Sustainability regulation: ESG disclosures and demand for accountability set the tone for the future

Executive Summary

In recent years, increasing pressures from a variety of stakeholders have combined to drive companies toward more sustainable practices in their business operations, and greater transparency. The real game-changer, however, has been the proliferation of global environmental, social and governance (ESG) reporting regulations, which require a level of reporting far above the voluntary disclosures many companies have been issuing to their stakeholder groups.

Two of the major regulations in play are the Corporate Sustainability Reporting Directive (CSRD) by the European Union adopted on January 5, 2023, and the climate rules by the Securities and Exchange Commission (SEC) in the United States, adopted in March, 2024 — but there are others, as well. This white paper provides an overview of the current global ESG regulatory dynamic and outlines steps companies should take today to prepare to do business in the new regulatory paradigm.

Background

Nearly 20 years after the acronym ESG (environmental, social and governance) was introduced on the global stage in an investment context, the concept today has become equated with sustainability and corporate responsibility. There has been a growing recognition that companies and investors alike have become too focused on short-term investment horizons and profits at the expense of long-term sustainability, and that short-term profitability can often have a negative impact on the environment, workforce and society at large.

The annual Conference of the Parties (COP) of the United Nations, and the resulting Kyoto Protocol (ratified in 2005) and 2015 Paris Agreement, formally acknowledged the growing threat of climate change and the need for governments and corporations to do something about it. Faced with climate events of extreme severity happening at an alarming frequency, and the related societal and political fallout, the C-suite began to recognise that climate change could indeed pose a threat to a company’s resources, supply chains and financial performance.

In particular, the Paris Agreement states that “international cooperation and coordinated solutions at all levels” are needed in order to limit global warming to 1.5 degrees Celsius. To achieve this goal, countries must limit their greenhouse gas (GHG) emissions drastically, achieving net zero emissions by 2050. Many countries have already adopted or are in the process of adopting regulations to support this goal, requiring companies within their jurisdictions to report on their ESG performance and progress toward achieving the net-zero target.

Pressures and Drivers

Until January 2023, when the Corporate Sustainability Reporting Directive was adopted by the European Union, most ESG disclosures were voluntary, driven by the following stakeholder groups:

Investors

A recent McKinsey & Company study among the chief investment officers of 19 leading investment funds confirms what most observers and policymakers already know: “Short termism” in investment decisions is out and long-term value creation considerations are in. Twenty percent of those surveyed pointed to ESG impacts as a decisive long-term value factor; supply chain efficiency and resilience was a factor for another 31%. In some industries like energy, materials, pharmaceuticals and consumer products those factors ranked even higher.

Some of the largest institutional investors, such as Blackstone, with US$1 trillion of assets under management (AUM), have made sustainability a cornerstone of their policy, and others are making their voices heard. For example, in the run up to the adoption of the European Sustainability Reporting Standards (ESRS) in July 2023, nearly 100 investors called for more, not less, strict disclosures, underscoring the importance of that information to their investment decision-making. Meanwhile, the number of signatories to Principles for Responsible Investment — a United Nations affiliate made up of investment managers that formally introduced and continues to herald ESG — has grown from 63 signatories with $6.5 trillion in AUM in 2006 to more than 5,300 signatories with $121 trillion AUM as of the end of 2023.

Customers

Several studies and surveys indicate that customers want the brands with which they do business to support social, environmental, socioeconomic, and even political causes that are important to them. And many of those — millennials and GenZs, in particular — are backing this sentiment with their spending. Organisations are facing growing demands from customers for more transparency into their sustainability practices and those of their supply chain partners, with transparency closely linked to consumer trust in the brand. B2B customers, on the other hand, need clarity as to how the sustainability practices of their vendors and partners will affect their own ESG targets.

