What Are CSRD and CSDDD?
CSRD and CSDDD are two EU sustainability directives with fundamentally different purposes. The Corporate Sustainability Reporting Directive (CSRD) tells companies what to disclose about their sustainability impacts. The Corporate Sustainability Due Diligence Directive (CSDDD) tells companies what to do about adverse environmental and human rights impacts in their value chains.
That distinction matters because a company can be subject to one, both, or neither depending on its size. Both directives were significantly narrowed by the Omnibus I Directive (EU) 2026/470, enacted in March 2026, which reduced the number of companies in scope and delayed compliance timelines. Understanding where CSRD vs CSDDD overlap and diverge is essential for compliance teams planning their regulatory roadmap.
CSRD: The EU’s Sustainability Reporting Standard
The CSRD (Directive 2022/2464) replaced the Non-Financial Reporting Directive (NFRD) and requires companies to report on sustainability topics using the European Sustainability Reporting Standards (ESRS). For physical climate risk specifically, ESRS E1 sets out 11 disclosure requirements covering hazard screening, scenario analysis, climate resilience, and the anticipated financial effects of climate change on business assets.
CSRD reports are public, audited (limited assurance), and follow a standardized format. The directive applies a double materiality lens, requiring companies to assess both how climate affects their business and how their business affects the climate.
CSDDD: The EU’s Due Diligence Mandate
The CSDDD (Directive 2024/1760) requires companies to identify, prevent, and mitigate adverse environmental and human rights impacts across their operations and supply chains. Unlike CSRD, which focuses on what companies report, CSDDD focuses on what companies investigate and correct.
Due diligence under CSDDD follows the OECD six-step framework: embed responsible conduct, identify impacts, cease or mitigate harm, track implementation, communicate, and provide remediation. Environmental scope covers soil changes, water and air pollution, deforestation, ecosystem damage, and excessive resource consumption. Read the full breakdown in our CSDDD guide.
Where CSRD and CSDDD Fit in the EU Sustainability Framework
CSRD and CSDDD are two legs of a three-part EU sustainability framework, alongside the EU Deforestation Regulation (EUDR). Each targets a different dimension: CSRD governs disclosure, CSDDD governs conduct, and EUDR governs commodity-specific deforestation-free supply chains.
| Dimension | CSRD | CSDDD | EUDR |
|---|---|---|---|
| Focus | Sustainability reporting | Supply chain due diligence | Deforestation-free products |
| Scope | All sustainability topics (ESRS E1-E5, S1-S4, G1) | Environmental + human rights | 7 commodities only |
| Geographic reach | EU companies + non-EU subsidiaries | EU companies + non-EU by turnover | Any operator placing goods on EU market |
| Data needed | Quantitative climate risk, emissions, social metrics | Environmental baselines, risk mapping | Plot-level geolocation, deforestation-free proof |
| Enforcement | Member state penalties + assurance | Member state penalties (civil liability removed) | EU-wide penalties, product seizure |
CSRD vs CSDDD: Differences at a Glance
The core difference between CSRD and CSDDD is disclosure versus action. The CSRD (Corporate Sustainability Reporting Directive, 2022/2464) requires large companies to publicly report climate, environmental, and social information using ESRS standards. The CSDDD (Corporate Sustainability Due Diligence Directive, 2024/1760) requires the largest companies to identify, prevent, and remediate adverse impacts across their own operations and direct business partners. In short: CSRD governs what you report; CSDDD governs what you must actually do.
