To provide assurance on company reporting is to provide an independent conclusion or opinion on the reliability of the information or data. Pursuing third-party assurance has been a longstanding practice for companies seeking to provide transparency and instill confidence in their financial disclosures. Increasingly, privately-held companies are seeking out assurance for information that has historically been labeled ESG information, such as on carbon emissions and diversity. This evolution is being driven by multiple factors, including the increasing focus of boards and audit committees on ESG data, new requirements from global regulators, and the need for data comparability across companies.
For businesses that have robust processes and clearly defined roles for collecting and reporting on ESG information, adding assurance may be a fairly straightforward step. However, this may seem like a more complex or intimidating development for organizations that are just getting started with reporting on their ESG information. Assurance partners are objective third parties who focus on processes, disclosures, implementation, and controls and can make the process easier. To dig deeper into the topic of assurance for ESG information, Lorraine Wilson, Novata’s Chief Sustainability Officer spoke with Novata ESG Advisory Council Co-Chair Margot Brandenburg.
What are some of the regulatory reporting requirements driving the growth in companies seeking out assurance for ESG information?
Margot: When we look across the globe, there are regulatory reporting requirements, particularly the Sustainable Finance Disclosure Regulation (SFDR) and Corporate Sustainability Reporting Directive (CSRD) in Europe, where the standard is that the data will need to undergo limited assurance in the near future. Within a few years, these limited requirements will turn into full audit requirements. And beyond regulation, we are seeing asset owners and others asking for data that is verified or otherwise of higher quality.
Why does quality matter in relation to a company’s ESG reporting? What are the different levels of assurance a company could pursue?
Margot: Reporting has to be accurate in order for it to be meaningful and reliable – reporting materially bad data may in some cases be worse than not reporting at all. Bad data can also undermine the credibility of the company or fund that is reporting it. At the same time, we know this is all at an early stage and we certainly don’t want the perfect to be the enemy of the good. For companies looking to get started with assurance, it’s important that they have the right team in place, that they are working to understand the current regulatory landscape, and that they have a plan for collecting and storing data.
The Association of International Certified Professional Accountants recently shared that “in order to be assurable, the standards used to report sustainability-related financial information must have the characteristics of suitable criteria, including being objective, measurable, complete, and relevant.”
There are three levels of assurance for ESG information. These also align with the terminology for reporting on financial information. The first step is called “pre-assurance.” This takes the form of a report that helps a company determine whether third party assurance is achievable. Pre-assurance includes a review of internal reporting, the basis of calculations, evidence and controls. This is a good first step before limited assurance, not because it is a quick process, but because it gives the company a sense for what gaps there are and what steps are needed to pursue limited assurance. After pre-assurance, there is a higher standard known as limited assurance in Europe (and review in the United States.) The more comprehensive review is referred to as reasonable assurance in Europe (known as examination in the United States.)
Looking deeper, limited assurance is negative assurance — meaning the third-party firm is saying that nothing has been found to suggest management claims are wrong. More detailed work is necessary to provide “reasonable” assurance that there are no material misstatements. Companies select a level of assurance depending on the specific use case, level of scrutiny the company will undergo on its reporting, and the level of maturity of the company. Tom Seidenstein, chair of the International Auditing and Assurance Standards Board, has estimated that about half of large companies globally already have their ESG disclosures assured, and of those, 83% use limited assurance.
What trends are you seeing in terms of which areas companies are prioritizing for assurance?
Margot: Many companies are starting with climate-related reporting as a first step in working with an assurance partner. Typically, a company that has made public comments related to net-zero goals or other goals related to emissions reductions, is a good candidate for starting with assurance for that subset of KPIs. Climate-related reporting is not necessarily the simplest ESG data to assure, but it is likely to be among the data most closely scrutinized by regulators, asset owners and other stakeholders in the near term.
The Novata Partnership Ecosystem
Novata recently partnered with ERM CVS to provide its customers with an assurance partner who understands the needs of private markets participants. ERM CVS has a dedicated program for GHG Assurance, offering Greenhouse Gas emission assurance so that clients and stakeholders using the data, have confidence that their disclosures are accurate, reliable and correctly aligned with the protocols and standards against which they are reported.