ESG, CSR, and Sustainability: What Investors Actually Mean and Why It Matters for Startups
If you have been in a fundraising conversation recently, you have probably heard ESG mentioned in a due diligence checklist. You may have nodded and moved on, assuming it was a large-company problem. It is not anymore. This post explains what ESG actually means, how it differs from CSR and sustainability, which reporting frameworks exist and why they exist, and what investors at each funding stage are actually asking for when they use the term.
Clearing Up the Terminology
The terms ESG, CSR, and sustainability are used interchangeably in common speech but mean different things in a reporting and investment context.
CSR — Corporate Social Responsibility
CSR is the oldest of the three concepts. It emerged in the 1950s and 1960s as a voluntary commitment by businesses to consider their social impact alongside financial performance. CSR typically manifests as:
- Philanthropic giving and community programs
- Voluntary environmental initiatives
- Employee welfare programs beyond legal requirements
- Supplier codes of conduct
CSR is self-defined, voluntary, and primarily narrative. There are no standardized metrics, no third-party verification requirements, and no comparability between companies. A company can write a CSR report saying almost anything it wants.
Sustainability Reporting
Sustainability reporting is the broader practice of disclosing a company's environmental and social impacts. It predates ESG as a term and encompasses both quantitative metrics and qualitative narrative. The Global Reporting Initiative (GRI), the dominant sustainability reporting standard, was founded in 1997.
Sustainability reporting is more structured than CSR but still largely voluntary (outside of specific regulatory contexts). It focuses primarily on impact — how the company affects the world — rather than financial risk.
ESG — Environmental, Social, and Governance
ESG is an investor-originated framework. The term was coined in a 2004 UN Global Compact report called "Who Cares Wins." The critical distinction: ESG is about measuring non-financial factors that are material to financial performance and risk, not just about social impact.
From an investor's lens:
- Environmental factors affect physical risk (climate change disrupting operations), transition risk (carbon pricing, regulation), and resource costs
- Social factors affect talent retention, regulatory exposure, and brand value
- Governance factors affect fraud risk, capital allocation discipline, and alignment of management incentives
This is why ESG is distinct from CSR. A CSR report asks "what good are we doing?" An ESG analysis asks "what non-financial risks and opportunities could affect this company's returns?"
The conflation of the two terms causes real confusion in fundraising conversations. When a Series B investor asks about your ESG posture, they are not asking about your charitable giving. They are asking about risks and disclosures.
The Major Frameworks: A Technical Comparison
There are four frameworks you will encounter in investor conversations and regulatory requirements: GRI, SASB, TCFD, and ESRS. Understanding what each does prevents a lot of wasted effort.
GRI — Global Reporting Initiative
Origin: 1997, stakeholder-driven (NGOs, civil society) Orientation: Impact-first. GRI asks companies to report on how they affect the world, regardless of whether that impact is financially material. Audience: Civil society, NGOs, customers, employees, broad stakeholders Scope: Comprehensive — covers environment, social, and governance topics with hundreds of individual disclosure items Mandatory? Voluntary globally; referenced in some national regulations
GRI Universal Standards (2021 update):
- GRI 1: Foundation (reporting principles)
- GRI 2: General Disclosures (organizational profile, governance)
- GRI 3: Material Topics (materiality process)
- Topic-specific standards (GRI 200s for economic, 300s for environmental, 400s for social)
When to use it: Companies doing voluntary sustainability reporting to broad stakeholders; companies in markets where GRI is the default (common in Europe, Asia-Pacific). GRI "with reference" is the lightest commitment — you follow the principles without claiming full compliance.
SASB — Sustainability Accounting Standards Board
Origin: 2011, investor-driven Orientation: Financial materiality. SASB defines the sustainability topics that are likely to be financially material for each of 77 industry classifications. Audience: Investors, financial analysts Scope: Narrow and industry-specific. A software company's SASB standard covers: data privacy and freedom of expression, data security, employee engagement and diversity, and environmental footprint of hardware infrastructure. That's it — roughly 15 metrics total. Mandatory? Voluntary; widely used in US SEC disclosures as a voluntary reference
Why SASB matters for startups: SASB is the most investor-friendly framework because it is concise and industry-specific. A SASB-aligned disclosure for a SaaS company is a manageable document, not a 200-page report. US-based VCs and growth equity investors increasingly expect SASB-aligned metrics in portfolio ESG questionnaires.
The ISSB consolidation: In 2022, IFRS Foundation acquired SASB and merged it into the International Sustainability Standards Board (ISSB). IFRS S1 (general sustainability disclosures) and IFRS S2 (climate disclosures) build on the SASB foundation and are becoming the new global baseline for investor-focused ESG reporting.
