Raising the stakes
Stakeholders increasingly expect companies to report sustainability (or ‘non-financial’) data in the context of their core business strategy and financial outlook, to properly understand risks and opportunities. As the stakes rise, how can a company have confidence that reported sustainability data are reliable and accurate? What else should they report upon, so their impacts are identified and properly explained to all stakeholders - and in particular investors?
The increasing drive towards integration of financial and sustainability data is upping the ante: in terms of the need for accuracy, reporters’ ability to explain sustainability trends and to make forecasts in sustainability performance. When Board level bonuses, finance agreements and company share price become linked to performance on sustainability metrics, independent checks on accuracy and assessments of forecasts become essential.
There is a growing thirst for sustainability data, driven largely by ESG investors and indices, and signals of convergence from the multitude of reporting frameworks that exist today. In May 2022 the World Economic Forum announced that 70 companies have already included the Stakeholder Capitalism Metrics in their mainstream reporting, which “promote alignment among existing ESG frameworks to create a set of data points that can be compared between companies, regardless of their industry or region”. The metrics include non-financial disclosures centred around four pillars: people, planet, prosperity, and principles of governance. They include GHG emissions, pay equality and board diversity, among others. In addition, the International Financial Reporting Standards Foundation (IFRS) recently outlined steps required to establish a comprehensive ‘global baseline’ of sustainability disclosures.
For those who have observed the development of sustainability reporting over recent decades, this seemingly endless search for the best metrics which are readily comparable between companies, and reinvention of the wheel in reporting frameworks, can seem tediously naive. Yet amidst this ‘noise’, there has been a distinct shift in the landscape: a recognition that understanding the context for sustainability data is key to knowing how accurate these data might be.
Traditionally, independent assurance is used to build trust in the information a company discloses. When done well, it is not simply a ‘tick-box’ exercise, but a credible way to build trust in the information that a company is disclosing, receive critical and insightful feedback into areas for improvement and engage the wider organisation in the importance of collecting and reporting accurate and reliable data.
In recent years, the take up of non-financial assurance has continued to grow. 71% of G250 companies assure their sustainability information, up from 30% in 2005. However, this doesn’t tell the full story, as the scope, type and even the actual interaction between the company and assurance provider has also evolved during this time.
Perhaps the most established sustainability metrics today are Scope 1 and 2 GHG emissions, with some companies now well into their second decade of reporting. More recently, the requirements of the Task Force on Climate-related Financial Disclosures, and rapid take up of Science Based Targets and Net Zero commitments, are making companies’ underlying GHG emissions and associated targets critical disclosures. This attention not only applies to the latest reporting period, but also to the baseline year to which the target has been set and against which progress is measured.
Typically, assurance covers the data for the current reporting year. However, if a claim is being made which relates to GHG emission reductions against a baseline year, it is equally important to consider if this progress itself should be a KPI in scope of assurance. If the baseline year has been restated, for example due to mergers and acquisitions, or better data becoming available, there is a strong case to revisit historical data and confirm the reductions claimed are accurate.
No current reporting standard goes into enough detail to cover all complexities of reporting for an individual company. For example, exactly which parts of an organisation should be included and excluded from the data? How should mergers and acquisitions be handled? What assumptions were made and how are they applied to the data? Which relevant standards are referenced? The onus remains on the reporting organisation to apply sensible and consistent methodologies, which the assurance provider can reference. The company’s ‘basis of reporting’ document, that sits alongside their sustainability disclosures, will become more important, both for the reporting organisation to transparently explain how it has interpreted and reported each metric, and also for the assurance provider to reference in their assurance statement.
Today, most non-financial assurance is conducted at a ‘limited’ level, which is an engagement where ‘the practitioner reduces engagement risk to a level that is acceptable in the circumstances of the engagement but in which the risk is greater than for a reasonable assurance engagement’. There is now growing interest in ‘reasonable’ assurance, where the engagement risk is reduced. This looks set to become mandatory in the USA (although the Security and Exchange Commission extended the consultation period until mid-June), and reflects the growing demand for confidence in accurate data reporting.
Until recently, assurance of sustainability information has generally been performed at a limited level, where the assurance conclusion is framed in a negative manner; ‘based on the testing performed, nothing has come to our attention to indicate that the subject matter was not properly prepared’. Reasonable assurance on the other hand is framed in a positive manner, so the language changes to ‘based on the procedures performed, in our opinion, the subject matter is properly prepared’. The latter requires a significantly higher level of testing effort to reach a conclusion.
Some companies are anticipating this change and conducting ‘readiness’ assessments at a reasonable level, to assess how prepared they are for a transition to this level of assurance, without committing to a public assurance statement. Readiness assessments can also be particularly useful for companies engaging in assurance for the first time, and those expanding the scope to cover new metrics previously not assured.
Another shift we have seen in recent years is keener interest from Boards in the way that the assurance engagement considers the context for reported performance. Boards want to see that the scope of assurance reflects what they see as the most relevant issues. For example, if a key climate change goal has been set, is this also in the scope of an assurance engagement? Are all the metrics which are likely to be used in ESG ratings being scrutinised by the assurance provider? How can the risk be reduced of making restatements in the future which may negatively impact credibility? How confident can the company be in presenting these data and progress against targets at public events, presentations, and press releases?
There is no ‘one size fit’s all’ approach to assurance. The most effective engagements focus on the most material issues and supporting data to build credibility with your stakeholders. While independence is vital, it is still possible to make assurance a collaborative process, with the assurance provider acting as a ‘critical friend’, holding the company to account, while making genuinely constructive recommendations for improvement.
Challenge Sustainability provides independent assurance for a range of international companies. Our team’s experience of sustainability report assurance stretches back to the development of the first multi-stakeholder assurance standards, over 20 years ago. Over this time, we have signed off hundreds of sustainability assurance statements, and seen the role assurance plays subtly change as the sustainability profession has matured. Please contact us to discuss your needs.