Omnibus: The Costs of Looking Away from Sustainability Impacts in Uncertain Times

The EU Omnibus proposal has a stated aim to simplify and streamline the Corporate Sustainability Due Diligence Directive (CSDDD), Corporate Sustainability Reporting Directive (CSRD), and EU Taxonomy, which makes up a critical part of the EU’s project to establish a comprehensive legal framework for transitioning to a sustainable net-zero economy that works for all people. This comes as the Trump administration’s announcements of global tariffs have sent shockwaves through supply chains worldwide.

Though imperfect, the different parts of the EU sustainability framework, as exemplified by the CSRD, CSDDD and Taxonomy in their current form, constitute meaningful progress in addressing the sustainability impacts generated by business and investment while safeguarding against the boomerang effects that harmful impacts can have on business value, supply chain resilience, and long-term competitiveness.

The EU designed a pragmatic framework for businesses to demonstrate action on severe sustainability impacts in their operations and value chains by aligning the CSDDD and the CSRD with the responsible business conduct approach outlined in the UN Guiding Principles on Business and Human Rights (UNGPs) and the Organisation for Economic Co-operation and Development (OECD) Guidelines for Multinational Enterprises. These frameworks were developed to help businesses know and show how they address their actual and potential impacts on workers, communities, the environment, and society.

Yet the CSDDD and CSRD emerge from different parts of the EU Commission, with different timelines, and in reverse order. By starting with investor disclosures (Sustainable Finance Disclosure Regulation, SFDR), then corporate reporting (CSRD), and at the end assessment of and action on sustainability impacts (CSDDD), the EU Commission made the logical connection between these laws difficult for many to appreciate.

Clarifying the interrelationship between these laws and the underlying due diligence standards must be a priority for the EU. Many companies are missing synergies and operate in compliance silos.

Rather than providing clarity, the Omnibus proposals increase policy incoherence and complexity while shifting away from well-established international standards that many companies have spent years investing time and resources to align with. If adopted, we expect to see due diligence burdens increase while cost efficiencies are undermined without leveling the playing field or strengthening business resilience in a rapidly changing world.

Five Changes to Watch Out for if the Omnibus is Adopted in its Current Form

Businesses considering the potential implications of the Omnibus should contemplate five key changes that could affect their ability to understand and account for how they address their sustainability footprints:

1. Reactive rather than proactive approach to identifying the most severe sustainability impacts

Some companies new to environmental and human rights due diligence feel overwhelmed, perceiving it as a “do-everything-everywhere-all-at-once” task applied individually to every entity in their value chain. In reality, due diligence is better understood as a “don’t-look-away” approach—one that prioritizes identifying and addressing the most severe impacts linked to a company’s operations, products, and services, wherever they occur. Rather than mapping and engaging every business partner, companies are expected to carry out a risk-based assessment to pinpoint the areas where harm is most likely and most serious, and then focus engagement accordingly. This targeted and proportionate method, which underpins the CSDDD, enables companies to allocate resources effectively and address the most critical impacts on people and the environment.

What Business Europe says

The Omnibus proposal complicates due diligence by introducing ambiguous terms and moving away from the risk-based approach outlined in the OECD Guidelines.

Due diligence should remain risk-based, even for Tier 1, prioritizing severe and likely risks, not mapping every actor or activity; this echoes the problematic approach seen in Germany's LkSG.
The term "plausible information" is vague and risks undermining the risk-based logic.

The Omnibus proposes moving away from this risk-based approach, calling for proactive due diligence only for tier-one partners, which is where the closest, though not usually the most severe, impacts are. Where "plausible information" exists suggesting that impacts do or may exist beyond tier-one—companies would be required to conduct due diligence of indirect partners.

If adopted, the Omnibus could:

Shift away from highest-risk areas: Business resources would be diverted to lower-risk, tier-one partners instead of enabling targeted action where risks are most severe, increasing the likelihood of supply chain disruptions, delays, and reputational damage.
Create legal uncertainty: “Plausible information” creates legal uncertainty and opens the door for NGOs to flood companies with reports of less severe impacts, increasing reputational and compliance risks.
Disincentivize robust due diligence: The “plausible information” trigger may inadvertently penalize companies with robust due diligence systems by increasing their legal exposure due to heightened awareness. Meanwhile, companies without such systems could benefit from remaining willfully blind.

2. Access to data on the most severe impacts would be limited

Reducing 80% of the companies in scope of the CSRD would significantly limit the availability of sustainability data across value chains. It weakens larger companies’ ability to effectively comply with their due diligence and reporting obligations under the CSDDD and CSRD respectively, as critical data from smaller, out-of-scope suppliers would be lacking.

What SMEs are saying

In early March, German SMEs called for a quick revision of the German Supply Chain Act to align with the CSDDD to ensure that companies focus on the most severe human rights and environmental risks in their supply chains "instead of collecting information and contractual assurances from their suppliers in a non-specific and large-scale manner."

If adopted, the Omnibus would restrict companies from requesting relevant due diligence data from SMEs with fewer than 500 employees, unless key information is still missing after their own research. It would also narrow the definition of stakeholders, limiting engagement to only those directly affected—like workers and communities—reducing broader input on business impacts.