TCFD — Task Force on Climate-related Financial Disclosures
Origin: 2017, Financial Stability Board Orientation: Climate risk to financial performance Audience: Investors, lenders, insurers Scope: Narrowly focused on climate — physical risks (extreme weather, sea level rise) and transition risks (carbon pricing, stranded assets, technology shifts). Four pillars: Governance, Strategy, Risk Management, Metrics & Targets. Mandatory? Mandatory or quasi-mandatory in UK, New Zealand, Hong Kong, Singapore; referenced in EU ESRS; effectively mandatory for large companies globally
Why TCFD matters: TCFD is the climate disclosure standard. Even if you are not legally required to file TCFD-aligned disclosures, large customers, public companies in your value chain, and institutional investors will ask for TCFD data. The Scope 1, 2, and 3 emissions figures that TCFD requires feed directly into CSRD's ESRS E1 standard.
TCFD status: The TCFD itself was dissolved in 2023, with its monitoring function transferred to the IFRS Foundation. IFRS S2 incorporates TCFD requirements, so "TCFD-aligned" and "IFRS S2-aligned" are now largely equivalent.
ESRS — European Sustainability Reporting Standards
Origin: 2023, European Financial Reporting Advisory Group (EFRAG) under CSRD mandate Orientation: Double materiality — both impact on the world AND financial risk/opportunity Audience: Regulators, investors, broad stakeholders Scope: Most comprehensive of the four. 12 standards covering climate, pollution, water, biodiversity, resource use, workforce, value chain workers, communities, consumers, and governance. Mandatory? Mandatory for companies in scope of CSRD (EU regulation)
How ESRS relates to other frameworks: ESRS was deliberately designed to be interoperable:
- ESRS E1 (Climate) is largely equivalent to TCFD + Scope 1/2/3 reporting
- ESRS incorporates SASB sector-specific indicators by reference
- GRI and ESRS have an interoperability index (GRI-aligned reporting partially satisfies ESRS requirements)
If you are building an ESG data infrastructure, designing for ESRS coverage effectively gives you TCFD, IFRS S2, and partial GRI coverage as a byproduct. ESRS is the highest common denominator for cross-framework compliance.
Framework Selection Matrix
| If you are... | Primary Framework | Secondary | |---------------|-----------------|-----------| | EU company, CSRD in scope | ESRS (mandatory) | GRI (interoperability) | | US company, institutional investors | ISSB/SASB | TCFD for climate | | Pre-Series A, minimal disclosure | SASB (industry-specific, concise) | — | | Series B–C, US VC-backed | SASB + TCFD climate section | — | | Series C+, EU revenue >€150M | ESRS (third-country rule approaching) | TCFD, SASB | | IPO preparation (any exchange) | ISSB S1 + S2 | ESRS if EU listing |
What Investors Actually Ask For at Each Stage
Pre-Seed and Seed
At this stage, formal ESG disclosure is not expected. But two things matter:
Governance basics: Cap table structure, board composition, founder vesting, conflict-of-interest policies. This is also the right moment to start SOC2 Type I readiness — governance controls required for SOC2 overlap with the "G" in ESG, and investors increasingly view security compliance as part of governance maturity. See our Security & SOC2 Compliance offering. This is the "G" in ESG. Governance failures at seed stage are a red flag because they signal founders who will cause problems at scale. Have a board (even informal), have vesting with a cliff, have documented decision-making processes.
Data rights and privacy: If your product handles personal data, how? GDPR compliance, privacy policy, data processing agreements. Not strictly ESG but increasingly folded into ESG due diligence under "S" (social — consumer rights, data privacy).
Series A
VCs doing Series A due diligence are increasingly asking portfolio companies to complete an ESG questionnaire. These are usually LP-driven — institutional limited partners (pension funds, endowments, sovereign wealth funds) require their GPs to have portfolio-level ESG data.
What they ask for at Series A:
- Carbon footprint (even a rough estimate — "we used the EPA carbon calculator, here's our estimated Scope 1+2")
- DEI metrics: headcount by gender, leadership diversity
- Key policies: anti-harassment, data privacy, supplier code of conduct
- Any material ESG incidents or controversies
The response does not need to be audited or ESRS-compliant. Investors want to see that you have thought about it and can provide credible numbers. A one-page summary with honest estimates is better than a 40-page greenwashing document.
