JUDr. Naďa Roštek, LL.M.

ESG & Compliance - Strategies and Implementation

ESG and the Omnibus Package: What Do Businesses Need to Know in 2026?

In recent months, the legislative framework for ESG has undergone significant changes. On 24 February 2026, the Council of the European Union formally approved a revised framework for mandatory sustainability reporting known as the Omnibus Package, which had already been adopted by the European Parliament in December 2025. The new regulatory framework amends and streamlines key rules on reporting obligations, in particular under the Corporate Sustainability Reporting Directive (CSRD) and the Corporate Sustainability Due Diligence Directive (CSDDD). Its aim is to reduce administrative burdens and strengthen legal certainty for businesses. In practice, this means that the number of companies subject to formal reporting has been substantially reduced; in Slovakia, this is expected to cover only around 25 of the largest companies.​

Why ESG Still Matters Even If You Do Not Have to Report

ESG is a set of attributes that underpin long‑term sustainable business. It is therefore far from being just a reporting tool, an exercise in bureaucracy or a project topic for large corporations. In today’s environment, sustainability is a tool to boost competitiveness for products and services with added value for demanding and conscious customers.

Above all, ESG is a strategic tool by which a company communicates its values in relation to key aspects of sustainability – in the field of environmental protection and green business, in its approach to employees, communities and society of which it is part, and also as a tool for achieving high standards of corporate governance.

It is crucial to understand that each company defines its priority ESG topics – the areas it focuses on and allocates resources to, whether human or financial – individually, based on its business model, values and risk profile. The advantage for companies that are not subject to formal reporting is that they can focus exclusively on the areas that make sense for their business, without being forced by reporting systems or mandatory audits to deal on a large scale with topics that are not significantly material for them.​

It is already clear that a well‑designed and well‑communicated ESG strategy and related activities have a direct impact on a company’s market value, access to finance and credit, attractiveness for investors, reputation and risk profile in supply chains. ESG is not only about reporting – it is about how companies identify and manage environmental and social risks and how they use this data to make decisions that improve their long‑term resilience and competitiveness. In short, a good ESG strategy is the hallmark of a reliable, value-driven partner that enhances the reputation and value of its business partners as well.

For large corporations that are subject to ESG audits and invest considerable resources in ESG, business partners with a robust ESG strategy, demonstrable practices and effective implementation are key, because every partnership influences their own ESG rating. By working with companies that approach ESG actively and systematically, these corporations can further leverage and strengthen the value of their own ESG investments.​

This end‑to‑end, value‑chain‑wide perspective has been central to the EU’s ESG strategy from the very beginning. The objective of the Omnibus Package is to simplify the implementation of ESG rules for smaller companies and enable them to focus on the material aspects of ESG rather than on reporting, while choosing a more flexible way of communicating their sustainability goals, results and values.​

ESG is therefore by no means just an administrative obligation; it is an integral part of corporate strategy that helps companies prepare for new challenges on markets, and expectations from business partners and customers.​

What Exactly Does the Omnibus Package Change?

The Omnibus Package formally amends the rules for two central ESG directives. It represents a substantial adjustment of the legal framework to make it more pragmatic and technologically feasible for companies in the EU.​

To simplify the implementation of ESG rules in companies and reduce administrative complexity, the Omnibus Package brings changes to two key directives – the Corporate Sustainability Reporting Directive (CSRD) and the Corporate Sustainability Due Diligence Directive (CSDDD).​

Corporate Sustainability Reporting Directive (CSRD)

CSRD introduced mandatory ESG reporting for large companies based on the principle of double materiality, which in essence means assessing both how ESG affects the company and how the company affects the environment and society – the risks it faces and its opportunities for improvement and change in ESG.​

The principle of double materiality is crucial for assessing and setting ESG strategy. This is true not only for large corporations but also for smaller companies, which can use double materiality assessments to determine which ESG aspects across the three pillars are most relevant for them and on which their ESG strategy should be built, so that it protects and develops their business.​

Through double materiality, each company identifies its “own” ESG topics and designs all its activities, business and CSR projects and investments so that they support and strengthen these topics. Since these topics both protect the company from risks arising from its activities and help it develop its business and business model, every ESG investment ultimately contributes to improving and increasing the company’s success. ESG is thus not just about setting goals, engaging in beneficial or philanthropic activities or filling in reports, but about real business development strategy.

