CSR Compliance and Regulations

Compliance isn’t choosing one framework, it’s understanding how they work together. Many organizations view SOC 2, ISO 27001, and GDPR as competing obligations, but the reality is far more integrated. SOC 2 validates data security controls for US-based service providers voluntary but expected by enterprise clients. ISO 27001 provides a globally recognized ISMS foundation with comprehensive risk management and continuous improvement. GDPR legally enforces personal data protection for EU citizens with significant financial penalties for non-compliance. The strategic advantage lies in their overlap: access controls, incident response, vendor risk management, encryption, and breach notification requirements align across all three. Organizations that map controls once and satisfy multiple frameworks simultaneously reduce audit fatigue while strengthening their overall security posture. Rather than treating compliance as separate silos, mature GRC programs build unified control environments that address shared requirements, turning regulatory burden into operational excellence. What’s your approach to managing overlapping compliance frameworks? #GRC #SOC2 #ISO27001 #GDPR #Compliance #InformationSecurity #DataProtection

Mitigation Hierarchy for Business Decarbonization 🌎 The mitigation hierarchy offers a clear and structured framework for businesses to prioritize decarbonization efforts effectively. It emphasizes addressing emissions at their source first, with a stepwise approach—prevention, reduction, substitution, neutralization, and compensation. This order ensures that the most impactful measures are taken before relying on offsets or less direct solutions, aligning climate action with business objectives and regulatory demands. At the top of the hierarchy are prevention and reduction, which are the most effective and cost-efficient ways to lower emissions. Prevention involves redesigning processes or eliminating unnecessary activities to avoid emissions entirely. Reduction focuses on improving efficiency, adopting cleaner technologies, and streamlining operations to minimize the carbon footprint. These steps not only help achieve climate targets but also often reduce costs and enhance operational performance. Substitution is the next step, where businesses replace high-emission inputs with sustainable alternatives. Examples include transitioning to renewable energy, adopting low-carbon materials, or introducing green technologies. Substitution integrates sustainability into business operations without compromising on performance or competitiveness, making it a critical component of long-term decarbonization strategies. Global frameworks like the Kyoto Protocol and the Paris Agreement provide a broader context for the mitigation hierarchy. These agreements emphasize aligning business strategies with international and regional climate commitments. Nationally Determined Contributions (NDCs), for example, set specific targets that guide businesses toward compliance and accountability. Such alignment not only meets regulatory expectations but also strengthens market positioning by addressing consumer and investor demands for sustainability. Effective application of the hierarchy requires businesses to prioritize actions based on urgency, effectiveness, and cost. Timely action ensures compliance with reporting deadlines and avoids reputational or financial risks. Clear metrics enable businesses to track progress and ensure that strategies are delivering tangible results. Source: Terrascope #sustainability #sustainable #business #esg #climatechange #climateaction

There’s a silent trap in the Nigerian Labour Act that many organisations and HR managers fall into. We have seen several cases where deductions are treated as disciplinary tools, sometimes verbally. You can deduct things like PAYE tax, pension, union dues, or a court-ordered payment. But outside of that, you need written permission. Section 5 of the Nigerian Labour Act is very clear. You cannot deduct from a worker's salary for poor performance, lateness, or broken tools unless backed by a proper contract or policy. This part of the law is often ignored but if it ever gets challenged in front of the National Industrial Court, the employee will win. So if you're an employer or in HR, now’s a good time to double-check your payroll practices. Make sure you're not exposing your company to unnecessary legal risk. #LabourLaw #EmploymentLaw #NigeriaHR #WorkplaceCompliance #HRNigeria #LabourAct #EmployeeRights #HumanResources #PayrollNigeria #EmploymentCompliance #LinkedInLawTalks

The EU just published its official guidance on the Packaging & Packaging Waste Regulation (PPWR) and more businesses than expected are impacted. The European Commission has released a 57-page guidance document clarifying how Regulation (EU) 2025/40 will work in practice. With the regulation applying from 12 August 2026, the clock is ticking. Here's what businesses should know: → What counts as "packaging" is broader than you think. IV bags, candle containers, and adhesive process films may be excluded but dust bags for shoes and garments, flower pots sold with plants, and beverage cups filled at point of sale are likely in scope. → Know whether you're a "manufacturer" or a "producer." These are two distinct roles with very different obligations. Manufacturers are responsible for sustainability and labelling compliance across the EU. Producers handle extended producer responsibility (EPR) fees in whichever Member State the packaging becomes waste. → PFAS in food-contact packaging is banned from August 2026 with no transitional period for existing stock placed on the market after that date. → Re-use targets kick in from 2030, covering transport, beverage, and sales packaging. At least 40% of transport packaging must be reusable by then. For beverages, final distributors must offer at least 10% in reusable packaging. → Deposit Return Systems must be operational by 2029, targeting 90% separate collection of plastic bottles and metal cans. → Labelling rules are being harmonised and national sorting labels will no longer be permitted alongside EU harmonised labels from August 2028. The guidance is non-binding but reflects the Commission's interpretation. Businesses that move early will be far better placed when enforcement begins. #ppwr #packaging #sustainability #circulareconomy #euregulation #esg #compliance

