Skip to main content

ESG audit readiness

Discover the latest EU legislative initiatives reshaping ESG reporting and mandating assurance on sustainability disclosures.

From ensuring audit readiness to navigating complex regulatory landscapes, undertakings face multifaceted challenges. Deloitte stands ready to guide organisations through this transformative journey, offering expertise in decarbonisation strategies, supply chain sustainability, governance effectiveness, and more. Embrace the future of sustainable business with Deloitte and drive positive change today.

Assurance requirement on ESG information published

 

The Corporate Sustainability Reporting Directive (CSRD) is an EU Directive published by the European Commission (EC) which brought a major overhaul towards mandatory ESG reporting and its assurance. ESG reporting requirements came into effect as of 1 January 2024 for all those undertakings with securities listed on an EU-regulated market with the exception of micro-listed undertakings. Gradually, a vast number of other undertakings will also be subject to these reporting requirements. An important step which marked a significant advancement within this sustainability journey was the mandatory requirement by the CSRD for undertakings to obtain assurance on the ESG information presented.

Furthermore, under the CSRD, the audit committee is entrusted with the responsibility to undertake specific tasks related to ensuring the integrity of sustainability reporting and its assurance. Such tasks include:

  • Monitoring the undertaking’s internal processes for sustainability reporting to ensure compliance with the European Sustainability Reporting Standards (ESRS);
  • Contributing to sustainability information integrity by submitting recommendations and articulating its role in this process;
  • Limiting the possibility of any fraud or greenwashing through the monitoring of the undertaking’s risk management systems, internal control and internal audit function;
  • Monitoring the assurance of annual and consolidated sustainability reporting;
  • Informing the Board of Directors and senior management of the undertaking about the outcomes of the assurance process for sustainability reporting; and
  • Reviewing the independence of assurance providers.

Functions of the audit committee relating to sustainability reporting and its assurance should be performed by the existing audit committee as a whole or by a newly established committee dedicated to sustainability reporting.

Indeed, assurance serves to provide an additional professionally acceptable communication tool which demonstrates that the performance of an organisation meets the current standards. It ultimately results in undertakings gaining the trust of stakeholders by mitigating the risk of possible ‘greenwashing’ or misstatements in social and governance disclosures. At first, the assurance requirement will be limited but over time this will be transitioned to reasonable assurance. As the assurance process becomes imminent, the question of ‘audit readiness’ comes more to light.

Understanding audit readiness


Audit readiness for ESG assurance translates into whether the reporting undertaking is able to substantiate all the information presented in the sustainability report when the assurance practitioners scrutinise such information.Prior to being subject to the assurance process, the reporting undertaking must have a clear understanding and knowledge of its internal controls, processes, policies, methodologies and supporting evidence backing up the reported information on the chosen critical data points. The clear segregation of roles and responsibilities within the undertaking and a strong board presence should alleviate the risk of having potential gaps in reporting standards. This culminates in providing high-quality information and accurate strategic Key Performance Indicators (KPIs) to the assurance practitioners, who must look at the whole process and be able to understand the logic behind the presented information including the respective supporting documentation. By virtue of such, the assurance practitioners would be able to provide a reliable and correct audit opinion.


Undertakings’ preparation in becoming audit ready


For many reporting undertakings, ESG reporting may prove to be a challenge, especially during the initial years. To be audit ready, reporting undertakings must:

  • Identify the applicable ESG reporting standard;
  • Perform the Double Materiality Assessment (DMA) process to identify the material impact, risks and opportunities (IROs) and ESG disclosures to be included in the sustainability report;
  • Determine the data that needs to be collected from data owners within different functions, given that the disclosure requirements encompass qualitative and quantitative data of different nature between environmental, social and governance (such as transition plan for climate change mitigation, employee turnover, whistleblower protection);
  • Understand the need for capacity building and address such needs. Data must be gathered with the necessary audit trail and to do so, ESG systems and processes need to be digitised;
  • Obtain reliable information from within their value chain which is a challenge as the sources of data may exhibit disparities in quality, subjective assessments and estimations; and
  • Build a robust team and attract experts in the field to attain high-quality reporting which may be a challenge in the local scenario.

From an audit readiness perspective, large reporting undertakings should look to formalise an ESG steering committee in which the internal auditor is a key individual. Internal auditors are experienced in auditing and building documentation so they would be able to ensure that reported ESG information is actually substantiated by an audit trail.

