The Omnibus I on the home straight

On December 8, 2025, an agreement was reached in the EU trilogue procedure on the so-called "Omnibus I" proposal, which the European Commission had presented on February 26, 2025. Omnibus I is part of the simplification packages proposed by the Commission to reduce the regulatory burden on companies. The Omnibus I package addresses, in particular, the Corporate Sustainability Reporting Directive (CSRD) and the Corporate Sustainability Due Diligence Directive (CSDDD). The so-called "stop-the-clock" directive, which was also adopted as part of Omnibus I in April 2025, had already postponed the application of the CSRD and CSDDD. The new directive aims to simplify certain substantive provisions of the CSRD and the CSDDD. In this newsletter, Cattwyk highlights the agreed simplifications. The new text raises the threshold for the CSRD's scope, significantly reducing the number of companies affected. EU companies will be required to report under the CSRD if, in the last financial year – at the consolidated or individual financial statement level – they achieved net sales of more than EUR 450 million and had an average of 1,000 employees. EU companies with fewer than 1,000 employees are not required to report under the CSRD. However, voluntary reporting is facilitated by the introduction of a new voluntary reporting standard specifically tailored to such smaller companies. This voluntary standard also serves as a "value chain cap" for the information that larger reporting companies may request from smaller companies in their value chain. This is intended to protect smaller companies from excessive information demands by CSRD-reporting companies. EU subsidiaries or branches of non-EU companies must report under the CSRD if: the net turnover of the EU subsidiary or branch exceeds EUR 200 million, and the parent company has achieved aggregate net turnover of EUR 450 million in the EU for the last two consecutive financial years – at consolidated or individual financial statement level. Therefore, there is no employee-related threshold for non-EU companies, and the reporting obligations that the EU subsidiary or branch must fulfill slightly differ from those for EU-based companies. Companies are subject to this.

• Parent companies that are financial holding companies are exempt from group-wide reporting, provided they hold interests in companies whose business models and operational activities are independent of each other. However, this does not affect the reporting obligations of other companies within the group that, individually, would fall within the scope of the CSRD. Small and medium-sized enterprises that have issued securities admitted to trading on an EU-regulated market, and small and non-complex credit institutions, as well as intra-group (re)insurance companies, are exempt from the obligations. Furthermore, additional (temporary) adjustments and exemptions may apply when other companies are integrated into a group following a merger or acquisition. To facilitate the transition, Member States may decide that companies that would have originally been part of the first wave of reporting entities, but are now outside the scope, will be directly exempt from their reporting obligations in 2025 and 2026. Finally, regarding the Regarding the scope, it should be noted that the revised CSRD contains a clause that, in principle, allows for a future expansion of its scope. The discussion surrounding the CSRD has so far focused primarily on changes to its scope. However, the Omnibus I package also contains a number of other noteworthy innovations. These include, in particular, the following points: Reporting entities have the option of not disclosing certain information if its publication would seriously impair their business position – for example, information classified as trade secrets, confidential or secret information, or information whose disclosure is prohibited under EU or national law. The sector-specific reporting standards are reiterated; At the same time, the European Commission is called upon to develop sector-specific guidelines. A new, dedicated digital reporting portal will be introduced, providing companies with access to information, guidance, and other support—including relevant templates and instructions—and linked to national portals. Finally, it should be emphasized that—in contrast to the amendments adopted under the CSDDD (see next section)—the CSRD continues to require reporting on a climate action plan. The threshold for the scope of the CSDDD has also been raised. The thresholds, which must be met for two consecutive financial years, are as follows: The CSDDD is intended to apply to EU companies that (individually or consolidated) have more than 5,000 employees and achieved worldwide net sales of more than EUR 1.5 billion in the last financial year. It is also intended to apply to non-EU companies that (individually or consolidated) have more than EUR 5,000 employees and achieved worldwide net sales of more than EUR 1.5 billion in the last financial year. Furthermore, it is intended to apply to companies that have entered into franchising or licensing agreements and generated more than EUR 75 million in license revenues in the last financial year, provided that – in the case of groups of companies – the group achieved worldwide net sales of more than EUR 275 million in the last financial year. achieve. Here too, the following applies: There is no employee-related threshold for non-EU companies.
• They have concluded franchising or licensing agreements in the EU through which they generated more than EUR 75 million in license revenue in the EU in the last financial year, provided that – in the case of a group of companies – the group generated net sales in the EU of more than EUR 275 million in the last financial year.