| Dimension | CSRD | CSDDD |
|---|---|---|
| Core purpose | Disclosure (what you must report) | Action (what you must investigate and remediate) |
| Full name | Corporate Sustainability Reporting Directive | Corporate Sustainability Due Diligence Directive |
| EU Directive | 2022/2464 | 2024/1760 |
| In force (original) | December 14, 2022 | June 13, 2024 |
| Omnibus I amendment in force | March 18, 2026 | March 18, 2026 |
| Scope (EU companies, post-Omnibus) | 1,000+ employees AND (EUR 50M+ net turnover OR EUR 25M+ balance sheet) | 5,000+ employees AND EUR 1.5B+ worldwide net turnover |
| Scope (non-EU companies) | EUR 450M+ net turnover generated in the EU | EUR 1.5B+ net turnover generated in the EU |
| Companies in scope | ~10,000 (80% reduction from original ~50,000) | ~5,300 |
| First obligations / reports due | Wave 1 FY 2024 (filed 2025); Wave 2 FY 2027 (due 2028); non-EU FY 2028 (due 2029) | Single application date July 26, 2029; first reports FY starting January 1, 2030 |
| Climate focus | Physical risk disclosure, scenario analysis, financial effects (ESRS E1) | Environmental due diligence across value chain (soil, pollution, deforestation, ecosystem damage) |
| Due diligence scope | Not applicable (disclosure framework) | Direct (tier-1) business partners; indirect only with “plausible information” |
| Climate transition plan | Required under ESRS E1 | Deleted entirely by Omnibus I |
| Assurance | Limited assurance required; reasonable-assurance escalation removed by Omnibus | Not required (no assurance mandate) |
| Penalties | Member State discretion (no EU-wide cap in CSRD) | Capped at 3% of worldwide net turnover (Omnibus I); Commission fining guidelines due July 2027 |
| Civil liability | Member State national law | EU-wide regime deleted by Omnibus I; reverts to national law |
| Monitoring frequency | Annual reporting | Every 5 years (reduced from annual by Omnibus); ad-hoc assessments triggered by new information |
At a glance, six differences matter most for compliance teams planning a dual-directive roadmap:
- Purpose: CSRD is a reporting and disclosure directive; CSDDD is an action and due-diligence directive.
- Scope: CSRD covers ~10,000 companies (1,000+ employees); CSDDD covers ~5,300 companies (5,000+ employees plus EUR 1.5B+ turnover).
- Timeline: CSRD Wave 1 has already filed (2025); CSDDD compliance begins July 26, 2029.
- Climate transition plan: Required under CSRD (ESRS E1); deleted entirely from CSDDD by Omnibus I in March 2026.
- Penalties: CSRD leaves penalties to Member State discretion; CSDDD is capped at 3% of worldwide net turnover under Omnibus I.
- Civil liability: CSDDD’s EU-wide civil liability regime was removed by Omnibus I; both directives now fall back on national Member State law.
How Do CSRD and CSDDD Scope Requirements Compare?
One of the most common questions when comparing CSRD vs CSDDD is which companies fall under each directive. The Omnibus I amendments reduced the scope of both, but the thresholds remain different.
CSRD Scope After Omnibus I
Before Omnibus, the CSRD applied to roughly 50,000 companies across the EU, including large undertakings with 250+ employees and listed SMEs. The Omnibus simplification raised the employee threshold to 1,000+ and eliminated the listed SME wave entirely. Around 10,000 companies remain in scope, primarily large enterprises with significant market presence.
CSDDD Scope After Omnibus I
The CSDDD originally used a three-phase rollout starting with companies of 5,000+ employees and EUR 1.5B+ turnover, then expanding to 3,000+ employees and eventually 1,000+. Omnibus collapsed these phases into a single threshold: 5,000+ employees AND EUR 1.5B+ worldwide turnover. The lower tiers were deleted entirely. Approximately 5,300 companies fall within scope.
Dual-Scope Companies: Who Must Comply With Both
Companies meeting both sets of thresholds face dual obligations. Every company in CSDDD scope (5,000+ employees, EUR 1.5B+ turnover) also meets the CSRD threshold (1,000+ employees), so all CSDDD-obligated companies must also file CSRD reports. The reverse is not true: thousands of companies with 1,000-4,999 employees face CSRD obligations but fall outside CSDDD scope.
| Criterion | CSRD (Post-Omnibus) | CSDDD (Post-Omnibus) |
|---|---|---|
| Employees | 1,000+ | 5,000+ |
| Turnover | EUR 50M+ | EUR 1.5B+ |
| Balance sheet | EUR 25M+ | N/A |
| Listed SMEs | Eliminated (was Wave 3) | N/A |
| Non-EU companies | EUR 450M+ EU turnover with EU subsidiary | EUR 1.5B+ EU turnover |
| Estimated in-scope | ~10,000 | ~5,300 |
Reporting vs Due Diligence: What Each Directive Requires
The requirements under CSRD and CSDDD reflect their different objectives. CSRD prescribes what information companies must publish. CSDDD prescribes what actions companies must take.
CSRD Disclosure Requirements (ESRS E1 Focus)
Under CSRD’s climate risk disclosures, companies report against ESRS E1, which covers transition plans, GHG emissions, energy consumption, and physical climate risk. The amended ESRS E1-2 requires companies to identify physical climate risks using documented data sources, screen across hazard types, and run scenario analysis with at least one high-emissions scenario. E1-11 requires quantifying the carrying amount of assets materially exposed to physical risks.
