Regulatory Landscape and Compliance

The Regulatory Shift

ESG disclosure has transformed from voluntary best practice to regulatory requirement across major jurisdictions. Understanding this evolving landscape is essential for compliance and strategic planning.

Key Regulatory Developments

European Union

Corporate Sustainability Reporting Directive (CSRD)

What it is: EU legislation requiring detailed sustainability reporting

Who it covers:

• Large EU companies (>500 employees initially, expanding to >250)
• EU-listed SMEs
• Non-EU companies with significant EU operations (>€150M EU revenue)

What it requires:

• Double materiality assessment
• Detailed disclosure across environmental, social, and governance topics
• Digital tagging (XBRL)
• Third-party assurance (limited initially, reasonable later)
• Location in management report

Implementation timeline:

• 2024: Large public-interest companies already under NFRD
• 2025: Other large companies
• 2026: Listed SMEs, small and non-complex credit institutions
• 2028: Non-EU companies meeting thresholds

European Sustainability Reporting Standards (ESRS)

What they are: Detailed standards implementing CSRD requirements

Structure:

• Cross-cutting standards (general requirements, general disclosures)
• Topical standards (environment, social, governance)
• Sector standards (under development)

Key features:

• Double materiality approach
• Detailed disclosure requirements
• Interoperability with ISSB standards
• Phased-in requirements for some disclosures

EU Taxonomy

What it is: Classification system for environmentally sustainable activities

Requirements:

• Disclosure of revenue, CapEx, OpEx from taxonomy-aligned activities
• Six environmental objectives
• "Do no significant harm" criteria
• Minimum social safeguards

Sustainable Finance Disclosure Regulation (SFDR)

What it is: Requirements for financial market participants

Relevance for corporates: Investors subject to SFDR will demand data from portfolio companies

United States

SEC Climate Disclosure Rules

What they are: Climate-related disclosure requirements for SEC registrants

Key requirements:

• Scope 1 and 2 emissions (phased in by company size)
• Scope 3 if material or included in targets (for larger companies)
• Climate-related risks
• Governance of climate risks
• Financial statement impacts
• Targets and goals

Status: Final rules issued March 2024, but subject to legal challenges

State-Level Requirements

California Climate Corporate Data Accountability Act (SB 253):

• Scope 1, 2, 3 emissions for companies >$1B revenue doing business in California

California SB 261:

• Climate risk disclosure aligned with TCFD

United Kingdom

Streamlined Energy and Carbon Reporting (SECR): Energy and emissions disclosure for large companies

TCFD-aligned disclosure: Required for large companies, asset managers, insurers

Sustainability Disclosure Requirements (SDR): Framework under development

Asia-Pacific

Singapore: Climate disclosure requirements phasing in (SGX-listed companies)

Japan: TCFD disclosure required for prime market companies

Hong Kong: Climate disclosure requirements (HKEX-listed companies)

Australia: Climate disclosure consultation, legislation expected

International Standards

ISSB Standards

IFRS S1: General requirements for sustainability disclosures

IFRS S2: Climate-related disclosures

Status: Final standards issued June 2023, adoption by jurisdictions ongoing

Significance: Intended as global baseline for sustainability disclosure

Compliance Strategies

Understanding Your Obligations

Step 1: Identify applicable regulations

• Where are you incorporated?
• Where are you listed?
• Where do you operate?
• What is your size?

Step 2: Map requirements

• What disclosures are required?
• What metrics must be reported?
• What is the timeline?
• What assurance is needed?

Step 3: Gap analysis

• What do you currently report?
• What additional data is needed?
• What process changes are required?

Building Compliance Programs

Governance: Clear accountability for compliance

Cross-functional team: Legal, finance, sustainability, operations

Data systems: Capability to collect required information

Controls: Processes ensuring accuracy and completeness

Documentation: Evidence of compliance

Training: Building awareness and capability

Managing Multiple Frameworks

Most companies face multiple requirements:

Mapping exercise: Identify overlaps and differences across frameworks

Single data collection: Collect data once, use for multiple reports

Report mapping: Show where requirements are addressed

Efficiency focus: Avoid duplicating effort

Due Diligence Requirements

EU Corporate Sustainability Due Diligence Directive (CSDDD)

What it requires:

• Human rights and environmental due diligence
• Assessment of actual and potential adverse impacts
• Prevention and mitigation measures
• Grievance mechanisms
• Stakeholder engagement

Who it covers: Large EU companies and non-EU companies with significant EU operations

Supply chain scope: Own operations, subsidiaries, and business relationships

Other Due Diligence Requirements

German Supply Chain Due Diligence Act: Human rights due diligence

French Duty of Vigilance Law: Human rights and environmental due diligence

Industry-specific: Conflict minerals, forced labor, deforestation

Assurance Requirements

Current State

CSRD: Requires limited assurance initially, reasonable assurance later

SEC: Attestation required for emissions (larger companies)

Voluntary: Many companies obtain voluntary assurance

Assurance Standards

ISAE 3000: Assurance on non-financial information

ISAE 3410: Assurance on greenhouse gas statements

AICPA attestation standards: US attestation standards

Preparing for Assurance

Documentation: Clear methodology documentation

Evidence: Supporting documentation for reported data

Controls: Documented internal controls

Consistency: Consistent application of methodologies

Regulatory Risk Management

Monitoring Regulatory Developments

Stay informed: Track regulatory proposals and developments

Industry associations: Leverage collective monitoring and advocacy

External advisors: Legal and consulting guidance

Anticipating Future Requirements

Trend analysis: Where is regulation heading?

Scenario planning: What if regulations tighten?

Early adoption: Getting ahead of requirements

Managing Enforcement Risk

Understand penalties: What are the consequences of non-compliance?

Compliance culture: Build commitment to compliance

Issue resolution: Address identified issues promptly

Legal advice: Engage counsel on complex compliance questions

Reporting Best Practices for Compliance

Completeness

Cover all required topics: Ensure nothing is missed

Follow prescribed structure: Use required formats and frameworks

Include required elements: All mandatory disclosures present

Accuracy

Verify data: Check accuracy of reported information

Consistent methodology: Apply approaches consistently

Reasonable estimates: Where estimation is necessary, use reasonable methods

Clarity

Plain language: Understandable to intended audiences

Organization: Logical structure and navigation

Materiality focus: Emphasis on what matters most

Connectivity

Cross-referencing: Link to related disclosures

Consistency with financials: Align with financial reporting

Digital tagging: Implement required data standards

Key Takeaways

• ESG disclosure is shifting from voluntary to mandatory across jurisdictions
• Key regulatory developments include CSRD (EU), SEC climate rules (US), and ISSB standards (global)
• Companies must identify applicable regulations and map requirements
• Due diligence requirements extend beyond disclosure to actual practices
• Assurance requirements are increasing and require preparation
• Managing multiple frameworks requires efficiency and coordination
• Regulatory monitoring and anticipation reduce compliance risk
• Compliance requires completeness, accuracy, clarity, and connectivity

Next Module

Module 11 covers building your ESG career—the skills, roles, and paths in corporate sustainability.