Companies covered by the Corporate Sustainability Reporting Directive (CSRD) will not only have to prepare a compliant report, but also have it audited. The audits are an independent assessment of whether the claims in the sustainability report are factual and based on the established norms.
For many years, large corporations have been required to have their annual financial report audited by a certified auditor. However, with the introduction of the CSRD, large companies will soon also have to have their sustainability report – which will be integrated into the annual report – audited.
Certain companies already have their sustainability reports voluntarily audited. The auditor then checks whether the frameworks, such as the Global Reporting Initiative (GRI) standard and the Greenhouse Gas Protocol (GHG), are correctly applied.
With the CSRD, that audit becomes mandatory for all companies. For the auditing process, the CSRD adopts the principles of ISAE-3000 (the International Standardon Assurance Engagements). That standard describes two types of audit: one with limited assurance, and one with reasonable assurance. Initially, ESG audits will be carried out with limited assurance, with reasonable assurance becoming mandatory at a later stage.
In all cases, the auditor aims to provide a meaningful statement on the sustainability information contained in the report. The difference between the two types of audits is the degree of detail in the examination. The reasonable assurance audit considers more data; although that does not mean that a limited assurance audit would be mere guesswork:
The formulation of the audit report is a second difference:
The fact that only an audit with limited assurance is required in the first few years does not mean that reports can be less accurate. Auditors should always be able to rely on the most accurate information possible. For example, auditors will check how companies have calculated their carbon footprint: Have they followed a certified protocol, used the right conversion factors, correctly taken the volume of gas consumption from their invoices, etc.?
Exactly what data they request will be determined on a case-by-case basis. There will be no ‘checklist’ for auditors to check whether all sustainability aspects are covered in the report. The double materiality analysis is the focal point, as it determines what each company must report on. In the final standards, released on 31 July, only the general disclosures are mandatory. The other standards are subject to the materiality analysis.
So, no checklist, but the auditors will look at four broader criteria (see textbox). In addition, they will examine numerous sustainability indicators. These are very diverse: think of CO2 emissions, NOx emissions, energy consumption, renewable electricity, waste management, environmental complaints, workforce, number of training hours, physical health, occupational diseases, accreditation for responsible sourcing of raw materials, etc.
The mandatory reporting and auditing do not include any statements about possible sanctions in the event of careless reporting. Nevertheless, an important caveat to this exists: both the sustainability report and the audit report are published publicly. Stakeholders can hold the board liable for incomplete or incorrect reporting, or a negatively assessed audit. Thus, indirect consequences can indeed be expected for companies that try to get off easily.
In Belgium, the law transposing the CSRD is not yet known. However, it is to be expected that in our country auditors will be the preferred partners for ESG audits, even though Europe is opening up the market to other parties.
It is obvious that companies are facing a lot of new reporting requirements. Don’t wait too long to get your business and processes ready for this, because 2025 is not far away. Are you overwhelmed by the multitude of new provisions? Pantarein helps you every step of the way towards CSRD compliance. Need help to get started? Then get in touch at mail@pantarein.be.
