CSRD Data Model 2026: Why Most SMEs Underestimate Their ESG Reporting Obligations

7 Min. read time

CSRD implementation in SMEs rarely fails due to lack of will—almost always, it’s the data model that collapses. Those treating the reporting obligation as an extension of the management report build a system that crumbles under scrutiny in year two. This article reveals where ERP bolt-ons fail on double materiality and which architectural decisions actually hold up.

RelatedE-invoicing 2026: Mandatory rollout for SMEs  /  Industrial heat transition: Chemical sector goes electric

Right now, many SME offices have a project plan titled “CSRD implementation” on their desks. Next to it sits the ERP system, a new sustainability module from the software provider, and a consulting offer promising “CSRD readiness in 90 days.” What’s often missing is one sobering question: Will the data architecture we’re building actually support the full reporting scope for the next five years?

The Corporate Sustainability Reporting Directive (CSRD) isn’t just an expanded version of the management report. It’s a standalone reporting regime with its own audit requirements and a data structure that shares little with traditional financial data. Underestimate this, and you’ll pay the price in year two—not with a fine, but with an audit finding that demands three months of rework.

This isn’t another CSRD overview. It’s an architectural critique. Why ERP bolt-ons fail on double materiality, which data models actually work, and where SMEs systematically underestimate the scope of their obligations.

What is double materiality?

Double materiality is the assessment concept underpinning the CSRD. It requires two perspectives for every sustainability topic: financial materiality (how the topic impacts the company) and impact materiality (how the company impacts people and the environment through the topic). A topic is considered material—and therefore reportable—if either perspective exceeds the defined threshold. The methodology must be documented and verifiable.

Why ERP bolt-ons are the wrong answer to the wrong question

Since 2023, major ERP providers have added sustainability modules to their portfolios. Commercially, this makes sense—and technically, they often deliver when it comes to quantitative environmental data: electricity consumption, diesel volumes, waste generation, business mileage. These data points already live in ERP systems, embedded in invoices, fleet records, or energy bills.

The problem starts where the ESRS demands qualitative and process-related information. Grievance mechanisms along the supply chain. Documented impacts on communities near production sites. Governance decisions on climate risks, complete with meeting minutes. These data points don’t reside in ERP systems. They’re scattered across HR platforms, legal departments, unstructured email archives—or simply don’t exist in any structured form.

An ERP bolt-on pretends sustainability reporting follows the same accounting logic as financial bookkeeping. That holds true for a fraction of data points. For the rest, the module offers sleek input masks where employees manually enter data they’ve cobbled together in Excel. The audit trail remains thin because the actual evidence isn’t in the system.

Double materiality is a data model, not a consulting exercise

Double materiality lies at the heart of the CSRD. It requires documenting two perspectives for every potentially relevant topic: How does the issue impact the company (financial perspective)? And how does the company, through this issue, impact people and the environment (impact perspective)? Both assessments must be consistent, traceable, and audit-ready.

The biggest risk isn’t failing an audit. It’s a data model that buckles under the second wave of additional ESRS fields—triggering a follow-up project before the first one is even finished.

Many projects treat the double materiality analysis as a one-off workshop. Two days with external consultants, a final document, job done. That’s cutting it too short. The materiality analysis determines which ESRS data points ultimately need reporting—and which don’t. It sets the scope for the data model. If the analysis isn’t structurally embedded in the system, it has to be rebuilt every year, and comparability is lost before the first report is even audited.

A robust data model maps the materiality matrix as its own entity. Topics, impact assessments, financial assessments, linked ESRS data points, evidence sources, responsible parties, review cycles. This isn’t an Excel spreadsheet—it’s a relational structure. Ignore that, and by year three, you’ll be explaining to your auditor why a topic’s materiality changed between reports without anyone documenting the shift.

Where SMEs Systematically Underestimate the Effort

When talking to managing directors, it becomes clear that the effort required is consistently underestimated in three key areas. First, Scope 3 emissions—those generated across the value chain. The figures come from supplier data, transport documents, and estimation models, yet they rarely align. Second, value chain information on social issues, such as working conditions at suppliers. Often, this data simply doesn’t exist, and gathering it can take months. Third, governance documentation, particularly the link between management’s strategic decisions and identified sustainability risks.

The blind spot is especially pronounced when it comes to Scope 3. A manufacturer with 200 employees typically sources from hundreds of suppliers, of which perhaps twenty are large enough to provide their own CSRD or comparable data. The rest report energy consumption on request—figures that land in a single Excel cell, unchecked. Those who accept these numbers at face value build a reporting section that collapses under scrutiny the following year. Instead, those who clearly distinguish between measured, derived, and estimated emissions give auditors a traceable foundation—even if the final figure looks less impressive.

The same applies to the social aspects of the European Sustainability Reporting Standards (ESRS). The standards require concrete statements on working conditions, discrimination complaints, and employee representation involvement. Companies with well-documented HR processes already have this material on hand. For others, it takes months to compile. This effort isn’t just about data—it’s about the organization behind it.

The point isn’t that SMEs must report all these data points—most companies end up with no more than 300 material ones. The key is that the selection must stem from the materiality analysis, with every decision justifiable to auditors if challenged.

Three data architecture decisions paying off now

From projects that have become technically viable, three architectural principles emerge. They may sound unremarkable. Yet they make the difference between a system that can be expanded in year two—or one that needs a complete rebuild.

First: Evidence before value. Every reported data point gets an evidence anchor in the system—a reference to the source document, the responsible person, and the date of last verification. Without this link, audit effort doubles the following year.

Second: Materiality matrix as a first-class entity. The matrix isn’t an appendix to the report; it’s the controlling structure behind it. Changes to the matrix require justification and versioning. Every reported data point ties back to a matrix entry.

Third: Separation between operational measurement systems and reporting layer. Raw data comes from diverse sources and undergoes operational changes. The reporting layer reads this data in fixed time windows, versions it, and preserves it even if source systems evolve. Mix raw and reporting layers, and traceability vanishes by year three.

Bolt-on or standalone platform? The more honest answer

The choice between an ERP module and a dedicated sustainability platform is often framed as a fundamental decision. In reality, it’s far less dramatic. A bolt-on solution may suffice for companies whose reporting scope is strictly limited to quantitative environmental data and whose materiality analysis remains stable. That applies to only a minority of mid-sized firms.

What matters isn’t the tool, but the sequence. Companies that pick software first and then adapt their data model to it inherit the vendor’s limitations. Those that design their data model based on their own materiality first—and then evaluate software against it—end up with a leaner, better-fitting solution.

What now matters most

The February 2025 omnibus delay eased the time pressure for the second and third waves—but it didn’t make the content any easier. Companies that use this extra time to build a robust data model will be in a far stronger position in two years than those that simply bolt on a quick fix and hope it’s enough.

The most honest advice from companies already reporting in the first wave? Invest early in materiality analysis as a structural foundation—not just workshop output. Define your evidence anchors before data collection begins. And keep reporting layers separate from operational measurement systems, even if it feels like overhead at first. By year three, that overhead will determine whether your audit takes three weeks or two quarters.

The Corporate Sustainability Reporting Directive (CSRD) isn’t a compliance checkbox to tick in 2026 and forget by 2028. It’s a new reporting regime that evolves every year. Get the architecture right now, and you’ll avoid the costly rebuilds that others will face as early as year three.

Frequently Asked Questions

Source: Pexels / Tima Miroshnichenko (px:6693647)