Navigating ESG Regulatory Shifts

As the ESG regulatory landscape evolves, Dutch banks find themselves at a juncture. The Omnibus Proposal—a sweeping revision of the EU’s sustainability reporting and due diligence framework—marks a turning point. While the intent is to reduce administrative burdens and improve proportionality, the result is a significant contraction in the availability of ESG data, just as supervisory expectations are rising.

This blog unpacks the implications of the Omnibus Proposal for Dutch banks beyond their own sustainability reporting obligations, highlights the growing disconnect between regulatory supply and supervisory demand for ESG data, and outlines key actions banks must take to stay ahead.

The ESG regulatory framework is being reshaped on two fronts:

1. Reduced ESG Reporting Scope

The Corporate Sustainability Reporting Directive (CSRD), once a cornerstone of ESG data availability, is being scaled back. Under the Omnibus Proposal by the European Commission:

• Only companies with >1,000 employees and >€450 million turnover will be required to report.
• This represents an estimated 86% reduction in Dutch companies required to report ESG data in climate-critical sectors like agriculture, manufacturing, and transport.
• A new ‘value chain cap’ limits the ability of reporting companies to request ESG data from small third parties in their value chain, who now have a statutory right to refuse. The ECB called for further clarification to ensure that the cap does not prevent financial market participants—including banks—from requesting information to make informed lending and investment decisions.

2. Simplified ESG Disclosures

Even companies that remain in scope will face lighter reporting obligations:

• The European Sustainability Reporting Standards (ESRS) are being revised to cut mandatory data points by over 50%.
• Quantitative data will be prioritized over narrative disclosures.

Materiality assessments will be simplified, and executive summaries introduced.

While ESG reporting is being simplified, supervisory expectations are not. The EBA Guidelines on ESG risk management (effective January 2026) require banks to:

• Integrate ESG risks into credit processes.
• Collect granular ESG data from counterparties, especially large corporates.
  

However, the Omnibus Proposal creates a new category of mid-sized companies—too large to be SMEs but no longer required to mandatory report ESG data. This creates a regulatory mismatch: banks must assess ESG risks without reliable and standardized disclosures.

Of the Dutch companies in sectors highly contributing to climate change, only 190 are expected to remain in scope under the new CSRD thresholds—down from 1,350. This leaves about 1,160 companies in key sectors without mandatory ESG reporting.

EFRAG’s first public consultation versions of reduced reporting standards are expected in the following weeks. Nonetheless, the recently finalized Voluntary SME (VSME) standard, proposed as a simplified ESG reporting framework, meanwhile can serve as a first indication to assess to what extent simplified ESG reports can still be the basis for banks to meet the data collection requirements under the EBA Guidelines on ESG Risk Management.

The gap is significant: of the 225 ESRS data points relevant to EBA climate-related risk assessments, only 39 are covered by the basic version of the VSME standard. Crucial indicators, such as current GHG emissions, emissions reduction targets, and energy consumption, are only partially captured. This implies banks would need to collect additional information on their counterparties that cannot be extracted from ESG reports.

• Banks must take additional actions to collect ESG data directly from mid-sized clients, risking friction in onboarding and relationship management.

2. Reliance on Proxies

• In the absence of disclosures, many banks use sector-based proxies—raising concerns about accuracy and comparability.

3. Regulatory Misalignment

• The initial alignment between CSRD and EBA Guidelines is breaking down, leaving banks to reconcile diverging expectations. Regulators may restore the alignment in due course.

4. Supervisory Scrutiny

• Despite reduced reporting obligations, supervisors expect banks to maintain robust ESG risk assessments.

1. Strengthen ESG Data Strategies

• Reassess how ESG data is sourced, validated, and integrated across systems.
• Prepare for reduced data points and increased reliance on internal assessments of banks’ EU clients.

2. Embed ESG Due Diligence in Client Journeys

• Review ESG checks into onboarding and credit workflows.
• Review tailored questionnaires and automated templates to streamline data collection.

3. Foster Sector-Wide Standardization

• Increase collaboration with peers, regulators, and industry bodies to align on metrics and templates.
• Sector-wide consistency reduces fragmentation and improves comparability.

4. Maintain Active Dialogue with Supervisors

• Engage with supervisors early on to clarify expectations and co-develop pragmatic approaches amid current regulatory uncertainty.
• Use the transitional period to align internal practices with evolving regulatory goals.

The Omnibus Proposal may reduce reporting burdens for companies—but it increases the burden on banks. With ESG data gaps widening and supervisory expectations intensifying, Dutch banks must remain agile.

Dave Broekman
Consultant
KPMG in the Netherlands