Insight: DIRETIVA DE RELATÓRIOS DE SUSTENTABILIDADE CORPORATIVA (CSRD

Winners Consulting Services Co., Ltd. points out that the EU's Corporate Sustainability Reporting Directive (CSRD) is no longer just an internal compliance issue for European companies. A 2025 academic study clearly reveals that through its double materiality assessment and the European Sustainability Reporting Standards (ESRS), the CSRD is reshaping global supply chain transparency standards. Taiwanese companies deeply connected to the EU market that fail to proactively integrate this into their ISO 31000 risk management framework will face a triple threat in the next 3 to 5 years: information disclosure gaps, increased client scrutiny, and market access risks.

About the Author and This Study

The author of this paper, Ernani Contipelli, is a scholar specializing in EU sustainability governance and corporate regulatory compliance, with research covering EU green policies, corporate social responsibility, and sustainability reporting system design. Although his h-index of 2 and 12 total citations place him as an emerging scholar in quantitative terms, this 2025 study is highly timely. It directly addresses the critical need for institutional interpretation following the full implementation of the Corporate Sustainability Reporting Directive (CSRD), filling a gap in English-language academia for a comprehensive guide to the CSRD.

Contipelli employs an inductive method, combining a literature review with exploratory analysis to systematically organize the core concepts of the CSRD, its regulatory logic, and its institutional linkage with the European Sustainability Reporting Standards (ESRS). This "institutional mapping" approach is highly valuable for Taiwanese executives who need to quickly grasp the overall structure of the CSRD. The analytical views in this article are the independent interpretations of Winners Consulting Services. Readers are encouraged to consult the original paper for in-depth research: https://doi.org/10.14210/nej.v29n3.p843-865.

The Institutional Logic of CSRD: From "How Many Companies" to "How Good Is the Information"

Contipelli's central argument is that the design logic of the CSRD is not merely to expand the scope of reporting entities but to fundamentally enhance the "information quality" and "cross-company comparability" of sustainability disclosures, thereby driving the entire EU market toward a genuine sustainable transition. This perspective serves as a significant warning for Taiwanese companies.

Core Finding One: Expanding the Scope of Entities—Regulatory Extension from Large to Medium-Sized Enterprises

The CSRD significantly broadens the scope of entities subject to sustainability reporting. According to the paper's analysis, the CSRD's regulatory reach expands from approximately 11,000 companies under the previous Non-Financial Reporting Directive (NFRD) to an estimated over 50,000 EU and non-EU companies. This includes non-EU companies with an annual turnover exceeding €150 million in the EU market. For Taiwanese companies in sectors like technology manufacturing, textiles, and semiconductors that export to the EU, meeting these trigger conditions means they must submit sustainability reports compliant with ESRS standards. The paper also notes that a regulatory proposal from Japan's Financial Services Agency is advancing a similar mechanism, where Prime Market listed companies with a market capitalization between ¥500 billion and ¥1 trillion will gradually be required to make disclosures, indicating that regulatory convergence in the Asia-Pacific market is accelerating.

Core Finding Two: Double Materiality Assessment is the Core Analytical Tool of the CSRD

The paper provides an in-depth analysis of the institutional design of "Double Materiality." Contipelli points out that the CSRD requires companies to conduct assessments from two dimensions simultaneously: first, "Impact Materiality"—the actual impact of a company's operations on the environment and society; and second, "Financial Materiality"—the potential risks and opportunities that ESG issues pose to the company's financial condition, profitability, and cash flows. Both dimensions are indispensable, and any one-sided assessment fails to meet CSRD requirements. The paper also warns that "Greenwashing" is the most severe information quality problem in current sustainability reporting, and the CSRD's introduction of a Third-Party Assurance mechanism is a targeted institutional response.

Core Finding Three: ESRS Provides an Operable, Standardized Disclosure Framework

The paper details the implementation tool for the Corporate Sustainability Reporting Directive (CSRD)—the European Sustainability Reporting Standards (ESRS). The ESRS cover three main areas: Environmental (E), Social (S), and Governance (G), comprising 12 standards. They require companies not just to state "we value sustainability" but to provide quantifiable, verifiable, and year-over-year comparable data. The paper specifically notes that the design of ESRS is intentionally aligned with the ISSB's IFRS S1/S2 standards, signaling a convergence of global sustainability reporting frameworks.

The Direct Implications of CSRD for Taiwanese Companies' ERM Practices

The most important insight from Contipelli's research is that the CSRD is not just "a problem for European companies" but a global compliance pressure transmitted through the supply chain. The most crucial step for Taiwanese companies now is to formally incorporate CSRD compliance risk into their Enterprise Risk Management (ERM) framework, rather than waiting to be "notified" by clients or auditors.

From the perspective of the ISO 31000 risk management framework, the compliance risks triggered by the CSRD involve at least three levels:

• Strategic Risk Level: EU clients are strengthening their sustainable procurement policies. If Taiwanese suppliers cannot provide ESG data that meets ESRS standards, it will directly affect contract renewals and new business development. This must be incorporated into the hypothetical scenarios in the "Strategy & Objective-Setting" component of the COSO ERM framework.
• Operational Risk Level: Companies need to establish systematic processes for ESG data collection, verification, and reporting, which poses a significant challenge to existing IT infrastructure, human resource allocation, and internal control mechanisms. The "Risk Identification and Assessment" process in ISO 31000 needs to list ESG data quality risk as a separate risk item.
• Compliance Risk Level: The Corporate Sustainability Due Diligence Directive (CSDDD) and the CSRD form an institutional package, requiring companies not only to disclose their own ESG data but also to assume legal responsibility for the human rights and environmental impacts throughout their supply chains. As key suppliers to many EU brands, Taiwanese companies must anticipate the cascading pressure of upstream responsibility.