 

Repercussions of not being audit ready


As has been previously identified, reporting undertakings may face several challenges before they can be deemed audit ready. Such responsibility falls on the reporting undertaking’s management. If management is unable to provide accurate and comprehensive information, assurance practitioners may encounter considerable difficulties during the assurance process including having to modify the opinion of their assurance report when considering the reporting undertakings’ readiness.


Modification of an opinion or an emphasis of matter may put a reporting undertaking in the limelight and may also influence its reputation. The auditor’s opinion is based on whether the sustainability report is prepared in accordance with the applicable reporting standards. Regulators and other intended users acknowledge that preparers have difficult challenges to overcome and thus achieving high-quality sustainability reporting from the outset is not an easy task. In turn, undertakings are urged to be transparent on how they are addressing the challenges to enhance the quality of information used in sustainability reporting over time because it's not the assurance practitioner who holds this responsibility, but it is the board of directors who is responsible for meeting stakeholder expectations with regards to sustainability reporting.

In addition to ensuring audit readiness, reporting undertakings must also consider a range of other factors to enhance the integrity and effectiveness of their ESG reporting. These considerations encompass various aspects of sustainability management and compliance with evolving regulatory frameworks.

Below are key points that need attention:

• Baseline calculations on the undertaking’s GHG spend: understanding the current carbon footprint is essential for setting meaningful emission reduction targets and tracking progress over time. Conducting baseline calculations enable undertakings to identify areas for improvement and develop tailored strategies to mitigate environmental impact. Undertakings may collect primary data from the suppliers or in the case of Scope 3 emissions when there are complex value chains, secondary data may be used (such as industry average data). For example, the ‘spend-based method’ as provided by the GHG Protocol, estimates emissions for goods and services by collecting data on their economic values and multiplying them by secondary emissions factors (e.g., industry average emissions per monetary value of goods);

• Strategy to reduce GHG spending in accordance with the SBTi: aligning with Science-Based Targets initiatives (SBTi) provides a credible framework for setting emission reduction goals in line with climate science. Implementing strategies to reduce GHG emissions not only mitigates environmental risks but also enhances resilience and competitiveness in a carbon-constrained world. Additionally, the SBTi released guidance on how undertakings need to be engaged in Beyond value chain mitigation (BVCM), which is an initiative of the EU carbon renewable framework. BVCM, as defined in the SBTi Corporate Net-Zero Standard, encompasses "mitigation action or investments that fall outside an undertaking’s value chain, including activities that avoid or reduce GHG emissions, or remove and store GHGs from the atmosphere". Integrating BVCM strategies into sustainability initiatives further strengthens the undertaking's commitment to combatting climate change and achieving net-zero emissions targets;

• Financing challenges: transitioning to a more sustainable business model often requires significant investments in renewable energy, energy efficiency, and other sustainability initiatives. Undertakings may encounter financing challenges, necessitating innovative approaches to secure capital and manage financial risks associated with sustainability investments. Financial return is important when investing and this is no different for sustainable investments. However, traditional financing opportunities may not always align perfectly with sustainability objectives, as they may prioritise short-term returns over long-term sustainability goals. Therefore, undertakings should explore alternative financing mechanisms such as green bonds, sustainability-linked loans, or impact investing to access capital specifically for sustainable projects;

• Disclosure strategy and reporting: undertakings often benefit from the expertise, global reach, and established reputation of larger advisory firms. Transparent and comprehensive disclosure of ESG performance is vital for building trust with stakeholders and enhancing reputation. This enhances trust with stakeholders, meets stringent regulatory requirements, and boosts investor confidence. Transparent and comprehensive disclosure of ESG performance is vital for building trust with stakeholders and enhancing reputation. Developing a robust disclosure strategy involves ensuring alignment with regulatory requirements to provide meaningful insights into the undertaking’s sustainability performance. Multiple market developments and heightened regulatory and legal scrutiny indicate that the transparency and accuracy of sustainability reporting are increasingly important. In addition to NGOs and consumers, regulators and investors increasingly demand the communication of a thorough sustainability assessment and management of related risks and opportunities. An increasing amount of financial instruments and business partners demand a clear assessment and articulation of the undertaking’s sustainability performance;