ESRS E1-2 requires companies to screen for physical climate hazards using documented data sources and run at least one high-emissions scenario. On the CSDDD side, companies must map their value chain and establish environmental baselines at high-risk sites. That same supplier map drives the ESRS E1 physical-risk screen; see physical climate risk in the value chain. Platforms like Continuuiti address both requirements through a single workflow: batch-geocode operational and supplier addresses, run satellite-based land cover analysis for environmental baselines (CSDDD), and screen every location against 12 physical climate hazards under SSP2-4.5 and SSP5-8.5 scenarios (CSRD). The methodology documentation supports E1-2’s demand for data source transparency.
CSDDD Due Diligence Obligations
CSDDD requires companies to map their operations and business partner relationships, identify areas of likely severe environmental or human rights impacts, conduct in-depth assessments at high-risk sites, and monitor effectiveness over time. Post-Omnibus, due diligence generally covers direct (tier-1) business partners only. Assessment of indirect partners is required only when the company has “plausible information” of adverse impacts, defined as credible media reports, complaints, NGO documentation, or recurring problems at specific locations.
The environmental scope includes soil changes, water and air pollution, excessive emissions, water consumption, land degradation, deforestation, and ecosystem damage. Human rights due diligence covers forced labor, child labor, and fair wages across the value chain.
| Requirement Area | CSRD (What You Report) | CSDDD (What You Do) |
|---|---|---|
| Climate risk | Disclose physical risk exposure under ESRS E1 | Map high-risk sites, establish environmental baselines |
| Scenario analysis | Required (high-emissions scenario mandatory) | Not required |
| Financial effects | Quantify carrying amount of exposed assets | Not required |
| Supply chain | Value chain data with cap (Omnibus) | Due diligence on direct (tier-1) partners |
| Monitoring | Annual reporting | Reassess every 5 years (Omnibus) |
| Materiality | Double materiality (impact + financial) | Risk-based prioritization |
| Human rights | Social disclosures under ESRS S1-S4 | Due diligence obligation (core scope) |
| Transition plan | Required under ESRS E1 | Deleted by Omnibus I |
How Did Omnibus I Change Both Directives?
The Omnibus I package, finalized as Directive (EU) 2026/470 and published in the Official Journal on February 26, 2026, amended both CSRD and CSDDD simultaneously. The changes took effect on March 18, 2026. Both directives saw reduced scope and delayed timelines, but CSDDD absorbed more structural changes.
CSRD Omnibus Changes (Feb 2025)
The CSRD Omnibus proposal (COM(2025)80) raised the employee threshold from 250 to 1,000, cutting approximately 80% of regulated entities. Listed SMEs (Wave 3) were eliminated entirely. The Commission committed to simplifying ESRS data points within six months, removing sector-specific standards, and scrapping the planned escalation from limited to reasonable assurance. The value-chain data cap now protects all companies with fewer than 1,000 employees from trickle-down reporting requests.
CSDDD Omnibus Changes (Mar 2026)
CSDDD underwent deeper structural reform. Due diligence scope was narrowed from full value chain coverage to direct (tier-1) partners, with indirect partner assessment triggered only by “plausible information.” The three-phase rollout was collapsed into a single compliance date: July 26, 2029. Monitoring frequency dropped from annual to every five years. The EU-wide civil liability regime was deleted, reverting enforcement to national frameworks. Penalties were capped at 3% of worldwide net turnover.
What Got Deleted: The Climate Transition Plan
One of the most significant Omnibus changes was the complete deletion of the CSDDD’s climate transition plan requirement. The original directive required companies to adopt and implement transition plans aligned with the Paris Agreement. The enacted Omnibus text removed this obligation entirely. Companies subject to CSRD must still disclose transition plans under ESRS E1, but CSDDD no longer mandates them.
| Change | CSRD | CSDDD |
|---|---|---|
| Scope | Reduced from ~50,000 to ~10,000 companies | Narrowed to tier-1 partners; lower employee tiers deleted |
| Timeline | Wave 2 delayed to FY 2027; Wave 3 eliminated | Single date: July 26, 2029 |
| Climate plan | Retained under ESRS E1 | Deleted entirely |
| Assurance | Escalation to reasonable assurance removed | N/A |
| Civil liability | N/A | EU-wide regime removed; reverts to national law |
| Monitoring | Annual | Every 5 years |
| Sector standards | Requirement removed | N/A |
CSRD and CSDDD Compliance Timeline
Compliance deadlines for CSRD vs CSDDD differ by several years. CSRD Wave 1 companies (large public-interest entities already reporting under NFRD) filed their first reports in 2025. CSDDD compliance does not begin until July 2029.
