At OneStop ESG, our Thought Leadership Series features expert insights shaping the sustainability agenda. In this feature, Pia Pinkawa, Co-Founder of Ability Hub, analyses Omnibus I, examining how changes to CSRD and CSDDD recalibrate regulation without reducing underlying ESG and value-chain risk.

With Omnibus I, the European Union has adjusted the reach of its sustainability framework. Compared to the initial drafts of the Corporate Sustainability Reporting Directive and the Corporate Sustainability Due Diligence Directive, fewer companies will now be directly in scope. Thresholds are higher, timelines more flexible, and expectations toward value chain coverage more clearly bounded.

What Omnibus I does not change, however, is the underlying risk equation companies operate in. Environmental, social, and governance risks, particularly those related to human rights, supply chain disruption, and transition exposure, remain material to business performance, resilience, and competitiveness. Regulation has been recalibrated. Risk has not.

Understanding this distinction requires looking not only at what changed on paper, but also at what evidence from existing due diligence regulations already tells us about impact, behavior, and resilience.

From Initial Drafts to Pre-Final Versions: What Actually Changed

The early Commission drafts of CSRD and CSDDD were designed for scale. They assumed broad corporate coverage, deep value chain transparency, and a relatively rapid normalization of sustainability reporting and due diligence practices across the European market. The objective was comparability, learning effects, and system wide risk visibility within a limited number of reporting cycles.

The Omnibus I compromise takes a different approach.

Compared to the initial drafts, the population of companies formally in scope is significantly reduced, particularly among mid sized firms that had already begun preparing for CSRD reporting. Obligations along the value chain are more explicitly capped, limiting how far reporting and due diligence expectations can cascade to smaller suppliers. Under CSDDD, the emphasis shifts more clearly toward risk based prioritization, moving away from assumptions of comprehensive end to end coverage.

These changes are often described as simplification. In practice, they represent a trade off between regulatory reach and political feasibility. The result is lower formal coverage in exchange for faster consensus and reduced implementation pressure. For companies that invested early, this adjustment is tangible. It does not, however, make those investments irrelevant.

Agreed Scope and Timelines: What the Numbers Actually Mean

The difference between the original direction and the pre final Omnibus I version becomes most visible when looking at thresholds and timelines, not because the figures are surprising, but because of what they signal about the EU’s recalibrated approach.

Under CSRD, the original architecture remains formally intact. Large public interest entities with more than 500 employees are already reporting. Other large undertakings are entering scope from the 2025 financial year, and listed small and medium sized enterprises follow from 2026, subject to transitional opt outs.

What Omnibus I changes is not this sequencing, but the practical perimeter. Interpretive guidance, enforcement expectations, and value chain data demands have been narrowed in ways that materially reduce the indirect reach of CSRD. For companies just outside formal scope, the pressure to comply as if they were fully in scope is lower than it appeared eighteen months ago.

This recalibration comes after CSRD has already been transposed into national law in several Member States. France, Italy, and large parts of Northern Europe are no longer in a preparatory phase. Companies in these jurisdictions are already producing CSRD aligned reports, engaging auditors, and embedding double materiality into governance and risk management. Omnibus I does not reverse this reality. Instead, it introduces asymmetry between companies operating under fully implemented national regulations and those in Member States that have moved more slowly.

The contrast is even sharper under CSDDD.

Early policy discussions pointed toward a due diligence framework that would reach deep into the large company segment of the European economy within a relatively short timeframe. That direction has clearly shifted. The pre final text raises thresholds significantly and phases application more cautiously, focusing almost exclusively on very large enterprises.

Under the agreed version, CSDDD applies only to companies exceeding both of the following thresholds, calculated over two consecutive financial years:

more than 1,000 employees
more than EUR 450 million in net worldwide turnover

Application is further staggered. Companies with more than 5,000 employees and EUR 1.5 billion turnover will fall under national laws from mid 2027. Companies exceeding 3,000 employees and EUR 900 million turnover follow from 2028. Firms below these levels, which were widely assumed to be future candidates under earlier drafts, are no longer expected to enter scope at EU level.

For non EU companies, scope is triggered solely by turnover, with EUR 450 million generated in the EU as the decisive criterion.

These figures matter not only because they narrow scope, but because they redefine responsibility. The EU has moved away from system wide normalization toward a model that concentrates legal obligations at the top of the market and relies more heavily on indirect effects elsewhere.

National reality complicates this picture further. Member States with existing human rights due diligence regulations continue to apply requirements that reach well below the new EU thresholds. Companies operating across borders therefore face overlapping expectations, with a narrower EU minimum layered on top of stricter national laws and persistent value chain pressure from regulated counterparties.

The result is not operational simplification. It is differentiation.

For companies that invested early in CSRD reporting systems or human rights due diligence processes, Omnibus I does not reset the clock. Internal standards, once established, are rarely dismantled, especially when they inform risk management, supplier strategy, and capital market communication. For companies that waited, the incentives to continue waiting have increased.

