CSRD compliance, fully automated
The Corporate Sustainability Reporting Directive requires double materiality, ESRS-aligned disclosures, and supply chain ESG data. Matproof automates every step β from DMA to assurance-ready reports.
Request a demoKey Features
Double Materiality Assessment
AI-guided DMA with stakeholder engagement workflows. Identify and score material topics across financial and impact dimensions β aligned to ESRS 1 requirements.
ESRS Reporting (12 Standards)
Generate ESRS-aligned sustainability reports covering E1-E5, S1-S4, and G1. Automated XBRL/iXBRL tagging and management report integration.
Scope 3 Emissions Calculation
Calculate upstream and downstream Scope 3 emissions across all 15 GHG Protocol categories. Map supplier data to ESRS E1-6 requirements automatically.
Supply Chain ESG Data
Automate ESG questionnaire distribution to your entire supplier base. Track completion, screen for sanctions, and aggregate data for ESRS S2 and E1 disclosures.
Assurance-Ready Documentation
Full audit trail from data source to disclosure. Generate evidence packs that satisfy limited and reasonable assurance requirements under CSRD.
Value Chain Due Diligence
Document human rights and environmental due diligence across your value chain. Aligned to ESRS S2 (value chain workers) and G1 (business conduct).
Why Matproof
Customer stories
Teams that made compliance simple.
Matproof saved us months of audit preparation. We connected our tools on Monday and had DORA-mapped evidence by Friday. Our auditor was impressed by the depth of the audit trail.
Katharina Steinbach
Head of Compliance Β· Novalend GmbH
We were staring down a DORA deadline with three frameworks to cover. Matproof got us audit-ready in under four weeks. The policy generator alone was worth the subscription.
Florian Bergmann
CTO Β· Paymatic AG
The cross-framework mapping is genuinely brilliant. We already had ISO 27001 β Matproof showed us exactly what DORA added on top without duplicating controls. No consultant could do this in the same time.
Dr. Annika Brandt
CISO Β· Kreditwerk Digital
Our last audit finished with zero findings. First time in company history. Matproof's continuous monitoring caught a configuration drift two weeks before the auditors arrived.
Maximilian Vogt
VP Engineering Β· Finova Technologies
Vendor risk was the section we dreaded most for DORA Article 28. Matproof auto-generated our entire ICT third-party register from existing contracts. What took our legal team weeks took Matproof an afternoon.
Julia Hoffmann
Legal & Compliance Β· FinLeap Connect
Three frameworks β DORA, ISO 27001, SOC 2 β running in parallel on one platform. Matproof's shared evidence library means we collect evidence once and it satisfies all three. The efficiency is remarkable.
Thomas Kessler
Head of IT Risk Β· Solaris SE
What is the Corporate Sustainability Reporting Directive?
The Corporate Sustainability Reporting Directive (CSRD, EU 2022/2464) is the European Union's mandatory framework for sustainability reporting. It replaces the Non-Financial Reporting Directive (NFRD) and significantly expands the scope, detail, and assurance requirements for ESG disclosures. Companies must report according to the European Sustainability Reporting Standards (ESRS) β 12 detailed standards covering climate, pollution, biodiversity, water, social impacts, and governance.
The defining feature of CSRD is double materiality: companies must assess and disclose both how sustainability issues affect their financial performance (financial materiality) and how their activities impact the environment and society (impact materiality). This requires a rigorous double materiality assessment (DMA) as the starting point for all CSRD reporting.
CSRD also introduces mandatory third-party assurance β initially limited assurance, later reasonable assurance β making the quality and verifiability of sustainability data as important as the data itself.
Who Needs to Comply with CSRD?
CSRD applies in four waves based on company size and listing status:
Wave 1 β FY 2024
- Large public-interest entities already under NFRD
- Banks, insurers, and listed companies with >500 employees
- First reports due: 2025
Wave 2 β FY 2025
- Other large EU companies (2 of 3: >250 staff, >β¬40M revenue, >β¬20M assets)
- Non-listed large companies included
- First reports due: 2026
Wave 3 β FY 2026
- Listed SMEs (with opt-out until 2028)
- Small and non-complex credit institutions
- First reports due: 2027
Wave 4 β FY 2028
- Non-EU companies with >β¬150M EU-generated revenue
- With at least one EU subsidiary or branch exceeding thresholds
- First reports due: 2029
CSRD Key Requirements
1. Double Materiality Assessment (DMA)
The DMA is the mandatory starting point for CSRD compliance. Companies must systematically identify and assess material sustainability topics from both a financial perspective (how ESG issues affect the company) and an impact perspective (how the company affects the environment and society). The DMA determines which ESRS standards and disclosure requirements apply. It must involve stakeholder engagement, be documented, and be approved by senior management. Matproof automates the DMA process with AI-guided scoring and pre-built topic libraries aligned to ESRS.