Workforce

Similarly, robust ESG programs are proving essential to talent recruitment and retention in a fiercely competitive hiring environment. Forty-six percent of GenZ job seekers say the green reputation of a respective employer will impact their decision to take the job. Companies like Patagonia, which proactively promotes fair labour practices and environmental stewardship, have long enjoyed deep employee loyalty. Meanwhile, employees are leveraging ESG to make changes within their companies, in some cases pointing out discrepancies between an organisation’s rhetoric about the rights of workers and its actions. Freedom of association and workers’ rights are also increasingly favoured by shareholders and investors, who view the lack of these rights as a talent recruitment and retention risk, according to a Harvard Law School report.

As a result of demands by the aforementioned stakeholders, companies have gone to great lengths to showcase their efforts to build businesses guided by sustainable, social and environmental stewardship. What is different today is that these efforts are no longer based on cherry-picked, voluntary information but are guided instead by specific requirements intended to demonstrate, and hold accountable to, forward movement on sustainability goals.

A Game-Changer for ESG

A growing number of governments and governmental bodies around the world have stepped up to demand
new — in some cases, mandatory, standardised and verifiable — ESG performance reporting. Some of the reporting regulations issued or in the process of being finalised have requirements for materiality, double materiality and attestation, and affect both public and private companies, as well as non-profit and other entities. Noteworthy current or planned regulations to date include the following:[1]

80% of workers say a company’s stance on diversity, equity and inclusion (DEI) and ESG is an important factor when deciding to join a new company.
Source: Robert Half 2022 survey of U.S. executives at companies with revenue greater than $250,000

Europe

  • CSRD — The European Union’s Corporate Sustainability Reporting Directive, which came into effect in early January 2023, requires EU companies that meet certain criteria and certain non-EU companies with EU operations to disclose their sustainability governance, strategy, impacts, risks, opportunities, targets and metrics. The CSRD is the strictest of sustainability directives, and it requires companies to apply a double materiality standard to the reporting of sustainability matters. It requires external audit (limited assurance for now) for the sustainability information included in the management report.[2] The application of the CSRD is facilitated by the European Sustainability Reporting Standards (ESRS), which specify exactly what needs to be reported, as well as key performance indicators (KPIs). The first set of sector-agnostic standards was adopted on July 31, 2023, to be followed by sector-specific standards in 2026.[3] Additionally, all organisations under the scope of the CSRD must disclose financial KPIs in alignment with the EU taxonomy — another key EU legislation that seeks to create a common definition of activities considered sustainable.
  • The Swiss Federal Council introduced a mandatory Ordinance on Climate Disclosures for large Swiss companies, effective January 1, 2024, with a double materiality requirement. Public companies, banks and insurance companies with 500 or more employees and at least CHF 20 million in total assets or more than CHF 40 million in turnover are obliged to report publicly on climate issues, including GHG reduction targets and transition plans.
  • The UK enacted two mandatory ESG disclosure laws in April 2022: The Companies (Strategic Report) (Climate-related Financial Disclosure) Regulations 2022 and The Limited Liability Partnerships (Climate-related Financial Disclosure) Regulations 2022. These regulations affect certain companies with more than 500 employees and require climate-related financial disclosures in the strategic report.

North America

Asia-Pacific

In the Asia-Pacific region, several countries have taken steps to regulate or encourage ESG reporting:

