ESMA Finds Gaps in ESG Risk Integration as Supervisors Push for More Than Just Compliance

Key Takeaways

• Compliance Isn’t the Same as Integration: While most firms meet the letter of the law, the integration of sustainability risks into investment and risk processes is often too shallow.
• Disclosure Quality Needs Work: Both entity-level and product-level SFDR disclosures were found to be inconsistent, vague, or too high-level to be useful.
• Supervisory Cooperation Is Improving: National regulators are increasingly aligned in how they assess ESG practices, helping to strengthen enforcement.
• Expect More Follow-Up: ESMA wants regulators to keep engaging with firms, especially where vulnerabilities or compliance gaps remain.
• Substance Matters: The report reinforces that ESG obligations aren’t just about checking boxes. What’s needed now is clarity, consistency, and real integration.

Deep Dive

The European Securities and Markets Authority (ESMA) has wrapped up a two-year supervisory effort into how asset managers across the EU are handling sustainability risks and disclosures, and while the overall verdict is “satisfactory,” the tone is clear that there’s still work to do.

The review, known as a Common Supervisory Action (CSA), ran throughout 2023 and 2024 and involved coordination between ESMA and national regulators across the bloc. Together, they looked at how investment firms are complying with key EU regulations, including the Sustainable Finance Disclosure Regulation (SFDR), the Taxonomy Regulation, and relevant rules under UCITS and AIFMD, with a focus on how well sustainability risks are being integrated into both strategy and reporting.

The results? Most firms are broadly following the rules, but meaningful integration is still inconsistent, especially when it comes to risk management practices and the quality of disclosures at both the firm and product levels.

Where the Gaps Are

At the entity level, ESMA found that SFDR disclosures are often too generic to be helpful. The same goes for product-level statements, where language is sometimes vague or overly formulaic. It’s not always clear how sustainability risks are actually being assessed, or what role they play in investment decision-making. In short: the disclosures exist, but the substance behind them varies.

The CSA also turned up several compliance issues, which local regulators worked to address with the firms involved. While those issues were reportedly resolved, the findings underscore how uneven ESG implementation still is across the industry, and how much depends on ongoing supervisory attention.

Beyond identifying problems, the CSA served as a way for regulators to compare notes and align their expectations. National authorities shared supervisory approaches, discussed challenges, and took steps to harmonize how they interpret and enforce ESG-related obligations. That kind of convergence is a long-term goal for ESMA, and exercises like this one help move things in that direction.

The ESMA is encouraging supervisors to stay engaged and continue pressing firms to tighten up both their ESG risk frameworks and their transparency obligations. The message is that disclosures shouldn’t just exist to satisfy a requirement, they should actually reflect what’s happening inside the business.

The GRC Report is your premier destination for the latest in governance, risk, and compliance news. As your reliable source for comprehensive coverage, we ensure you stay informed and ready to navigate the dynamic landscape of GRC. Beyond being a news source, the GRC Report represents a thriving community of professionals who, like you, are dedicated to GRC excellence. Explore our insightful articles and breaking news, and actively participate in the conversation to enhance your GRC journey.