• Parent companies that exceed the above-mentioned thresholds but are purely financial holding companies may be exempt from the obligations of the CSDDD. This requires a corresponding application from the ultimate parent company to the supervisory authorities and the designation of an EU subsidiary to assume the due diligence obligations on its behalf. It should be noted that the revised text allows Member States to align existing national laws on corporate due diligence in the area of sustainability (e.g., the German LkSG) with the CSDDD – particularly with regard to the scope of application. Finally, with regard to the scope of application of the CSDDD, it should be noted that this revised text also contains a clause that allows for a future expansion of the scope – in particular to companies with more than 1,000 employees and a worldwide net annual turnover of more than EUR 450 million, as well as to companies operating in “high-risk sectors”. Regarding the implementation of due diligence obligations, the following key changes should be noted: Companies falling within the scope of application will in future be required to implement a general conduct a “scoping analysis” (instead of a more specific mapping analysis). This analysis is based solely on “reasonably available” information and serves to identify the areas where adverse effects are most likely to occur and be most severe. The scoping analysis covers the company’s own business activities, the activities of its subsidiaries, and, where they relate to the “chain of activity,” the activities of its business partners, regardless of whether they are direct or indirect partners. Based on the scoping analysis, the company then conducts an in-depth assessment of those areas where adverse effects have been identified as particularly likely or particularly severe. As part of the in-depth assessment, the revised regulations also include provisions aimed at limiting unnecessary information requirements for companies not subject to the CSDDD. This is intended to avoid the so-called "trickle-down effect": Companies may only request information from business partners if this is necessary – and in the case of business partners with fewer than 5,000 employees, only if the information cannot reasonably be obtained by other means. If the company can obtain the required information from different business partners, it must prioritize contacting the business partner where the adverse effects are most likely to occur. If equally likely or equally severe adverse effects are identified, the company may prioritize the assessment of those effects affecting direct business partners. To support the identification and assessment of adverse effects using quantitative and qualitative information, companies may use "appropriate resources" – such as independent reports, digital solutions, industry and multi-stakeholder initiatives, and information obtained through the whistleblower system and the complaint procedure. Companies could already prioritize which adverse impacts to address first if not all impacts could be dealt with simultaneously – based on their severity and likelihood of occurrence. The revised text now explicitly clarifies that failing to address an impact based on this prioritization will not result in sanctions. Under the previous version of the CSDDD, if all due diligence measures had been exhausted and an adverse impact could neither be prevented nor adequately mitigated, a company had to terminate the business relationship as a last resort. However, it was recognized that terminating the business relationship may not be an appropriate solution in cases where companies are heavily dependent on one or more specific suppliers. The revised text therefore stipulates that the company suspends the business relationship – possibly only partially – until the adverse impact is remedied, while simultaneously continuing to work on a "more comprehensive preventive action plan" as long as there is a reasonable prospect of success for such a plan. The number of steps in the due diligence process requiring stakeholder involvement has been reduced, and the definition of the term "stakeholder" has been narrowed. The obligation to prepare a climate action plan has been removed (but retained for the CSRD, as noted in the previous section). The cap on fines for violations of the CSDDD has been reduced from 5% to 3% of the (individual or consolidated) worldwide net sales for the financial year preceding the year in which the penalty notice is issued. The EU-wide harmonized civil liability rules, which were among the most controversial elements of the CSDDD, have been removed. Companies can now be held liable for non-compliance with the CSDDD requirements under the applicable national rules, which may differ from one Member State to another. However, the revised text requires the European Commission to report on the effectiveness of the enforcement mechanisms – including their protective effect for rights holders. This could lead to a resumption of the discussion on a harmonized civil liability regime. Implementation deadlines and the timing of the rules: As a reminder, directives still need to be transposed into national law. Once the amendments to the CSRD and the CSDDD under the Omnibus I Directive have been decided, adopted, and published, Member States must transpose all the amendments to the Omnibus I Directive into national law by July 2028. Under the "stop-the-clock" Directive adopted earlier this year, EU companies and groups must report according to the CSRD from the financial year beginning on or after 1 January 2027. Parent companies from third countries will begin reporting for financial years beginning on or after 1 January 2028. Companies falling within the scope of the CSDDD must comply with the requirements from 26 July 2029. However, the reporting obligations will only apply from 1 January 2030.
• Next steps
• The final text was formally adopted in the plenary session of the European Parliament on 16 December. The text is then to be adopted by the Council by written procedure by the end of the week.