Group Annual Report 2024

Download overview

Legal environment

Sustainable Finance

A range of comprehensive European legislative initiatives have been introduced in recent years under the “European Green Deal”. In the reporting year, VIG focused on the first-time application of the EU Corporate Sustainability Reporting Directive (CSRD) and the associated mandatory European Sustainability Reporting Standards (ESRS) in accordance with the currently applicable provisions of the Austrian Sustainability and Diversity Improvement Act (NaDiVeG). In order to exempt the Group companies outside of Austria from reporting at the individual company level, VIG has decided to apply the new requirements on a consolidated basis, despite the lack of national implementation in Austria. The implementation required extensive preparatory work at both the Holding and Group company levels. The first Group-wide consolidated sustainability statement, which was prepared in accordance with these new requirements, can be found in the chapter “Consolidated non-financial report” of the Group management report starting on page 57. In addition, the Corporate Sustainability Due Diligence Directive (CSDDD) entered into force on 25 July 2024. Member States have two years to transpose the directive into national law, and the first companies – including VIG – will have to apply it from July 2027. The directive requires companies to conduct the necessary human rights and environmental due diligence with respect to their own activities and those of their subsidiaries and business partners in their “chain of activities”. In contrast to the real economy, the obligations of financial companies are initially limited to the upstream part of the activity chain (“upstream activities”). Furthermore, companies will be required to prepare a transition plan that includes a strategy for how the company will contribute to achieving the 1.5°C target.

In autumn 2024, the European Commission provided further details on an earlier announcement to reduce red tape by cutting corporate reporting by 25%. This initiative will consist of several “Omnibus packages”, the first of which was proposed by the European Commission in February 2025 and includes amendments to the EU Taxonomy Regulation, CSRD and CSDDD. The European legislator is responsible for the final formulation of this first “Omnibus package”. The European Commission’s proposals include both changes to requirements that are already applicable and to future requirements. For example, the current mandatory reporting templates for the taxonomy KPIs and the sustainability reporting standards (ESRS Set 1) are to be condensed and simplified. Future additional bureaucratic burdens such as the sector-specific sustainability reporting standards (ESRS Set 2) and a potential extension of the due diligence obligations to include the client relationships of financial companies (CSDDD) are to be eliminated. The proposed restrictions on the scopes of application (Taxonomy Regulation, CSRD) do not offer any advantage for VIG, which is still subject to the obligation, but they do pose an indirect disadvantage. Since significantly fewer companies in the value chain would have to report, the data situation could deteriorate. However, the final impact on VIG can only be analysed after the European legislative process has been completed.

Digital Resilience

The regulation of digital security in the financial sector remained a focus at the European level during the reporting period. Since 17 January 2025, the Digital Operational Resilience Act (DORA) has been applicable to European financial entities, requiring them, among other things, to take all required security precautions to mitigate cyber attacks and other risks in the area of information and communication technology (ICT risks). Essential details for the provisions in DORA are set at level 2. These level 2 measures were developed by the ESAs (EIOPA, EBA and ESMA) in the course of 2024 in a joint committee. They will become legally binding upon their adoption by the European Commission and subsequent publication in the Official Journal of the European Union.

International Sanctions

After significant changes to the dynamics, complexity and extent of the international sanctions environment as a result of Russia’s attack on Ukraine in 2022, multiple countries and organisations, above all the European Union, the United States of America and the United Kingdom of Great Britain and Northern Ireland, imposed further comprehensive sanctions against Russia and Belarus or expanded already existing sanctions in the reporting year. The restrictions rang from (investment) restrictions for specific economic sectors to embargoes on goods, complete trade embargoes for specific regions to the significant expansion of the number of persons and companies that were placed on sanctions lists and with whom business relationships are therefore prohibited. As in the previous year, the European Union, the United States of America and the United Kingdom of Great Britain and Northern Ireland again stepped up their efforts to prevent sanctions being circumvented. In this context, in 2024, numerous individuals and companies from outside Russia and Belarus were sanctioned. This also includes persons with nationalities from EU countries or companies with their registered office in the EU. In 2024, also Iran was once again the target of sanctions, particularly by the European Union and the United States of America. The main reasons for that were the attacks on Israel and the continued military support for Russia. Further restrictive measures were already adopted in 2025 due to ongoing conflicts, particularly in relation to Russia and the Middle East.