  • The Japan Financial Services Agency has implemented new disclosure mandates for sustainability information effective in 2022, encompassing climate change and human capital management, applicable to listed companies. The disclosure requirements for climate change are based on the recommendations by the Task Force on Climate-related Financial Disclosures (TCFD) but some parts are optional. Looking ahead, the Sustainability Standards Board in Japan (SSBJ) plans to unveil new disclosure standards modeled after the International Sustainability Reporting Standards (ISRS) in 2025. Companies are expected to start adopting these standards, with the earliest reports anticipated in 2026.
  • In China in 2022, both the Shanghai Stock Exchange (SSE) and Shenzhen Stock Exchange (SZSE) issued self-regulatory guidelines for listed companies explicitly requiring the disclosure of ESG information. In 2024, the guidelines were further developed into formal sustainability reporting guidelines for companies listed on SSE, SZE and Beijing Stock Exchange (BSE). They include reporting on Scope 1, 2 and 3 emissions and a double materiality requirement.
  • In 2024, the Stock Exchange of Hong Kong (HKEX) issued a mandatory requirement for listed companies in Hong Kong to make climate-related disclosures in their ESG reports. The regulation is based on the recently adopted International Sustainability Standards Board (ISSB) sustainability standards and requires disclosure of Scope 1 and 2 emissions for fiscal years starting on or after January 1, 2025.

    In addition, the Hong Kong Monetary Authority (HKMA) has issued regulatory requirements to authorised institutions requiring the incorporation of climate risk into banks’ risk management frameworks and climate-related disclosures based on TCFD recommendations.
  • In Singapore, it will become mandatory for more companies to report ISSB-aligned climate-related disclosures.[4] This is a phased approach starting with all listed companies from fiscal year (FY) 2025, and large non-listed companies (NLCos) two years after that. For listed issuers, these requirements include reporting Scope 1 and 2 GHG emissions starting from FY 2025 (FY 2027 at the earliest for NLCos), adding Scope 3 emissions beginning in FY 2026 (FY 2029 at the earliest for NLCos), and obtaining limited external assurance on Scope 1 and 2 emissions from FY 2027 (FY 2029 for NLCos).
  • The Securities and Exchange Board of India (SEBI) issued the Business Responsibility and Sustainability Reporting (BRSR) guidelines to regulate ESG disclosure requirements in India. Compliance with BRSR regulations is mandatory for the top 1,000 listed companies by market capitalisation and has been applicable since FY 2022-23. The BRSR guidelines are aligned with internationally accepted reporting frameworks such as GRI and tailored to fit the Indian business context. The BRSR format acts as one standard for ESG disclosures and provides a standardised alignment of financial and non-financial disclosures of a company to truly represent its business operations in a transparent form.
  • Australia is moving toward mandatory and standardised climate-related reporting with a Treasury Laws Amendment (Financial Market Infrastructure and Other Measures) Bill 2024 currently before Parliament. The reporting will be facilitated by the Australian Sustainability Reporting Standards, which are modeled on the International Sustainability Reporting Standards (ISRS). The proposed law envisions a phased-in approach, with the earliest reports expected in 2026 for fiscal year 2025.[5]
Globally, 62% of public companies and 52% of private companies consider themselves ready for potential new ESG disclosures.
Source: 2023 Global Finance Trends Survey
While we see geographic differences in the level of focus on ESG across the globe, it is important to note that for global companies, what affects one region affects the entire company. Leaders of organisations would do well to keep an eye on sustainability decisions from anywhere, as very few companies or supply chains are subject to only one jurisdiction.
Chris Wright

Other disclosures related to ESG and sustainability include a host of modern slavery acts related to supply chain risks across numerous countries. Germany enacted one of the most stringent reporting requirements on human rights and environmental due diligence.

The list above is just a fraction of the ESG regulations and guidelines sweeping the globe. There are a number of regulations related to corporate governance, board diversity, workers’ rights and other aspects of ESG, as well as regulations specific to individual industries and companies of certain sizes. To understand the full scope of regulatory requirements affecting your company, conduct a global regulatory assessment.

What Are the International Sustainability Reporting Standards?

In late June 2023, the International Sustainability Standards Board (ISSB) released the first two sustainability disclosure standards (IFRS S1 and S2) with a focus on climate disclosures, targets and metrics. Unlike the European Sustainability Reporting Standards (ESRS), the ISSB standards are voluntary, but there is a high degree of interoperabiltiy between the two sets of standards.[6] Wide adoption of the ISSB standards is already seen among IFRS reporters worldwide. The standards incorporate recommendations and best practices from the Taskforce on Climate-related Financial Disclosures (TCFD) and the Global Reporting Initiative (GRI), both of which form the basis of other regulations around the globe, including the CSRD. The ISSB standards are likely to become the de facto reporting standards for any company not subject to a more stringent regulation.

