The European Union is moving into the second phase of the major sustainability regulation. After a period of rapid production of rules, standards, disclosures and supervisory requirements, Brussels is now attempting to reduce the administrative burden caused by the first wave of ESG obligations for businesses.
The direction, however, is not deregulation. It is the transition from data overload to a more targeted system, in which less information should be better documented, more comparable and more resistant to supervisory scrutiny, or at least that is the intention.
On 6 May 2026, the European Commission launched a public consultation on the draft revised European Sustainability Reporting Standards, the ESRS, as well as a new voluntary reference standard for smaller businesses. According to the Commission, the revised standards reduce mandatory data points by more than 60%, total data points by more than 70% and reporting costs per company by more than 30%.
For Cyprus, this development is not a technical detail of Brussels. It directly concerns banks, listed companies, investment fund managers, companies participating in European value chains, professional advisors, auditors and debt issuers. The country has already transposed the CSRD into national law, through amendments to the Companies Law, the Auditors Law and the Transparency Requirements Law, with the relevant texts to be published in the Official Journal on 29 July 2025.
Brussels' new philosophy
The Commission's key message is that Europe wants to keep the core of sustainable finance, but reduce implementation costs. The first phase of ESG was built on the idea that companies needed to disclose much more information about the environment, society and corporate governance. The second phase moves towards a more practical balance, fewer obligations, clearer requirements, a greater emphasis on materiality and stricter scrutiny of claims.
The change did not come by chance. Industry, banks, auditing firms, consultants and member states warned that the initial framework was evolving into a cumbersome bureaucratic compliance system. Many businesses, especially medium-sized ones, faced disproportionate costs of collecting, classifying and verifying data. The ESG debate thus shifted from the question of "how much information is made public" to the question of "what information has real value for investors, supervisors and society".
The EU's Omnibus package fits precisely into this logic. It aims to narrow the scope of the CSRD, simplify the Taxonomy, reduce administrative burdens and give more adaptation time to companies that had not yet started reporting.
At the same time, the "stop-the-clock" Directive postponed by two years the application for the second and third wave companies of the CSRD (small and medium-sized enterprises), but without suspending the obligations of the first wave companies that are already reporting.
What changes for businesses
The essence of the change lies in the re-regulation of ESRS standards. These standards remain the mandatory reference language for CSRD companies. The principle of dual materiality, i.e. the evaluation of both the way in which the company is affected by environmental and social factors and the way in which it affects the environment and society, is not replaced or abandoned.
What changes is the density of the system. The Commission seeks to remove duplication, limit low-value data points, simplify the language of standards and make the materiality assessment process clearer.
For a Cypriot company that will stay within scope, this means that the final sustainability report may be less voluminous, but it will not be less demanding in terms of data quality.
The crucial difference is that ESG moves from the level of communication to the level of operating systems. It is not enough for a company to declare that it monitors emissions, social indicators or sustainable governance practices. It must be able to demonstrate who collects the data, how it is audited, who authorises it, how they are associated with risks and with what strategy, and how it can be subject to assurance by auditors.
Cyprus faces a double challenge
Cyprus is in a special position. On the one hand, it does not have the size of large European markets, nor the depth of data of countries with a long tradition of sustainable finance. On the other hand, it is a service economy, a financial centre, the headquarters of funds and holding companies, with strong cross-border activity. This means that even companies that may not be directly subject to the CSRD may be required to provide ESG assets to banks, investors, customers, parent companies or European counterparties.
The transposition of the CSRD into Cypriot law in 2025 created the legal basis. The next bet is the app. Experience shows that the real difficulty lies not only in the drafting of the report, but in the creation of a reliable internal infrastructure. For many businesses, ESG data is currently dispersed across accounting, HR departments, procurement, facilities, contracts, banks, and external providers. Compliance requires that this fragmentary information be turned into a controlled system.
CySEC has already made sustainability and ESG compliance part of its supervisory priorities for 2025, with a particular focus on fund managers and investment firms. Circular C704 of 2 May 2025 provides guidance on the sustainable finance framework, SFDR obligations, Taxonomy, and greenwashing risks.
From green promises to claims checks
The biggest supervisory shift in Europe is not just about corporate reporting. It is about how the terms ESG, "sustainable", "green", "transition" and "impact" are used in products, funds, websites, newsletters and presentations to investors. ESMA has tightened its approach to fund designations and sustainability claims, precisely because the use of such terms influences investment decisions.