2. ESRS Reporting (12 Standards)
Companies must report under the applicable ESRS standards based on their DMA results. ESRS 1 (General Requirements) and ESRS 2 (General Disclosures) are mandatory for all. Environmental standards E1-E5 cover climate change (including Scope 1, 2, 3 GHG emissions), pollution, water and marine resources, biodiversity, and circular economy. Social standards S1-S4 cover own workforce, value chain workers, affected communities, and consumers. G1 covers business conduct. Reports must use the XBRL/iXBRL tagging format and be included in the annual management report.
3. Supply Chain ESG Data Collection
CSRD requires disclosure of material sustainability impacts across the value chain. This means collecting ESG data from suppliers for Scope 3 emissions (ESRS E1-6), value chain worker impacts (ESRS S2), and supply chain due diligence (ESRS G1). Companies need processes to send, track, and follow up on supplier ESG questionnaires, assess supplier sustainability risks, and calculate Scope 3 category contributions. Matproof's supply chain module automates questionnaire distribution, completion tracking, and Scope 3 calculations.
4. Third-Party Assurance
CSRD introduces mandatory external assurance of sustainability reports β a first for EU sustainability reporting. Initially, reports require limited assurance (similar to a review engagement). Over time, the requirement will escalate to reasonable assurance (similar to a financial audit). Auditors must examine whether the sustainability information is prepared in accordance with ESRS and the company's own DMA conclusions. Matproof maintains a full audit trail, links disclosures to supporting data, and generates assurance-ready documentation packs.
Frequently Asked Questions about CSRD
What is the CSRD?
The Corporate Sustainability Reporting Directive (CSRD, EU 2022/2464) is the EU's mandatory sustainability reporting framework, replacing the Non-Financial Reporting Directive (NFRD). It requires large companies and listed SMEs to disclose detailed information about their environmental, social, and governance (ESG) impacts and risks according to the European Sustainability Reporting Standards (ESRS). CSRD applies a double materiality perspective β companies must report on both how sustainability issues affect them financially, and how their activities impact people and the environment.
Who is subject to CSRD?
CSRD applies in phases. From FY 2024 (reporting in 2025): large EU public-interest entities with >500 employees already subject to NFRD. From FY 2025 (reporting in 2026): other large EU companies meeting 2 of 3 thresholds β >250 employees, >β¬40M revenue, or >β¬20M assets. From FY 2026 (reporting in 2027): listed SMEs (with opt-out until 2028), small and non-complex credit institutions, captive insurers. From FY 2028 (reporting in 2029): large non-EU companies with >β¬150M EU-generated revenue and at least one EU subsidiary or branch.
What is double materiality under CSRD?
Double materiality requires companies to assess sustainability topics from two perspectives: financial materiality (how ESG risks and opportunities affect the company's financial performance and position β also called 'outside-in') and impact materiality (how the company's activities affect people, the environment, and the climate β also called 'inside-out'). A topic is material if it is material from either perspective. The double materiality assessment (DMA) is the foundation of CSRD reporting and determines which ESRS disclosure requirements apply to your company.
What are the ESRS standards?
The European Sustainability Reporting Standards (ESRS) are the technical reporting standards under CSRD. They include: 2 cross-cutting standards (ESRS 1 General Requirements, ESRS 2 General Disclosures β mandatory for all); 5 environmental standards (E1 Climate Change, E2 Pollution, E3 Water, E4 Biodiversity, E5 Circular Economy); 4 social standards (S1 Own Workforce, S2 Value Chain Workers, S3 Affected Communities, S4 Consumers); and 1 governance standard (G1 Business Conduct). Sector-specific ESRS standards are in development. Companies report on all material topics identified in their DMA.
How does CSRD affect supply chains?
CSRD requires companies to report on material sustainability impacts, risks, and opportunities across their entire value chain β not just their own operations. This includes upstream impacts (suppliers, raw materials) and downstream impacts (customers, end-of-life). ESRS S2 covers value chain workers specifically. Scope 3 emissions (GHG Protocol categories 1-15) must be disclosed under ESRS E1, requiring detailed supplier emissions data. Companies must engage with suppliers to collect ESG data, assess supplier sustainability risks, and report on supply chain due diligence measures.
What are the penalties for CSRD non-compliance?
CSRD sets a framework for penalties but implementation varies by EU member state. Germany (implementing via CSRD-Umsetzungsgesetz) follows the general EU approach: auditors must verify CSRD reports as part of the statutory audit. Failure to comply or submission of materially misstated sustainability reports can result in administrative fines, public naming (name and shame), and in serious cases, criminal liability for management. The first CSRD reports (for FY 2024) will be subject to limited assurance; reasonable assurance requirements come later.