December 4, 2024

EP 19:  Navigating ESG Assurance with Confidence

We’ve got Si Mathavan and Darren Mascarenhas from Johnston Carmichael joining us to discuss the crucial role of assurance in ESG reporting. They break down the importance of ESG assurance for building trust, ensuring compliance, and meeting stakeholder expectations in the evolving business landscape.

About Sustainable Intelligence 

Sustainable Intelligence is an interview series from Novata that explores ESG and sustainability in the private markets. From carbon accounting to using data to create value, the series dives into the challenges and opportunities facing private market investors and company leaders as their integrate ESG across the business and respond to regulatory requirements. Each episode centers authentic dialogue, highlighting experts at the forefront of advancing ESG data collection and driving meaningful progress in the sustainability landscape. Listen to more episodes.

Conversation with Si Mathavan and Darren Mascarenhas (Transcript)

Ella Williamson: Welcome to Sustainable Intelligence, where we discuss all things ESG and sustainability for the private markets, brought to you by Novata. I’m Ella Williamson, and I’m thrilled to be your host. Today, we’re joined by Si Mathavan and Darren Mascarenhas from Johnston Carmichael. Johnston Carmichael is a leading full-service accounting, tax, and advisory firm, and a key member of the Moore Global Network, one of the world’s largest accountancy groups. With over 30,000 advisors across 260 independent firms in 112 countries, their expertise is truly global.

Si is the Head of Risk Assurance and Internal Audit and leads on ESG Assurance. He has over 19 years experience supporting firms through the provision of internal audit and assurance services across a wide range of industries. Darren is a Risk Assurance Director. He has over 12 years experience designing, implementing, and executing a variety of large and complex ESG assurance engagements across the financial services and non-financial services industries. At Novata, we’re proud to partner with Johnston Carmichael helping our clients navigate all things ESG assurance with confidence. We’re going to cover a broad range of topics, so let’s get started. Can we start with you, Si? Can you give us an overview of what assurance is and why it’s important in the context of ESG? 

Si Mathavan: Thanks Ella, and sure, very happy to. In the finance and accounting world, assurance is a process that involves an independent professional providing an opinion on the accuracy and completeness of financial or non-financial information. 

Many firms will be used to having an audit of their financial statements and this is a form of assurance. However, assurance can be gained over any aspects of their governance or operations, including ESG. Now, the reason we need it is because various stakeholders, including the management team of the company or investors, governments, as well as any other internal or external stakeholders will want to rely on the information coming from these organizations to give them confidence in the processes, controls, and governance arrangements in place to support the output that’s been produced. 

Now, effectively, if these stakeholders are not confident in the integrity of the information, it can have a detrimental impact on stakeholder and market confidence. Firms tend to gain assurance over processing controls in a number of ways, including ongoing activity within the organization. So this tends to be first line. Other functions such as compliance and risk, any independent internal audits, and other external assurance providers. And here at JC we see firms coming to us for support really across all of those different elements. 

Now, assurance is particularly important in the context of ESG as it allows companies to publish more accurate, reliable, and complete information that can be relied upon for decision making. It also builds credibility and trust and increases stakeholder confidence while supporting regulatory compliance, especially with the introduction of CSRD reporting and the ISSA 5000 standards. Now there are different forms of assurance, which I’m sure we’ll talk about later on in the podcast, but ultimately, it’s important to remember that whilst many people may think of assurance solely in the form of external audits, in reality, it can come from various guises and be used to get comfort over pretty much any element of an organization. 

Ella: Thanks for that, Sai. It’s really interesting how you pointed out that assurance builds confidence not just within an organization but also among all the external stakeholders like investors and governments. Now, Darren, can I ask you to elaborate more on the different forms of assurance?

Darren Mascarenhas: Absolutely, Ella. And I should start by saying that there are a number of different forms of assurance that a firm can obtain. But the most common ones, which we believe Novata’s clients will be interested in, include reasonable assurance, limited assurance, and review and recommendations. So firstly, with reasonable assurance, this is typically the highest level of assurance that a firm can obtain. But it’s not absolute, like a financial statement audit. It also is the most credible because it provides more confidence to stakeholders due to the level of testing and the detailed procedures performed during the audit process. However, it does come with its limitations, which are more detailed procedures and testing, which can take more time, and as a result, cost more because the level of effort involved from the client and the assurance provider.