The Omnibus Package introduces the following changes to CSRD:

  • Higher thresholds for mandatory reporting: CSRD reporting obligations will apply to companies with more than 1,000 employees and net annual turnover above EUR 450 million (previously 250 employees). These new rules will also apply to non‑EU undertakings with net turnover in the EU above EUR 450 million, as well as to their subsidiaries and branches generating more than EUR 200 million in turnover within the EU. As a result, approximately 90% of companies operating in the EU will no longer have to report under the detailed CSRD standards or be subject to audit of their non‑financial ESG reporting.​
  • Optional use of SME standards for smaller companies: Smaller companies will be allowed to use the voluntary sustainability reporting standards for listed SMEs (the so‑called VSME) as an internal tool for monitoring ESG indicators and targets, without having to comply with all detailed ESG reporting indicators and requirements.​
  • Sector‑specific standards become voluntary: Sector‑specific standards for ESG reporting will be optional. They will serve as guidance for companies that need more detailed and structured data based on their specific sector, without imposing an administrative burden on businesses that do not require such detailed information.​
  • Simplified ESRS framework for large companies: The core CSRD reporting framework for large companies is being simplified, with fewer mandatory data points and a streamlined reporting structure. The European Sustainability Reporting Standards (ESRS) for each ESG‑relevant area and topic are being revised with the aim of reducing the number of required data points and lowering the administrative burden even for large companies with mandatory reporting.​

These changes give businesses more time to set up internal reporting processes, reduce costs and at the same time maintain the fundamental structure for transparency and comparability of ESG data. Most importantly, they allow companies to shift the focus of ESG implementation away from reporting and administration towards real projects and activities that support business development and build corporate value.​

Corporate Sustainability Due Diligence Directive (CSDDD)

CSDDD introduces due diligence obligations, i.e. the duty to identify, assess and address ESG impacts across the entire value chain with a view to identifying all risks of negative impacts.​

The Omnibus Package brings the following changes:

  • Higher thresholds for due diligence obligations: CSDDD will only apply to very large companies with more than 5,000 employees and turnover above EUR 1.5 billion. These obligations will apply not only to companies based in the EU but also to non‑EU companies that reach the same level of turnover in the EU.​
  • Proportionate information requests from partners: Large companies will only be allowed to request ESG‑related information from business partners with fewer than 5,000 employees where this is reasonable and proportionate and such information cannot be obtained otherwise for a more detailed assessment.​
  • Removal of mandatory climate transition plans: The obligation to adopt a single mandatory climate transition plan has been removed.​
  • Deferred application of due diligence obligations: Due diligence obligations will only become applicable from 26 July 2029, giving companies more time to create and set up the necessary processes.​
  • Sanctions for non‑compliance: Companies subject to due diligence obligations may face sanctions of up to 3% of their worldwide net turnover for breaches of CSDDD. Enforcement will take place at Member State level.​

These changes should help reduce the administrative burden and enable a more rational, risk‑based approach to sustainability, giving companies greater flexibility in setting their own goals and tools for managing ESG risks. At the same time, for the narrower group of companies that fall under the directive, non‑compliance will remain subject to significant penalties.​

ESG Recommendations for Businesses in 2026

Do Not Underestimate ESG Just Because You Do Not Have to Report

Companies outside the scope of ESG reporting and audit still have a strong strategic reason to build ESG processes – customers, investors and financial markets value transparency and sustainable management.​

Start Building Internal ESG Processes Now

Thanks to the ESG reforms and postponement of certain obligations, businesses have gained more time and space to find their own path to long‑term sustainable operations. Use this time to identify what matters for your business, understand your risks and whether they are sufficiently managed, assess whether your CSR investments make sense, set up a way to monitor ESG‑relevant data and design a communication strategy, which is a key part of ESG implementation.​

Map Your Value Chain

Even if you are not required to report or carry out due diligence on your partners, understanding your supply chain will increase your operational resilience and reduce potential risks.​

Monitor the Transposition of the Omnibus Package into National Law

The Omnibus Package will need to be implemented in each Member State within 12 months of its publication in the EU Official Journal, which may lead to specific differences at national level. I will continue monitoring all relevant developments under Slovak law and keep you updated.​

Allocate Resources and Find an ESG Partner

Identify key employees and managers who will be responsible for ESG implementation. In smaller companies, it is particularly important to find a reliable external partner who can help design an ESG strategy from the very beginning. This will save resources, time and energy and create a competitive advantage for your business.​

Final Thoughts

The Omnibus Package certainly does not abolish ESG as a tool for gradually transforming companies towards long‑term sustainability and more resource‑efficient, climate‑friendly operations. On the contrary, these legislative changes remove what both the business community and experts often criticized: that instead of focusing on real solutions, business improvements and greater efficiency with minimal negative impacts, ESG had become too centered on complex and administratively demanding reporting standards.​

With the Omnibus Package, the EU institutions have responded to business concerns and are reshaping the ESG framework to make it more practical and more conducive to the competitiveness of European companies. In doing so, they are returning to the core purpose of ESG and giving companies more room to find their own ways of improving their business and standing out from the competition in this area as well.​

More than ever, it holds true that the better an ESG strategy is tailored to a company and its business vision, the greater its chances of steadily increasing company value, securing finance and resources, winning customers, attracting qualified and loyal employees and partners, and building a more reliable and higher‑quality distribution chain.

