Becoming match-fit

One of the key observations from our review is how few organisations describe the governance of disclosures. There are very few explanations of how the published reports were produced and what scrutiny they underwent prior to disclosure.

This is an important factor in giving credibility to reports and often external assurance is limited with a small number of data points within an appendix, with little explanation of how the remainder of the report was prepared. In digging a little deeper several firms do in fact have oversight from their audit committee or disclosure committee, but how this process works is generally opaque.

Role and responsibilities for reporting can be defined through a Responsible/ Accountable / Consulted / Informed (RACI) chart or other means. Equally the role of internal control functions and external assurance providers within this overall governance process could be brought together within a brief description of how the report was prepared and approved.

Reporting processes are rarely described in detail, yet they are just as important as the governance reporting arrangements. We have come across some best practices in terms of documents described as methodology or carbon foot-printing manual, or a basis of preparation inventory, but this is quite rare and generally these documents are hinted at in reports, but not published themselves. These procedures might also be supported by evidence logs, reporting timetables and control registers. Best practice procedures address how assumptions, uncertainty, and restatements are handled as well as addressing post-reporting period events, as would be expected from financial reporting manuals. Their existence can be inferred where an independent third party has provided assurance over disclosures, but rarely do these assurance statements touch on the procedures reviewed.

Data quality and availability is a particular challenge when it comes to sustainability disclosures. As regulations require greater disclosure of Scope 3 greenhouse gas emissions data, not within the direct control of a firm, it is expected that there will be greater reliance on assumptions and the need to manage uncertainty. Firms need to recognise and embrace the potential to learn from restating disclosures. Crowe UK itself has disclosed its greenhouse gas emissions against Science Based Targets for the third time, and on both occasions has had to restate its baseline year figures, based on improving data sources, particularly associated with purchased goods and services. This is normal and should be expected.

A small number of major insurers have gone further and provided full transparency over their disclosures, by providing Microsoft Excel ‘data-books’ on their websites, alongside their formal reports. These spreadsheets provide all the underlying data used in the reports, define each data point, and clarify which data points have undergone external assurance review. Given that many ESG ratings depend on information scrapped from public disclosures, these are clearly targeted efforts to put the underlying source data in the right hands.

Until the advent of CSRD, seeking external assurance over sustainability disclosures has been voluntary. A number of larger organisations have been building credibility in their reporting. Firms typically start by seeking a limited assurance review of a small number of metrics in their first year, moving gradually to expand the scope of the independent challenge as processes mature. Some more advanced organisations are now looking for an audit-standard of reasonable assurance review over a select number of disclosures.

Given this incremental shift in assurance provision, we recommend organisations adopt a public assurance policy which explains why certain metrics are being selected for assurance review and the rationale for the level of assurance sought. This will continue to build confidence in the disclosures made and avoid potential perceptions that assurance provision is selective in a manner that favours the disclosing firm and not the intended readers of the reports.

Many organisations are establishing climate-related processes in line with CSRD or International Financial Reporting Standards (IFRS) standards. However, there is an increasing expectation that disclosures will cover exposures to nature and biodiversity. The advent of the Taskforce for Nature-related Financial Disclosures (TNFD) and CSRD requirements are however applying pressure. Organisations can more quickly enhance their disclosure framework by leveraging their learning from climate reporting to include both climate and biodiversity. Combining the two, will also mean that biodiversity disclosures can be handled incrementally, alongside the more established core climate disclosures.

• We have already outlined the importance of clear governance over sustainability reporting, but this cannot be overstated.
• Responsibilities for defining what needs to be reported and how are fundamental to establishing a robust process that can succeed.
• A key fact is clarifying the respective roles of sustainability and financial reporting teams and being clear which executive committee member is ultimately responsible for signing off the final reports.

Having this in place, ensures clear expectations and alignment of resources.

• Before considering external independent assurance over disclosures, organisations are well advised to leverage their own internal capabilities. 
• Control functions such as risk management, compliance and internal audit are well placed to provide challenge of sustainability reports, but also the underlying processes by which they have been produced. 
• Legal teams are often in a strong position to carefully evaluate the disclosure risks associated with ‘greenwashing’.
  
   

Our experience is that clients are in a much stronger position to commission independent assurance once these internal challenge and review processes have had the opportunity to mature.

• We all recognise that sustainability reporting is a relatively new endeavour and there is still a lot to be learned and improved upon.
• We see a number of firms formalising process review exercises whereby all those involved in a particular reporting cycle reflect on what went successfully and where improvements for the future can be made. 
• Dealing with restatements of disclosures is a particularly intense process and yields important lessons over the treatment of assumptions.
  
   

• We observe that many organisations are seeking to mature their sustainability reporting in isolation despite many peer firms going through similar learning curves in parallel.
• Often sustainability and reporting functions within a particular sector are quite tightly knit. Use opportunities that arise from industry groups and meetings to share good practices and mistakes.