🚨 Buying Blind? the DAX40 carbon credit black box
This issue is going out a week early because we are publishing something today with Sylvera that I think matters.
It is the first full audit of every carbon credit disclosure made by a DAX40 company under CSRD’s ESRS E1-7 standard.
Three months of work. 39 companies analysed. 21 active buyers. And one question I have been carrying with me long before this project started: can anyone outside the company actually verify what sits behind these disclosures?
I think this is a question every sustainability lead in Europe will get asked over the next 18 months.
Read the full report here: senken.io/buying-blind or click the button below.

The moment that triggered this
A few months ago, a sustainability lead at a DAX company sent me her draft CSRD section on carbon credits and asked me to read it before submission.
The numbers were right. The standards were named. The removal versus reduction split was clean. Fully compliant.
She knew exactly which projects sat behind those numbers. Every ID, registry, vintage and supplier was sitting in her procurement system. She could have walked me through every credit in thirty seconds.
None of that made it into the disclosure.
ESRS E1-7 does not ask for project IDs. So eight weeks later, when her filing went public, it would look indistinguishable from a portfolio of D-rated cookstoves.
I asked her why she did not publish the project list voluntarily.
“Legal said don’t volunteer what isn’t required. Our peers aren’t doing it. We’d look exposed for no reason.”
That sentence stayed with me.
The data exists. Procurement teams have it. Auditors can see it on request. But everyone outside the company gets the same redacted aggregate.
So we pulled all 39 DAX40 reports apart and tried to verify them ourselves.
This is what we found.
What we did
We pulled every FY2025 CSRD filing from the DAX40 and extracted the ESRS E1-7 section into a standardised template.
Then we tried to do from the outside what auditors will eventually ask companies to do from the inside: trace every credit to a specific project, check the registries, pull the ratings, and see whether the claim survives scrutiny.
What we found
DAX40 companies reported 4.84 million tonnes of carbon credits across their FY2025 filings.
Not a single one of the 39 companies disclosed a project ID anywhere in the CSRD section. Not one.
After three months of searching, 45% of the reported volume remained untraceable. That is 2.17 million credits sitting inside CSRD filings that comply with the regulation, but cannot be verified by anyone outside the company.

Most of the below-threshold volume sits in methodology categories the ICVCM has already declined to approve under its Core Carbon Principles. The market already knows these are weak. Yet the portfolios still contain them.

What I keep coming back to
The honest part is that none of these companies are doing anything illegal.
They are compliant. They have signed off on what the regulator asked for. The procurement team did its job. The auditor can tick the box.
But that is precisely what bothers me.
The four companies that publish their projects voluntarily, Bayer, DHL, Commerzbank and Scout24, and the two that are forced to by California state law, SAP and Deutsche Bank, show that the data is not hard to share.
They purchased the credits. They have the project ID, country, registry, vintage and supplier sitting in their procurement system. Publishing it would cost them almost nothing.
The other 15 buyers are not necessarily hiding anything malicious. They are taking shelter behind a disclosure standard that does not require them to expose themselves.
And as long as the regulator does not ask, intermediaries have little incentive to push for higher quality. Procurement defaults to the cheapest compliant credit. Portfolios fill up with renewable energy and cookstove credits that score badly on independent frameworks. The CSRD filing reads cleanly. Whether the climate impact is real remains an open question.
That is what is broken.
Not the buyers. The standard.
Bottom line
4.84 million credits reported. Zero project IDs disclosed. Forty-five percent untraceable. Of what we could check, more than half sits below the credibility threshold.
The data to fix this already exists in every procurement department in Europe.
The disclosure standard just does not ask for it.
The full report, with every chart, the methodology, the DAX40 scorecard and the project-level breakdown, is here: