ESG compliance and reporting: a guide for law firms and their clients

In our previous ESG article, ‘Beyond ESG Compliance,’ we outlined several ways in which ESG is shaping the legal industry, and touched on the potential benefits and pitfalls of compliance and non-compliance. Given the complex regulatory landscape and the need for companies to get it right with regard to compliance, we produced this guide with the aim of providing a clear and practical roadmap for ESG compliance and reporting. In it, we will cover the mandatory disclosure frameworks that UK law firms and their clients must adhere to.

Companies Act 2006

The Companies Act 2006 states that companies that meet its threshold criteria must provide a strategic report and a directors’ report as part of their annual reporting. The strategic report must contain a “fair review of the company’s business, and a description of the principal risks and uncertainties facing the company.”

While this may not sound ESG-centric, regulations introduced in 2013 state that large companies must include a Section 172 statement. This should contain information about environmental matters, “including the impact of the company’s business on the environment, the company’s employees and social, community, and human rights issues; and including information about any policies of the company in relation to those matters and the effectiveness of those policies.”

To be defined as large, a company must meet at least two of the following criteria: it has a turnover of more than £36m, it has a balance sheet total of more than £18m, or it has more than 250 employees. Medium-sized companies must also include a Section 172 statement if they are ineligible to be treated as medium-sized under Section 467 (1) of Companies Act 2006; more details on eligibility can be found here.

SECR: Streamlined Energy and Carbon Reporting

The SECR is a set of regulations effective from April 2019 which requires companies to account for their global energy use and greenhouse gas emissions in their annual directors’ report. The requirements affect all UK incorporated companies listed on the main market of the UK stock exchange, a European Economic Area market, or whose shares are dealing on the New York Stock Exchange or NASDAQ. This is compulsory for:

• Unquoted large companies incorporated in the UK, which are required to prepare a directors’ report under part 15 of the Companies Act 2006
• Large LLPs (large defined per the existing framework for annual accounts and reports, based on sections 465 and 466 of the Companies Act)

Government guidance on SECR is comprehensive and contains numerous steps on how to report on, measure and set targets to reduce your business’ impact on various environmental factors such as energy, carbon and greenhouse gases.

The Task Force on Climate-Related Financial Disclosures and FCA requirements

The TCFD was created to improve on and increase the reporting of climate-related financial information. It was disbanded following the release of its 2023 report, but its recommendations for climate risk disclosure were adopted by the Financial Conduct Authority and integrated into their own climate reporting requirements. Under the FCA’s rules, the following companies have climate-related disclosure requirements aligned with the TCFD’s recommendations: premium listed companies, issuers of standard listed shares and global depositary receipts (GDRs), asset managers, life insurers and FCA-regulated pension providers.

The TCFD recommends that companies should make disclosures across four key areas:

• Governance: disclosure of the organisation’s governance around climate-related risks and opportunities
• Strategy: disclosure of the actual and potential impacts of climate-related risks and opportunities on the organisation’s businesses, strategy, and financial planning where such information is material
• Risk management: disclosure of how the organisation identifies, assesses, and manages climate-related risks
• Metrics and targets: disclosure of the metrics and targets used to assess and manage relevant climate-related risks and opportunities where such information is material

CRFD: Climate-Related Financial Disclosure regulations

The CRFD came into effect from April 2022 and, similar to the FCA’s reporting requirements, are based on the TCFD’s climate-related disclosure recommendations. These disclosure requirements apply to companies or LLPs that meet the following criteria:

• All UK companies that are currently required to produce a non-financial information statement, being UK companies that have more than 500 employees and have either transferable securities admitted to trading on a UK regulated market, or are banking companies or insurance companies (Relevant Public Interest Entities (PIEs))
• UK registered companies with securities admitted to AIM with more than 500 employees
• UK registered companies not included in the categories above, which have more than 500 employees and a turnover of more than £500m
• Large LLPs, which are not traded or banking LLPs, and have more than 500 employees and a turnover of more than £500m
• Traded or banking LLPs which have more than 500 employees

For companies in this scope, the CRFD contains a list of required information to disclose that are closely aligned with the TCFD’s four key points discussed above. Relevant companies should publish this information within their strategic report, in the ‘Non-Financial and Sustainability Information Statement’ section. For LLPs that don’t require a strategic report, this information should be included in the Energy and Carbon Report.

It is worth noting that not all of the CRFD requirements are the same; one major difference is that disclosure of greenhouse gas emissions are not required, as this information overlaps with Streamlined Energy and Carbon Reporting legislation.

