First omnibus package relaxes obligations of the CSDDD and CSRD

last updated on 17.03.2026

The amendments to the first omnibus package will apply from March 18, 2026. The EU Parliament and Council had already approved the first omnibus package at the end of 2025. The content of the agreement goes far beyond the EU Commission’s proposals in many respects. On February 26, 2025, the Commission published the draft of the first announced omnibus package published.

With the first omnibus package, the EU has postponed the CSRD (known as the Stop-the-Clock Directive), reduced the scope of the directives and weakened the due diligence obligations. The postponement of the reporting obligation under the CSRD for companies that would normally have had to report from the 2025 or 2026 financial year by two years and a postponement of the due diligence obligations under the CSDDD by one year had already been approved by the Council and the EU Parliament in Directive (EU) 2025/794 of April 14, 2025. The final decision on the further amendments was made in December 2025. The amendments were published in the Official Journal of the EU on February 26, 2026 with the amending Directive 2026/470 and will therefore apply from March 18, 2026.

Changes to the CSRD

In future, only companies with more than 1,000 employees and a turnover of more than 450 million euros will have to submit a sustainability report in accordance with the CSRD. This will significantly reduce the number of companies required to comply with the CSRD. Previously, two of the three criteria had to be exceeded: more than 50 million euros in turnover, more than 25 million euros in total assets or more than 250 employees. The ESRS and the obligations under the EU Taxonomy Regulation have also been adapted and the reporting obligations for companies in the second wave have been postponed by two years. Listed SMEs are completely excluded from the scope of the CSRD. SMEs will also be relieved by the fact that the companies obliged by the CSRD will no longer be allowed to collect all information from SMEs for the purposes of their own sustainability reporting.

The European supply chain directive CSDDD is being weakened

The EU Parliament, Council and Commission have also agreed on a significant weakening of the European Supply Chain Directive CSDDD. The European Supply Chain Directive CSDDD had already been weakened before its adoption on June 13, 2024 at the insistence of individual member states.

The scope of application of the CSDDD has now been significantly reduced once again compared to the Commission’s proposals. Only large companies with more than 5,000 employees and an annual net turnover of more than 1.5 billion euros now have due diligence obligations. It is also important that the member states are now to be expressly permitted to adapt the scope of application of their existing national regulations, i.e. in Germany the Supply Chain Due Diligence Act, to the scope of application of the CSDDD. It remains to be seen whether the German legislator will take this step as part of the currently planned simplification of the LkSG. Among others, the Economic Committee of the Federal Council called for this on October 6, 2025, although the exact scope of the CSDDD was not yet foreseeable at that time.

Identification and assessment of negative impacts in relation to business partners

The CSDDD stipulated that companies must assess and identify actual and potential negative impacts in relation to the entire chain of activities. This includes their own business activities, those of their subsidiaries and all direct and indirect business partners. As part of Omnibus, these due diligence obligations should now be limited to the company’s own activities, those of subsidiaries and those of direct business partners. Indirect business partners should be exempted in principle, except where there are indications of risks or violations. However, this proposal was not successful. It therefore remains the case that the entire chain of activities should be included.

The risk analysis will be even more risk-oriented. The EU has also significantly restricted the request for information from business partners for the purposes of risk assessment. For risk scoping, no more information is to be requested from business partners at all and for in-depth risk assessments, information is only to be requested as a last resort for companies with fewer than 5,000 employees. However, the fundamental exemption of indirect business partners – as originally proposed by the Commission – was not approved by the Council and Parliament. However, where the risk situation is comparable, companies should be able to prioritize direct business partners.

The obligation to terminate the contract should no longer apply

The previous CSDDD required companies to terminate the contractual relationship under certain conditions if a milder remedy – such as a suspension of the contractual relationship and corrective action plans – would not be successful in the event of serious potential or actual negative effects. The obligation to terminate business relationships is now removed in order to avoid disrupting production-critical supply chains and to give suppliers the opportunity to improve the situation. Instead, the focus should be on a temporary suspension of the contractual relationship.

Fewer stakeholders need to be involved

To date, the involvement of stakeholders has been required in numerous steps of due diligence. In addition to those directly affected, stakeholders include consumers and human rights and environmental organizations. The group of stakeholders to be included has now been reduced to those directly affected and their representatives. The sub-areas of the due diligence obligations in which stakeholders are to be involved have also been reduced.

Less monitoring effort

Under the previous CSDDD, the appropriateness and effectiveness of measures to identify, prevent, mitigate, remedy and minimize the extent of negative impacts would have had to be reviewed at least every twelve months. Now, companies only have to take monitoring measures every five years and when there is a specific reason to do so.

No obligation to draw up climate plans

In addition to due diligence obligations, the previous CSDDD also required companies to draw up a climate plan with measures that must also be implemented.

The regulations on climate plans have been removed from the CSDDD and are now only contained in the CSRD.

Sanctions and liability: Member states get more freedom to decide

Instead of a minimum upper limit for sanctions of 5% of global net turnover, Parliament and the Council have agreed on a minimum upper limit of just 3% of global net turnover. In addition, the Commission is to issue sanction guidelines. The member states will also be given a free hand with regard to civil liability. Previously, member states were supposed to ensure that companies could also be held liable under civil law in the event of culpable infringements. This obligation is now to be dropped.

Greater harmonization

The EU has also reduced the member states’ scope for action. The aim is for the transposition laws of the individual EU member states to diverge less. Accordingly, the areas in which the member states cannot adopt divergent regulations have been expanded to include

• the due diligence requirements at Group level,
• all requirements for identifying adverse impacts, except those relating to the termination of contractual relationships, preventive measures and the remediation of actual adverse impacts; and
• the guidelines for the complaints procedure.

The start of the CSDDD is postponed for another year

Companies should have more time for implementation. Instead of July 26, 2027, the first companies did not have to apply the CSDDD until July 26, 2028 after the first postponement due to stop-the-clock. The EU has now postponed this date of application by another year to July 26, 2029. To enable companies to plan better, the countries are to transpose the directive into national laws more quickly. In addition, the Commission’s specific guidelines on the fulfillment of due diligence obligations are to be submitted by 26 July 2027.

What the changes mean for companies

The changes relieve the burden on business to a greater or lesser extent. Many companies are exempt from the obligations of the CSRD and some affected companies do not have to report for the first time until later than before.
Significantly fewer companies than before have to comply with the due diligence obligations. Numerous obligations will be dropped in detail. The effort required for investigations and assessments of negative impacts is reduced.