Navigating ESG in the Health Care & Life Sciences Sector Across the UK and Europe – From Compliance to Strategic Integration

Environmental, Social and Governance (ESG) factors are increasingly influencing both strategic direction and operational decision-making within the Health Care & Life Sciences sector. Characterised by complex global supply chains, reliance on sensitive data, and a significant environmental and social footprint, the sector is subject to growing scrutiny from regulators, investors, and civil society.

While ESG encompasses a broad spectrum of issues - from biodiversity and carbon leakage to equitable access to healthcare - this article focuses on areas where legal obligations are either established or rapidly emerging. It examines key regulatory developments across the UK, Germany, and the wider European landscape, including sustainability reporting, supply chain due diligence, greenwashing, AI governance, deforestation, packaging, and data governance.

ESG Reporting and Disclosure

Mandatory ESG reporting is expanding rapidly, with increasing alignment around international standards and a growing emphasis on streamlining and interoperability between frameworks. For companies operating in the Health Care & Life Sciences sector, ESG reporting is not a new concept - many have been disclosing sustainability-related information for years. However, the current landscape marks a shift from voluntary reporting to legally binding obligations, characterised by more prescriptive requirements, standardised formats, and heightened regulatory oversight. This evolution demands a more structured, data-driven, and legally robust approach to ESG disclosure.

Europe

• The EU Corporate Sustainability Reporting Directive (CSRD) is the cornerstone regulation for ESG reporting across Europe. Under the CSRD, companies in scope are – amongst other things - required to report in accordance with the European Sustainability Reporting Standards (ESRS), conduct double materiality assessments, and digitally tag ESG data. However, the scope of CSRD is currently in flux following the introduction of the Omnibus Simplification Package (2025) (the “Omnibus”).
• The Omnibus seeks to streamline and recalibrate several aspects of the CSRD, and other related regulations, in response to implementation challenges and stakeholder feedback. The changes could exempt up to 80% of previously in-scope companies, particularly SMEs and include:
  • amendments to the thresholds (raised to over 1,000 employees and €450million turnover; the conservative EPP wants to change the employee-threshold even more, to 1.750);
  • introduces targeted simplifications to the ESRS frameworks; and
  • delays certain reporting deadlines, commonly referred to as the “Stop the Clock” provision. The “Stop-the-Clock” directive entered into force in April 2025 and must be transposed by Member States by 31 December 2025.
• The broader Omnibus Simplification Package is still under negotiation between the European Parliament and Council, with final agreement expected within 12–18 months.
• The EU Taxonomy for Sustainable Activities defines which economic activities qualify as environmentally sustainable. Companies in scope of the CSRD are required to report against the taxonomy by identifying which of their activities are taxonomy-eligible, assessing their alignment with environmental criteria, and disclosing related financial metrics of the activities that are taxonomy-aligned.
• A number of changes to the taxonomy have been proposed as part of the Omnibus including the introduction of a 10% materiality threshold for taxonomy-aligned activities, simplified reporting templates and revision and clarification of key concepts such as the ‘do no significant harm’ principle. 

Germany

• On 3 September 2025, the German Federal Cabinet approved a draft bill to transpose the CSRD into national law with minimal deviation and formally incorporate the Stop-the-Clock Directive. In addition to delays for  reporting deadlines (Wave 2 and Wave 3), Germany has also introduced relief measures that already take into consideration the current state of the Omnibus proposal, including exemptions for smaller Wave 1 companies. 

UK

• The UK Government is currently consulting on the exposure drafts of the UK Sustainability Disclosure Standards (UK SDS), which are based on the ISSB’s IFRS S1 and S2. These standards are intended to form the foundation of the UK’s future sustainability disclosure regime. The framework is expected to be finalised in Q4 2025, with voluntary adoption available to companies thereafter. Further consultation, led by the Financial Reporting Council, is planned from January 2026 to determine implementation details. It is anticipated that reporting in line with the UK SDS will become mandatory for listed and large private companies, marking a significant step towards a more standardised and enforceable ESG reporting landscape in the UK.
• Notably, the government consulted on introducing a UK Green Taxonomy earlier this year but ultimately decided against it, concluding that other policy tools would be more effective in driving sustainable investment and addressing greenwashing without adding unnecessary regulatory burden.