Series B
Series B marks the threshold where ESG preparation becomes material to deal terms at some funds. Climate-focused funds (Generation, Breakthrough Energy), B Corp-aligned investors, and European VCs increasingly require:
- TCFD-aligned climate risk assessment (qualitative at minimum)
- Greenhouse gas inventory: Scope 1, 2, and top Scope 3 categories
- SASB-aligned disclosures for your industry sector
- ESG policies documentation (environmental policy, supplier ESG requirements)
- Board-level ESG oversight (a designated board member or committee)
Some funds include ESG milestones in investment agreements — e.g., "submit SASB-aligned disclosure by 18 months post-investment." If you are raising from institutional VCs at Series B, ask what their LP ESG reporting requirements are. You will need to provide data to them annually regardless.
Series C and Growth
At Series C, you are likely entering the radar of:
- Growth equity firms with formal ESG integration
- Strategic investors (corporates) with their own CSRD/ESRS obligations
- Pre-IPO positioning requirements
This is where formal frameworks become necessary. TCFD alignment is expected. SASB disclosure is expected. If you have EU revenue approaching CSRD third-country thresholds, you need to start building ESRS-compatible data infrastructure.
Growth equity funds (Insight, Tiger, Vista) increasingly require a formal ESG assessment during due diligence. Some use third-party platforms (EcoVadis, CDP questionnaire) as a standardized assessment tool. A good EcoVadis score at Series C is a meaningful differentiator.
Pre-IPO and Public Markets
Listed companies face the most demanding ESG requirements:
- SEC's climate disclosure rule (effective 2026 for large accelerated filers): Scope 1 and 2 emissions, material Scope 3, climate risk assessment
- ESRS (mandatory for EU-listed companies or large third-country companies)
- Analyst ESG scores (MSCI, Sustainalytics, ISS) affect institutional investor weighting
ESG data infrastructure built at Series C is what makes IPO-level ESG disclosure tractable. Companies that wait until pre-IPO to build ESG capabilities face a 12–18 month catch-up effort during a period when management bandwidth is already stretched.
The Materiality Assessment: The Piece Everyone Skips
Every framework — GRI, SASB, ESRS — uses materiality as the organizing principle. You do not report on everything; you report on what is material to your business.
SASB materiality is prescriptive: they tell you what's material for your industry.
GRI materiality is stakeholder-driven: you survey stakeholders to determine importance.
ESRS double materiality is both: impact materiality (your effect on the world) + financial materiality (ESG factors' effect on your finances). The process is documented and must be reproducible for auditors.
The materiality assessment is not an optional exercise. It is the foundation of your entire ESG reporting strategy. For a 50-person SaaS company, a credible materiality assessment involves:
- Structured interviews with 5–10 internal stakeholders (leadership, finance, engineering, HR)
- Survey of 10–20 external stakeholders (key customers, investors, suppliers)
- Review of peer disclosures and industry-level materiality maps
- A documented matrix mapping topics by impact magnitude and stakeholder concern
This takes 4–6 weeks and produces a 5–10 page document. It is the single most important artifact for investor ESG due diligence because it demonstrates a systematic approach rather than cherry-picked disclosures.
Practical Starting Point for Founders
If you are raising Series A or B and need to get ESG-ready quickly:
-
Do your SASB baseline. Find your SASB industry standard (software, internet media, or hardware — whichever fits your product). The metrics list is typically 10–20 items. Complete it honestly with estimates where you don't have precise data.
-
Calculate a rough carbon footprint. Use the GHG Protocol scope definitions. Cloud computing spend × a spend-based emission factor gives a reasonable Scope 2 estimate. Business travel from expense reports gives you Scope 3 Category 6. This is enough for Series A disclosure.
-
Document your governance basics. Board composition, key policies, data privacy approach, code of conduct. These are the ESG items most likely to surface in due diligence.
Automate ESG data workflows early. Manual collection via spreadsheets doesn't scale past Series A. Automation workflows for ESG reporting — API integrations with cloud providers, OCR for utility bills, HR system exports — are increasingly available off-the-shelf or buildable in weeks.
- Build the data infrastructure before you need it. The marginal cost of capturing ESG-relevant data (energy bills, HR demographics, travel spend) during normal operations is low. The cost of reconstructing historical data during a due diligence sprint is high.
Talk to us about ESG compliance — 100xai.engineering/solutions/esg-compliance
We help tech companies at every stage build credible ESG foundations — from SASB baseline assessments for Series A founders to full ESRS data infrastructure for CSRD-scoped companies. The conversation starts with a 30-minute call to map your current position against what your investors and regulators actually need.
Framework descriptions reflect the state of ESG standards as of early 2026. The ISSB, EFRAG, and GRI standards landscape continues to evolve — verify current framework versions before building a reporting program.
Related Resources
More articles:
Our solutions: ESG Compliance Engineering · Security & SOC2 Compliance
Glossary:
Comparisons:
Free Tool: Use our free 25-item ESG checklist to ensure you're investor-ready. → ESG Compliance Checklist