NETHERLANDS Law and Practice Contributed by: Manon Cremers, Heleen Kersten and Frédérique van der Wegen, Stibbe
Internal Controls and Reporting Dutch listed companies are expected to have ade - quate internal risk management and control systems. Following the 2025 revision of the CG Code, listed companies are also expected to include an enhanced management board statement on risk management ( verklaring omtrent risicobeheersing , or VOR), cover - ing the design, operation and assessed effectiveness of internal risk management and control systems for operational, compliance and reporting risks. Geopolitical Risk Although Dutch law does not require a separate geo - political risk committee, geopolitical risk increasingly falls within ordinary risk oversight responsibilities, especially for listed companies and regulated firms. This includes risks relating to supply chains, cyber threats, export controls, sanctions and energy transi - tion. The AFM has identified geopolitical uncertainty and related market risks as an area of supervisory attention. International Sanctions Compliance International sanctions compliance is generally addressed within the broader compliance and risk control framework. Dutch supervisors such as DNB and the AFM continue to emphasise sanctions com - pliance, internal controls and sound risk governance. Oversight is usually organised through management, compliance and legal functions, with review by the audit committee or supervisory board depending on the company.
to ESG compliance but primarily establishes a due diligence framework rather than a reporting regime. At national level, ESG considerations are also embed - ded in Dutch governance expectations through the CG Code. Companies in scope For companies within the scope of the CSRD, the key requirement is to include sustainability information in the management report in accordance with the ESRS and double materiality. Companies must report both on how sustainability matters affect the business and on how the business impacts people and the environ - ment. This requires a structured internal reporting and control environment, external limited assurance over the sustainability statement and, where applicable, Taxonomy disclosures. Timing and EU Omnibus I developments The CSRD remains the central ESG reporting regime, but its timeline and scope have been recalibrated through the Omnibus I package. The April 2025 stop-the-clock directive postponed CSRD applica - tion for companies that had not yet started reporting and delayed parts of the CSDDD timetable. Further amendments in March 2026 narrowed the CSRD’s scope, including by raising thresholds. Status of CSRD implementation in the Netherlands In the Netherlands, the CSRD has not yet been fully implemented into national law, creating legal uncer - tainty. The Dutch implementation bill was submitted on 13 January 2025 and amended in June 2025 and April 2026 to reflect EU changes. In February 2026, the government announced a “repair clause” for the first reporting years. 7.2 ESG Developments Shift From Expansion to Simplification The most significant shift in 2025–2026 has been from expansion to simplification. In the Netherlands, ESG remains important, but the direction at EU level has changed materially. The original trajectory of expand - ing ESG regulation has been recalibrated through the April 2025 stop-the-clock directive and subsequent Omnibus I amendments.
7. Environmental, Social and Governance
7.1 ESG Requirements ESG Reporting Framework
The Dutch ESG reporting framework is primarily driven by EU law. The principal corporate reporting instruments are the Corporate Sustainability Report - ing Directive (CSRD), the European Sustainability Reporting Standards (ESRS) and, where applicable, the Taxonomy Regulation. The Sustainable Finance Disclosure Regulation applies to in-scope financial market participants and financial advisers. The Corpo - rate Sustainability Due Diligence Directive is relevant
534 CHAMBERS.COM
Powered by FlippingBook