We are living through a pivotal period in sustainability, environmental, social, and governance (ESG) issues. As shareholder interest in ESG data grows, ESG reporting and data disclosure are becoming vital for businesses to attract investors and build trust with customers. The foundation of credible, consistent, and appropriate ESG data is the basis of high-quality reporting by companies. Auditors, who can help ensure that data is not misreported, have an important role to play in ESG reporting.
ESG reporting must be based on a carefully developed system of operational controls and conscientiously exhibit a company’s ESG initiatives that interact with one another, its finances, and value creation. Auditors are rarely aware of such inconsistencies, and the Financial Reporting Council (FRC) of the United Kingdom determined that they “need to strengthen their awareness of climate-related risks when preparing and executing their audits.”
ESG issues go beyond the boardrooms, exerting a growing influence on the ways buyers and investors make their decisions, and therefore, developing a successful ESG strategy by complying with ESG regulations is essential.
Conducting an ESG audit is a very critical step in developing a successful ESG strategy. Thus, this article aims to provide information on:
- What is an ESG audit?
- ESG auditing and ESG assurance
- Growing demand for audit function in ESG management
- Importance of an ESG audit
- Benefits of conducting an ESG audit
- Role of internal and external auditors in ESG management
- 5 steps to conduct an ESG audit
- Key takeaways
- How RegASK can help with your ESG auditing
What is an ESG audit?
An ESG audit means identifying and evaluating potential risks as well as current shortcomings in terms of environment, social or governance factors that can affect a company’s opportunity cost, long-term growth possibilities, and eventually, its viability.
Stakeholders such as investors, boards of directors, customers, employees, and the community are all concerned about sustainability and ethical business practices. And that’s fantastic—we all want businesses, particularly large ones, to be serving their social responsibilities to make the world a better place.
Investors have been urging companies to address ESG risks along with opportunities to see through their potential impact as a shareholder. As a result, investors are encouraging companies to not only audit financial information but also include the business’s ESG credentials for greater reporting transparency.
Therefore, an ESG audit means evaluating and reporting the vast dimensions of information that may range from climate change, human rights, and corporate diversity to anti-corruption, stakeholder engagement and supply chain management, in the form of quantitative and qualitative data.
ESG auditing and ESG assurance
An ESG audit is internal as various organizations are providing in-house training to employees in departments of Sustainability, Finance, HR, Legal and other sustainability-related teams for ESG data and reporting. Internal auditors assess a company’s internal controls. They help in identifying and advising the board members about anticipated risks and potential opportunities that the company holds. Internal audits should look into how well management is dealing with climate change and other social and governance threats while also providing insights that can help the organization improve its reporting processes and controls.
On the other hand, an ESG assurance is carried out by a third party that serves a variety of purposes, the most important of which is to assure that the information presented to stakeholders and decision-makers is correct and reliable. ESG assurance can be performed by both an internal audit committee and external auditors; however, ESG assurance from an external party helps to build credibility and trust in ESG reports through ESG certifications.
While an internal audit provides information and monitoring on the potential risks and dishonest business activities internally, an assurance analyzes and assesses the information provided to the stakeholders or the trustees for better decision-making.
An internal ESG audit and independent assurance are connected as they are inter-dependable in terms of their functions. The internal audit ensures that the metrics are being disclosed promptly, and third-party assurance is provided to examine all the metrics to verify reporting accuracy.
Since stakeholders especially investors are demanding more accountability and consistency in a company’s ESG reports, opting for an independent ESG assurance service has the potential to enhance the credibility of disclosures, complementing the role of an internal audit.
Growing demand for audit function in ESG management
As the need for ESG disclosures grows, the demand for performing an ESG audit with oversight by the audit committee also increased. The audit committee has been playing a vital role in overseeing financial reporting, internal controls and audit processes, hence they are in a good position to understand a company’s data landscape and metrics to assist companies to develop high-quality ESG disclosures for investors. Companies must choose ESG Key Performance Indicators (KPIs) that add substantial value to the company’s business. An audit and assurance are performed to ensure that the ESG data being released is accurate and trustworthy, and that ESG KPIs are being followed and measured.
Auditors must receive the necessary ESG training that is tactically aligned with the business objectives, and follow the best course of action for preparing and conducting the audit for subsequent effective communication with stakeholders.
Importance of an ESG audit
ESG audits hold strong importance for various stakeholders such as investors, employees and consumers as they are constantly seeking out companies that implement ESG practices in their businesses. Such practices require the companies to demonstrate that they are proactively developing indicators and tracking the effectiveness of their activities to avoid jeopardizing their ESG initiatives.
Because of this, auditing will play a critical role in the companies’ sustainability and ESG efforts by validating their activities through data. In reality, to strengthen corporate governance and gain more support for ESG initiatives, auditors will have to improve their communication roles as well.
When reporting to stakeholders, the key for an organization to showcase the integrity of their ESG information is to adopt a good audit communication method, whether internal or external. In keeping with this, ESG rating firms evaluate companies based on extensive surveys and analysis of publicly available data, some of which are disclosed directly by the companies. Auditors can help with communicating the appropriate data to stakeholders and ESG rating firms to boost a company’s ESG reputation.