In designing the risk matrix, it is recommended that Taiwanese companies classify the "CSRD compliance gap" as a medium-to-high probability and high-impact risk item. They should also design corresponding Key Risk Indicators (KRIs), such as ESG data coverage rate, third-party assurance progress, and double materiality assessment completion rate, for quantifiable tracking.

How Winners Consulting Services Helps Taiwanese Companies Build a CSRD-Compliant ERM Framework

Winners Consulting Services Co., Ltd. assists Taiwanese companies in implementing ISO 31000 and COSO ERM frameworks, establishing risk matrices and Key Risk Indicators (KRIs), and strengthening board-level risk governance. To address CSRD compliance needs, we offer the following specific action plan:

1. Initiate an Immediate Double Materiality Gap Diagnosis (0-90 days): Using the ISO 31000 risk identification methodology as a basis, compare existing sustainability data against ESRS standards to assess coverage and quality gaps. Identify specific information gaps in both "impact materiality" and "financial materiality" dimensions to create a priority action list that will guide the subsequent implementation plan.
2. Establish a Mapping Framework to Integrate ESG Risk into COSO ERM (3-6 months): Map CSRD/ESRS requirements to each of the five components of COSO ERM—Governance & Culture, Strategy & Objective-Setting, Performance, Review & Revision, and Information, Communication & Reporting. This ensures that sustainability risk is not an isolated compliance item but is integrated into the company's overall risk management operations. Concurrently, design a trackable KRI dashboard to enable the board to regularly monitor CSRD compliance progress.
3. Strengthen Supply Chain ESG Due Diligence Capabilities (6-12 months): In conjunction with the requirements of the Corporate Sustainability Due Diligence Directive (CSDDD), establish a supplier ESG evaluation mechanism. This includes human rights and environmental impact assessment questionnaires for key suppliers, on-site audit procedures, and a corrective action tracking process for non-conformities. This ensures the company can provide complete and reliable first-party ESG data when EU clients conduct supply chain audits.

Frequently Asked Questions

Under what circumstances must Taiwanese companies directly comply with the CSRD?

Taiwanese companies may be directly subject to CSRD obligations when their annual turnover in the EU market exceeds €150 million and they have at least one subsidiary or branch within the EU. Even if this direct threshold is not met, companies will face indirect pressure to disclose ESG data through supply chain audits and procurement policies from their EU customers. It is advisable for Taiwanese companies to immediately assess their revenue share and physical presence in the EU market to determine their compliance priority, rather than waiting for customer notifications to begin preparations.

What are the most common challenges for Taiwanese companies when implementing a CSRD compliance framework?

Based on practical observations by Winners Consulting Services, Taiwanese companies face three typical challenges. First, ESG data is often scattered across different departments, lacking a unified collection and verification process. Second, while existing systems like ISO 14001 or ISO 45001 provide some environmental and social data, they are not integrated with financial reporting logic, making it difficult to meet the ESRS double materiality requirement. Third, within the corporate governance structure, a board-level officer responsible for sustainability issues is often not clearly designated, creating a gap in the 'Governance and Culture' component of the COSO ERM framework. These challenges can be systematically overcome within 6 to 12 months through a structured ISO 31000 implementation plan.

How can the ISO 31000 framework help companies address the CSRD's double materiality assessment requirements?

The risk management principles of ISO 31000, which require a systematic, evidence-based approach to 'identify, analyze, and evaluate' risks, are highly consistent with the logic of the CSRD's double materiality assessment. A practical approach involves using the 'establishing the context' step of ISO 31000 to define the scope of stakeholders. Then, risks are identified and scored from two dimensions: 'impact materiality' (the company's impact on the external environment) and 'financial materiality' (the financial impact of external ESG factors on the company). This process results in a two-dimensional materiality heat map that can be integrated into the COSO ERM risk matrix. We recommend companies allocate 90 days for the initial assessment, with annual updates thereafter.

How much time and resources are typically required to establish a CSRD-compliant ERM framework?

Based on the consulting experience of Winners Consulting Services, a mid-sized Taiwanese company (200 to 1,000 employees) typically requires 7 to 12 months to establish a preliminary, operational CSRD-compliant ERM framework with professional assistance. Key resource investments include a cross-departmental ESG working group (3 to 5 core members), the establishment or integration of data collection systems, and a strong governance commitment from management. Research indicates that companies with higher sustainability maturity can save 30% to 50% on labor costs in the subsequent reporting phase, demonstrating a significant return on investment for early framework development.

Why choose Winners Consulting Services for assistance with Enterprise Risk Management (ERM) issues?

Winners Consulting Services Co., Ltd. has extensive experience in Taiwan's corporate risk management sector, offering full implementation support for ISO 31000 and COSO ERM frameworks. We continuously monitor the latest EU regulatory developments, including CSRD, CSDDD, and CBAM, to ensure our solutions align with international trends. Our key advantage lies in not only helping clients achieve compliance but also transforming sustainability risk management into a strategic competitive edge. We provide end-to-end services from diagnosis and design to implementation and verification, and we assist in creating KRI dashboards and risk governance mechanisms for board-level reporting, ensuring sustained and transparent management effectiveness.

Related Services & Further Reading

Related Services

▶Enterprise Risk Management📋ISO 31000 ERM