quality, controls and assurance-readiness, not “more pages”. 

  • Delayed but still preparing (original wave 2 / wave 3): you’ve gained time—but expectations from investors, clients, banks, and regulators haven’t disappeared. 

  • Potentially out of scope under Omnibus thresholds: you may no longer be legally required (depending on transposition), but you may still need to respond to value‑chain requests using a voluntary standard. 

One more critical nuance: Directives are implemented via Member State law. The Omnibus I Directive has a transposition deadline of 19 March 2027. That means legal teams must track both EU-level text and local implementation in each relevant jurisdiction. 

Step one: confirm whether you’re in scope

If you mis‑scope CSRD, everything else is wasted effort—or worse, you build a report that can’t be signed off.

Here’s a practical scoping sequence you can run in under an hour with Legal + Finance.

Your 2026 scoping questions

Are you an EU undertaking (or EU parent of a group)?
Under the Omnibus I amendments, the core test becomes: do you exceed €450m net turnover and 1,000 employees (or, for groups, equivalent consolidated thresholds)? 

Are you an issuer under the Transparency Directive?
Issuer thresholds are aligned with the same €450m / 1,000 employees logic in Omnibus I changes. 

Are you a third‑country (non‑EU) group with significant EU activity?
Omnibus I raises the third‑country EU turnover trigger from €150m to €450m, and sets the relevant EU subsidiary/branch threshold at €200m net turnover (with specific mechanics under Article 40a). 

Are you “in wave 1”, “wave 2”, or “wave 3”?
The Commission still describes the phased approach, with wave 1 applying first for FY2024 reports published in 2025. The “stop-the-clock” Directive removed the need for wave‑2 and wave‑3 companies to report for FY2025 or FY2026. 

Is your Member State fully transposed?
Even ESMA explicitly notes that in Member States that have yet to transpose CSRD, NFRD may still be relevant for certain issuers. That’s a major legal risk if your group operates across multiple jurisdictions. 

A “scope reality check” example

Imagine a group with €480m turnover and 1,050 employees. Under Omnibus I thresholds, you may remain in scope (subject to transposition). But if you’re €480m and 900 employees, you may fall out of scope from FY2027 onward—and some Member States may even apply exemptions for FY2025–FY2026 depending on how they implement the permitted derogations. 

Legal take‑away: build a short memo that documents:

  1. which entities are in scope where;

  2. which start year applies; and

  3. which assumptions depend on national transposition.

That memo becomes your audit trail.

What you must deliver: the CSRD sustainability statement in practice

Once scope is clear, compliance boils down to one deliverable:

A sustainability statement integrated into the (management report / corporate reporting package), prepared using European Sustainability Reporting Standards (ESRS), subject to assurance, and prepared in a digital reporting format. 

The legal “non-negotiables” (what must be true)

You must report on both perspectives (“double materiality”).
CSRD sustainability information must cover:

  • How sustainability issues create risks/opportunities for the undertaking; and

  • How the undertaking impacts people and the environment. 

Your board has collective responsibility.
The CSRD amendments explicitly connect sustainability reporting to collective responsibility of administrative/management/supervisory bodies for drawing up and publishing the management report and related disclosures. 

Audit committees are pulled in.
The CSRD amends audit committee responsibilities to include oversight and explanations around the integrity of sustainability reporting and assurance outcomes. 

Digital “mark‑up” is the direction of travel.
CSRD introduces requirements to prepare management reporting in a specified electronic reporting format and to “mark up” sustainability reporting (including EU Taxonomy Article 8 disclosures). 

Where ESRS sits in the hierarchy

CSRD is the law; ESRS is the mandated reporting standard set (adopted by delegated act), developed by EFRAG. 

If your organisation also reports under global baselines (e.g., ISSB climate disclosures), the Commission has highlighted interoperability guidance published by EFRAG and the ISSB as a way to reduce duplicated effort—especially on climate. 

Double materiality and value chain: where most projects fail

Let’s be blunt: most first‑year CSRD programmes don’t fail because of ESG ambition.

They fail because materiality and value chain aren’t treated as serious governance and evidence exercises.

Double materiality is not a workshop output

EFRAG’s IG1 Materiality Assessment Implementation Guidance is clear that materiality assessment is a structured process (and the Commission’s and ESMA’s supervisory focus heavily reinforces this). 

Practical expectation in 2026: you must be able to show:

  • Your methodology, thresholds, and decision points;

  • Stakeholder inputs and how they influenced results; and

  • How materiality drives ESRS disclosures (including omissions). 

If your materiality section reads like generic ESG marketing, you are inviting challenge.

Value chain data: you can use judgement, but you must document “reasonable effort”

The Commission’s CSRD FAQs explain that what counts as “reasonable effort” to obtain value chain information depends on context—size, technical readiness, available tools, supplier capability, proximity (tier 1 vs deeper tiers), and influence/buying power. 

Crucially, the FAQs also acknowledge that companies are more likely to rely on estimates in the first years of ESRS reporting than in later cycles, precisely because value‑chain infrastructure is immature. 