Benefits of conducting an ESG audit
Environmental, social, and governance reporting is fast transitioning from a voluntary to a mandatory procedure as more and more investors demand ESG disclosures after realizing its importance. Finance teams need to ensure the accuracy and consistency of the reporting to a variety of stakeholders. The benefits of conducting an ESG audit include, but are not limited to:
- Improving the reliability and accuracy of ESG and sustainability reporting
- Aligning ESG and sustainability criteria with financial data
- Removing duplication in data gathering, aggregation, and reporting
- Measuring current ESG performance against goals and objectives
- Reducing risks by conducting risk assessment and controls
- Contributing to a company’s overall competitive positioning by increasing operational efficiencies, reducing waste, and improving its reputation
Role of internal and external auditors in ESG management
Since climate or other ESG risks are financially significant, auditors must assess that those risks are correctly reflected in the accounts, to report whether the transactional statements are giving a true and accurate representation of a company’s financial situation. The auditors are responsible for the audited financial statements that are included in the company’s ESG reports. The same is true if an audit firm provides third-party assurance or external assurance, especially for annual ESG reports or other significant ESG disclosures. If a company or its shareholders incur losses because of a failure to correctly report ESG risks, auditors may face civil liability, regulatory action, and shareholder pressure.
Role of internal audit in ESG management
As ESG risks become more visible and common in executive management decision-making, the board needs credible assurance on the efficacy of ESG risk management, which includes ESG reporting, and that assurance should be carried out by the internal auditors. Internal auditors can assess a company’s ESG risks from a variety of perspectives and assist in connecting the dots. For instance, the internal auditors can examine governance procedures by investigating whether the business has built a governance structure that supports successful climate risk management, and whether such information on climate risk is being communicated to the board.
Engaging external assurance services
Engaging an external assurance service has its own set of benefits since service providers are independent of the client’s organization and can provide objective opinions and enhance investor confidence and trust in ESG reports. External auditors must show a proven record of having the necessary skills of evaluating information independently and hold experience in reporting information based on various internationally and nationally developed standards. It has been observed that external auditors have started providing assurance on various ESG metrics which improves the credibility and quality of ESG management and reporting process.
5 steps to conduct an ESG audit
1. Identifying the people involved
The process of conducting an ESG audit involves internal employees and/or committees of the company who would gather information on the company’s ESG initiatives, risk management practices, processes and operations in coordination with the board. Identifying the right stakeholders involved in a company’s ESG management is very essential as an ESG audit will include information concerning the interests and demands of the stakeholders.
2. Understanding ESG reporting standards and frameworks
While there is currently no uniform approach to ESG reporting, certain globally recognized reporting frameworks such as the GRI, SASB, IIRC and TCFD are widely used for ensuring consistency. The space of ESG reporting standards and frameworks is ever-evolving and gaining traction worldwide.
3. Conducting ESG material assessment
The majority of companies link materiality to a company’s transactional statements. However, businesses need to consider social materiality along with financial materiality which is in the ever-increasing interest of all stakeholders.
4. Verifying the quality and accuracy of data
ESG reporting demands the same level of control and management as financial and non-financial disclosures because investors and others rely on it for their decision-making. This comprises rigorously applied systems and internal controls that guarantee disclosures are comprehensive, accurate, and consistent. The disclosures will then be considered “investor-grade.” Companies should carefully examine the control environment in which data is generated and implement effective internal controls and processes to make sure that the data is accurate and consistent.
5. Engaging independent assurance
Non-financial data isn’t normally included in financial statements, so it may not belong to the scope of an internal audit. Third-party assurance can be requested and conducted to ensure that ESG processes and policies are followed effectively. This will help the company in adding credibility to the ESG report, gaining investors’ attention and building trust amongst various stakeholders.
The method for reporting ESG data is largely flexible. Both auditors and other business units within an organization can help communicate a more trustworthy, accessible, and appropriate ESG report by following the procedures outlined above. The outcomes go beyond stakeholder trust. A collaborative approach to ESG auditing will add value to the company while also minimizing gaps and risks. As a result of this effective reporting, there is a greater focus on economic, social, and environmental goals, which advances the journey to a more sustainable future.
Internal audit must comprehend the external environment, demonstrate the organization’s belief and confidence in adapting to the ESG demands, and determine how the associated risks are being accounted for and managed appropriately. In many circumstances, this will necessitate a total overhaul of an ESG audit’s strategy, planning, and focus.
How RegASK can help with your ESG auditing
Another set of stakeholders, that is, national and global regulators, are amplifying the requirement of reporting ESG data. For example, the EU commission is planning on expanding its CSRD rule to include a larger number of unlisted companies that need to disclose their ESG related information. In the United States, a new Climate and ESG Task Force has been set up by the Securities and Exchange Commission at the Division of Enforcement. Under the existing rules, the task force’s duty is to investigate the corporate disclosures for any gaps or misstatements.
To help you keep up with all the different regulations and regulatory changes taking place across the globe, the RegALERT and RegInsight tools by RegASK detect and notify any potential changes to ESG regulations anywhere in the world, which can lead to better adoption and evolution in a company’s ESG strategies.
To know more about the RegASK platform, please contact us for a demo to ensure you choose the right path towards ESG compliance.
Want to know more about ESG compliance? Speak to our experts
Or you can also WhatsApp us by clicking this number +65 8128 2161