How independent assurance can support reliance on your third-party sustainability data

With companies increasingly relying on data from third parties as part of their sustainability reporting, focusing on the quality of this data is paramount. This blog introduces the concept of independent assurance for third-party data, a process common in financial reporting – and one that would bring significant benefits to sustainability reporting. It will explore the importance of ensuring data quality, the risks associated with third-party sustainability data, and how independent assurance can provide transparency, mitigate risks, and enhance stakeholder confidence.

The challenge of third party data

Traditional approaches to assurance have involved direct testing of data. However, given the breadth and volume of data involved when it's provided to numerous users, this approach becomes less feasible. It is therefore crucial to identify, understand, and assess the controls over the collection, compilation, and reporting of this data.

In today’s business environment, sustainability performance is increasingly scrutinised by stakeholders and the integrity of sustainability data has never been more critical. In many cases, companies rely on third parties for sustainability data that underpins vital decisions – from setting corporate targets and fulfilling regulatory disclosures to environmental tax reporting and securing sustainability-linked loans. Companies can incur penalties in terms of fines, legal costs, operating restrictions and reputational damage for misreporting.

For data users, this reliance on external data introduces inherent risks. While you are likely to understand the controls governing sustainability data within your own organisation, the same visibility often doesn't extend to third-party providers. This lack of transparency can unknowingly compromise data quality leaving reporting companies vulnerable to data errors. Independent assurance of a supplier’s sustainability data processes and controls can help to bridge this gap, providing transparency into data management and operational activities.

Typical examples of third party sustainability data

Third-party sustainability data can encompass a wide range of information, including:

• Waste management: Data on waste collected and diverted for recycling or disposal.
• Packaging information: Details on recycled content and other packaging information affecting Extended Producer Responsibility (EPR) and tax liabilities.
• Scope 3 emissions: Greenhouse gas emissions from business travel and transportation or products.
• Financed emissions: data provided by ESG scoring and data gathering organisations.
• Supply chain certifications: Verification of deforestation-free products and ethical practices.
• Carbon credits: Delivery data for carbon offset projects.
• Scenario analysis: On which critical climate risks and opportunities are evaluated.

Replicating the rigour of financial data assurance

As part of financial reporting, it is standard practice for third-party service providers such as IT service providers, payroll companies and asset management providers to demonstrate the effectiveness of their internal controls through third-party assurance reports. Known as System and Organisation Controls (SOC) reports these support a licence to operate in certain markets.

Traditionally, this level of rigour has not been applied to sustainability data. However, the tide is turning. Companies now recognise the imperative to be confident in their sustainability data to help prevent restatements and help to ensure the reliability of their reported figures.

Benefits of using third-party assurance

Whether you are a user of third-party data or a provider, third-party assurance offers tangible benefits:

For data users:

• Risk mitigation and compliance: Identify weaknesses in third-party data processes and increase confidence in regulatory compliance submissions.
• Operational efficiency: Streamline due diligence and audit processes with consistent assessments.
• Enhanced reputation: Demonstrate strong governance, a commitment to transparency and reliable sustainability reporting.

For data providers:

• Competitive advantage: Showcase robust controls and data quality to attract and retain customers.
• Regulatory readiness: Meet evolving requirements and maintain a “licence to operate”.
• Efficiency gains: A single assurance report can serve multiple clients reducing duplication of efforts. As the sustainability data becomes more relevant and impactful, driving financial rewards and penalties, users and their auditors are taking a much greater interest in the quality of data. An independent third-party assurance report provides the confidence required, avoiding the need for multiple sets of auditors examining data sources

The path forward

As sustainability matters continue to be material to businesses, the demand for reliable, decision-useful data will only intensify. The reliance on third party data will continue to dominate critical sustainability metrics from scope 3 emissions to sustainable value chains. Third-party assurance is a way to enable organisations to build confidence in their sustainability data beyond the boundaries of their own organisation, enabling them to meet regulatory expectations and enhance stakeholder trust.

Deloitte has experience in delivering third-party and sustainability assurance services. To learn more about how we can support your sustainability journey through sustainability third-party assurance, contact our team of experts.