The Evolving ESG Reporting Landscape: Summary for Boards and Those Charged with Governance
The Evolving ESG Reporting Landscape: Summary for Boards and Those Charged with Governance
Whether you are a director or an executive already well into the journey of developing and communicating your company’s strategic sustainability plans or in the earlier stages, the rising public demand for ESG reporting is becoming a force that cannot be ignored by boards and management teams.
- ESG Overview: Reminders and FAQs
- Current Responsibilities of Auditors Related to ESG Information
- Evolving Auditor ESG Attestation
- The ESG Journey: Recommendations for Boards
- Next Steps for All
What does ESG information comprise? The term “ESG” reporting, used broadly, covers qualitative discussions of topics and quantitative metrics used to measure a company’s performance against ESG risks, opportunities and related strategies. ESG, sustainability and corporate social responsibility are terms often used interchangeably to describe nonfinancial reporting being shared publicly by companies. Such information is not currently subject to a singular authoritative set of standards.
What are examples of ESG and sustainability information? The following do not represent all-inclusive lists and, while some ESG information may be measured quantitatively, there are often many means to calculate metrics or information that may be difficult to quantify and therefore may be expressed qualitatively and described as such:
As corporate environmental, social and governance (ESG) activities increase in relevance and importance to stakeholders, companies are seeking to both understand the complex landscape of ESG disclosure and reporting and determine the best path forward. This includes identifying, collecting, sharing and improving upon qualitative and quantitative metrics reflecting long-term, strategic ESG value creation.
Organizations are in various stages of readiness to report on such decision-useful information. Currently, a myriad of reporting frameworks and wide variations in how companies choose to publicly share ESG information exist making the ESG landscape complex to navigate.
However, two things are certain:
- The pressure for companies to publicly disclose their approach to sustainability and ESG reporting continues to mount from a broad variety of stakeholders and
- ESG is rapidly rising to the forefront of boardroom agendas.
BDO has prepared the following to provide useful reminders, frequently asked questions and insights for those charged with governance as they consider the rapidly changing current ESG reporting landscape and evolving regulatory developments.
Is there a single authoritative set of ESG reporting standards? There are currently several frameworks and standards in use globally by companies to report on ESG, many of which may be complementary and used in combination for external reporting. Below are some of the more commonly referenced:
While many of these may already be complimentary to each other, there is also growing support for a singular, global set of reporting standards for ESG, though the timing to achieve the necessary convergence remains uncertain. Refer to BDO’s 2020 Year End Audit Committee Agenda for more information about recent collaboration efforts by global standard setters, including the SASB and IFRS Foundation.
Are U.S. companies required to disclose ESG information? Internationally, we are seeing increased sustainability-based legislation and global industry adoption strategies such as the European Union Green Deal, the U.N. Principles of Responsible Investments and the U.N. Sustainable Development Goals as well as certain ESG reporting frameworks being incorporated into regulated reporting systems. Outside of certain industry regulators, such as required reporting by the Environmental Protection Agency on greenhouse gas emissions, implementation by U.S. companies remains voluntary. However, pressure from institutional investors – BlackRock, State Street and Vanguard – is mounting in support of companies providing ESG disclosures that align with both the SASB and TCFD frameworks. Additionally, sustainability risk issues are increasingly integrated into organizational risk frameworks such as COSO’s Enterprise Risk Management (ERM) framework.
ESG “raters” is another element exerting pressure on organizations. These include: the Dow Jones Sustainability Index, Sustainalytics, Bloomberg, Thomson Reuters, MSCI, ISS, CDP and many others that collect various ESG data via questionnaires, surveys and publicly available information to rank and rate companies on their ESG performance and risk.
To date, the SEC has retained its principles-based approach to disclosures based on materiality and given the lack of a singular, global set of standards has not required broad-based ESG disclosures. This is despite calls from the SEC’s own Investor Advisory Committee to adopt integrated uniform ESG disclosure requirements. However, the SEC recently took a step in furthering ESG reporting by enacting new Regulation S-K disclosure requirements. Effective for the current reporting cycle, additional human capital disclosures are required, including human capital measures or objectives that management focuses on in managing the business to the extent they are material to an understanding of the business.
Companies must also assess whether other ESG information, such as climate risk disclosures, are required under current MD&A disclosure rules. For example, if the risk represents a known trend or uncertainty that the company reasonably expects will have a material impact on the company’s results of operations or capital resources, additional disclosure would be required.
Looking ahead, the Biden Administration has already indicated a heavy focus on climate change through various senior position appointments and the SEC recently announced the creation of a new staff position: Senior Policy Advisor for Climate and ESG. The SEC further signaled increased ESG efforts by both its Divisions of Examinations and Enforcement. It remains to be seen how the SEC’s regulatory agenda will be shaped under new leadership, but many believe that ESG disclosures will be a significant focus.