CSRD Implementation Waves
Wave 1 applied to large public-interest entities with 500+ employees that were already subject to the NFRD, covering FY 2024 with first reports in 2025. Wave 2 originally targeted FY 2025 but was delayed by the Stop-the-Clock Directive and Omnibus to FY 2027 with reports due in 2028. The planned Wave 3 for listed SMEs was eliminated. Non-EU companies with EUR 450M+ EU turnover (raised from EUR 150M) must report from FY 2028.
CSDDD Single Application Date
The CSDDD originally had a three-phase rollout starting in July 2027 for the largest companies. Omnibus collapsed this into a single application date of July 26, 2029, with member state transposition required by July 26, 2028. The Commission must publish implementation guidelines by July 26, 2027. First CSDDD website reports under Article 16 are due for financial years starting on or after January 1, 2030.
| Milestone | CSRD | CSDDD |
|---|---|---|
| Directive adopted | December 2022 | July 2024 |
| Omnibus I enacted | February 2025 (proposed) / March 2026 (in force) | March 18, 2026 (in force) |
| Wave 1 (largest companies) | FY 2024 (reporting in 2025) | N/A |
| Wave 2 | FY 2027 (delayed from FY 2025) | N/A |
| Single application date | N/A | July 26, 2029 |
| First reports due | 2025 (Wave 1) | FY starting January 1, 2030 |
Conclusion
CSRD and CSDDD serve complementary roles in the EU’s sustainability framework. CSRD standardizes how companies report on sustainability risks and impacts. CSDDD requires companies to act on environmental and human rights risks across their supply chains. After Omnibus I, both directives apply to fewer companies with later deadlines, but the core obligations remain. Companies with 5,000+ employees and EUR 1.5B+ turnover face both directives and should plan their compliance programs together, starting with CSRD reporting (due 2027-2028) before CSDDD due diligence obligations take effect in July 2029.
Frequently Asked Questions
What is the difference between CSRD and CSDDD?
CSRD mandates sustainability reporting, requiring companies to disclose climate risks, emissions, and social impacts using ESRS standards. CSDDD mandates supply chain due diligence, requiring companies to identify, prevent, and mitigate adverse environmental and human rights impacts. CSRD governs what companies report; CSDDD governs what companies do.
Is the CSDDD mandatory?
Yes. The CSDDD is mandatory for EU companies with 5,000 or more employees and EUR 1.5 billion or more in worldwide turnover. Non-EU companies generating EUR 1.5 billion or more in EU turnover are also in scope. Compliance begins on July 26, 2029, following the Omnibus I amendments enacted in March 2026.
Do I need to comply with both CSRD and CSDDD?
If your company meets both sets of thresholds, yes. All CSDDD-obligated companies (5,000+ employees, EUR 1.5B+ turnover) automatically meet the CSRD threshold (1,000+ employees). Roughly 5,000 to 5,300 companies face dual obligations under both directives.
What is the threshold for CSDDD after Omnibus?
After Omnibus I, the CSDDD threshold is 5,000 or more employees AND EUR 1.5 billion or more in worldwide net turnover. Non-EU companies must have EUR 1.5 billion or more in EU turnover. The original lower thresholds (3,000+ employees and 1,000+ employees) were deleted by the Omnibus amendments.
How did Omnibus I change CSRD and CSDDD?
Omnibus I reduced CSRD scope from approximately 50,000 to 10,000 companies by raising the employee threshold to 1,000+. For CSDDD, it deleted the climate transition plan requirement, removed the EU-wide civil liability regime, narrowed due diligence to direct (tier-1) business partners, reduced monitoring from annual to every five years, and set a single compliance date of July 26, 2029.
How do CSRD, CSDDD, and EUDR relate to each other?
CSRD, CSDDD, and EUDR are three complementary EU sustainability directives. CSRD governs sustainability reporting across all topics. CSDDD mandates environmental and human rights due diligence across the value chain. EUDR targets deforestation-free supply chains for seven specific commodities. Companies in affected industries may need to comply with all three, each requiring different types of data and action.
