06 March 2025
The European Commission has launched its Omnibus Simplification Proposal to address concerns about sustainability regulations in the EU. But measured by its own objectives of simplifying requirements and reducing burdens on smaller companies, the proposals are a remarkable own goal. Negotiations in the coming months must be grounded in a practical grasp of what actually works in sustainability due diligence and reporting, if the final package is to make sense.
Why are we here?
It is not surprising that the current landscape of EU sustainability regulations has been critiqued as complex and burdensome. That is the natural consequence of developing sustainability regulations in the reverse order to what logic dictates.
The commonsense sequence would have been to set out what companies generally need to do in terms of sustainability due diligence, then what they need to report about those efforts, and finally what their investors need to report about the sustainability of their portfolios. But the EU went about it the opposite way: first setting requirements for investors under the Sustainable Finance Disclosure Regulation (SFDR), then reporting requirements for their portfolio companies under the Corporate Sustainability Reporting Directive (CSRD) and European Sustainability Reporting Standards (ESRS), and finally the due diligence conduct requirements under the Corporate Sustainability Due Diligence Directive (CSDDD). As a result, the connecting logic between each expectation and the next is lost, where they could have been streamlined, explained and cross-referenced.
As it is, with the CSRD and CSDDD coming from different parts of the Commission on disconnected timelines, there has been no clarity for companies that both sets of expectations are grounded in the same international standards on responsible business conduct: standards that thousands of businesses have been working to implement for nearly 15 years. And for companies new to risk-based due diligence, there has been a failure to explain what it is about: that it precisely relieves companies of the burden of blanketing their direct business relationships with excessive audits and information demands, and instead affords them the agency to address the most significant risks that are particular to their operations and value chains, and therefore central to their success. It is risk-based due diligence that delivers on the ultimate purpose of the EU legislation: improved human rights and environmental outcomes.
These disconnects in the Commission’s approach have been, somewhat understandably, mirrored in many company responses – and at notable cost. Companies’ financial departments set about interpreting and applying the ESRS in their reporting processes, after which legal divisions began preparing to implement the CSDDD – often assuming this was distinct from reporting. While the internal controls and subject matter capabilities needed for both are essentially the same, legal and financial departments have often hired separate teams to support their work – sometimes funding this by firing the very sustainability staff who have real experience of dealing with the issues. Other companies have paid excessive amounts for external consultants, who have too often pitched over-complex solutions, and failed to reflect how the new requirements inter-relate.
What is being proposed?
The Commission had an opportunity in its Omnibus proposal to focus on the guidance needed to strip away the appearance of complexity and show what straightforward implementation of sustainability due diligence and reporting entails. For sure it requires work to put into practice. But conceptually, it’s not rocket science. But instead, the Commission’s Omnibus Simplification Proposal is an own goal. It would actually make life more complicated for both large and small companies.
The proposal would make it much harder for companies to ‘know and show’ that they are managing the risks they face, and leave them on the back foot when ‘named and shamed’ by the media and NGOs as things go wrong.
Proposed changes would ask companies to do risk-based due diligence, but then constrain their proactive efforts to their first tier business partners, which is typically not where the greatest risks reside. It would then make it harder to understand what is happening even within that first tier by allowing them to ask only their largest business partners for the very information that is needed to actually manage the risks.
The risks we are talking about are real: they will not be reduced by restricting companies’ efforts to identify, assess and address them.It is precisely risk-based due diligence that enables a cost-effective focus on where the most severe problems lie – not the proposal’s push towards entity-by-entity audits and assessments that don’t get the job done.
The Commission’s proposal risks creating burdens for SMEs – rather than lessening them, as intended.
Companies will now have to rely even more heavily on demanding that their first-tier business partners ‘pass back’ requirements to meet the company’s Code of Conduct to the next tier, with less freedom to engage directly in finding solutions. Risk-based due diligence enables companies to allocate resources to the most severe risks in their value chain and support solutions with targeted capacity-building, collaborative efforts that pool resources, and mutual responsibility with suppliers – for instance recognizing how a company’s own purchasing practices affect suppliers’ ability to manage risks. It’s the off-loading of requirements and remote policing of compliance that creates the primary burden on smaller companies. It’s also a poor use of resources for the businesses that do it.
The proposed changes to the CSRD will also perpetuate the complex set of data demands from financiers and others that the CSRD sought to reduce.
The Commission proposes to cut by 80% the number of companies that would have had to report against the ESRS, reducing their disclosures to highly generalized information, at most. It would then cut swaths of disclosures currently included in the ESRS for the remaining 20%. As a result, investors and lenders who have no option but to be on top of the underlying risks, and have long called for this information to be routinely available, will be compelled to keep peppering investees with their own information requests.
What next?
As we head into a new process of negotiation between Commission, Parliament and Council over the legislative changes, there needs to be a much more pragmatic grasp on what actually works.
While this process plays out, companies can take comfort in the fact that the international standards – the UN Guiding Principles on Business and Human Rights and the OECD Guidelines for Multinational Enterprises – spell out what it takes to do effective risk-based due diligence. This is still what the EU regulations refer to as their common underpinning – even if the latest proposals would make it harder for companies to deliver in practice. Moreover there are already years of experience in what it takes to implement sustainability due diligence and reporting in line with the international standards, and in ways that are both workable for business and beneficial for people and planet.
Every industry has companies experienced in implementing risk-based due diligence, and many industries have worked with stakeholders to develop guidance on how to do it well. EU governments already have action plans that call for companies to implement sustainability due diligence, and they receive complaints through their OECD National Contact Points where companies allegedly fail to do so. And investors and lenders will continue to raise these same expectations in their engagements with companies, as will trade unions and NGOs. In short, doing due diligence in line with the international standards remains the best investment that companies can make to be prepared to meet current and future demands.
As for the forthcoming Omnibus process, while simplification remains a reasonable goal for negotiators to pursue, the Commission’s proposals are not the answer. Instead, they represent a remarkable own goal. As the process moves forward, we must do better.
Note: Our preliminary observations on the Omnibus Simplification Proposal address just some of the counter-productive elements in what the Commission has put forward. Over the coming weeks, Shift will be issuing a series of reflections regarding these and other aspects of the proposal – including the mixed messages it sends about key due diligence steps, the removal of a uniform approach to civil liability, the proposition to focus ESRS disclosure requirements on quantitative rather than qualitative information, and other implications for interoperability with other reporting standards. We look forward to on-going exchanges with partners and allies in business, finance, governments, EU institutions, labor organizations and NGOs about how to achieve simplification in practice without undermining the original intent of the legislation.
