Compliance · CSRD · 5 min read
CSRD energy data,
structured for audit.
Large EU companies and listed SMEs fall under the Corporate Sustainability Reporting Directive. Self-reported energy in a spreadsheet is no longer enough. Auditors are signing off on numbers — they need numbers that can be re-derived from primary evidence.
What CSRD asks for
ESRS E1 — the energy and emissions standard inside CSRD — requires companies to disclose total energy consumption broken down by source, with a chain of evidence auditable to the same standard as a financial line item. The reporting standard is structured XBRL; the underlying evidence is whatever the auditor chooses to inspect.
Where self-reported data breaks under audit
- No source binding — the kWh figure does not carry a signed reading from the meter that produced it.
- No timestamp guarantee — the spreadsheet can be edited after the fact, including dates.
- No reproducibility — a second auditor cannot independently derive the same number from the same primary evidence.
- No tamper detection — there is no cryptographic test that flags a retroactive change.
What Serial Alice provides for CSRD
Signed at captureEnergy reading + timestamp signed before any human sees it
Public anchorHash committed to Polygon mainnet — dated, immutable
Verifiable offlineAuditors run a 30-line Python script — no API key
XBRL-ready exportsOne API call returns the structured CSRD payload
Workload-level granularityPer-tenant, per-model, per-session attribution
Versioned policyenergy-v4 calculation pinned in the signed payload
See an auditor-grade certificate
Verify a real Polygon-anchored attestation end-to-end.
Verify a certificate →
What auditors actually receive
For each reporting period, the structured export contains:
- List of all signed certificates inside the period, with their hashes.
- Polygon transaction hashes anchoring each certificate's Merkle batch.
- Issuer public key + signature for each certificate (Ed25519 + ML-DSA).
- Aggregate energy totals broken down by source — every number a sum of underlying signed readings.
- Offline-verification bundles for spot-checks.
An auditor walks the list, picks a sample, and verifies each one independently. Either it checks out or it does not — there is no intermediate "we trust the operator" step.
What this means for the CFO and the audit firm
Audit hours collapse. The big four are pricing CSRD assurance work like financial audit — hours of partner time per disclosure. Cryptographic evidence flips the labour model: the verifier replays the proof, the auditor reviews the methodology, sign-off happens in a day, not a quarter.