Companies are realizing the benefits of third-party ESG data assurance

Environmental, social and corporate governance (ESG) has emerged over the last decade as one of the most popular initiatives for organizations throughout the U.S. Yet, the rapid rise of ESG’s importance in the minds of business leaders, investors and consumers has helped sprout a new critical component: verifying the accuracy of ESG data.

The concept may sound like a simple one. Naturally, as organizations generate more data related to their ESG initiatives, their business leaders and stakeholders ultimately will require an increased level of assurance that this information is being reported accurately and consistently.

Of course, internal team members cannot be tasked with providing this verification. It simply is too difficult to achieve independence when handling audits in-house. And make no mistake about it – an examination of a company’s ESG data is an audit. And as ESG continues to grow in popularity and importance, this type of assurance procedure has become more necessary than ever.

Types of third-party ESG assurance

There are three different types of assurance that an organization could seek. At the moment, virtually all the ESG assurance engagements performed at Baker Tilly fall under the first two categories.

Reasonable assurance: This is the highest level of assurance that can be attained and is usually gained through an examination or financial statement audit. This does not mean absolute assurance, but rather performing procedures to lower the audit risk (i.e., the risk that an inappropriate opinion is issued) to an acceptably low level.

Limited assurance: A lower level of assurance that results from the performance of a review engagement is limited assurance. A review requires much less rigor than an examination and an auditor’s opinion is expressed in more of a negative format (i.e., saying that nothing came to the auditor’s attention that would indicate that management's assertion is materially misstated).

No assurance: This level is more commonly known as an agreed-upon procedures (AUP) engagement. In these engagements, management tells the auditor exactly which procedures to perform and there is almost no room for auditor judgment. The final deliverable is a report that restates the procedures as dictated by management, followed by the results of an auditor’s performance of those procedures.

Third-party ESG assurance today

At the moment, large companies are leading the charge on third-party ESG audits. This makes sense since Fortune 100 companies and other public organizations are generally guiding the way on ESG in general. That said, the need for middle-market companies to dive into ESG assurance isn’t far in the future.

Naturally, there is some resistance when it comes to implementing third-party ESG audits. The concept of dedicating time and money to an examination of non-financial data is challenging for some business leaders to accept. But even in instances where CFOs and controllers are hesitant, the pressure to report on ESG data continues to mount.

There are a multitude of reasons why companies are beginning to focus resources on third-party ESG assurance, which can be broken down into internal and external motivating factors.

External reasons for enlisting a third party to handle your ESG verification include:

1. Compliance: Regulations surrounding ESG disclosures and reporting are increasing, and many of these requirements target public companies and government contractors. That said, private companies are the indirect emissions of a public company’s supply chain, so even though private companies are not directly subject to SEC rules, they must comply. Why? Because the public companies have reporting requirements and obtain data from their suppliers (with assurance).
   In either case, as the SEC pushes for ESG reporting regulations and the Carbon Disclosure Project (CDP) encourages third-party verification of ESG data, pressure is starting to build on both public and private companies to fall in line. There will be more – certainly not fewer – ESG regulations in the future. So, the sooner companies can begin their compliance journey, the better.
2. Reputation: ESG verification helps increase trust and legitimacy in the marketplace by demonstrating that organizations are not only doing the right things, but that they are executing them correctly and making a positive impact. As a result, the approval of an independent third party can help a company attract the attention of potential investors and business partners, and continue to build trust with customers and other key stakeholders. Additionally, rating agencies give “extra credit” to organizations that obtain assurance over their ESG data.
3. Cost of capital: Complying with regulations and improving a company’s standing in the marketplace are often connected directly or indirectly to financial benefits. Companies with higher ESG ratings tend to get greater access to capital [1]. Increasingly more investors are seeking out socially responsible and environmentally conscious companies, which puts additional importance on organizations being able to not only demonstrate but to prove that they are committed to the types of ESG practices that are attracting billions in investment dollars across the country – and throughout the world.

From an internal standpoint, companies are rapidly seeing ESG third-party verification benefits, such as:

1. Improved practices: Undergoing an ESG third-party verification process annually increases an organization’s reliability over its data, which helps leadership make more informed choices. With a sustainability-lens and trusted data, business leaders can confidently pull the right levers, make strategic adjustments and spend money in the most optimal areas.
2. Risk identification: ESG risks are, in many ways, tied closely to a company’s finances, long-term strategy, and internal and external reputation. With this in mind, a third-party ESG verification could help an organization identify areas of weakness (and opportunity) related to sustainability and governance. Therefore, the organization can proactively address looming risks – both ESG risks and non-ESG risks – before they are harmful to the company.
3. Consistency: Financial statement audits typically come directly from a company’s ERP system and feature good controls in terms of accessibility and change management. On the other hand, ESG data can come from many internal departments. Some track information well and others do not. Some have strong controls in place, whereas others are completely lacking. With many different business segments gathering information on ESG initiatives, it often takes a third-party verification to assess the quality and accuracy of the data and perhaps most importantly, to alert the CFO and other key internal stakeholders that ESG needs to be an area of focus moving forward.

Looking ahead to a revolution

The verification of ESG data is going to be a revolution. Moving forward, if a company’s ESG data isn’t verified, then it won’t actually mean anything to investors, customers, board members, etc.

The business landscape will continue to see many more non-financial controllerships, which is a testament to how significant the ESG impact is and will continue to be. Controllers are going to be wearing two hats with one focused on non-financial reporting. ESG audits may not end up being side-by-side with financial audits, but they won’t be far behind.

Even if your company isn’t ready for third-party verification today, forward-thinking organizations are planning for the future. Visualize your sustainability road map through the lens of your business strategy for accessing capital or reporting to governing agencies. Consider how third-party verification can help position your company for success from a reputational, financial, operational or ESG rating perspective.

To discuss how Baker Tilly can assist with this process – either by preparing your organization from an ESG readiness standpoint, by assisting with data sources and data validation, or by conducting your ESG third-party verification – contact us today.