 

How Are Companies Affected?

Current and emerging ESG regulations set an expectation for companies not only to provide transparency (i.e., disclose numbers), but, in some cases, also to report progress toward ESG targets using common standards and KPIs.

Organisations that make sustainability claims for marketing purposes but lack the evidence to substantiate the statements, either because of an ungoverned ESG program or carelessness, could run afoul of “greenwashing” laws as governments around the world increasingly crack down on the practice. Beyond the regulatory requirements and potential penalties, boards and C-suite executives should consider the benefits of executing a verifiable sustainability strategy by measuring it against the costs and implications of doing business as usual. The good news is that, in many ways, creating value by Protiviti concentrating on earnings durability and downside risk already incorporates many concepts associated with ESG. In other words, executing on ESG goals and ensuring long-term business value are not mutually exclusive, but supportive of each other.

Some companies may be reluctant to report detailed material information because the level of implementation is still low. Nevertheless, it is essential for business leaders to align internal ESG programs with external reporting requirements to avoid greenwashing risks or claims of misleading communications.
Ellen Holder

A Holistic Approach to ESG Reporting

Holistic and strategic sustainability programs are the engine that drives progress, with reporting being the outcome of that progress. The following considerations can help executives determine the best way to achieve their reporting objectives.

Use materiality as a guide

What ESG means to a company will be determined by its industry, geographical footprint, and a number of other factors material to the business or its stakeholders. Some of the reporting scope may be determined by mandatory universal and industry-specific standards, while some may be based on an organisation’s customer orientation and values — but ultimately, it should focus on meeting the jurisdiction’s requirements and the path of the highest positive impact. Since materiality is a core component of many standards and frameworks, a materiality assessment is a reasonable starting point for most companies. It will determine not only the scope of ESG reporting but also the metrics and the required data.

Determine responsibility for ESG reporting

Who owns ESG reporting will likewise depend on a company’s unique characteristics. Chief financial officers, chief risk officers, chief operating officers or the general counsel’s office are often assigned ownership, but the responsibility may also fall on chief data officers or a committee. At many companies, chief sustainability officers are increasingly fulfilling the ownership role. The number of CSOs holding an executive-level position increased to 28 percent in 2021, three times the percentage five years earlier.

In the case of CSRD, which positions ESG reporting in the management report of companies, the board and top management are ultimately responsible, though they may not be involved with the day-to-day aspects of data gathering. Companies must therefore determine who is responsible for providing and ensuring the quality of the required data.

Whoever ends up owning ESG reporting must have the ability to lead, communicate and collaborate across business functions because ESG permeates all of them.

Tell a credible story

“Credible” is the critical word here, and to meet that standard, all of the required data must be disclosed — cherry picking information is no longer acceptable. Regulators stress the importance of reliable, comparable and relevant information on sustainability risks, opportunities and impacts. With this data, investors and business partners can assess how the ESG efforts affect value chains, while non-governmental social impact and environmental organisations can monitor societal and climate trends, among other impacts.