What companies are reporting, and what information are they reporting? ESG disclosures vary significantly depending on the nature of the business, geography, industry, stakeholder base as well as available resources to devote to ESG. The largest global public companies have led the way in external ESG reporting and engagement, but this reporting is rapidly expanding to encompass smaller public entities and private entities. Companies of all sizes are both feeling the pressure to produce ESG reporting and identifying it as a
means to differentiate themselves in the market by proactively conveying their corporate stories and strategies.
As noted in a recent White & Case study of proxy statements and filed 10-Ks for the top 50 companies by revenue in the Fortune 100, the following ESG categories showed the most significant increase in disclosures from the prior year:
The study noted that a majority of E&S disclosures in the SEC filings were qualitative and did not provide quantitative metrics. However, disclosures pertaining to environmental, HCM and E&S goals along with social impact and community relations were more likely to contain quantitative metrics.
Where do companies report ESG information? The most common places companies are providing public ESG disclosures include:
- Standalone reports including corporate social responsibility (CSR)/sustainability reports
- Company websites and marketing materials
- MD&A sections of annual and quarterly reports
- Earnings calls
- Proxy statements and 8-Ks
There are companies in the U.S. that are producing “integrated reports.” However, these companies tend to be larger in size and are taking diverse approaches in how they are integrating such information within existing, traditional financial reporting.
The recent White & Case study notes that “the trend towards increased ESG disclosure in SEC filings is pronounced. Investors have increasingly focused on and called for ESG disclosure, and companies should assess their investors’ policies and consider engaging with investors in order to determine which ESG information about their company is important to them…the nuance is to carefully consider where to place the ESG disclosure. Investors seeking ESG information do not necessarily expect any or all of that information to be presented in SEC filings, and sustainability disclosure on corporate websites can provide effective vehicles for this disclosure to investors... Moreover, it is important to acknowledge the continuing trend of companies providing most ESG reporting on corporate websites, rather than in SEC filings.”
Companies need to be thoughtful in considering where to disclose ESG information given heightened liability risk with respect to SEC filings, particularly when such information may not be “material” to the business.
For audits of U.S. public companies, PCAOB Auditing Standard 2710, Other Information in Documents Containing Audited Financial Statements, sets forth requirements and guidance for auditor involvement when other information is included in a document with the audited financial statements. The auditor’s responsibility with respect to information in a document that contains the audited financial statements does not extend beyond the financial information identified in the auditor’s report.
However, PCAOB auditing standards require that the auditor read the other information in documents containing audited financial statements, including ESG information, and consider whether such information, or the manner of its presentation, is materially inconsistent with information, or the manner of its presentation, appearing in the financial statements. The Center for Audit Quality (CAQ) provides the following example: if a company discloses ESG-related goals and their progress in achieving those goals in the MD&A section of an annual report on Form 10-K, the financial statement auditors would only be required to read the ESG information presented for consistency with the financial statements or material misstatements of fact, but would not be required to perform attestation or other procedures directly on the information. The CAQ further notes, a material misstatement of fact is a high threshold and, given the nature of ESG information, it may be highly unlikely the auditor would be aware of a misstatement of fact given such information is outside the scope of audits of financial statements and internal control over financial reporting (ICFR).
In addition, sustainability reports and ESG information often are included in company reports that do not include the audited financial statements. In these instances, the auditor has no responsibility for the ESG information as part of the financial statement or ICFR audits.
Many of the metrics and qualitative disclosures around ESG information are not “governed” by an established framework such as generally accepted accounting principles (GAAP), and thus, may not be subject to the same rigor of processes and controls over such processes to ensure the integrity and accuracy of the underlying data and the appropriateness of the decisions and judgments being made by management in reporting on such information. For example, the fear of corporate “green or impact washing” – the incentive to make stakeholders believe that a company is doing more to promote ESG activities, particularly environmental protections, than it actually is – has left many stakeholders questioning the reliability, consistency and accuracy of company ESG reporting. As ESG reporting continues to evolve and become a significant consideration for boards, investors, employees, suppliers, lenders, regulators and others in making business decisions, there is a growing focus on the value of assurance on such information provided by independent third parties.
The CAQ is producing a series of publications around ESG reporting and how stakeholder confidence in such reporting can be enhanced. These include:
- The Role of Auditors in Company-Prepared Information: Present and Future provides a foundational understanding of the current role of auditors in various types of company-prepared and publicly disclosed information, and how auditors are positioned to help fill existing gaps in enhancing the reliability of decision-useful information. (December 2019)
- The Role of Auditors in Company-Prepared ESG Information: Present and Future is an overview of what ESG reporting is, how investors are using the information and how public company auditors are positioned to enhance the reliability of ESG information. (July 2020)
- The Role of Auditors in Company Prepared ESG Information: A Deeper Dive on Assurance intends to build on the concepts outlined in earlier publications to provide more detail on the range of assurance services that can be provided by auditors to enhance confidence in ESG information, why assurance on ESG information might be needed and questions for Boards to consider when planning to obtain assurance on ESG information. (March 2021)
Unique qualifications of public company auditors: The CAQ lays out various reasons why stakeholders may seek out assurance and attest services as well as why public company auditors may be particularly qualified to provide such attestation services including the audit professionals’:
- Adherence to required independence standards
- Skills in understanding the business and industry, gained through experience in financial statement and ICFR audits
- Access to subject matter expertise and specialists that encompass ESG broadly
- Experience in compliance reporting with established standards and frameworks
- Long history of independently evaluating information used in making capital allocation decisions
- Execution of their work within a system of quality control
- Adherence to stringent ethics, continuing professional education and experiential requirements
Type of attestation services to be provided: Determining the scope and level of assurance to be provided will vary based on company objectives in presenting ESG information, management’s readiness, and intended users and uses of ESG information. Attest services may include:
- Examination: Consists of an examination performed by an auditor resulting in an independent opinion indicating whether the ESG information is in accordance with the agreed upon criteria, in all material respects. An examination engagement is the closest equivalent to the reasonable assurance obtained in an audit of financial statements.