The second form of assurance is limited assurance. This is similar to reasonable assurance engagements, but the level of work undertaken by the assurance provider is less with different or fewer tests being performed or smaller sample sizes being used. As a result of the lower level of assurance, it sometimes means that this is seen as less credible and provides less confidence to readers due to the limited procedures performed. It also tends to be cheaper than a reasonable assurance engagement because of the effort involved. Both limited and reasonable assurance engagements are performed against an assurance standard, which sets out rules around what work should be undertaken. 

The third thing I wanted to cover off is a review and recommendations. This is considered to be the lowest level of assurance. However, the scope of work can be tailored to the specific client requirements. This means reviews can be done to give the firm feedback on any aspect of their ESG operations and provide them with clear feedback that is actionable, practical, and proportion based on the size of the firm’s operation. It’s also usually cheaper than the other options, but it’s not performed against any assurance standard. This form of assurance might be useful when a firm is starting off their ESG journey, when reporting on ESG data for the first time, and it wants feedback on their process and controls that are implemented.

There are also other types of work that we can perform, such as agreed-upon procedures and providing support to firms who have an internal audit, risk, or compliance function undertaking ESG assurance work. Of course, as part of any assurance engagement, we will ensure that we scope out our work with the client before agreeing the type of assurance to be provided. A good example of this is with CSRD assurance, where it will be important to give the firm what it needs at the relevant time, such as limited assurance in the first instance, before moving on to reasonable assurance in due course. 

Ella: Thanks Darren. It’s really interesting how you highlighted tailoring the scope to fit a client’s unique ESG needs and it sounds like a practical starting point, especially for firms just beginning their assurance journey. So over to you, Si, with all of these different assurance types, why do firms need to start thinking about assurance now? And what are the benefits over the short, medium, and long term? 

Si: Thanks Ella. The key reason is for firms to provide stakeholders, both internal and external, with confidence in the quality of its output, supporting investment decisions and giving them comfort over any decisions made. However, there are other reasons for thinking about insurance.

For example, it may be driven by what competitors are doing, the requirements of the market or funders, or potentially firms wanting to ensure they have a robust control environment if they’re looking to sell in the future. Management may also seek assurance to ensure that it’s meeting regulatory obligations that may be specific to the sector, such as oil and gas or financial services, or related to a broader regulatory regime. 

For firms subject to any form of regulation, for example, it can be financial services, pharmaceuticals, or even actually complying with requirements from HMRC, gaining assurance and therefore enabling the firm to make any relevant changes is critical. Furthermore, we’re also seeing other parties in the supply chain often wanting firms to obtain assurance over its process and controls, such as over their outsource activity or to ensure they’re performing in line with contractual obligations. A link to all this, of course, is ESG. We’re seeing increasing demand from firms to obtain assurance over their ESG activity to meet these requirements which I’ve just outlined.

So often starting on the assurance journey will enable an organization to improve its control environment over time and we see firms very much starting with findings and recommendations as Darren has mentioned and then progressing through to limited and then reasonable assurance. 

Ella: Thanks for laying that out so clearly, Si. I love how you pointed out the fact that assurance isn’t just about compliance, but it could also give companies that competitive edge, especially when it comes to market demands, expectations, or preparing for a potential sale. So, just to finish, could I ask you both to share your top tips on ESG assurance? Si, we’ll start with you. 

Si: Sure, Ella. I think for me, this is a number of things. The first thing is to plan early and to ensure you’ve engaged relevant stakeholders, be those internal or external, and very much be open with your assurance provider. It’s very much around being part of the journey, and we do appreciate the firms will want to start relatively, at a relatively lower level and then build up their assurance. So thinking about this and thinking about what you want to achieve over the coming years is important. 

Darren: I would agree with Si, but I would also add two things. Firstly, think about the ESG output and how you plan to present that to readers. And secondly, think about the ESG data that needs to be assured and how you can present that to the auditor to enable them to confirm its accuracy and completeness. 

Ella: Thank you both for these fantastic ESG assurance tips. So my takeaways are start early, engage the right stakeholders, and really think about the output that you want to achieve from the outset.  

 Until next time, let’s keep building sustainable intelligence together. Find out more at novata.com