Supply Chain Due Diligence

Supply chain integrity remains a core ESG priority for companies in the Health Care & Life Sciences sector, given the global nature of operations and therefore the heightened risk of exposure to human rights violations, environmental harm, and regulatory non-compliance. Legal obligations in this area are becoming more defined, particularly across the EU and Germany.

Europe

• The Corporate Sustainability Due Diligence Directive (CSDDD) introduces mandatory human rights and environmental due diligence obligations across companies’ operations and value chains. In-scope companies must identify, prevent, and mitigate adverse impacts, and adopt climate transition plans aligned with the Paris Agreement. Initially adopted in July 2024 with broad application, the Omnibus now proposes to narrow the scope of due diligence to tier-one suppliers among other provisions aimed to facilitate the new rules’ applicability, reflecting a more phased and risk-based approach. With the adoption of the Stop the Clock Directive, the implementation deadline for Member States as well as the start of applicability for certain company categories has yet to be decided.

Germany

• Germany’s Supply Chain Due Diligence Act (LkSG), in force since 2023, imposes similar obligations on companies with 1,000 or more employees. It requires companies to conduct risk analyses, implement preventive and remedial measures, and report annually on their due diligence efforts.
• The German Federal Cabinet approved a draft bill to change certain provisions of the LkSG on 3 September 2025. In particular, the bill would retroactively abolish the reporting obligation for all companies as of 1 January 2023. Additionally, the bill foresees a change of the LkSG’s penalty provisions to prospectively only sanction severe infringements. The German Bundestag still has to approve the changes before they can become law and enter into force.

UK

• Beyond the UK Modern Slavery Act 2015, which prohibits the use of forced labour and human trafficking in supply chains and requires large companies to report on steps taken to prevent it, the UK has not yet introduced equivalent legislation to the CSDDD or LkSG. However, UK companies with operations or supply chains in the EU may still be indirectly affected by the CSDDD and LkSG, particularly where group-level compliance or contractual obligations with EU-based partners apply.

Greenwashing 

Public-facing sustainability claims – such as those relating to carbon neutrality, ethical sourcing, and environmental impact - are under increasing regulatory scrutiny. This is particularly relevant for Health Care & Life Sciences companies promoting “green” packaging, use of “natural ingredients” or “low-carbon” processes.

Europe

• The Directive on Empowering Consumers for the Green Transition aims to improve the reliability of sustainability claims made to consumers. It applies to all B2C communications, including product packaging, advertising, and corporate messaging. The Directive prohibits generic environmental claims (e.g. “green”, “eco-friendly”, “carbon neutral”) unless substantiated by recognised environmental performance. It also bans offsetting-based claims without verified implementation plans and requires independent third-party verification for sustainability labels. Social claims (e.g. “ethically sourced”, “fair trade”) are also covered. Misleading claims - whether intentional or not - can result in regulatory fines, reputational damage, and, in some jurisdictions such as France, criminal penalties. Member States have to implement the Directive until March 2026.
• The Proposed EU Green Claims Directive, still under negotiation, seeks to establish strict rules for verifying voluntary environmental claims. If adopted, claims will need to be science-based, independently verified, and transparently documented. While the European Commission initially signalled a withdrawal due to concerns over its impact on microenterprises, it later clarified that the proposal remains under consideration. Its future now depends on political consensus within the Council and Parliament.
• In the UK, the Green Claims Code, enforced by the Advertising Standards Authority (ASA) and overseen by the Competition and Markets Authority (CMA), applies similar principles to the EU’s Empowering Consumers directive. It requires that all environmental claims be clear, accurate, substantiated, and not misleading. The Code applies across all sectors and covers claims made in advertising, product labelling, and corporate communications.
• From 1 September 2025, the new “failure to prevent fraud” offence under the Economic Crime and Corporate Transparency Act 2023 introduces an additional layer of legal risk. While primarily aimed at financial misconduct, the offence may extend to misleading ESG claims where a company profits from false or deceptive sustainability claims. This could include overstated carbon neutrality claims, unverified ethical sourcing statements, or inflated environmental performance metrics—particularly those involving AI or data-driven representations.