  • ESG disclosures must be auditable. For example, the CSRD requires companies to secure third-party assurance for their disclosures — initially limited assurance, progressing to reasonable assurance at a later date. In the U.S., the SEC is requiring similar levels of assurance, but only on climate-related disclosures. Regulations from other countries — both proposed and active — have similar requirements.
  • Reporting must be comprehensive. At a minimum, the information disclosed must satisfy regulatory requirements of the relevant jurisdiction. Companies must understand and define their reporting boundaries — which often extend beyond the walls of the enterprise. For example, Scope 3 emissions are “indirect” emissions that present a significant challenge when reporting GHG emissions, but they are coming under increasing scrutiny by regulators. When measuring total GHG emissions, a company will need to assess emissions produced by assets that it does not own or control but that nevertheless are part of its value chain. Examples of the 15 categories of Scope 3 include business travel, employee commuting, waste disposal, distribution, and purchased goods and services.[7]

Demonstrate progress

Companies must demonstrate proper governance of sustainability issues, and must meet predetermined KPIs and demonstrate progress toward them. The materiality assessment, which each company should perform, will clarify which KPIs will be material and therefore need to be reported. For organisations under CSRD, if climate change is a material issue, they will need to show how their climate change mitigation plans are fulfilling the 1.5o C target. Organisations are emerging to help companies, investors, countries, cities, states and regions determine and measure their KPIs.

Image

 

Building Your ESG Reporting Engine

Creating an ESG reporting program can feel overwhelming, especially for organisations that are newly affected and at the very beginning of their journey. The following recommendations can help make the effort a little less difficult:

Begin by defining a strategy

Organisations may be eager to focus on the reporting as the most visible part of ESG before they have fully defined their strategy or scope — but this would be counterproductive. Companies must first assess their current state, decide what they want to accomplish and chart a road map to achieve those outcomes before making ESG disclosures. The reporting is the most visible part of ESG, but to be credible it needs to be rooted in operational changes tied to the activities of most impact — even if those operational changes are still evolving or ongoing.

Use materiality as a guide

It may be tempting to report the information that is easiest to collect, but companies should focus on material matters first. The materiality assessment will help to determine the factors that have the biggest internal (affecting the business) or external (effects of the business) impacts. Focusing on material issues will not only facilitate reporting that complies with the regulatory standard, but will also place attention on operational aspects that can effect the biggest positive change and move the organisation toward its sustainability goals and targets.

Leverage existing skills and architecture

It is not surprising that building an ESG reporting engine can leverage much of the infrastructure and skill sets expressed in key company processes: financial reporting, operational resilience and operational excellence programs, and data gathering and analysis. Data architecture that companies already have in place — enterprise resource planning, customer relationship management, financial reporting, and human resource systems — can be tailored to capture ESG information. Operational efficiency systems — meters, monitors and controllers — can also provide reportable information. Companies can use their existing data on energy and water usage, as well as waste and recycling rates, as a baseline from which to measure progress. Importantly, they should leverage internal control frameworks as the rigour expected for sustainability reporting is on par with financial reporting.

Image

 

Establish internal controls

Companies should prepare themselves for the likelihood that most, if not all, of their ESG disclosures will be subject to some level of audit, depending on the regulatory jurisdiction in which they fall. And jurisdictions that do not require audits today could very well see them in the near future as global regulations continue to evolve. Therefore, strong internal controls over the ESG data gathering and reporting process are necessary to ensure information is accurate, complete and timely, and thus, audit-ready. To this end, the Committee of Sponsoring Organisations of the Treadway Commission (COSO) issued an updated guidance on how to effectively apply the 2013 Internal Control — Integrated Framework (ICIF) — currently applied to financial reporting — to sustainability reporting.[8]

Aside from audit, internal controls ensure good governance and encourage accuracy, consistency, reliability and confidence in the results of the program.

Image

 

Establish accountability for results

Organisations should set goals and create accountability for them. Guided by materiality, they should rank those goals by their level of importance as they relate to the narrative the company is delivering to its stakeholders and the public. Additionally, companies should be prepared to recalibrate the ESG reporting process as needed during quarterly and annual review cycles while also keeping an eye toward delivering expected financial results.

Build partnerships

When setting up an ESG reporting function, companies are likely to discover that they need to partner with service providers, data vendors, research groups and other organisations to meet their goals. When they start gathering information, in all probability they will find that they lack certain pieces of data, such as GHG emissions or human rights due diligence data. Consequently, they will need to identify vendors that provide data and calculation services that can fill those information gaps. Academic research institutions and other marketplace service organisations are gathering and exchanging information with various industries and making it broadly available, as well.

