Omnibus: the EU changes the rules, but not the ESG risks
Condividi questo post
With the Omnibus package, the European Union has recalibrated the perimeter of its sustainability regulatory architecture. The changes to the CSRD (Corporate Sustainability Reporting Directive) and CSDDD (Corporate Sustainability Due Diligence Directive) reduce the number of companies directly subject to obligations, raise size thresholds, make timelines more flexible, and more clearly delimit expectations along the value chain.
At first glance, the message looks simple: a Europe aiming to simplify, reduce burdens, and give companies some breathing space.
But if we look beyond the strictly legal perimeter, a different truth emerges: the regulatory framework has been redesigned, the risk has not.
The Omnibus paradox: fewer formal obligations, same real risks
ESG risks do not follow the size thresholds set in legal texts. They continue to have a direct impact on:
financial performance,
operational resilience,
long-term competitiveness,
especially when they concern:
human rights in global value chains,
the stability of supply chains,
exposure to climate transition risks.
Reducing the formal scope of regulation does not remove these vulnerabilities, nor does it make them less material.
It simply shifts the line between those who are obliged to manage them in a structured way and those who choose to do so strategically.
CSDDD: from “end-to-end” coverage to risk-based prioritisation
With the Omnibus changes, under the CSDDD the focus moves towards risk-based due diligence, abandoning the idea of a generic, “end-to-end” coverage across the entire value chain.
In theory, this is a step towards a more realistic and targeted approach: focusing on the highest-impact hotspots rather than building perfect maps on paper.
In practice, however, this model requires:
the capability to map risks in depth,
tools to prioritise credibly,
internal governance that can demonstrate the choices made.
It is not an “easing” of requirements – it is a different kind of rigor.
A multi-speed Europe: CSRD already transposed, Omnibus incoming
Reality on the ground is more complex than political messaging suggests.
In many Member States – including France, Italy and Germany – the CSRD has already been transposed and is producing concrete effects on:
governance and board-level responsibility,
risk management processes,
relationships with the capital markets and institutional investors.
The Omnibus, intervening on rules that are already being implemented, introduces a series of asymmetries:
between Member States that have already embedded the requirements stringently and those that will slow down,
between companies that have moved early to comply and those now incentivised to wait,
between value chains where large players still demand advanced ESG data and market segments that will remain less exposed.
In other words, the operating environment becomes more fragmented, not simpler.
National lessons: impact depends on quality, not just coverage
The experience of national regulations over the past years shows a clear pattern:
France – Devoir de vigilance
Has contributed to better risk mapping and higher board-level awareness, pushing companies to address human rights and social impacts in their supply chains in a structured way.United Kingdom – Modern Slavery Act
Has exposed an important limit: mere disclosure without robust enforcement produces transparency on paper, but not necessarily real change.Germany – Supply chain due diligence law
Has generated indirect effects even on suppliers not formally in scope, driven by the requests and expectations of their corporate clients.
The lesson is clear:
impact does not depend on how many companies are covered, but on the quality, integration and credibility of the obligations.
The real Omnibus risk: less comparable data, harder decisions
Omnibus reduces the regulatory perimeter but does not truly simplify the operating environment.
On the contrary, it may:
undermine the quality of ESG data available on the market,
reduce comparability across companies and countries,
increase uncertainty for investors, banks and insurers who rely on sustainability data for decision-making.
ESG risks will continue to be driven by:
geopolitical volatility,
climate and environmental crises,
social and reputational tensions,
not by regulatory thresholds.
Companies that continue to invest in ESG reporting, data governance and supply chain due diligence will not do so just for formal compliance, but to build:
resilience,
risk intelligence,
long-term value.
Beyond Omnibus: why it still makes sense to invest in strong ESG data
In this context, choosing to “do the bare minimum” may be a short-sighted strategy.
Companies that maintain or strengthen:
high-quality ESG reporting processes,
structured risk management systems,
transparent relationships with suppliers and stakeholders,
can:
obtain better credit conditions and access to capital,
position themselves more favourably in tenders and public procurement,
reduce the risk of disruptions, reputational crises and litigation,
engage more effectively with international clients that require high standards.
In the end, the equation remains the same:
risks do not shrink because a regulatory threshold changes; they shrink when data, processes and decisions improve.
How ecosostenibile.eu supports ESG risk management
ecosostenibile.eu® Benefit Company helps companies look beyond the narrow lens of formal compliance and strengthens their ability to understand and manage ESG risks in complex contexts.
With the eCO₂ platform, companies can:
collect and integrate ESG data even when sources are fragmented,
map risks along the supply chain,
support due diligence and reporting aligned with ESRS, GRI and leading international standards,
turn risk into a driver of resilience and competitiveness.
Christian Sansoni
