The EU Data Act
The EU Data Act has been in force since January 11, 2024, and will be gradually implemented starting September 12, 2025, or for certain product specifications starting in 2026. Its core principle is that users of connected products – such as machines, systems, or industrial IoT devices – have a legal right to access the data generated by these systems and can also make this data available to third-party providers.
For machine and plant manufacturers, this means that they must adapt their data and cloud strategies and contracts (e.g., as-a-service models, platform use, remote services), open interfaces, and establish clear rules for data use, security, and confidentiality.
This gives operators bargaining power and new opportunities for data-based services, maintenance, and process optimization – but at the same time, they must organize governance, IT compliance, and know-how protection in a much more professional manner.
Sustainability, Energy & Climate: CSRD, Energy Efficiency, Digital Product Passport
There have been signs of fatigue recently when it comes to sustainability and resource conservation. However, setbacks such as postponing the ban on combustion engines or less ambitious climate targets do not mean that EU countries are losing their focus on sustainability. Companies must therefore be prepared for changes in this area as well.
Corporate Sustainability Reporting
The Corporate Sustainability Reporting Directive (CSRD) and the associated European Sustainability Reporting Standards (ESRS) significantly expand sustainability reporting in the EU and affect far more companies than the previous Non-Financial Reporting Directive. Gradually, starting in the reporting years 2024 to 2028, large capital market-oriented companies will be required to comply, followed by other large corporations and limited liability partnerships, and later also capital market-oriented SMEs and certain non-EU groups.
For many manufacturing companies, this means that sustainability will become an auditable reporting element on a par with the financial section – including detailed information on climate and energy, emissions, resource and water use, waste, occupational safety, and the supply chain.
Operationally, this increases the pressure on plants and production areas to provide reliable, auditable data on energy management, environmental indicators, and occupational safety, and to document processes in such a way that they can withstand an audit. Even companies that are not (yet) directly subject to reporting requirements are being drawn into the CSRD maelstrom by customer requirements and supply chain questionnaires: suppliers who cannot provide their ESG data risk competitive disadvantages in tenders and framework agreements in the medium term.
The German Energy Efficiency Act
The German Energy Efficiency Act (EnEfG) has been in force since November 18, 2023, and tightens the requirements for companies with high energy consumption. Companies whose final energy consumption exceeds certain thresholds – typically 7.5 GWh per year – must introduce a certified energy or environmental management system (such as ISO 50001 or EMAS) within defined deadlines, systematically record their energy consumption, and identify, plan, and regularly report on specific efficiency measures.
For energy-intensive production sites, this means that energy monitoring, measurement concepts, waste heat utilization, and efficiency projects will become a legal requirement. Those who skillfully combine the requirements with existing initiatives on climate strategy, CSRD reporting, and cost reduction can translate the additional effort into a structured decarbonization and modernization path for their plants. Those who react too late, on the other hand, risk not only higher energy costs but also fines and damage to their reputation.
CO2 border adjustment and emissions trading
The EU‘s Carbon Border Adjustment Mechanism (CBAM) and the parallel reform of emissions trading are making CO2 costs for energy-intensive materials much more visible – long before they reach the chimney of your own plant. A transition phase has been underway since October 1, 2023, during which importers of cement, iron and steel, aluminum, fertilizers, electricity, and hydrogen are initially only required to report emissions. The financial phase will begin on January 1, 2026, when CBAM certificates will gradually have to be purchased and surrendered for these imports, parallel to the phasing out of free ETS certificates in the EU.
For operators, this means that the CO2 footprint of raw materials is increasingly becoming a cost and competitive factor. Purchasing, supplier selection, material substitution, and companies' own decarbonization strategies are becoming more closely linked. Those who create transparency about emissions in the supply chain at an early stage and factor CO2 costs into their investment and location decisions will gain an advantage over less prepared competitors.
Ecodesign and digital product passport
The Ecodesign for Sustainable Products Regulation (ESPR) extends the existing ecodesign framework for energy-related appliances to almost all physical products and has been in force as a regulation in the EU since July 2024. Specific requirements are now being introduced gradually via delegated acts for individual product groups – including, in the future, machines, components, and spare parts. The central instrument is the digital product passport, through which manufacturers will in future have to provide structured information on material composition, reparability, durability, recycled content, and environmental performance.
For machine builders and suppliers, this means that product development, parts lists, material data, and technical documentation must be geared toward the circular economy and data provision at an early stage. Operators will benefit in the long term from greater transparency for maintenance, spare parts management, modernization, and dismantling – but will have to adapt their own asset and spare parts strategies to the new information flows.
Corporate responsibility: Supply chains & due diligence
After the German Supply Chain Act came into force, politicians at the federal level suddenly backtracked. In the meantime, there have been calls for Germany to scale back or even completely abandon its due diligence obligations. However, as long as these remain only calls, companies must continue to comply with the applicable German regulations.
The German Supply Chain Act
With the German Supply Chain Due Diligence Act (LkSG), which has been in force since 2023 for companies with 3,000 or more employees and will apply to companies with 1,000 or more employees from 2024, human rights and selected environmental risks in the supply chain have moved from the CSR niche to a strict legal framework. Companies must conduct risk analyses, establish prevention and remedial measures, set up complaint procedures, and report regularly to the Federal Office for Economic Affairs and Export Control (BAFA) – with significant penalties for violations.
The EU Corporate Sustainability Due Diligence Directive
The EU-wide harmonized Corporate Sustainability Due Diligence Directive (CSDDD), which will be transposed into national law in the coming years, goes even further: it also includes large non-EU companies with high EU turnover, requires the establishment of climate plans, and increases liability and sanction risks.
For manufacturing companies, this means that purchasing, supplier management, and quality/ESG management must work more closely together. Those who establish clean processes, transparent supply chains, and reliable data today will be much better equipped for both LkSG audits and the upcoming CSDDD, while also reducing reputation and supply risks.
When is the bus coming?
A special feature of current EU regulation is the use of omnibus regulations or directives, which not only create new individual laws but also amend a whole series of existing legal acts at the same time. In the context of the Machinery Regulation, AI Act, NIS2, Data Act, CSRD, CBAM, and ESPR, this means, for example, that obligations for operators appear not only in the “main law” but often also in accompanying amendments to other regulations – for example, in product law, energy law, or reporting obligations.
It is therefore crucial for companies not only to be aware of the overarching themes of the major regulatory packages, but also to examine the omnibus amendments in their specific laws so as not to overlook any silent but effective tightening of regulations.
Conclusion: A structural change that offers opportunities
The coming years will not bring a “normal” regulatory cycle for the manufacturing industry, but rather a genuine structural change: the Machinery Regulation, AI Act, NIS2, Data Act, CSRD, LkSG/CSDDD, EnEfG, CBAM, and ESPR are all intertwined and make security, digitalization, sustainability, and responsibility for supply chains legally binding core tasks. Those who continue to treat these issues in isolation as individual projects run the risk of getting bogged down and incurring fines, liability risks, and competitive disadvantages.
At the same time, this consolidation of requirements presents an opportunity: Companies that adopt an integrated approach early on, clearly define responsibilities, and leverage synergies – for example, in data collection for CSRD, EnEfG, NIS2, and ESPR – can make their production more transparent, efficient, and resilient. Regulation then becomes not just a burden, but a driver for modern, secure, and sustainable factories in Europe.