That’s not permission to guess. It’s permission to:

  1. Use estimates when needed, and

  2. Build a roadmap to replace them over time.

The “value‑chain cap” is now sharper

Under Omnibus I, listed SMEs are excluded from the mandatory CSRD regime, and the regime evolves towards protecting undertakings under 1,000 employees via:

  • A new voluntary reporting standard track (Article 29ca) due by 19 July 2026; and

  • A cap that prevents required disclosures from forcing large companies to extract information from value‑chain undertakings below the threshold beyond what the voluntary standard would contain. 

For Legal and Audit teams, this matters because supplier engagement letters, contract clauses, and procurement questionnaires need to be re‑aligned. If your procurement function is still sending 200‑question ESG surveys to protected suppliers, you’ve created avoidable risk.

What good looks like (a quick example)

A defensible value‑chain approach for 2026 often looks like:

  • Tier‑1 suppliers: direct data requests + contractual data rights where feasible.

  • Tier‑2+ suppliers: sampled data + credible proxies + escalation rules for hotspots.

  • Clear log of efforts made, obstacles, and improvement plan (the “why we don’t have it yet” narrative). 

Assurance and audit-readiness: how to prepare for limited assurance

If sustainability reporting is the “what”, assurance is the “prove it”.

Limited assurance is mandatory (and standards are coming)

CSRD sets a progressive assurance pathway beginning with limited assurance, and empowers the Commission to adopt EU-wide limited assurance standards by 1 October 2026. 

Omnibus I removes the requirement for the Commission to adopt reasonable assurance standards (previously envisaged by 2028) to avoid cost increases. 

In the interim, Member States may apply national standards, and the Commission requested convergence tools. 

Use CEAOB guidance to “design for assurance” now

The Committee of European Auditing Oversight Bodies (CEAOB) published non‑binding guidelines to support a common understanding of CSRD limited assurance until EU standards land. 

What does that mean operationally?

In 2026, you should assume your assurance provider will test whether:

  • Your sustainability reporting complies with ESRS requirements;

  • You have a credible process for identifying reported information (including the double materiality process); and

  • Your digital mark‑up requirements are being addressed. 

The internal audit angle: treat CSRD like a reporting control framework

For Internal Audit, CSRD becomes manageable when you stop treating it as a narrative report and start treating it as:

  • A defined reporting perimeter;

  • Data owners and controls;

  • Evidence standards;

  • Change management;

  • Final sign‑off rules.

This approach also aligns with ESMA’s priorities on materiality and structure (especially for listed issuers). 

Digital reporting and filing: tagging, ESEF and ESAP

Many CSRD programmes leave digital requirements until the final weeks.

That is a mistake. Digital errors are avoidable—and visible.

CSRD ties sustainability reporting to electronic reporting formats

CSRD introduces requirements to prepare management reporting in the electronic reporting format specified in the EU single electronic reporting framework and to mark up sustainability reporting (including EU Taxonomy disclosures). 

Regulators are watching digital quality

ESMA explicitly includes ESEF digital reporting and common filing errors in its annual enforcement priorities. 

The ESMA ESEF Reporting Manual (2025 update) is practical reading for anyone responsible for digital filings and tagging governance. 

ESAP is coming into play

CSRD’s digital direction feeds into the wider EU push for accessible sustainability information through initiatives like the European Single Access Point (ESAP). ESMA describes ESAP as a single access point for public financial and sustainability-related information. 

Practical advice for 2026: add a “digital readiness” workstream with:

  • Clear ownership (Finance reporting / Disclosure / ESG reporting);

  • Tooling decisions early; and

  • A dry run timeline (tagging and validation) well before publication.

Your 2026 CSRD compliance checklist + conversion-ready next steps

Below is a practical checklist you can paste into your project plan or control matrix. (No PDF—just a checklist you can execute.)

CSRD Compliance Checklist for 2026 (Legal + Audit-ready)

Scope & legal basis

☐ Document whether the group/entity is in scope under current CSRD rules and/or Omnibus I thresholds (€450m turnover + 1,000 employees), including which assumptions depend on national transposition. 

☐ Confirm timing: wave status, and whether “stop‑the‑clock” shifts first reporting year (FY 2027 / FY 2028 for delayed waves). 

☐ If non‑EU group: assess Article 40a triggers (EU turnover €450m; EU subsidiary/branch €200m) and map publication obligations. 

Governance & accountability

☐ Assign executive accountability and board oversight; document sign‑off workflow aligned with collective responsibility expectations. 

☐ Update audit committee charter / annual plan to include sustainability reporting integrity and assurance oversight. 

Double materiality

☐ Execute a structured double materiality assessment with documented methodology, stakeholder inputs, scoring/thresholds, and decisions. 

☐ Build an audit trail linking material topics → ESRS disclosures → omissions with rationale. 

Value chain & supplier strategy

☐ Define “reasonable effort” criteria and document when estimates/proxies are used (and the plan to improve in future cycles). 

☐ Re-align supplier questionnaires and ESG clauses to the “value‑chain cap” direction and voluntary standard expectations for smaller undertakings. 

☐ If you rely on transitional exemptions (phase‑ins), confirm what still must be summarised when the topic is material (ESRS 2). 