• Double materiality assessment: a double materiality assessment is a requirement and serves as the cornerstone for determining which material information on sustainability matters to be included in a sustainability report under the CSRD. In doing so, undertakings shall identify the IROs across environmental, social and governance matters which are determined to be material from the impact materiality perspective (inside-out), the financial materiality perspective (outside-in) or both. Undertakings must engage internal and external stakeholders—such as employees, customers, investors, alliance partners, suppliers, and local communities—throughout the process in order to get the most from their perspectives. Therefore, any materiality assessment must include comprehensive stakeholder mapping as well as stakeholder engagement throughout the entire process. By engaging with stakeholders—via interviews, surveys, workshops, and dedicated feedback loops—undertakings can understand their perspectives and needs and the topics that are material to the undertaking. This assessment involves considering various risks, including the completeness and integrity of data, accuracy of estimation results, availability of upstream and/or downstream value chain data, and the timing of information availability. Documentation generated from this process not only informs governance but also aids in preparing certain required disclosures, which encompass general requirements regarding the identification of IROs, assessing their materiality, and facilitating the work of assurance providers. This documentation also aids the board of directors in the internal control processes in sustainability reporting.;

• Data and process management controls: establishing robust data management and process controls is essential to ensuring the accuracy, reliability, and integrity of ESG data disclosed in sustainability reports. Many undertakings struggle with a widespread problem concerning the comparability and accuracy of GHG emissions data, particularly those with complex value chains involving hundreds of suppliers. Implementing data governance frameworks and leveraging technology solutions can address these challenges by enhancing data quality, streamlining reporting processes, and facilitating timely decision-making;

• Potential supply chain disruption: the CSRD mandates that reported information encompasses not only an undertaking’s own operations but also its upstream and downstream value chain, including its products and services, and business relationships. Supply chain disruptions, exemplified notably during the COVID-19 pandemic and recent geopolitical instabilities, alongside challenges such as high inflation and interest rate volatility, force undertakings to reassess their supply chain strategies. Undertakings are required to evaluate and mitigate risks stemming from supply chain disruptions, spanning climate-related events, regulatory shifts, and geopolitical uncertainties. Fostering resilience in the supply chain through diversification, collaboration, and contingency planning becomes imperative to mitigate operational disruptions and ensure business continuity. Undertakings must allocate substantial resources to manage relationships with suppliers, particularly those exposed to economic, environmental, and social risks while integrating risk assessments into their procurement decisions.

Sustainability reporting is central to the EU's green strategy, reflecting a commitment to greater transparency regarding undertakings' sustainability practices.

In the coming years, momentum towards enhanced disclosure of sustainability credentials will intensify. The EU's ambitious 2040 climate target, announced during 2024, seeks to slash net emissions by 90% by 2040 compared to 1990 levels.

As regulatory frameworks evolve, understanding and adhering to these obligations become paramount to mitigating legal risks and improving sustainability performance.

The EU is focusing substantial legislative efforts on five main themes:

• Circularity has emerged as a clear imperative in the realm of sustainability. The EU's Circular Economy Action Plan has seen significant legislative advancements. For instance, the Packaging and Packaging Waste Regulation (PPWR) play a crucial role in advancing circularity goals. This regulation establishes targets for incorporating specific amounts of recycled content into various packaging products. Undertakings are required to substantiate any environmental claims associated with new products, ensuring compliance with the Green Claims Directive, and mitigating the risk of greenwashing. Additionally, the PPWR aims to minimise packaging waste by promoting reuse and refilling, introducing mandatory deposit return systems for plastic bottles and aluminium cans, and curbing over-packaging and unnecessary wrappings;

• Supply chain plays a critical role in shaping sustainability efforts, particularly in the context of the EU's commitment to decarbonise its economy. The EU stands as a global frontrunner in advocating for supply chain sustainability. For instance, The Corporate Sustainability Due Diligence Directive (CSDDD) mandates large EU undertakings – with at least 1,000 employees (calculated on a full-time equivalent basis) and EUR 450 million worldwide net turnover – and non-EU undertakings – with at least 450 million net turnover in the EU – to conduct comprehensive environmental and human rights due diligence across their operations, subsidiaries, and value chains. The rules will start to apply in 2027 for undertakings with more than 5000 employees and a net turnover of 1500 million. All in-scope undertakings will be subject to the rules by 2029;

