- within Intellectual Property topic(s)
- with readers working within the Retail & Leisure industries
A 2021 article in the WSJ about carbon emissions identified "[o]ne problem facing regulators and companies: Some of the most important and widely used data is hard to both measure and verify." According to an academic cited in the article, the "measurement, target-setting, and management of Scope 3 is a mess." As a result—and as the term "greenwashing" brings to mind—investors and other stakeholders are frequently apprehensive about the reliability of corporate disclosures regarding sustainability. One approach to address this concern is to obtain assurance to verify the data. However, the WSJ suggested that, based on data regarding verification of climate information provided on a voluntary basis, audits are a challenge. For one reason, verification of ESG data "is generally less rigorous than the external audits required for financial reporting." Moreover, there is "no set standard for how climate data should be verified, or by whom." That may be about to change—internationally, that is. Will the U.S. follow suit?
A June 2023 report from the Center for Audit Quality observed that, from 2020 to 2021, the number of companies in the S&P 500 reporting some ESG information increased from 93% to 99%, and "320 S&P 500 companies disclosed receiving some form of assurance or verification over certain of their ESG metrics in 2021, representing a 13% increase from the 282 companies in 2020....Of the companies that obtained assurance, 60 obtained assurance from public company auditors and 268 obtained assurance from other providers." For the most part, U.S. public company auditors used the AICPA Attestation Standards, the CAQ reported, although other standards were used in some cases, and other providers used a variety of standards, such as ISO, ISEA (International Standard on Assurance Engagements) or AccountAbility standards.
The CAQ also observed that, in 2021, "companies that obtained assurance from public company auditors continued to mostly opt for limited assurance engagements. Despite an increase in total assurance engagements performed by public company auditors, [the CAQ] noted a slight decrease in the number of reasonable assurance engagements performed by public company auditors." In addition, the CAQ reported that "other providers who were not public company auditors also used terminology such as reasonable and limited assurance in their verification reports. Additionally, other providers used the terms moderate and high assurance. In 2021, companies continued to primarily opt for limited assurance engagements." As you know, limited assurance is typically not comparable to the levels provided in a financial statement audit. "Limited assurance" typically involves limited procedures and includes reports framed in the negative—e.g., nothing has come to our attention to cause us to believe that the sustainability report has not been prepared, in all material aspects, in accordance with XYZ standards, or we are not aware of any material modifications that should be made to the schedule of sustainability metrics for it to be in accordance with XYZ criteria. "Reasonable" assurance involves a positive opinion.
As proposed, the SEC's climate disclosure rules would require assurance for accelerated filers and large accelerated filers with respect to Scope 1 and Scope 2 emissions. According to the SEC, there has been increasing investor demand for climate-related financial information that is reliable, leading many companies to voluntarily obtain third-party assurance over their climate-related disclosures. The SEC observed that fragmentation in the levels of assurance provided (e.g., limited versus reasonable), the assurance standards used, the types of service providers and the scope of disclosures covered has led to diminished comparability and investor confusion, especially as some assurance providers may lack GHG emissions expertise. To address these issues, the SEC proposed to require a minimum level of attestation services for accelerated filers and large accelerated filers including: "(1) limited assurance for Scopes 1 and 2 emissions disclosure that scales up to reasonable assurance after a specified transition period; (2) minimum qualifications and independence requirements for the attestation service provider; and (3) minimum requirements for the accompanying attestation report." (See this PubCo post.) We'll have to wait to see whether any of these assurance requirements remain in the final rules.
Now, Reuters reports, a global body, the International Auditing and Assurance Standards Board, has just proposed "its first set of comprehensive rules for auditing climate-related company disclosures in an anticipated move regulators have said is crucial for giving investors information free of greenwashing." According to the IAASB, when approved, the new standard, ISSA 5000, "will be the most comprehensive sustainability assurance standard available to all assurance practitioners across the globe." The IAASB describes ISSA 5000 as a "principles-based, overarching standard suitable for both limited and reasonable assurance engagements on sustainability information reported across any sustainability topic. The IAASB drafted the standard to work with sustainability information prepared under any suitable reporting framework....The standard is profession agnostic, supporting its use by both professional accountant and non-accountant assurance practitioners when performing high quality sustainability assurance engagements."
The IAASB chair believes the proposed standard to be "a crucial step in enhancing confidence and trust in sustainability reporting....Corporate reporting, whether financial or sustainability focused, is more trusted when it receives external and independent assurance based upon globally accepted standards independently developed in the public interest." The final standard is expected to be issued before the end of 2024. Whether it is a standard that will used as a point of departure for developing a new U.S.-specific standard remains to be seen.
SideBar
As ESG reporting increases, so do concerns by some about potential greenwashing. Aside from obtaining assurance from outside auditors, is there another way that companies can assure the quality of their sustainability reporting and create more trust and confidence among stakeholders? Some look to effective internal controls. So far, however, according to a recent report from Committee of Sponsoring Organizations of the Treadway Commission, known as COSO, "[f]ew best practices have been established. While some larger institutions have progressed in building controls around environmental, social, and governance (ESG) reporting, many organizations have designed ad hoc controls around certain key sustainable business metrics. Many also perform internal verification and assurance procedures to ensure management comfort with this information. Yet few of them seem to have developed effective, integrated systems of internal control over their material or decision-useful sustainable business information." Now, leveraging insights gleaned from development of the most widely used internal control framework—the COSO Internal Control-Integrated Framework—COSO has developed the concept of "internal control over sustainability reporting" (ICSR). In its report, which weighs in at 114 pages, COSO provides supplemental guidance that explains and interprets how each of the 17 principles in the 2013 version of the COSO ICIF applies to sustainable business activities and sustainable business information. According to the authors, "[i]nternal controls have value beyond compliance and external financial reporting. Effective internal controls can help an organization articulate its purpose, set its objectives and strategy, and grow on a sustained basis with confidence and integrity in all types of information." As companies seek to "generate sustained value—ethically and responsibly—over the longer term," with an emphasis on sustainability and ESG, both companies and their stakeholders need effective controls and oversight to provide the reliable and high-quality data needed for "decision making in this changing world." (See this PubCo post.)
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