Taken together, the agreed figures illustrate the core dynamic of Omnibus I. Regulatory reach is reduced at EU level, particularly for mid-sized companies. Reporting and due diligence intensity remains high for very large firms. Indirect exposure persists through national laws, value chains, and capital markets.

The sustainability agenda becomes more selective, and at the same time more uneven.

Risk, Responsibility, and Resilience

For companies that already invested in CSRD reporting or human rights due diligence, the question is no longer whether they are legally required to continue. The more relevant question is whether stepping back would actually reduce risk. In most cases, it will not.

Sustainability risks remain unevenly distributed, increasingly interconnected, and largely indifferent to formal scope definitions. Global supply networks do not become simpler because regulatory thresholds move. Dependencies, vulnerabilities, and exposure persist.

Prof. Dr. Lisa Fröhlich, internationally recognized academic and corporate expert on supply chain sustainability, summarizes the situation:

“The Omnibus I agreement sent an ambivalent signal at the end of the year. It created the impression that the strategic relevance of sustainable transformation in upstream supply chains could be relativized. The opposite is true. The reduction in formal requirements neither removes corporate due diligence responsibilities nor changes the real risks, dependencies, and vulnerabilities of global supply networks.”

Human Rights Due Diligence: What the Evidence Shows

Experience from countries that implemented due diligence and transparency regulations earlier provides useful perspective.

In France, analysis of the duty of vigilance law shows that while formal compliance has been uneven, companies subject to the law have significantly improved internal risk mapping, governance structures, and board level awareness of human rights risks. Impact has been strongest where due diligence was treated as an ongoing management process rather than a reporting exercise. Even critics acknowledge that the law has changed how large companies perceive responsibility and risk across their value chains.

The United Kingdom offers a contrasting example. After ten years, evaluations of the Modern Slavery Act conclude that it has had limited effect on reducing modern slavery risks in practice. The core issue has not been excessive regulation, but insufficient design. Reporting without enforcement, comparability, or consequences has resulted in boilerplate disclosures with little operational impact. Transparency alone proved insufficient.

Germany’s experience under the Supply Chain Due Diligence Act sits between these two models. Early assessments indicate stronger grievance mechanisms, more systematic supplier engagement, and clearer internal accountability among companies in scope. At the same time, smaller suppliers outside formal scope have experienced indirect pressure through commercial relationships, illustrating how due diligence effects propagate beyond legal thresholds.

Across all three cases, the lesson is consistent. Impact depends less on how many companies are formally covered, and more on how obligations are designed, enforced, and integrated into business processes.

What This Means for CSRD, CSDDD, and EU Competitiveness

From a competitiveness perspective, Omnibus I reduces short term friction. Long term competitiveness, however, is not built on regulatory minimalism. It is built on resilience, trust, and risk intelligence.

Double materiality under CSRD remains a powerful strategic tool, particularly for companies exposed to transition risk, supply chain volatility, and shifting stakeholder expectations. Narrowing reporting obligations does not make these risks disappear. It makes them less visible at system level.

A more focused CSDDD does not reduce human rights exposure in global value chains either. It places greater responsibility on companies to decide which risks matter most and to act accordingly. Those that do so effectively will be better positioned in capital markets, procurement networks, and crisis scenarios.

Pierre François Thaler, Co Founder and Co CEO of EcoVadis, puts it:

“Reducing regulatory scope does not reduce risk. Across global supply chains, exposure to human rights, environmental, and governance risks is increasingly driven by volatility, geopolitical, climatic, and social, not by whether a company formally falls within regulatory thresholds. Omnibus I may change who is required to report or conduct due diligence under EU law, but it does not change what markets, investors, and customers ultimately expect: credible risk intelligence and the capacity to act on it.”

Indeed, climate risk is also becoming a hard economic constraint. As Günther Thallinger, board member of Allianz, the largest insurance company in the world, recently repeated his warning that continued global warming could render parts of the world effectively uninsurable. This is not a political statement, but a reflection of how risk is being repriced. Assets that cannot be insured become harder to finance, and supply chains exposed to climate extremes turn into operational liabilities. From this perspective, sustainability and climate risk management are responses to a changing risk baseline, not regulatory add-ons.

The Risk Equation Still Holds

Omnibus I narrows the regulatory perimeter. It does not simplify the operating environment.

Companies now face a choice. They can scale back sustainability efforts in line with reduced legal scope, or they can build on the capabilities they have already developed to manage risk, resilience, and long term value creation.

The evidence from France, the United Kingdom, and Germany suggests that well designed human rights due diligence and sustainability reporting do not weaken competitiveness. They strengthen decision making, expose vulnerabilities earlier, and reduce the cost of surprise.

The risk equation remains unchanged. Only the regulatory lens has narrowed.

Subscribe to our newsletter for more insights, case studies, and ESG intelligence.

Explore ESG Solutions on our marketplace - OneStop ESG Marketplace.

Keep abreast of the top ESG Events on OneStop ESG Events.

OneStop ESG Educate: Your go-to source for top ESG courses and training programs tailored to your needs.

Stay informed with the latest insights on OneStop ESG News.