EFRAG has released the revised #ESRS. The total number of data points has been slashed by 70%, dropping from 1,073 to just 320. The revision undeniably responds to political pressure. It feels like that, while this revision solves some problems, it also opens new questions. ➡️ The reduction in data points was overdue, yet whether 70% is the right balance is far from clear. Yes, redundant and low-value data points are gone, but so are several data points that mattered. ➡️ The revised Double Materiality Assessment promises "clearer guidance, less documentation, and better alignment with audit expectations." Given the friction around the original DMA, this feels like progress on proportionality. ➡️ Many exceptions and reliefs - such as the possibility to omit information when there is "undue cost or effort" - introduce a lot of flexibility. Without tighter guardrails, these reliefs risk creating loopholes for greenwashing. Reliefs should be the rare exception, not the norm. 👉 EFRAG’s mandate was tough: deliver major simplification without diluting the standards, and do it under time pressure. Not exactly a recipe for a quick win. The final package reflects those tensions: a step forward in some respects, a compromise in others. The revised ESRS are now with the Commission, which will consult internally and externally and engage with Parliament & Council. This is expected to take six to nine months, after which the standards will be adopted through a Delegated Act. The objective is for the revised standards to apply from FY 2027, with a possibility for earlier application for FY 2026 (still to be confirmed).

"What is the Global Landscape of AI Regulation? Between new laws & revoked orders, the landscape of #AIRegulation is shifting quickly. Last week, as the US House passed a bill potentially banning all state AI laws for the next decade, there is an urgent need to clarify what "AI regulation" actually means & develop analytical tools that resist political shifts. We are excited to share that our paper, a joint collaboration between Stanford University and Harvard University researchers, introduces a taxonomy to capture the global landscape of AI regulation. With co-authors Shira Gur-Arieh, Tom Zick, PhD. & Kevin Klyman, we analyze emerging AI regulatory frameworks across five early movers–the EU, US, China, Canada, and Brazil– to identify patterns, divergences & blind spots. The taxonomy illustrates the breadth & depth of AI regulatory approaches by analyzing key metrics, including technology or application-focused rules, ex ante precautions or ex post liabilities, horizontal or sectoral regulatory coverage, maturity of the digital legal landscape, enforcement mechanisms & level of stakeholder participation. To democratize our findings, we collaborated with designers Vikramaditya Sharma, Steven Morse & Tanil Raif to translate dense legal texts into accessible outputs. Key takeaways: 1️⃣ We must clarify the term "AI regulation." The term is used ambiguously to describe both binding legal frameworks & voluntary industry guidelines. Lines are often strategically blurred between hard law (AI regulation) & soft law (AI policy). Such semantic ambiguity can mislead public expectations, create a false sense of protection & open the door to regulatory capture. 2️⃣ Innovation vs. regulation is a false dichotomy. China's experience shows it is possible to enforce mandatory safeguards while continuing to develop cutting-edge models like DeepSeek. While the intentions behind Chinese AI regulation differ from Western ones, for example to control political dissent, the coexistence of strict regulation & rapid innovation proves that the two are not mutually exclusive. Countries can lead the AI arms race while having legally-binding safety requirements. 3️⃣ Under the same umbrella term, not all AI regulations are equal. Some frameworks are more comprehensive than others. Hybrid AI regulations–combining both ex ante & ex post mechanisms and technology & application based rules–address societal harms and national security risks, while imposing obligations before and after deployment. 4️⃣ Civic engagement remains a blind spot. There is little data on whether civic consultations translate into meaningful, legal outcomes—or are merely performative." Good work from Sacha Alanoca (who wrote the above summary) and Berkman Klein Center for Internet & Society at Harvard University

"Felipe, are there other options beyond #SBTi? Why don't I hear about other standards? I've been receiving this question frequently in conversations with my customers, so I thought it would be helpful to share some insights here. When it comes to driving corporate climate action, several initiatives provide frameworks and methodologies. Here’s a comparison of some key players in the field: "The leader" - Science Based Targets initiative (SBTi): - A collaboration of institutions aimed at increasing corporate ambition on climate action. - Methodology: Independent assessment of companies’ Scope 1, 2, 3 targets, classified into three categories. - Adoption: ~1,200 companies, including Bayer, thyssenkrupp, Saint-Gobain, and PSA. Transition Pathway Initiative (#TPI): - A global initiative led by asset owners and supported by asset managers. - Methodology: Assessment based on publicly available information and classification into five levels. - Adoption: ~370 companies, such as Tesla, P&G, and Ford. X-Degree Compatibility (#XDC): - A science-based climate metric to quantify a company’s contribution to global warming. - Methodology: Emission and economic data are used to calculate XDC value and emission reduction pathways. - Adoption: >30 companies, including BASF, Adidas, and E.ON. The 1.5°C Business Playbook: - An initiative that brings together technology innovators, scientists, companies, and NGOs. - Methodology: Proposed pathway based on the carbon law, which involves halving carbon emissions every decade. - Adoption: No calculation/categorization of companies. ISO Standard on Climate Action (e.g., ISO 14064-1): - Provides guidelines and standards for quantifying and reporting greenhouse gas (GHG) emissions and removals. - Methodology: Focuses on organizational and project-level GHG quantification, reporting, and verification. - Adoption: Widely recognized and adopted globally across various industries for standardized reporting and compliance. ------ Top 3 Key Differences: ------ 1- While SBTi, TPI, and XDC provide specific frameworks for setting and assessing climate targets, the 1.5°C Business Playbook offers a broader pathway approach, and ISO focuses on standardized reporting. 2- Methodology: SBTi and TPI rely on classifications, XDC uses a quantitative metric, the 1.5°C Business Playbook is based on the carbon law, and ISO provides guidelines for GHG quantification and reporting. 3- Adoption: SBTi and TPI have broader adoption among companies, while XDC and the 1.5°C Business Playbook have more specialized use cases. ISO standards are globally recognized and widely adopted across industries. Choosing the right framework depends on your organization's specific needs, whether it's setting science-based targets, aligning with asset managers, quantifying climate impact, following a broad decarbonization pathway, or adhering to standardized reporting. How is your organization navigating these frameworks in its sustainability journey?