Reporting content & phase-ins

☐ Identify which quick-fix phase‑ins apply (e.g., anticipated financial effects, certain topical disclosures), and ensure you don’t promise disclosures you are not yet required to provide. 

☐ Stress-test the structure and clarity of the sustainability statement against ESMA’s enforcement focus on materiality, scope, and structure. 

Assurance readiness

☐ Agree assurance scope early with your statutory auditor / assurance provider; align evidence expectations with limited assurance guidance. 

☐ Implement controls and evidence retention for high-risk datapoints (GHG, workforce metrics, value-chain estimates, EU Taxonomy KPIs). 

☐ Track the EU timeline for limited assurance standards (deadline 1 Oct 2026) and national interim standards. 

Digital reporting

☐ Confirm electronic reporting and mark‑up plan; schedule a tagging dry run and validation before publication. 

☐ Add a quality gate for digital filing issues (ESEF error patterns are on regulators’ radar).

CSRD compliance isn't just a reporting exercise, it's a legal, audit and governance transformation. If you want your 2026 wok to stand up to assurance scrutiny (and to avoid a painful rework cycle), build the foundation now.


More to explore

Executive team reviewing sustainability strategy documents and performance charts, symbolizing alignment of ESG goals with business objectives.

ESG Risk Management

Feb 4, 2026

Develop an ESG Strategy Aligns with Your Goals

Leaders reviewing ESG performance dashboards, symbolizing the critical role of governance in aligning environmental and social strategies with accountability and oversight.

ESG Risk Management

Jan 21, 2026

Why ESG Fails Without Governance: The Hidden Risk

ESG performance dashboard showing key sustainability KPIs such as greenhouse gas emissions, supply chain risk, workforce indicators, and governance metrics.

ESG Data & Reporting

Jan 14, 2026

Top 10 ESG KPIs Every Company Should Track

Executive team reviewing sustainability strategy documents and performance charts, symbolizing alignment of ESG goals with business objectives.

ESG Risk Management

Feb 4, 2026

Develop an ESG Strategy Aligns with Your Goals

Leaders reviewing ESG performance dashboards, symbolizing the critical role of governance in aligning environmental and social strategies with accountability and oversight.

ESG Risk Management

Jan 21, 2026

Why ESG Fails Without Governance: The Hidden Risk

Ready to uncover your hidden ESG risks?

Join the organizations transforming compliance into competitive advantage. Start your journey with a personalized RISC Session.

Book My Free ESG Consultation

Close-up of a green leaf symbolizing sustainability, ESG reporting and nature-inspired strategy by Arelya
ESG consultant at Arelya smiling in modern office, supporting companies with CSRD and sustainability reporting
Diverse hands stacked together symbolizing teamwork, unity and ESG values promoted by Arelya
A smiling woman with her arms crossed, standing against a dark green background. She has long, dark hair.
Close-up of a dark green leaf showing its textured surface and central vein against a muted background.
Arelya consultant presenting ESG strategy and sustainability performance charts to corporate team
Close-up of a tree stump showing growth rings and a textured brown wood surface.
Diverse Arelya ESG consulting team in beige suits representing inclusivity, sustainability and corporate compliance
Close-up of a tree stump showing growth rings and a textured brown wood surface.

Ready to uncover your hidden ESG risks?

Join the organizations transforming compliance into competitive advantage. Start your journey with a personalized RISC Session.

Book My Free ESG Consultation

Close-up of a green leaf symbolizing sustainability, ESG reporting and nature-inspired strategy by Arelya
ESG consultant at Arelya smiling in modern office, supporting companies with CSRD and sustainability reporting
Diverse hands stacked together symbolizing teamwork, unity and ESG values promoted by Arelya
A smiling woman with her arms crossed, standing against a dark green background. She has long, dark hair.
Close-up of a dark green leaf showing its textured surface and central vein against a muted background.
Arelya consultant presenting ESG strategy and sustainability performance charts to corporate team
Close-up of a tree stump showing growth rings and a textured brown wood surface.
Diverse Arelya ESG consulting team in beige suits representing inclusivity, sustainability and corporate compliance
Close-up of a tree stump showing growth rings and a textured brown wood surface.

Ready to uncover your hidden ESG risks?

Join the organizations transforming compliance into competitive advantage. Start your journey with a personalized RISC Session.

Book My Free ESG Consultation

Close-up of a green leaf symbolizing sustainability, ESG reporting and nature-inspired strategy by Arelya
ESG consultant at Arelya smiling in modern office, supporting companies with CSRD and sustainability reporting
Diverse hands stacked together symbolizing teamwork, unity and ESG values promoted by Arelya
A smiling woman with her arms crossed, standing against a dark green background. She has long, dark hair.
Close-up of a dark green leaf showing its textured surface and central vein against a muted background.
Arelya consultant presenting ESG strategy and sustainability performance charts to corporate team
Close-up of a tree stump showing growth rings and a textured brown wood surface.
Diverse Arelya ESG consulting team in beige suits representing inclusivity, sustainability and corporate compliance
Close-up of a tree stump showing growth rings and a textured brown wood surface.