Germany

• On 3 September 2025, the German Federal government adopted a draft bill implementing the Empowering Consumers Directive via direct transposition, by way of the so-called “Third Act Amending the Act Against Unfair Competition (UWG)”, reinforcing the legal framework for sustainability claims and aligning national law with EU standards.

UK

• In the UK, the Green Claims Code, enforced by the Advertising Standards Authority (ASA) and overseen by the Competition and Markets Authority (CMA), applies similar principles to the EU’s Empowering Consumers directive. It requires that all environmental claims be clear, accurate, substantiated, and not misleading. The Code applies across all sectors and covers claims made in advertising, product labelling, and corporate communications.
• From 1 September 2025, the new “failure to prevent fraud” offence under the Economic Crime and Corporate Transparency Act 2023 introduces an additional layer of legal risk. While primarily aimed at financial misconduct, the offence may extend to misleading ESG claims where a company profits from false or deceptive sustainability claims. This could include overstated carbon neutrality claims, unverified ethical sourcing statements, or inflated environmental performance metrics—particularly those involving AI or data-driven representations.

Deforestation and Carbon Leakage

Deforestation is a key ESG issue, particularly in the Health Care & Life Sciences sector, where raw materials such as rubber, palm oil, and soya are commonly used in medical devices, formulations, and supplements. Simultaneously, the EU Carbon Border Adjustment Mechanism (CBAM) introduces a carbon cost on imports of carbon-intensive materials such as aluminium and steel, which are widely used in manufacturing equipment, packaging, and infrastructure. While pharmaceutical products are not currently in scope, the EU is actively considering expanding CBAM to cover downstream products, including medical devices and packaging that incorporate regulated materials - raising future compliance risks for the sector.

Europe

• The EU Deforestation Regulation (EUDR) mandates strict due diligence for commodities linked to deforestation, including rubber (often used in medical devices), palm oil (commonly found in pharmaceutical formulations), and soya (frequently used in supplements). Companies (including non-EU importers) must ensure products containing these commodities placed on the EU market are deforestation-free and traceable to compliant sources, verifying the geolocation of origin, conducting risk assessments, and maintaining comprehensive documentation to demonstrate compliance. Penalties for breaches may include fines, product recalls, and reputational damage.
• Enforcement was originally planned to start on 30 December 2024 for large and medium size companies and on 30 June 2025 for small and micro enterprises. In December 2024, the European institutions finally agreed to delay each of these dates by one year. With the new start of applicability nearing, debates about yet another delay are currently being held on a European and Member State level. While the European Commission is speaking in favour of another delay due to technical issues regarding implementation, a group of European Parliamentarians has spoken out in favour of staying on track with the designated timeline. There are also calls for substantive changes to the rules of the Regulation, put forward for example in an open letter by the agriculture ministers of 18 Member States, not including Germany.
• The EU Carbon Border Adjustment Mechanism (CBAM) places a carbon cost on imports of materials like aluminium and steel, aligning with the EU’s Emissions Trading System. Under the CBAM Regulation, importers must report embedded emissions and purchase CBAM certificates unless equivalent carbon pricing has been paid at origin. The Regulation is currently under scrutiny as part of the Omnibus simplification process. The European Parliament and Council reached a provisional agreement on legal changes in June 2025, including a delay of the start of applicability until 2027 and a significant reduction of the Regulation’s scope. While pharmaceuticals are currently out of scope, the EU is considering extending CBAM to downstream products - such as medical devices and packaging containing CBAM-regulated materials - due to concerns that carbon leakage is shifting further down the value chain. A public consultation closed in August 2025 with a legislative proposal expected by year-end.