- Review: Consists of limited procedures, performed by an auditor, that result in limited assurance. The objective of a review engagement is for the auditor to express a conclusion about whether any material modifications should be made to the ESG information in order for it to be in accordance with the agreed upon criteria. Review engagements are substantially less in scope than examination engagements.
Two of the most commonly referenced U.S. public filers reporting on sustainability via reference to, or inclusion within, SEC reports are Vornado Realty Trust and Etsy, both containing examples of attestation reports provided by public accounting firms.
Can a public company use the same independent auditor for their financial statement audit and attestation over their ESG information? Yes, performing a review or examination engagement of a public company’s ESG information is considered a permissible service for the independent accounting firm performing the financial statement audit, subject to pre-approval from the audit committee. However, the performance of review or examination attestation services by an independent accounting firm requires that firm to meet certain independence requirements.
In addition, the audit firm will want to consider the “readiness” of the company’s reporting processes and controls, the oversight of those charged with governance, intended use and placement of ESG information, experience and knowledge needed by the engagement team, as well as other legal and risk factors that may affect an engagement acceptance decision.
First Steps for Boards Just Beginning the ESG Reporting Journey
The AICPA and CAQ have issued a roadmap for audit practitioners laying out initial steps for those organizations and their boards who are in the beginning phases of the ESG reporting journey:
- Conduct a materiality or risk assessment to determine which ESG topics are prioritized as important or “material” to the organization, its investors and other stakeholders
- Implement appropriate board oversight of material ESG matters
- Integrate/align material ESG topics into the enterprise risk management (ERM) process
- Integrate ESG matters into the overall company strategy
- Implement effective internal control over ESG data collection, processing and reporting
For Boards Considering an Attestation Engagement
The CAQ has further prepared the following questions boards may consider for companies that have already started reporting on ESG and may be considering an attestation engagement:
- What is the purpose and objective of the attestation engagement on ESG information?
- Who are the intended users of the ESG information and related attestation report?
- Why do the intended users want or need an attestation report on the ESG information?
- What are the potential risks associated with a misstatement or omission in the ESG information?
- Does the company have a clear understanding what ESG information the intended users want or need to be in the scope of the attestation engagement?
- What level of attestation service (examination or review engagement) will help the company achieve its objective?
Additional questions for board members to consider regarding their company’s preparedness for reporting include:
- Does management have well established controls, policies and procedures for the collection of and disclosure of ESG information? Are there gaps to be addressed?
- Has the board, along with management, set specific objectives and goals for external reporting of ESG information?
- Is the information disclosed by the company consistent across its various communication channels?
- Are the ESG responsibilities at the board level clearly defined among appropriate committees and are those responsibilities directly linked to corporate strategic ESG goals and external reporting needs?
- Have the right advisors been identified to assist in preparing for reporting and/or to attest to the quality of reporting?
We encourage management, audit committees and other board members to continue to educate themselves on the evolving landscape of ESG and carefully consider the needs of various stakeholders broadly when mapping out their ESG reporting needs. Particular attention should be paid to regulatory developments in this area. We invite you to remain engaged on this subject matter via the BDO Center for Corporate Governance and Financial Reporting’s resources and educational programming.
Additional content for consideration includes our expanding ESG sub-series episodes from our BDO in the Boardroom Podcast Series:
- Board Dialogue on ESG with Board of Director Gloria Cordes Larson
- Turning the Board’s Focus to the “S” in ESG with Board of Director Nora Denzel
- ESG: A Catalyst for Strategic Boardroom Conversations with Board of Director Lara Lee
Other thought leadership:
- ESG, and the Business Case for Dealing with Climate Change
- BDO’s Integrated Thinking and Reporting Journey Guide
- SASB Issues Sustainability Reporting Standards – Why Boards Should Take Notice
 Existing applicable SEC guidance can be found in Item 101 of Regulation S-K requiring disclosure of material effects of compliance with government regulations, including environmental regulations. Foreign private issuers must describe any environmental issues that may affect their utilization of their physical assets.
 Integrated reporting (IR) – concise communications aimed at providers of financial capital allocation about how an organization’s strategy, governance, performance and prospects, in the context of its external environment lead to the creation of value in the short, medium and long-term.