From my perspective, ESG is a strategic business tool for the future that rewards companies for transparency, resilience and long‑term risk management in a turbulent global environment – and I would be pleased to help you identify effective and meaningful long‑term sustainability solutions tailored to your business.

Picture of Naďa Roštek
Naďa Roštek

Naďa Roštek is the leading partner of RUŽIČKA AND PARTNERS' competition law, compliance and ESG practise. In addition to her work in Slovakia, she is also active in this area in the Czech Republic within the CCS Legal & Tax partner office. The latter is a member of the Association of Sustainable Business, where Naďa actively engages. Together with a multidisciplinary ESG team, she is involved in the development of corporate ESG strategies and ESG implementation projects in both jurisdictions. These activities serve as a key tool to increase value and build credibility for companies in the eyes of consumers and business partners. Thanks to her presence in both the Czech Republic and Slovakia, she is able to create unique solutions that take advantage of both markets. This enables more effective implementation of ESG strategies for clients in both countries.

Back to the homepage

List of articles:

Privacy Policy
GDPR

We process your personal data as the controller Rosteks Business Services, s.r.o., with its registered office at Salvátorská 931/8, Staré Město, 110 00 Prague 1 (hereinafter referred to as the „controller“), in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (General Data Protection Regulation – GDPR), and Act No. 110/2019 Coll., on the processing of personal data.

Your personal data will be stored securely, in accordance with the security policies of the controller and any authorized processors, and only for the period necessary to fulfill the purpose of processing. Access to your personal data will be granted exclusively to persons authorized by the controller who process them in compliance with the controller’s instructions and security policy.

As a data subject, you are the individual whose personal data is being processed and you have specific rights in this regard.

PURPOSES OF PERSONAL DATA PROCESSING, RETENTION PERIOD, LEGAL BASIS, RECIPIENTS

With your consent, we may process your personal data provided via the contact form for the purpose of sending newsletters and/or information about the controller’s activities (marketing information). Personal data may be provided to processors (e.g., newsletter distribution service providers).

Your personal data will be processed for as long as we publish and distribute the newsletter, or until you withdraw your consent. You have the right to withdraw your consent at any time by sending an email to office@nadarostek.com. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

If you are our customer, we process your personal data provided in connection with your order of our products or services on the basis of legitimate interest, for the following purposes:

  • Providing services and fulfilling contracts (e.g., delivering a product, granting access to an application or a membership section, sending an online course, delivering an agreed service or price offer, etc.),
  • Accounting and invoicing (processing billing details for issuing and recording tax documents),
  • Direct marketing – Sending newsletters and/or information about the controller’s activities. If you are our customer, we rely on our legitimate interest in assuming that you are interested in receiving updates. This applies for a period of 2 years from your last order.

YOUR RIGHTS UNDER GDPR AND THE DATA PROTECTION ACT

You have the following rights regarding the processing of your personal data:

  • Right of access – You have the right to obtain a copy of the personal data we hold about you, as well as information on how we use it. In most cases, your personal data will be provided in written form, unless you request another format. If you submit your request electronically, the data will be provided electronically, where technically possible.
  • Right to rectification – We take reasonable steps to ensure that the data we hold is accurate, complete, and up to date. If you believe your data is inaccurate, incomplete, or outdated, you have the right to request its correction.
  • Right to erasure („right to be forgotten“) – You can request the deletion of your personal data if it is no longer needed for the original purpose of processing. However, we may be legally required to retain certain data.
  • Right to restrict processing – Under certain circumstances, you have the right to request that we stop processing your personal data, for example, if you dispute its accuracy or believe we no longer need it.
  • Right to data portability – You have the right to request the transfer of your personal data to another controller of your choice. This right applies only to personal data provided by you and processed based on consent or a contract.
  • Right to object – You can object to processing based on our legitimate interest. If we do not have compelling legitimate grounds to continue processing and you object, we will cease processing your personal data.
  • Right to withdraw consent at any time – If we process your personal data based on your consent, you have the right to withdraw it at any time. The withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal. You can withdraw your consent by sending an email to office@workingretreatgozo.com.

If you have any questions about how we process your personal data, please contact us.

If you believe we are processing your personal data unlawfully or unfairly, you have the right to lodge a complaint with the relevant supervisory authority:

Office for Personal Data Protection
Pplk. Sochora 27, 170 00 Prague 7
Email: posta@uoou.gov.cz

Contact form...

Napíšte mi ...