Preparing for data and disclosure demands in the age of a net zero Australia

What you need to know

A global push from investors, regulators and society coupled with future climate change predictions has forced companies to reassess what, and how they report on their impact on climate change – the good and the bad.

The demand for increased transparency has been made easier by improved technology, accounting methods and availability of data, but companies still have a long way to go to meet future disclosure expectations and those predicted for the future.  Local and international regulators have introduced and continue to develop mandatory disclosure requirements, investor and community expectations are evolving, technology improving and the risk of facing ESG litigation is becoming more of a threat to companies.

In this article we explore the current disclosure requirements and data gaps faced by many companies, predictions for mandatory disclosure requirements on the horizon and how this will increase the potential for future ESG litigation and other actions. We discuss what needs to be done now to proactively manage climate related data and protect companies from future litigation risks.  

What you need to do

• Ensure data metrics meet current regulatory obligations (both locally and internationally) as well as investor, shareholder and community expectations by implementing the right frameworks and investing in data and disclosure uplift, including appropriate technology where required; 
• Prepare for the future of heightened disclosure and reporting requirements across all stakeholder groups by ensuring underlying risk frameworks are reviewed and updated regularly to align with evolving laws and demands and ensure companies are producing on demand and real time insights and analysis that are actionable; and 
• Prepare for future ESG litigation risks by having systems in place to gather and report on data and materials to comply with regulatory demands, evidence corporate strategies and outcomes that align with net zero and climate risk commitments, rectify immediate issues and undertake timely and accurate root cause analysis. 

Current disclosure requirements

What you need to know

Although some ESG requirements are embedded in select pieces of state and federal legislation, ESG disclosure and reporting requirements in Australia are still largely voluntary and driven by non-legislative pressures. ASIC, APRA and the ACCC have all released recommendations, guidance and direction relating to the management of climate risks.  While no additional laws or regulations as they relate to climate risks has yet been imposed, these regulators have made it clear that managing and disclosing climate related risks are part of companies' existing regulatory obligations.  

Companies need to carefully consider disclosure requirements related to net zero and climate related commitments made publicly, to investors and stakeholders. These types of commitments might include reporting on Scope 1,2 and 3 emissions, third party and supplier relationships, investment in carbon abatement projects and meeting minimum ESG expectations. 

Further, as a signatory to the Paris Agreement and the planned 2023 launch of the Australian Carbon Exchange, mandatory and voluntary disclosure requirements are important not just in the future, but now. These opportunities open the gates to significant investment in Australia and will help companies meet requirements now to ensure a proactive approach to net zero commitments and combating climate change impacts.  

Being able to capture the right data, at the right time is the cornerstone of effective disclosure and reporting. In order to manage risk and meet both legal and stakeholder requirements, companies need to consider what is being captured as it relates to climate related risks. These types of data points need to be accurate, reliable, consistent across regulations, commitments and developing regulations and laws, benchmarked, forward looking, rated and assessed and tested and verified. A fairly complex and detailed task. 

At present, the majority of companies are not able to meet these high standards of data capture and analysis due to constantly evolving stakeholder expectations and regulatory demands. As of now, approximately half of ASX200 companies reporting on Scope 1 and 2 emissions however fewer than half of these companies capture, track and report on Scope 3 emissions. Scope 3 emissions are increasingly considered to be important in capturing a company's full carbon footprint.

Internationally, the state of data gaps is largely the same.  In a June 2022 speech given by the Bank of England's head of insurance (analytics), Stefan Claus presented the results of a comprehensive climate scenario exercise with the headline finding that regulators and insurers need to work together to bridge gaps in available climate data. The analysis revealed a lack of comprehensive and high quality data, difficulty in obtaining sufficient data on Scope 3 emissions, and difficulty in obtaining data on geographical corporate asset location. 

The overall findings from BoE's exercise were regime gaps and capability gaps – factors that are relevant to all companies. This highlights again the importance of having the right data. 

What you need to do 

Mandatory and voluntary reporting requirements increase compliance costs short term but will result in better long term outcomes for companies and their stakeholders. 

Capturing the right data requires:

• ensuring there is a common language and understanding of metrics across the entire data environment;
• assessing current gaps in the ecosystem including quality, integrity and importantly how data can be searched updated and extracted easily for on demand requests; and 
• These requirements need to be balanced proportionately with the right commercial approached tailored to the business, benchmarked across peers, regulators and all stakeholders. 

Disclosure predictions

What you need to know

Emerging predictions for disclosure requirements in Australia have signalled both local and international movement towards heightened mandatory laws and expectations. The RBA Deputy Governor Guy Debelle discussed the future of climate reporting during the CFA Australia Investment Conference in late 2021, highlighting tensions between existing disclosure laws and recent international momentum for bespoke climate reporting requirements. 

Many key industry players are also pushing for their peers and regulators to lift standards in data disclosure and reporting. In 2021, the Investor Agenda: the Carbon Disclosure Project (CDP), the Investor Group on Climate Change (IGCC) and the Principles for Responsible Investment released a joint plan proposing immediate next steps and detailed recommendations aimed at formalising and expanding current climate disclosure requirements in Australia within the next four years. Recommendations included a taskforce to mandate alignment with the Taskforce for Climate related Financial Disclosures (TCFD) by 2024, ASIC and APRA enforcement of TCFD reporting requirements and an overarching review of current legislation to ensure alignment with G20 and other multilateral and plurilateral forums. 

More broadly, the International Sustainability Standards Board was launched during COP26. The board is expected to lead the development of a standardised framework for sustainability reporting.