Germany 

• Germany generally supports the EUDR. However, Federal Chancellor Friedrich Merz raised concerns about the bureaucratic burden placed on companies in a letter to Commission President Ursula von der Leyen in July 2025. He asks for the introduction of a so-called “zero-risk” category that would relieve countries without deforestation risk, such as Germany, of certain documentation requirements.
• Despite the ongoing political debate, companies are advised to prepare for compliance, with guidance issued by GS1 Germany, a non-profit organisation developing and managing global standards for product identification and supply chain processes, to support supply chain partners meet EUDR requirements, including contractual obligations for non-EU suppliers.

UK

• The UK’s equivalent to the EUDR - the Forest Risk Commodity Regulation (UKFRC) - remains pending. It sits under the Environment Act 2021 but requires secondary legislation to take effect, which has yet to be introduced. While aligned with the EUDR in intent, it differs in scope and enforcement. Companies in scope (those with a turnover exceeding £50 million) should prepare proactively, with potential movement expected around COP30 in Brazil later in 2025.
• The UK Carbon Border Adjustment Mechanism (UK CBAM), effective 1 January 2027, will apply a carbon tax on imports of carbon-intensive goods, specifically aluminium, cement, fertilisers, hydrogen, and iron and steel. While pharmaceuticals and medical devices are not directly in scope, companies in the Health Care & Life Sciences sector may be indirectly affected if importing CBAM-regulated materials or packaging made from such materials (e.g. aluminium blister packs, surgical tools). Importers must report emissions, engage suppliers, and register with HMRC if imports exceed £50,000 over a rolling 12-month period. Unlike the EU CBAM which is a certificate-based system, the UK CBAM applies a tax based on emissions intensity and pricing gaps.
• Following the UK-EU Summit in May 2025, the UK Government published a Common Understanding policy paper outlining plans to link the UK and EU Emissions Trading Systems (ETSs). If formalised, it would exempt UK-origin goods from EU CBAM and vice versa, avoiding both the financial burden and the complex reporting requirements associated with CBAM compliance. The timing remains uncertain, but alignment would significantly ease cross-border trade for importers of the goods in scope.

Packaging and Extended Producer Responsibility

Packaging is an increasingly prominent ESG concern, particularly in the Health Care & Life Sciences sector, where regulatory focus is intensifying around waste reduction, recyclability, and lifecycle accountability. With growing pressure from both regulators and consumers, companies must navigate a patchwork of evolving obligations across jurisdictions, including design standards, labelling requirements, and producer responsibility schemes.

Europe

• The EU Packaging and Packaging Waste Regulation (PPWR) introduces harmonised rules on packaging design, recyclability, and environmental labelling. While packaging in direct contact with medicinal products is exempt from certain requirements, companies in the Health Care & Life Sciences sector must still meet obligations around packaging minimisation, recyclability, and clear disposal instructions. Key requirements include reducing empty space, achieving minimum recyclability grades by 2035, and annual reporting from August 2026, with phased targets extending to 2030 and beyond.

Germany 

• Germany’s Packaging Act (VerpackG) applies to all packaging types and all businesses- including foreign companies selling into Germany. There is no minimum threshold for compliance. Companies must register with the LUCID Packaging Register, contract with a dual system provider to pay recycling fees, and report packaging volumes.
• The PPWR will significantly impact German packaging law and, in some areas, tighten its requirements. Among other changes, Germany will have to implement much stricter recycling targets for various packaging materials and make sure to align its national laws with the PPWR’s strengthened Extended Producer Responsibility (EPR), stretching producers’ and distributors’ accountability over all stages of a package’s lifecycle, including collection and recycling processes.

UK

• The UK’s EPR regime came into effect in January 2025. Companies with turnover above £1 million and placing more than 25 tonnes of packaging on the market must report packaging volumes and materials, and contribute to the costs of waste collection and recycling infrastructure.

Data Governance and Emerging Technologies

The Health Care & Life Sciences sector’s dependence on sensitive patient data and advanced technologies, such as AI and digital diagnostics, raises complex ESG and compliance risks. Regulatory frameworks across the EU, Germany, and the UK are evolving to address data protection, algorithmic accountability, and ethical technology use.