If adopted, this could lead to:

Contradictory requirements: Restricting data requests of SMEs would conflict with the requirement to prioritize highest-risk suppliers—the size of a company doesn’t translate into the level of risk.
Unnecessary burdens on low-risk SMEs: Direct suppliers, including low risk SMEs, would face increased burdens to produce data when they could be screened out during risk assessments under the current law.
Reduced data quality: Excluding stakeholders like NGOs and national human rights and environmental institutions from engagement undermines access to high-quality, contextual, and expert data.
Weaker reporting: Data on the most material negative impacts in value chains may be unavailable for CSRD reporting.

3. Urgent and effective action on severe sustainability impacts is delayed

By proposing a reactive approach to value chain due diligence and removing the requirement to implement climate transition plans, the Omnibus weakens incentives for proactive and strategic action on the most severe sustainability impacts of business, such as biodiversity loss deep in supply chains and climate change.

While companies would still be free, for example, to implement their transition plans, adapting a company’s business model and strategy to align with the Paris Agreement is not a walk in the park. Boards of directors don’t usually want to upend the company’s value proposition. This is hard for all businesses—existential for some—and voluntary measures so far have failed to deliver the ambitious and ultimately inevitable action needed.

Just as tariffs raise the prospects that companies will re-organize supply chains, the Omnibus would allow companies to disengage partners without engaging workers and trade unions to understand how best to address the impacts that leaving would have on workers. It also removes the requirement to consider stakeholder voices in monitoring and postpones the requirement for companies to understand which measures work, which don’t, and what to do about it to once every five years.

If adopted, the Omnibus could:

Increase long-term risk: Delaying action on climate change, biodiversity loss, and human rights undermines supply chain resilience and increases future costs.
Weaken due diligence: Less frequent monitoring reduces the effectiveness of due diligence in fast-changing, complex business environments. Removing stakeholder engagement from monitoring also disconnects companies from real-world impacts and reduces the quality of learning.
Create reporting gaps and reputational risk: With fewer insights and weaker monitoring, CSRD teams reporting annually would lack meaningful data, heightening the risk of incomplete disclosures and greenwashing accusations.

4. Reporting on material impacts could become more complex and less useful for users

While CSRD and CSDDD each impose their own reporting obligations, the CSDDD allows companies to report via CSRD management reports. Meanwhile, ESRS 1 anchors the assessment of negative material impacts in the sustainability due diligence process outlined in the UNGPs and OECD Guidelines. Assessing material impacts therefore mirrors the first step of due diligence—both capture actual and potential impacts, prioritized by their severity and likelihood. In principle, a single assessment of material (or salient) impacts should suffice.

In practice, however, we see fragmented and costly compliance efforts within business. Financial teams often drive CSRD reporting, while legal teams handle CSDDD readiness. This can lead to parallel assessments involving different teams, budgets, advisors, methodologies, and thresholds—ultimately producing conflicting views of priority impacts.

Instead of clarifiyng the synergies, the Omnibus risks undermining companies’ ability to gather key data on severe material impacts. It introduces changes to CSRD—such as reducing ESRS data points by prioritizing quantitative data over narrative text and creating inconsistencies in value chain expectations.

If adopted, the Omnibus could lead to:

Increased burdens for CSDDD reporting: By focusing on quantitative data, ESRS changes would potentially exclude qualitative disclosures crucial for CSDDD compliance—especially on human rights and due diligence processes.
SME threshold mismatch: By limiting CSRD data requests to SMEs with over 1,000 employees, the Omnibus creates a misalignment with the CSDDD’s 500-employee threshold, introducing uncertainty around how to engage SMEs in the 500–1,000 employee range.
Investor data gaps: Reduced transparency and alignment would leave investors without consistent, comparable data on sustainability impacts and due diligence, increasing reliance on ad hoc information requests to meet obligations such as SFDR.

5. Without EU-wide civil liability, companies do not benefit from EU standardization

The EU-wide civil liability provisions—where companies may be held liable for damages for adverse impacts resulting from their intentional or negligent failure to comply with CSDDD obligations—is removed. Instead, liability is left to existing national law. The overriding mandatory provision is also removed, which means domestic judges in the EU may be required to interpret the law of a country where the alleged harms occurred, not their own law.

If adopted, the Omnibus would:

Reintroduce fragmentation: The Omnibus would lead to the situation the CSDDD was meant to address—a fragmented jurisdictional landscape.
Increase legal burden: By removing the EU-wide civil liability standard, a company’s ability to defend itself against civil liability claims across 27 jurisdictions risks being very onerous.

The EU’s Omnibus proposal, though intended to simplify the corporate sustainability regulatory landscape, risks undermining the goals of the EU’s sustainability framework. By weakening the link between due diligence and reporting, and moving away from international standards that companies support and have worked hard to implement, the proposal introduces greater complexity, legal uncertainty, and operational inefficiency.

At a time when businesses are already contending with supply chain disruptions and escalating climate risks, the Omnibus also shifts focus away from addressing sustainability impacts that are vital for business resilience.

Companies aiming for long-term success should continue aligning with the UNGPs and the OECD Guidelines. In an era of global instability, risk-based due diligence remains a vital tool for proactively managing sustainability impacts, and building resilient, future-ready value chains.

BSR will continue to monitor EU discussions on the CSDDD. In the months ahead, we will publish blogs exploring key issues including access to remedy under the directive, downstream implications for technology companies, and practical examples of how companies are scaling human rights and environmental due diligence across global value chains.

We welcome engagement and questions—please don’t hesitate to reach out.

This article was originally published at the BSR website "Sustainability Insights" and is written by Paloma Muñoz Quick, Director, Human Right Standards at BSR.