The New, Simplified Draft ESRS are out from EFRAG! Months in the making, these are the new draft European Sustainability Reporting Standards, a key part of the regulatory reform underway in the EU! Here are the key simplifications: -Usefulness of information as a general filter and emphasis on fair presentation for more relevant and less compliance-oriented reporting; -Simplified materiality assessment: clearer guidance, reduced documentation, and better alignment with audit needs; -Elimination of the preference for direct data in the value chain, reducing the pressure for data collection; -Substantial reliefs, proportionality mechanisms and ad hoc phasing-in for challenging disclosures; -Principles-based standards for narrative disclosure particularly for policies, actions and targets, flexibility on how to present the information, greater focus on how sustainability matters are managed; -ESRS are now shorter, clearer, easier to understand and to implement; 61% reduction of datapoints that are required if material, deletion of all voluntary disclosures; -Enhanced interoperability with the International Sustainability Standards Board (ISSB) Standards: common disclosures preserved where possible, enhancement thanks to fair presentation, revised GHG boundary and provisions for anticipated financial effects. As some reliefs in ESRS go beyond those in the ISSB Standards, companies should pay attention when using them if they wish to comply with the ISSB Standards. Full draft ESRS can be found here: https://lnkd.in/ecfAbxam We are helping firms manage these evolving regulations. Get in touch or leave a comment if you'd like to discuss how these changes apply to your firm! #ESRS #Omnibus #CSRD #SustainabilityRegulation #ESGReporting

🌍 EU moves to strengthen recycled plastics regulation for food contact The European Commission has circulated a draft amendment to Regulation (EU) 2022/1616 on recycled plastics intended to come into contact with food. - Electronic Union Register: A new EU-level registration system for recyclers and installations, replacing national submissions. -Expanded documentation requirements: Updated templates for declarations of compliance, including new forms for input materials and finished articles (Annex III A–D). -Traceability and sampling: Recyclers must retain a sample of each input batch for two years to verify contamination levels and decontamination effectiveness. - Customs enforcement: For recycled PET imported from third countries, CN codes must be indicated in compliance documentation. - Clearer compliance statuses: Installations will be categorized (active, suspended, audit pending, decommissioned) to improve transparency. - Transitional measures: Products compliant under current rules may continue to be placed on the market for a limited period after the amendment enters into force.  🗓️ National Authotities as Denmark are collecting feedback until the 9th January 2026 GPSNet - Global Product Safety Net: ⚖️ Reg Advocacy, Legal Opinions, Chemical/Recycling Registrations 💻 Digital Regulatory / AI Early warning 📄 Consulting, GMP Recycling system, Dossier submission, Migration modelling, Global Test management, DOC Management, .. ⚗️ NIAS/PFAS/BP Screening, CMMS, Input-output validation, Test in food , Global Accredited testing ♻️ Sustainability testing, R-Plastic Challenge test, microplastics.. 🕵 GMP Audit/Training 🆘 m.scialpi@globalproductsafety.net Marco Scialpi Sources: https://lnkd.in/eZ3dvq-d

Is your sustainability strategy just a compliance exercise? Then you’ve already lost. Here’s the uncomfortable truth: if your sustainability efforts are driven solely by the need to tick boxes and meet regulations, you’re missing the point—and the opportunity. Compliance should be the bare minimum. Real sustainability is about doing more than what’s required. It’s about: Embedding sustainability into your core business strategy, not treating it as an afterthought. Moving from reactive to proactive—anticipating challenges instead of waiting to be forced into action. Viewing sustainability not as a cost, but as an investment in long-term resilience, innovation, and trust. Because let’s face it—customers, investors, and employees can see through the “we comply” narrative. They’re looking for companies that go beyond regulations, lead the way, and embrace sustainability as a fundamental value. If compliance is your ceiling, it’s time to raise the bar. So ask yourself: is your strategy about meeting minimum requirements, or is it about leading the change?