Europe

• The EU’s General Data Protection Regulation (GDPR) remains the cornerstone of EU data protection, requiring lawful, transparent, and secure processing of personal and health data.
• The EU AI Act, adopted in 2024, introduces a risk-based framework for AI systems. High-risk AI systems (e.g. diagnostic tools) must meet strict standards on transparency, human oversight, and data governance. Developers must conduct conformity assessments and ensure data quality and traceability.
• Under the CSRD and ESRS, companies must disclose risks related to data governance, cybersecurity, and AI - especially where these impact human rights or environmental outcomes.

Germany 

• Germany enforces the GDPR primarily through the Federal Data Protection Act (BDSG), with additional scrutiny from regional data protection authorities.
• Regarding the EU AI Act, Germany’s implementation is expected to include sector-specific guidance for healthcare, particularly concerning diagnostic AI systems and patient data analytics. Companies operating in this space must ensure compliance with key principles such as data minimisation, security by design and by default, and obtaining explicit patient consent for processing personal health data.

UK

• The UK applies the UK GDPR, aligned with the EU framework but subject to domestic interpretation and reform, alongside the Data (Use and Access) Act 2025.
• The AI Regulation Bill has been delayed until at least 2026, but the government favours a principles-based approach, supported by sector-specific guidance from bodies like the Medicines and Healthcare products Regulatory Agency (MHRA).
• In June 2025, the UK joined the HealthAI Global Regulatory Network, collaborating internationally to monitor AI safety, share early warnings, and shape global standards, supporting faster deployment of trusted AI tools in healthcare.
• The forthcoming UK SRS will require companies to report on data governance, cybersecurity, and AI-related risks.

From compliance to strategic integration

As ESG regulation intensifies and stakeholder expectations rise, companies in the Health Care & Life Sciences sector face increasing pressure to act. Yet, within this complexity lies opportunity. By adopting a proactive and strategic approach, organisations can transform ESG compliance from a regulatory obligation into a source of resilience, innovation, and competitive edge.

To move from compliance to strategic advantage, companies in the Health Care & Life Sciences sector should consider the following actions:

1. Integrate climate risk into strategy
   Use climate modelling to assess supply chain vulnerabilities and product resilience, particularly in response to extreme weather and global health impacts.
2. Strengthen data governance and AI oversight
   Establish clear policies for ethical AI use, bias mitigation, and data privacy. Invest in cyber resilience to protect sensitive patient and research data.
3. Embed ESG into M&A strategy
   Evaluate acquisition targets for ESG alignment alongside financial fit.
4. Advance sustainable packaging and materials
   Transition to low-carbon, recyclable materials in medical devices and packaging to reduce environmental impact and prepare for CBAM-related obligations.
5. Promote workforce equity and talent development
   Foster an inclusive culture, ensure fair compensation, and upskill teams in digital and ESG competencies.
6. Improve ESG data collection and reporting
   Build systems to capture Scope 1–3 emissions, social impact metrics, and governance indicators. Use recognised frameworks (e.g. GRI, ISSB, SASB) and ensure legal review and third-party verification to mitigate greenwashing risks.
7. Engage stakeholders transparently
   Communicate ESG goals clearly to investors, regulators, and patients, demonstrating ethical leadership and long-term commitment.
8. Prepare for regulatory convergence
   Monitor developments across jurisdictions (e.g. EU CSRD, CSDDD, EUDR, UK SDS, CBAM) and harmonise compliance strategies to reduce duplication and risk, for example in the field of supply chain due diligence. Make sure to implement robust internal systems and processes to ensure long-term compliance and meet all necessary reporting deadlines.
9. Conduct an ESG exposure audit
   Identify gaps and risks across operations and supply chains to prioritise compliance and mitigation efforts.
10. Collaborate across the sector
    Join industry initiatives such as Sustainable Medicines Manufacturing - Innovate UK Business Connect to stay ahead of regulatory trends and drive innovation.