Some mandatory climate risk disclosures have already been introduced across countries like UK, the EU, Switzerland, Hong Kong, Japan, Singapore and New Zealand. In announcements closer to home, it is expected that Australia will look to and follow a similar approach recently taken by both the UK and US. 

More granular data disclosure will involve a focus on Scope 1 and 2 emissions, and increasingly Scope 3, as companies are required to dig deeper into supplier and third party data to accurately reflect their emissions and adherence to internal and public climate targets. The need for external validation of third party data is increasingly important to ensure it meets the standards of data companies are striving to achieve internally.

What you need to do 

If not already doing so, companies need to start asking questions such as does our current data capture address these future requirements, and if not, how are we going to plan for and implement these requirements into our strategy to ensure future growth and avoid ESG litigation in the future?

Developing a disclosure roadmap now is key. Two of the key components of an effective data strategy are knowing what needs to be disclosed and knowing how it will be achieved. Frameworks that underpin data strategy should consider:

• Are all the right obligations and risks captured?
• Is there a solution in place with strong controls to ensure ongoing compliance and adaptation with regulatory and stakeholder requirements (and importantly, are the right people doing it)? 
• Have points of weakness and gaps in data been identified and can they be identified on an ongoing basis? 
• Are the right data reports in place to provide the company with automated and real-time analysis and insights to make informed decisions quickly as the reporting landscape changes? 
• Is the company aligned with its peers, and is benchmarking undertaken with the right inputs to ensure accurate and actionable assessments?

Identifying these considerations early will enable action to be undertaken when key gaps are identified and prior to regulatory or litigation action.  

ESG Litigation

What you need to know

Instances of ESG litigation are increasing globally. Companies are at risk of future litigation from various angles. This sentiment was echoed recently by Barristers Hutley SC and Hartford-Davis  of the Centre for Policy Development stating in a memorandum of opinion that companies face claims of misleading and deceptive conduct as net zero commitments and transition strategies are made public.

As noted earlier, regulator scrutiny is increasing with APRA and ASIC announcements to continue developing mandatory disclosures and reporting requirements, while the ACCC announced 'greenwashing' as a key priority focus for this year and next year.  

Greenwashing occurs when certain representations or statements are made which give the impression that a company or its products are more sustainable or environmentally friendly than they actually are. Companies can attract significant liability for greenwashing under Australian law if any such representations  are false, misleading or deceptive in nature. 

Directors also risk being personally liable for greenwashing by virtue of breaching their directors' duties and through use of "stepping stone" liability. Barristers Hutley SC and Hartford-Davis have indicated that the duty of care and diligence requires directors to contemplate climate-related risks (including the risk of greenwashing), assess the effect of these risks on the company and address them. In order to minimise the risk of liability for greenwashing, companies must ensure that there are reasonable grounds and objective facts to support the making of 'green' representations at the time such representations are made.  

Offshore, the UK has recently announced plans to introduce new supply chain due diligence in relation to deforestation through the Environment Bill, which will likely attract regulation fines and penalties, a development Australian regulators will likely be looking at closely. More broadly, the European Commission received overwhelming support for draft mandatory human rights and environmental due diligence legislation which will give EU member states the power to investigate and fine non-compliant companies. 

It is increasingly clear that companies need to start planning now for the increasing risk of ESG litigation. This means that data needs to be a centrepoint of future strategies, and the focus needs to be on having the right foundations, metrics, capturing processes, and a focus on how analysis and insights are used and disclosed. 

What you need to do

Executives will need to be prepared for regulatory investigations in the future, and will need to address the formal requests for high volumes of data, incident rectification and investigation and licensing issues which will occur. Any regulatory claims will need to ensure that the right data, documents and information is provided as and when requested (likely in short timeframes) and investigations are managed properly to minimise reputational impact and future company strategy.  To mitigate these impacts, companies need to consider:

• Their current frameworks for data capture, how these frameworks support changes in legislation and shareholder expectations, how they support climate commitments and how these standards are actually fed through to data capture and analysis systems for the right reporting and disclosure; 
• Granular data to support strategic decisions made by senior leadership and directors and avoid claims for misleading and deceptive conduct; 
• Risk and governance frameworks, obligations libraries and risk and control environments will need to demonstrate proper development and ongoing reviews;
• Their strategy and frameworks to ensure they are appropriate to reduce regulatory complexity, integrate with company strategy, minimise impact on business operations and have effective engagement with regulators. 

With regard to greenwashing, directors need to acquaint themselves with their obligations surrounding climate-related disclosures and make sure appropriate company policies are in place to facilitate complete and accurate representations relating to net zero and sustainability. ASIC's latest Information Sheet 271 provides various questions that companies should consider to avoid greenwashing, including whether vague terminology has been used, whether headline claims are potentially misleading and whether any sustainability metrics used have been explained. 

It is clear that in the age of climate change risk, companies need to act now to protect their business, stakeholders and the environment at large. Data and disclosure is, and will be key to achieving the right outcomes both now and for years to come. 

Ashurst Risk Advisory Pty Ltd (ABN 74 996 309 133) provide services under the Ashurst Consulting brand and are part of the Ashurst Group. Ashurst Consulting services do not constitute legal services or legal advice, and are not provided by Australian legal practitioners. The laws and regulations which govern the provision of legal services in the relevant jurisdiction do not apply to the provision of non-legal services. For more information about the Ashurst Group and the services offered, please visit www.ashurst.com.

Liability limited by a scheme approved under Professional Standards Legislation (Ashurst Risk Advisory only).