Partnerships with the broader ecosystem of clients and suppliers are critical, too. These relationships can create value for both parties in the form of collaborative positive impact, reduced risk, greater process efficiency, sustainable use of materials, improved product or service quality, and innovative advances. Additionally, firms with multifunctional expertise can help companies with virtually all aspects of building a sustainability program and reporting engine, including defining a story, mapping an ESG data ecosystem, developing a strategy and designing a road map to increase positive impacts and decrease negative impacts.

Explore different factors for a holistic approach to sustainability

[1] This is not an exhaustive list of regulations for each listed region, and it does not cover all geographic locations. To understand the full scope of the applicable regulations, guidelines and standards, each company should conduct its own global regulatory assessment.

[2]  Learn more at www.protiviti.com/au-en/flash-report/corporate-sustainability-reporting-directive-csrd-approved-european-council-more-50000.

[3] Learn more at https://blog.protiviti.com/2023/08/30/adoption-of-european-sustainability-reporting-standards-starts-the-clock-for-preparation/

[4] On March 7, 2024, the Singapore Exchange Regulation released a consultation paper called “Sustainability Reporting — Enhancing Consistency and Comparability,” seeking feedback on the integration of ISSB standards into its sustainability reporting rules for climate-related disclosures.

[5] Learn more at www.protiviti.com/au-en/blogs/australian-sustainability-reporting-coming.

[6] www.efrag.org/sites/default/files/sites/webpublishing/SiteAssets/ESRS-ISSB%20Standards%20Interoperability%20Guidance.pdf.

[7] Learn more at https://www.protiviti.com/au-en/podcast/demystifying-carbon-reporting.

[8] “Achieving Effective Internal Control Over Sustainability Reporting (ICSR): Building Trust and Confidence Through the COSO Internal Control Integrated Framework,”
COSO, March 2023, https://www.coso.org/new-icsr.

In 66% of organisations, the finance team is involved with senior leadership and the board to develop ESG metrics.
Source: 2023 Global Finance Trends Survey

Protiviti has addressed many of the topics we touched on in this paper — such as materiality assessment, governance, strategy, stakeholder engagement, data collection, reporting and more — in a new Sustainability FAQ Guide. No doubt, the ESG disclosure process is presenting a challenging learning curve. That curve is expected to flatten over time as reporting becomes standardised and widespread, and as companies learn from and exchange data with each other and their partners, vendors and suppliers, through public reports and disclosures.

More importantly, pursuing sustainable investments and practices can help organisations more accurately assess and mitigate long-term risks, understand how external factors may impact operational efficiencies, and strengthen relationships with customers, employees, shareholders, the community and other stakeholders. Robust ESG programs can also boost brand reputation, attract sustainability-minded investors, and enhance talent recruitment and retention.

Organisations that have stalled on their ESG journey, those that have only recently embarked on it, and those that continue to contemplate its importance, still have an opportunity to get up to speed. Now is the time to act. Stakeholders and regulators are expecting information on how companies’ business models influence the climate and society and how ESG topics influence their financial performance — staying on the sidelines is no longer an option.

Sustainability is a complex, multi-dimensional topic, with varying levels of understanding across industries and companies. Protiviti offers a holistic and integrated ESG approach and framework to help position organisations for continued, long-term success. We work closely with our clients to effectively evaluate what ESG means for their organisation, helping build, implement, execute, monitor and report on ESG objectives that will evolve and grow with the organisation. We want clients to understand the bigger picture and to clearly identify where they can have the greatest impact on society and the environment, while maximising performance. By focusing and implementing sustainability into an organisation’s strategy, values, structures, processes, services and products, we help clients realise the value that doing good brings.

Featured insights

Loading...