CSRD: Corporate Sustainability Reporting Directive

The last and most complex of the mandatory reporting requirements is the EU’s recent Corporate Sustainability Reporting Directive. This is a set of requirements that came into effect in 2023 for Europe and also draws non-EU companies operating in Europe into its scope in stages from 2024 through 2029. Whether a company falls within the scope of CSRD requirements depends on whether it matches certain characteristics and thresholds.

Pinsent Masons’ comprehensive breakdown outlines how reporting thresholds for non-EU companies fall under:

• Large EU public interest companies and issuers: applies to non-EU companies listed on an EU regulated market which are large undertakings and have more than 500 employees. To be considered a large undertaking (which includes parents of a large group when consolidated), a company must meet two of three of the following criteria: over €25m in total assets, over €50m in net revenues, or more than 250 employees. For these companies, the CSRD applies from January 2024, with first reporting in 2025.
• Large EU entities and issuers: applies to non-EU companies with securities listed on an EU regulated market which are large undertakings. CSRD applies from January 2025, with first reporting in 2026.
• Small and medium-sized EU PIEs and issuers: applies to non-EU companies listed on an EU-regulated market which are SMEs. Small and medium-sized undertakings must meet two out of three criteria: over €450,000 total assets, €900,000 net revenues and over 10 employees. CSRD applies from January 2026, with first reporting in 2027. Companies in this category have the option to postpone reporting until 2029.
• The CSRD will also apply to non-EU companies which have had a net turnover of over €150m in the EU for the last two consecutive financial years, and have one of the following: a large undertaking EU subsidiary, an EU SME subsidiary with securities listed on an EU regulated market, or an EU branch generating net turnover of over €40m in the EU.

The CSRD is part of the European Green Deal, a plan to make the EU the first climate neutral area in the world by 2050. Given this ambitious goal, it follows that the reporting requirements are intense; companies have to report on ten ESG topics such as climate change and DEI measures, which all have multiple sub-topics to address.

Furthermore, the CSRD requires that companies must report on a double materiality basis. This means that companies should disclose the financial impact on their business caused by the ten ESG topics, as well as the impact the business has on people and the environment. It also requires that companies report on their scope 3 emissions (up and downstream supply chain emissions, such as business travel) and provide transparency via digital tagging – ensuring that their sustainability information is easily available and in a digital format.

Recent developments: the Omnibus Directive

In February 2025, the European Commission released the First Omnibus Package, aimed at streamlining sustainability reporting requirements. The ‘Stop the clock’ directive included in the package delays key reporting deadlines to 2028, while the content directive aligns the CSRD, Corporate Sustainability Due Diligence Directive (CSDDD) and Taxonomy mandatory disclosure scope and thresholds to reduce the administrative burden on all businesses by 25%, or at least 35% for SMEs. An additional Taxonomy Delegated Act is proposed that would further simplify reporting, cutting required data points by around 70%.

These changes are intended to clarify overlapping or inconsistent obligations across the three regimes, while preserving the core intent of existing frameworks. Some sources estimate they could “reduce the number of companies in scope of CSRD by 80%”.

While the legislative process is still ongoing and the final text of the Omnibus Directive has not yet been adopted, it is expected to come into force at the tail end of 2025, following stakeholder consultation and Parliamentary approval.

Companies subject to the CSRD should continue preparations but be aware that refinements may be introduced later this year. Legal teams should monitor the outcome of the Content Directive and Taxonomy Delegated Act in particular, especially where legal and reporting obligations intersect for international businesses operating across EU markets

Looking ahead: UK sustainability reporting standards

Going forward, it is worth keeping in mind that the government are in the process of assessing whether two voluntary reporting frameworks (IFRS 1 and 2) are suitable for adoption by the UK. These frameworks are derived from TCFD recommendations and were launched by the International Sustainability Standards Board in June 2023. If adopted, these would become the UK Sustainability Reporting Standards (SRS).

A 12-week consultation on the SRS began recently, with the results and a possible endorsement expected in the summer. An endorsement at this point would refer to the creation of the standards, and not legislative or regulatory changes, which would be handled by the FCA following endorsement.

Conclusion

In today’s legal and social landscape, it is becoming increasingly important for companies to demonstrate their commitment to environmentally friendly, sustainable, and socially responsible business practices. But spending any amount of time researching ESG compliance will unearth a dizzying array of information regarding what is expected of businesses, as well as numerous examples of the consequences of poor compliance. While there is always more to consider, this guide covers all mandatory reporting frameworks to ensure that your law firm or client is equipped with the knowledge to meet the basics of ESG compliance.