The escalating relevance of ESG has consequences for the CFO purview; the requisite effort for compliance with reporting demands and the quality control measures is rising significantly and is subject to a certain degree of acceleration. The EU has recently tightened up reporting requirements and significantly expanded the scope of companies. We offer here an overview of methods for satisfying short-term reporting requirements and possible implications for the strategic orientation.
A survey by Bitkom of 506 companies on the subject of sustainability and the use of digital technologies revealed that almost half of German commercial enterprises want to be climate-neutral by 2030.
The necessity for a company to address ESG (environmental, social and governance) criteria proactively as well as preventively is no less an issue for the CFO and his/her finance department. The number of regulations and standards and their points of emphasis are more volatile than ever before. Driven by various internal and external drivers, SMEs and non-capital-market-oriented companies in particular are focusing with growing intensity on reporting requirements relating to the subject of ESG.
Current regulations have since been further specified in order to reduce scope for implementation, interpretation, and the degree to which their application is voluntary. The EU taxonomy and other measures are aimed at setting boundaries in this respect that will reduce green washing and similar hurdles for sustainability-conscious stakeholders.
The following overview summarizes the regulations and directives that have been adopted and whether (and, if so, as of what point in time) their application is mandatory.
The common feature of the listed regulations (speaking globally) is their derivation from the Paris Agreement, which in turn serves at the European level as the starting point for the Green Deal and the EU taxonomy. The objectives of the EU Green Deal are the achievement of climate neutrality in Europe by 2050 and the protection of nature and biodiversity.
The EU taxonomy provides a universally applicable classification tool for companies and sustainable financial products. It is intended to provide a definition of sustainable and environmentally friendly business activities, supported by a set of threshold values determined by the EU Commission to ensure the validity of sustainability assessments.
The EU taxonomy has these objectives:
- Climate change mitigation
- Climate change adaptation
- Sustainable use and protection of water and marine resources
- Transition to a circular economy
- Pollution prevention and control
- Protection and restoration of biodiversity and ecosystems
Essential for the assessment of a sustainable business activity1 is that the activity contributes to at least one of the above-mentioned goals,2 does not violate any of the other environmental goals (also referred to as the DNSH3 criterion), secures the specified minimum protection,4 and complies with the technical assessment criteria.5
The EU taxonomy has been in effect since January 2022, but not all the evaluation criteria have been defined at the moment. Initially, banks, insurance companies, and capital market-oriented companies with more than 500 employees6 are required to report on their actions regarding goals 1 and 2. The other four goals will also become mandatory as of the year 2023. As of this time, not all business areas have been specifically defined.
The taxonomy is mandatory for companies that are subject to non-financial reporting (NFRD or, in future, the CSRD Guideline). The required statements are issued either in the sustainability report or the annual report, at which time the taxonomy-compliant share of revenues, capital expenditures (capex), and operating expenses (opex) must be disclosed. This information also includes the suppliers and customers in the supply chain.
The stage model below can be used to determine a taxonomy-compliant activity.
Corporate Sustainability Reporting Directive (CSRD)
The inclusion of the CSRD extends the scope of the EU taxonomy and bolsters its implementation.
In April 2021, the European Commission published its proposal for a Corporate Sustainability Reporting Directive (CSRD) that would expand the scope of the previously adopted Non-Financial Reporting Directive (NFRD). The proposal was adopted by the European Parliament on November 10, 2022. The final approval was given by the European Council on November 28, 2022.
The objective of the proposed directive is the significant expansion of the group of companies subject to reporting requirements that will ensure adequate, publicly available information on the risks to companies arising from sustainability aspects (“outside-in perspective”) and on the impact of the companies themselves on people and the environment (“inside-out perspective”). This concept is also known as the principle of “double materiality”.
The expanded group would include non-capital-market-oriented companies (no NFRD obligation) that have an annual average of more than 250 employees, total assets in excess of €20 million, and revenues of more than €40 million. The directive will apply solely to companies that exceed at least two of these size criteria.7 In addition, the scope of the reporting requirements will be expanded to include small and medium-sized capital market-oriented companies (with the exception of micro-entities). Subsidiaries within a corporate group will remain exempt from the reporting requirement in view of the reporting at group level (unless they are themselves large capital market-oriented subsidiaries).
In short, the CSRD applies to all large companies,8 regardless of capital market orientation, and to all large limited liability companies in the EU. The proposed directive as adopted included a stage model of implementation that would be realized as described below.
The reporting obligation for entities previously subject to the National Financial Reporting Framework (NFRD) will commence on January 1, 2024 (first report in 2025). The obligation for large companies not currently subject to the NFRD will begin on January 1, 2025 (first report 2026), and the obligation for listed small and medium-sized companies, small and non-complex banks, and captive insurance companies will start on January 1, 2026 (first report 2027), with an exemption provision in effect until 2028.
Once adopted at the EU level, the directive must be translated into national law by the member states within 18 months before it can enter into force for companies.
The report should include a brief description of the business model in terms of resilience and the company’s strategy in terms of opportunities and risks in relation to sustainability. A description of the most significant adverse effects, both actual and potential, on the company’s value chain, including its own operations, products and services, business relationships, and supply chain and the description of intangible assets such as intellectual, human, social, and relational capital, should also be included in the report.