• Decarbonisation stands as the ultimate goal of numerous EU initiatives, each playing a crucial role in reshaping the environmental landscape. For instance, the Carbon Border Adjustment Mechanism (CBAM) is poised to regulate imports into the EU by subjecting certain products from third countries to a carbon levy linked to the carbon price under the EU Emissions Trading System (ETS). This mechanism aims to prevent 'carbon leakage' and incentivise emissions reductions both within and outside the EU. Another relevant legislation is the EU Emissions Trading System (ETS), which operates by setting a cap on overall emissions from covered installations, which is progressively reduced each year. This cap-and-trade approach allows undertakings to buy and sell emission allowances, providing flexibility in emission reduction efforts. The system has expanded to cover maritime transport from 2025, with a gradual phase-out of free allowances for the sector by 2034. The upcoming launch of the EU ETS for buildings in 2027 further underscores the EU's commitment to decarbonisation across sectors. Additionally, on sustainable transport fuel, the EU has adopted the ReFuelEU Aviation and FuelEU Maritime regulations. These regulations mandate the use of sustainable fuels in aviation and maritime transport, with targets set to increase the minimum percentage of sustainable fuels used over time. By 2050, these regulations aim for a substantial portion of aviation and maritime fuels to be sustainable, contributing to decarbonisation efforts in the transportation sector.

• Deforestation, the European Union Deforestation Regulation (EUDR), effective June 2023, seeks to minimise the EU's impact on global deforestation and biodiversity loss by ensuring deforestation-free supply chains. It mandates companies to perform rigorous due diligence on the origin of commodities, compliance with environmental and social regulations, and the implementation of traceability systems. The European Commission and the European Parliament recently reached an agreement on the proposed targeted amendment to the EU Deforestation Regulation to postpone the date of application by 12 months. According to the amended regulation, large operators and traders must comply with the deforestation regulation starting on 30 December 2025, while micro and small enterprises have until 30 June 2026 to meet the requirements.

• Greenwashing, where undertakings that want to minimise their exposure to greenwashing risk must ensure there is no mismatch between what they say they are doing and what they are doing. For instance, the ‘Green Claims' Directive responds to concerns over vague or misleading environmental claims, seeking to enhance transparency and credibility in product labelling. It mandates undertakings to substantiate any voluntary green claims made in business-to-consumer communications, aligning with specific requirements to ensure the accuracy and reliability of environmental assertions.
 

Closing remarks

 

Fulfilling the requirements for ESG reporting and assurance should not be considered a tick-box exercise. The key element of being audit-ready is to invest in knowledge as there is a lot of strategic data that has to be included in the sustainability report. Moreover, it is vital to start the reporting journey as early as possible to allow time for remediation if required because audit readiness would not necessarily equate to a clean audit opinion. Thus, audit readiness should not only be the mindset at the management level but also throughout the whole undertaking.
 

How can Deloitte help?

 

Regardless of industry or geography, organisations face dynamic, connected challenges: from environmental degradation and human rights challenges to shifting geopolitical power and focus on inclusive growth, our ESG team can help you manage the environmental, social and governance issues that are going to transform how we live and work. We help you focus on what matters most and drive the change required to meet society’s expectations and thrive in a low-carbon economy. ESG is a data-driven discipline that can empower leaders to make positive and impactful decisions. Our services will drive you through the necessary changes for reaching the ultimate goal of being ESG audit-ready, which is strongly related to the capacity to implement systems that will digitise data-gathering processes. The following three pillars showcase our service offerings:
 

Helping you create a new, sustainable future for your businesses, and develop the low-carbon products, services and revenue streams the future requires.

• Decarbonisation strategy and execution;
• Ethical supply chain;
• Tax policy and green tax strategy;
• Accessibility to grants and incentives;
• Navigate the complex ESG landscape; and
• Biodiversity and natural capital strategies.
 

Working with you to rewire your existing business and prepare it for significant changes in infrastructure, people, and processes.

• Climate risk and resilience, including stress testing;
• Diversity, inclusion, and equal opportunities;
• Workplace safety and privacy; and
• Emissions trading and offset.
 

Through the network, we will support you with setting the right targets and creating a clear ESG communication narrative, backed by robust and accurate measurement systems.

• ESG reporting advisory and assurance;
• Governance effectiveness and benchmarking;
• Board composition and effectiveness;
• Ethics and compliance optimisation;
• ESG accounting, management information and optimisation software (design, deliver and run); and
• ESG technology, data gathering systems and processes and analytics advisory.

Did you find this useful?

Thanks for your feedback