CSR reporting requirements

Reporting and communications managers in German companies are still waiting. It is 2017 and they should have long since aligned their reporting with the requirements of the EU Directive (2014/95/EU) on non-financial reporting by companies, which has been in place for three years. And actually, this CSR Directive should also have been transposed into German law by December 6, 2016. As of March 2017, this is finally to take place and sustainability reporting will thus be regulated by the legislator for the first time. Large companies will then have to report in greater detail on non-financial aspects. This will include information on employee, social and environmental issues, respect for human rights and the fight against corruption. Despite the delay, the new law is to apply to fiscal years beginning after Dec. 31, 2016.

But have all the uncertainties now been removed? For a long time, uncertainties about the scope of the directive accompanied the preparations. Which companies are affected? What is meant by “public interest entities”? Why is a distinction made between capital market-oriented and other companies? Until the very end, many provisions of the draft law remained controversial.

What you need to know!
Below, we present the most important provisions of the draft law.

Who is affected?

All large corporations and capital market-oriented companies that employ more than 500 employees (group-wide) in a fiscal year are affected. The law also expressly applies to credit institutions, financial services institutions and insurance companies, if they meet these requirements. Subsidiaries, however, are not required to submit their own financial statements. But only if they are included in the parent company’s management report. The German Federal Ministry of Justice and Consumer Protection (BMJV) has thus based the draft law 1:1 on the requirements of the CSR Directive. The limited scope of application and the reporting relationship between parent company and subsidiary remain controversial to the end.

What must be reported?

The draft law stipulates that companies only have to report on those non-financial risks that also have an impact on the company’s business activities and situation. This was not originally envisaged in the EU directive. The content of the report is to refer to the main risks arising from the company’s business activities, products, services and business relationships in the context of the above-mentioned topics. There are no specifications on any further requirements in the directive and the draft law. The main thing to be described is how these risks are to be dealt with. If a company does not have an anti-corruption management approach, it must justify this fact.

The most important non-financial performance indicators must also be disclosed. All of this is well in line with the provisions of GAS 20 on the group management report that have come into force. There, disclosures on management-relevant financial and non-financial KPIs as well as forecasting, quantification of risks or the requirement for more detailed segment information have been significantly expanded. Companies are therefore well advised to synchronize their reporting between the sustainability report and the management report. Integrated reporting companies benefit from the fact that the draft law enables them to refer from the non-financial (group) statement to information in the (group) management report without having to report twice. Comprehensible criticism: It does not really fit with this that the annual financial statements and the non-financial report may be presented separately. Here it is to be expected that companies will synchronize these reporting elements out of their own interest.

Am I on the safe side with GRI or DNK?

To meet their new obligation, companies can rely on proven frameworks and standards such as the “GRI Sustainability Reporting Standards” or also “G4” (each Global Reporting Initiative) as well as the DNK (German Sustainability Code). Of course, the minimum content required by law must be covered. In addition, it must be explained which framework was used.

An expert opinion commissioned by the DNK points out that it may be helpful for users if the DNK clarifies that “when reporting on the basis of the DNK – especially for companies affected by the CSR Directive – the following information is published in the disclosures on criteria 11-20: Company’s approach to the respective criterion, including the due diligence processes applied, the outcome of this approach, the material risks related to the criteria and how these risks are managed.” The DNK has already presented a reconciliation on this at an early stage. The EU Commission is also currently developing non-binding guidelines on reporting practice methods, but their publication has also been delayed and they are due to be presented in spring 2017.

Do I have to report as part of a stand-alone sustainability report?

No, the EU Directive allows companies to fulfill their reporting obligations as part of the management report. In purely practical terms, this also fulfills the requirements of GAS20. In addition, obligated companies can also integrate their sustainability reporting into the general section of the annual report.

What happens if companies do not report?

Anyone who violates the CSR Directive Implementation Act can be asked to pay a hefty fine. The existing provisions on penalties and fines will be expanded and the range of fines significantly increased. For example, in the future, a fine can be up to EUR 10 million or 5 percent of the corporation’s total annual turnover.

Our recommendations:

  • Familiarize yourself – if you have not already done so – with the “GRI Sustainability Reporting Standards”. (you can find some articles about GRI on our blog.) These are scalable in the new version for every company size and every application case and will bring your company safely into the target range of the CSR Directive. If your company already reports according to G4 of the GRI, you are also on the safe side.
  • Create a materiality analysis of the fields of action and impact dimensions of your business activity that are relevant for your company. On this basis, identify information gaps for the relevant non-financial topics.
  • Consistent application of the “Management Approach” is more complex than you might initially suspect. Keep in mind that wherever there is a lack of a strategic approach, this must be justified in the reporting (“comply or explain”).
  • Do not underestimate the time required for a preliminary stakeholder analysis. Without this, it is difficult to justify a plausible materiality approach.
  • If you are about to issue your first sustainability report, consider developing an (internal) test report. This gives you the opportunity to identify weaknesses in data and information gathering at an early stage. Then you can align the organization with the reporting requirements.