Clearly defined criteria and key figures ensure that data and facts are understandable and comparable, enhancing transparency and facilitating the analysis of sustainability reports. The CSRD ensures that all stakeholders are better informed about sustainability aspects, can meet their own reporting requirements, or can invest in demonstrably sustainable companies.
Supply Chain Act (LkSG)
The Act on Corporate Due Diligence in Supply Chains (LkSG), also known as the Supply Chain Act, seeks to improve on international law concerning human rights compliance in supply chains by establishing rules for responsible supply chain management for certain companies.
This act will enter into force on January 1, 2023, and will initially apply to companies domiciled in Germany that employ a minimum workforce of 3,000. As of 2024, it will also apply to companies with a minimum of 1,000 employees. The Supply Chain Act is supposed to be adapted to a future European regulation so that German companies will not suffer any competitive disadvantages.
The fundamental elements of the due diligence obligations include the establishment of a risk management system that will effectively identify, prevent, or minimize the risks of human rights violations and environmental harm. Issues of particular prominence include the prohibition of child labor and slavery, the disregard of freedom of association, problematic working conditions, discrimination, the withholding of an adequate wage, the use of certain chemicals, etc.
The law describes the required preventive and remedial measures and establishes procedures for lodging complaints and regular reporting. Compliance with these obligations is not limited to the company’s own business units; they must also be observed in the conduct of a contract partner and in the conduct of other (indirect) suppliers. The provisions establish a company’s accountability for the full length of its supply chain.
If companies fail to fulfill their legal obligations, they may be fined amounts of up to €8 million or, for companies with annual revenues of more than €400 million, up to 2 percent of annual global revenue. In addition, they may possibly be excluded from participation in tender procedures for public contracts if the fine exceeds a certain minimum amount.
Corporate Digital Responsibility (CDR)
As of this moment, observance of the CDR Code remains voluntary.
CDR is understood as the corporate responsibility from the perspective of digital transformation. The CDR Code contains principles and objectives applicable as guidelines for action that should be implemented by the members of the CDR Initiative. As a whole, the code concentrates on nine principles that focus on basic social values, environmental issues, and similar topics. Companies report on any measures that contribute to the various goals. The principles and objectives can be sub-divided into these five fields of action:
- Handling of data
- Climate and resource protection
- Employee retention
The CDR Code is seen as a strategy for sustainable digitalization and consequently as a complement to the CSR Directive and strategy because CSR relates to the environmental and social aspects of the analog world.
The four regulatory changes mentioned here demonstrate that — irrespective of the precise form — the finance department plays a fundamental role in their implementation. One of the chief requirements is the establishment of a reporting system that fulfills legal obligations and meets the demands of the addressees. The figure below depicts one possibility for the organizational allocation of tasks in the CFO purview and indicates examples of the reporting components that may be relevant.
It clearly reveals that both the external and internal accounting, in close cooperation with sustainability management, are the primary actors. Interface solutions and agreements are needed here to reconcile the strategic components with the regulatory requirements. Every area is assigned a separate role in this process.
Undoubtedly, the reporting requirements necessitate the separation of financial and non-financial KPIs according to sustainability criteria so that transparency and a framework for the assessment of taxonomy-compliant activities are assured. The overview provides solely a selection of relevant key figures that offer an initial framework for orientation. Last, but not least, it should be noted that the obligations and the key figures and activities must be considered specifically for any given company.
Social challenges and the publication of new standards and regulations are changing corporate requirements and structures. Large non-capital-market-oriented companies and capital market-oriented SMEs in particular must now deal with the pertinent issues in good time.
The fact that sustainability information must be as verifiable as financial information only augments the significance of the role of the CFO and the associated departments as they actively realize and implement the new requirements and the sustainability activities beyond the previous scope. The finance department contributes to the implementation of the ESG strategy and its targets.
These new roles and responsibilities call for new management and reporting processes, accompanied by the adaptation of the data and system landscape enabling the mapping of non-financial key figures. As the scope of the requirements is expanding dynamically, it is essential for the finance department and the company as a whole to acquire (continuous) knowledge. The expertise required to fulfill the requirements must not be underestimated.
Stakeholder-oriented preparation of financial information in harmony with reporting obligations also creates transparency in companies. The finance department becomes the gateway to (economic) assessment and the selection and measurement of sustainability activities. Ultimately, it must consolidate the activities and integrate them into the system landscape in support of reporting and management processes. The resulting transparency generates credibility that serves as a source of conviction and strength for both external and internal stakeholders.
1 Cf. Regulation (EU) 2020/852, Art. 3.
2 Cf. Regulation (EU) 2020/852, Art. 9 and Art. 10–17.
3 “Do No Significant Harm” criterion
4 Cf. Regulation (EU) 2020/852, Art. 18.
5 Cf. Regulation (EU) 2020/852, Art. 10–15.
6 Cf. section 289b Commercial Code [Handelsgesetzbuch; HGB] and section 315b HGB.
7 Cf. Directive 2013/34/EU
8 Average >250 employees, >€20 million balance sheet total, >€40 million revenue (cf. also Directive 2013/34/EU).