In a major turn for European sustainability reporting, the EU’s Omnibus package has narrowed the Corporate Sustainability Reporting Directive (CSRD) and delayed parts of the rollout. For many mid-sized companies, this means less compliance pressure (or none at all). For large groups still in scope, it’s an opportunity to refocus reporting on double materiality priorities and establish a more efficient, audit-ready data foundation.
Here’s what changed, what it means for SMEs and large companies, and how to plan your next steps, without the jargon.
What changed in 2026: The new CSRD thresholds
Under the provisional deal announced in December 2025, CSRD reporting is now targeted at only the largest companies. The revised thresholds are:
- More than 1,000 employees, and
- Net turnover above €450 million
This is stated in the EU Council’s press release on the Council–Parliament agreement.
That’s a major shift from the original CSRD scope logic (which was built around the “2 out of 3” test used under the Accounting Directive: employee headcount, turnover, balance sheet total, bringing in many larger and listed entities).
Who gets excluded explicitly?
A few other high-impact changes accompany the new thresholds:
- Listed SMEs are removed from the scope. The Council notes the proposal to remove listed SMEs from CSRD scope as part of simplification.
- Non-EU group reporting is tightened. Deloitte’s summary of the provisional agreement notes that non-EU entities would be in scope only if they exceed €450 million in EU turnover at the group level and have an EU subsidiary/branch exceeding €200 million in turnover. dart.deloitte.com
If you’re under 1,000 employees or under €450m turnover, CSRD likely won’t apply (as drafted in the Omnibus agreement).
The headline impact: from ~50,000 companies to ~5,000
Before the Omnibus push, CSRD was expected to expand sustainability reporting coverage dramatically often cited as moving from roughly 50,000 companies into scope.
Under the revised agreement, the estimated effect is that around 90% of companies that would have been covered are now removed leaving only about 5,000 in scope. This “~90% removed” framing is reported widely in policy and ESG coverage, including ESG Dive and law-firm analyses tracking the agreement. ESG Dive
Why it matters: This isn’t a minor tweak. It’s a structural redesign that shifts CSRD from “broad mandatory reporting” to “targeted reporting for the very largest companies.”
What SMEs and mid-sized companies need to know (you’re likely off the hook)
If you’re an SME or mid-cap, the immediate message is reassurance: you probably won’t have a mandatory CSRD report to file under the revised thresholds.
But there are still indirect implications you should plan for:
1) Customers and financiers will still ask for ESG data
Even if CSRD no longer applies to you directly, large customers that remain in scope will still need reliable data across operations and value chains. That can lead to supplier questionnaires and ESG data requests, especially for emissions, energy, water, and human rights basics.
2) The EU is pushing a voluntary SME standard
The European Commission has signalled a voluntary sustainability reporting standard for companies up to 1,000 employees, intended to reduce fragmentation and help SMEs respond to data requests with a standard format. European Commission
Practical takeaway for SMEs: You don’t need to build a CSRD-grade reporting machine, but you should be ready with a light, standardised ESG data pack (especially emissions and key policies) because market expectations won’t disappear.
What’s next for large firms still in scope?
If you’re in the ~5,000, the changes aren’t a “get out of jail free card.” They’re a signal to shift from compliance panic to disciplined execution.
1) Double down on materiality (and stop trying to report everything)
CSRD reporting is built around materiality-driven disclosure. Use the additional time and simplification to run a rigorous double materiality assessment, align it to strategy and risk management, and focus your reporting on the topics that matter most (climate risks, energy, supply chain hotspots, workforce, governance, etc.).
2) Prepare for ESRS: expect simplification, not disappearance
ESRS remains the reporting backbone. What’s changing is the burden, not the intent: the EU message is “simplify and boost competitiveness,” not “scrap sustainability reporting.”
Your best move: build strong internal data processes now so you can adapt quickly as ESRS requirements evolve.
3) Use the “stop-the-clock” delay wisely
Separately from the December 2025 agreement, the EU advanced a “stop-the-clock” directive to postpone application dates for parts of CSRD and due diligence rules as part of simplification. The European Parliament announcement and Council release cover this delay framing.
Even with delays, don’t pause. Use the window to:
- map data ownership across teams,
- run a dry-run reporting cycle,
- close gaps (Scope 1/2 first, then critical Scope 3),
- and set up governance and controls to support limited assurance.
Why did the EU scale back? The politics behind the shift
The Omnibus changes sit within a broader EU competitiveness push, explicitly framed as reducing administrative burden and improving economic performance while still keeping sustainability objectives in view.
Reporting on the December 2025 parliamentary vote also frames the move as a political rebalancing, prompting criticism from civil society groups and concern about reduced corporate oversight, while supporters argue it reduces “green tape.” The Guardian+1
The core tension:
- Businesses and some policymakers: “too much compliance too fast.”
- Investors, NGOs, and some sustainability leaders: “less disclosure = less accountability and comparable data.”
What should companies do now: a simple action plan
If you’re out of scope
- Build a light ESG data pack (energy, emissions basics, policies, key KPIs).
- Consider aligning to the voluntary SME standard once adopted.
- Be ready for customer ESG requests, but don’t overbuild.
If you’re still in scope
- Reconfirm scope using the new thresholds and group structure.
- Run/refresh double materiality and translate it into a reporting blueprint.
- Start data readiness now (systems, controls, evidence trail) to avoid last-minute chaos.
Conclusion
Whether you’re still in scope or just trying to respond to stakeholder requests efficiently, Credibl helps you move from spreadsheets and firefighting to structured, audit-ready ESG data.
With Credibl, you can:
- centralize ESG data collection across sites and suppliers,
- automate calculations and evidence trails,
- align outputs to CSRD/ESRS-style disclosures (and other frameworks), and
- collaborate across teams with clear ownership and review workflows.
If you want to confirm whether your company is in scope, and what a “right-sized” reporting approach looks like, book a Credibl demo and we’ll help you map the fastest path to readiness.
FAQs
1) Are SMEs still required to report under CSRD?
Under the revised Omnibus agreement, listed SMEs are removed from CSRD scope, and the main threshold is now >1,000 employees and >€450m turnover, so most SMEs will not have mandatory CSRD reporting.
2) If we’re out of scope, can large customers still demand ESG data from us?
They can request information, but the EU is also advancing a voluntary SME standard designed to standardize and limit what smaller companies need to provide.
3) What’s the best next step for companies still in scope?
Use the added time to focus on materiality, build strong ESG data governance, and run a dry-run reporting cycle so you’re ready when reporting is due (even if delayed).
4) Does “simplification” mean ESRS goes away?
No, ESRS remains the reporting backbone. The Omnibus messaging is about reducing burden and sharpening scope, not removing sustainability reporting entirely
