Beyond the pause: Why governance cannot wait
What Stop the Clock, Omnibus and EU ESG turbulence really mean for companies preparing for CSRD, CS3D and EUDR
A false sense of breathing space
The EU’s "Stop the Clock" regulation has passed. Together with the Omnibus Directive, it introduces limited deferrals for CSRD compliance deadlines and tweaks to the Corporate Sustainability Due Diligence Directive (CS3D or CSDDD), the Green Taxonomy, and other regulations. (More on this below.)
At the same time, EFRAG’s Sustainability Reporting Board voted against fast-tracking ESRS simplification (although they’re actually meeting again this morning to vote on an alternative fast track route). Some saw this as procedural integrity. Others saw it as a lost opportunity for clarity. Whatever the view, one thing is certain: governance, risk management and materiality expectations have not eased.
In some boardrooms, these developments will be misinterpreted as a reason to slow down ESG preparation. A chance to shelve double materiality until next year. A breather.
This would be a mistake.
Because while some compliance deadlines have shifted, the underlying risks, investor expectations and regulatory momentum have not. Compliance delays are not risk delays. Simplification may yet prove to be the EU’s greatest headache since GDPR.
The organisations who deepen governance now will thrive. Those who wait may struggle to catch up.
Stop the Clock and the Omnibus compromise: what they’ve changed… and what they haven’t
The main updates:
Extended CSRD reporting deadlines for Phase 2 and Phase 4 companies. Those previously reporting in 2026 will now report in 2027 on 2026 data;
Reduced CSRD scope: Only large companies with more than 1,000 employees are now in scope;
Simplified value chain reporting under CS3D: Companies cannot be required to seek detailed sustainability data from suppliers with fewer than 1,000 employees;
Third-country group thresholds raised for CS3D: Non-EU groups will now be caught only if they have €450 million turnover in the EU (up from €150 million); and
Taxonomy reporting flexibility: Companies below €450 million turnover can now opt for a lighter taxonomy disclosure.
But crucially, several things have not changed:
Double materiality remains foundational;
Due diligence obligations under CS3D continue; and
Supply chain transparency under EUDR moves ahead without delay.
This is not a signal to ease off. It is a signal to build governance maturity while others hesitate.
Governance is the new black
It’s sometimes tempting to think compliance is enough, that a neatly filed ESG report will satisfy stakeholders and regulators alike. But in today’s shifting landscape, it is governance that separates resilience from vulnerability.
Governance is not just about having policies on a shelf. It is about operationalising risk management into BAU, making decisions auditable, and ensuring that ESG is woven into enterprise risk, strategy and boardroom discussions.
Disclosure tells a story. Governance protects the business.
The evidence is clear: companies with strong governance around ESG risks outperform those who treat sustainability as a reporting exercise. Investor expectations, insurance premiums, and access to capital are each moving toward rewarding those who can demonstrate credible oversight and internal control.
Frameworks may provide a map. Governance is what ensures you can actually make the journey.
The real shift: from disclosure to governance
As the regulatory environment evolves, one truth is becoming clear: companies that focus only on disclosure will struggle. Those that invest in governance will lead.
Global ESG frameworks are diverging, not converging. Harvard Law School Forum analysis earlier this month confirms:
ISSB standards (and UK SRS) focus on financial materiality;
ESRSs and GRI maintain the double materiality principle;
CS3D demands operational due diligence, not just reporting;
EUDR enforces traceability of deforestation-linked commodities.
Rather than waiting for global convergence, companies may find an advantage in designing ESG systems that are agile, modular and governance-led – creating flexibility now that can strengthen resilience later.
A governance model that flexes across different reporting and due diligence demands will become a strategic advantage. This means:
Businesses that take these steps will position themselves not only for compliance but for long-term resilience, stakeholder trust and sustainable growth.
What EUDR teaches us about the future of ESG
The EU Deforestation Regulation (EUDR) is no longer theoretical. It is already changing how companies must operate.
Under EUDR, businesses sourcing commodities like coffee, soy, timber, palm oil and rubber must trace products back to deforestation-free sources. They must gather geolocation data, issue due diligence statements, and verify compliance with environmental and human rights standards.
Penalties for non-compliance are severe. Beyond fines of up to 4% of EU turnover, reputational risks are significant.
More importantly, EUDR is not an isolated rule. It previews the level of supply chain scrutiny that CS3D and future ESG regulations will demand.
Companies that treat EUDR and CS3D as isolated projects will struggle. The leading organisations are already:
Mapping high-risk supply chains.
Integrating due diligence into core governance processes.
Preparing for third-party scrutiny with resilient, auditable systems.
Supply chain governance is no longer a bolt-on. It is becoming a litmus test for operational resilience and ethical leadership.
The governance gap that cannot be ignored
Too many businesses still treat ESG as an exercise in reporting, not governance.
True resilience demands:
Board ownership of ESG risks
Cross-functional collaboration across finance, legal, sustainability and risk
Integration of ESG risks into enterprise risk management frameworks
Strong controls and audit trails over sustainability data and decisions
Frameworks provide structure. Governance provides survival.
Disclosure tells a story. Governance protects the business.
Why we built Beyond Compliance: The CS3D Readiness Blueprint
The Beyond Compliance Blueprint is designed to help companies move from disclosure-driven ESG to governance-driven resilience, preparing for CS3D, EUDR, ESRS and beyond.
It provides a structured yet flexible framework to:
Build operational due diligence processes;
Strengthen double materiality governance;
Integrate ESG risks into strategic and operational decision-making; and
Develop credible, traceable evidence of ESG risk management.
The next phase of ESG is not about surviving a regulatory review. It is about building a business that earns the trust of its stakeholders for the long term.
We are launching it this Saturday. If you’re a subscriber, you’ll get it first.