Document from IFAC deals with building trust in sustainability reporting and preparing for verificationIt highlights how to create effective governance mechanisms and controls to increase trust in sustainability information. The goal is to ensure that sustainability reporting is conducted with the same rigor and ethical approach as financial reporting.

The document highlights that finance departments and specialist departments such as sustainability or ESG controllers play a key role in improving the quality and relevance of sustainability information. By combining financial reporting expertise with sustainability reporting, companies can create integrated management and internal control environment for financial and sustainability reporting.

The main points of the document include:

• The need for an integrated internal control environment: To improve the quality of sustainability information, an integrated internal control environment that links sustainability information with financial information is essential.
• Global standards and requirements: Companies are working to put in place the governance structures, processes, systems and controls needed to support reliable sustainability information required by the International Sustainability Standards Board (ISSB), the European Union Corporate Sustainability Reporting Directive (CSRD) and other requirements.
• The importance of information quality: A significant change in the quality of information is needed to support reliable sustainability reporting and verification, allowing for improved understanding of sustainability risks and opportunities.
• Role of the governing body: The governing body, usually the board of directors, is responsible for governance, risk management and internal control, including sustainability reporting and verification. The board can assess the company’s readiness and ensure that robust processes and systems are in place to meet business and sustainability objectives.
• Three-line model: Many companies use the Institute of Internal Auditors’ three-line model to clarify roles for all governance and internal assurance activities, including those related to improving the quality of sustainability information. The first line manages risks, the second line monitors risk management, and the third line provides independent assurance.
• Expanding Internal Control over Financial Reporting (ICFR): Extending ICFR processes to sustainability data collection processes increases the reliability of information and reduces the overall cost of implementing reporting standards.
• Annual cycle of management and control activities: An effective management and internal control system for sustainability information can be captured in an annual cycle. This cycle includes materiality assessment, risk assessment, setting control objectives, creating control catalogs, standard operating procedures (SOPs), a monitoring plan, and independent external verification.
• Materiality assessment: It is a key element that determines what companies report on, including the sustainability topics to be addressed and prioritized. Companies must disclose information on material topics and risks and opportunities. The assessment of materiality can be based on financial and impact materiality.
• Risk assessment: The result of the materiality assessment determines which disclosure requirements should be reported and provides the basis for assessing the risk to the reporting process and the extent of the control environment.
• Control targets and catalogs: Based on the risk assessment, control objectives are determined. Control catalogs identify the controls needed to mitigate risks within the first line.
• Standard Operating Procedures (SOP): SOPs are more detailed versions of control catalogs. They describe each control in detail so that individuals can perform it and record the required evidence.
• Monitoring plan: The second line monitors whether the controls are being carried out as described and whether the evidence is valid. The monitoring plan helps to verify the controls.
• Independent external verification: Provides confidence in the reliability of reported sustainability information. The International Standard for Sustainability Assurance (ISSA 5000) sets out requirements for the assurance of sustainability information.

The document also highlights the importance documentation and evidence to support sustainability information, stating that strong evidence comes from reliable external sources and is effectively controlled. Strong evidence helps ensure the accuracy and completeness of the information reported.

Overall, the document provides guidance on how companies can build trust in sustainability reporting through effective governance, internal controls and robust verification processes. Emphasis is placed on the integration of sustainability reporting with financial reporting and the need for transparency and accountability. Spring