The Auditor’s Role in ESG: Present and Future
What are the auditor’s current responsibilities related to ESG information?
The professional standards set forth requirements and guidance for auditor involvement when other information is included in a document with audited financial statements. Sustainability reports and ESG information often are included in company reports that do not include the audited financial statements. In these instances, the auditor has no responsibility for the ESG information as part of the financial statement or internal control over financial reporting (ICFR) audit.
Why are auditors well positioned to provide assurance on this information?
Information reported by a company needs to be credible and well supported for investors and other stakeholders to rely on for their decisions. In their public interest role, US public company auditors play a role in the flow of reliable information for decision making. Like the audits of financial statements and ICFR, third-party assurance from a public company audit firm can enhance the reliability of ESG information presented by companies to investors and other stakeholders.
The accounting profession has made considerable progress on the role and value of assurance on ESG information—and the systems and processes used to generate it. Notably, the American Institute of CPAs (AICPA) has convened the Sustainability Assurance and Advisory Task Force. In July 2017, the task force published Attestation Engagements on Sustainability Information, a guide to assist practitioners engaged to perform an examination or a review of an entity’s sustainability information.
SEC rules and the Public Company Accounting Oversight Board auditing standards do not require an auditor to attest to ESG information. That said, although assurance over ESG information is not required, leading ESG raters, rankers, and data providers assign a greater value to ESG information that has been assured. Trust and confidence in the information companies disclose are essential to a healthy economy; an independent assessment of that information can contribute to its reliability.
Assurance over ESG reporting, specifically when performed by a public company auditor, can enhance its reliability because auditors:
Are independent of their audit clients, in accordance with the applicable independence standards.
Are required to maintain a system of quality control.
Have extensive experience in gaining an understanding of business processes and assessing and responding to risk.
Are experienced in reporting on compliance with various established standards and frameworks.
Routinely incorporate qualified specialists with deep subject matter experience into audit procedures when needed.
Adhere to continuing professional education ethics and experience requirements, including attending specialized training.
Have expertise in evaluating internal systems and processes for collecting, analyzing, and reporting information.
Have a long history and experience of independently evaluating information that is then used in making capital allocation decisions.
Examples of auditor assurance-related services for ESG Information
An accountant’s report is designed to enhance the reliability of that information for the intended users of that attestation report by providing an objective and impartial assessment of the assertions, data, and other disclosures made by management. Obtaining any level of assurance by public company auditors involves the evaluation of processes, systems, and data, as appropriate, and then assessing the findings in order to support an opinion based on an examination or conclusion based on a review. Below we discuss examples of company prepared ESG information where there has been assurance provided by an independent auditor.
Vornado Realty Trust
Vornado Realty Trust has presented its ESG information in a stand-alone Environmental, Social, & Governance report, which includes both an independent accountants’ examination report and an independent accountants’ review report.
Etsy, Inc. included ESG information within the Risk Factors section of its Form 10-K annual filing for 2019.
GUESS?, Inc. presents its ESG information in a stand-alone sustainability report for 2019.
These three examples demonstrate the flexibility management may have in where ESG information is presented and the level of assurance that can be obtained over the information to foster trust and confidence in the information by investors. As shown in the examples, there are different levels of assurance accountants can obtain with respect to ESG information. Companies can elect to have public company auditors obtain reasonable assurance based on examination procedures or limited assurance based on review procedures.
Examination procedures are more extensive than review procedures and result in a conclusion that states “In our opinion, A [where A is the information that is being opined on such as the ESG disclosures] is presented in accordance with or based on B [where B is the framework or standard that the information is being evaluated as being in accordance with such as SASB or GRI standards], in all material respects.” In contrast, review procedures are less extensive than examination procedures, and result in a conclusion which states “We are not aware of any material modifications that should be made to A [the information being evaluated such as, the ESG disclosures] in order for it to be in accordance with based on B [the framework or standard the information is being evaluated as being in accordance with such as SASB or GRI standards].” The level of assurance obtained, examination or review, is specified in the auditor’s report on the ESG information.