For the Cypriot investment fund market, this is crucial. An administrator using ESG terminology can no longer treat the name or commercial description of a product as a purely communicative matter. There must be a link between the name of the fund, the investment strategy, the selection criteria, the exclusions, the risk management, the main adverse impacts and the actual composition of the portfolio.
The practical consequence is the need for the 'register of claims'. Each public sustainability statement must be able to be matched with internal records, data, approvals and periodic review. The new ESG era doesn't just punish the absence of compliance. It also punishes excessive wording without proof.
Banks at the center of the transition
For the Cypriot banking system, ESG is not just a matter of reference. It is a question of risk. The Central Bank of Cyprus has integrated ESG risks into the governance and risk management of credit institutions. Its 2024 annual report also refers to strengthening its internal structure for sustainability and climate change issues.
The Cypriot specificity is clear according to the CBC, the economy has significant exposure to real estate, tourism, infrastructure, energy and natural climate hazards, such as drought, heat stress and water pressure. For banks, this means that the credit risk assessment cannot ignore the energy efficiency of buildings, the adaptation costs, the green collateral exposure and the transition plans of their entrepreneurial customers.
The challenge is mainly technical and organizational. Banks need reliable counterparty data, collateral information, energy certificates, industry assumptions, risk scenarios and internal models. Sustainable finance cannot be developed with new products alone. Data infrastructure is needed.
The Cypriot sustainable finance market
Despite the weaknesses, Cyprus is not starting from scratch. The Republic of Cyprus issued a ten-year sustainable bond of €1 billion in 2023. based on the Sustainable Finance Framework. The Cyprus Stock Exchange announced in 2024 the first listing of a green bond on the Alternative Market, while it has also announced a fee reduction policy to encourage such issuances.
These moves show that there is a basis for sustainable debt market development. The question is whether the market can gain depth, transparency, and continuity. For this to happen, issuers must be able to document the use of funds, provide reliable post-issuance reporting, and link revenue to measurable environmental or social goals.
The absence of a single public data table for ESG-labelled funds, Article 8 and 9 SFDR products, alignment with the Taxonomy, and ESG sanctions is a weakness. It is not just a question of information. It is a question of market credibility. A country that wants to position itself as a regional hub of sustainable finance needs a common database, transparency and comparable information.
The opportunity for simplification
European simplification can work in Cyprus' favour, if it is used properly. Smaller and medium-sized businesses that feared facing disproportionate demands may be given more time and a clearer framework to move. Reducing the amount of data can cut costs. The voluntary standard for smaller businesses can create common language between suppliers, banks and large customers.
But the biggest danger is the misreading of simplification as a postponement. Cypriot businesses should not wait for the final form of each European text to move. Setting up ESG systems takes time: data recording, allocation of responsibilities, internal control policies, board training, assurance processes, and documentation mechanisms.
The right strategy is not "wait and see". It is "preparation with flexibility". Companies need to know whether they are likely to fall within the scope of CSRD, whether they are indirectly affected by a value chain, what data they have, what is missing and what claims can be proven.
What needs to be done in Cyprus
At the level of the state and supervisory authorities, the first need is clarity. A single public ESG map for Cyprus, with CSRD implementation guidelines, competent authorities, obligations per entity category, useful guidance and statistics, would reduce uncertainty. It would especially help businesses that do not have large legal or advisory teams.
At the business level, governance is the priority. Every company directly or indirectly affected must have a note to the board of directors on the ESG field, data officers per function, materiality record, data ESG dictionary and public claims register. These are not bureaucratic luxuries. It is the basis for avoiding errors, inconsistencies and future supervisory reports against them.
At the level of banks and funds, the priority is to link ESG to the core of activity. For banks, this means credit risk, collateral, loans and transition plans. For fund managers, it means product naming, investment strategy, portfolio, disclosures, and documentation. For publishers, it means using funds, performance indicators, and reliable reporting.
The strategic stakes
Europe is not abandoning ESG. It rewrites it to make it more applicable, more comparable and more useful. The reduction in administrative burden is real, but comes with a greater proof requirement. The new framework will not judge businesses by how impressively they talk about sustainability, but by whether they can support what they declare.
For Cyprus, this creates danger but also opportunity. The risk is that simplification will be treated as a pretext for delay. The opportunity is to use the time to build a robust sustainable finance infrastructure, with quality data, robust audits, supervisory coherence and clean product markets.
The next stage will not belong to the companies that publish the most ambitious commitments. It will be among those who will be able to prove, with data, procedures and controls, that their commitments have real content. For the Cypriot economy, this is perhaps the most important transition from the era of ESG statements to the era of ESG credibility.
