Long-standing concerns over the general lack of company controls for ESG data are finally turning to action. The Principles for Responsible Investment (PRI) included two separate items for ESG data assurance/audit in its newly released Strategic Plan 2021-2024.
In the Plan, PRI updates twenty-two initiatives under its three themes of (1) Responsible Investors, (2) Sustainable Markets and (3) A Prosperous World for All. The increased expectations for ESG data validation are part of Initiatives 8 and 9 under the “Responsible Investor” theme. Initiative 8 has been expanded to require:
Internal verification of report/C-level sign-off of report/internal audit of some/all data / independent audit of some/all data
While Initiative 8 focuses on internal controls, Initiative 9 also adds external assurance as a requirement to “build confidence in the data reported.”
This is in parallel to an initiative launched in late 2020 by members of the UK RI Roundtable including USS, BTPS, Brunel Pension Partnership, the Church of England Pensions Board and RPMI Railpen to help users of PRI’s reporting framework. According to one article about this effort,
… an asset owner reporting on all asset classes under the PRI survey could be required to provide over three hundred and fifty distinct items of information or data points… For example, USS’s draft PRI submission alone is almost 350 pages.
This group has published a reporting tool intended to map reporting requirements of the UK Stewardship Code, the PRI’s Reporting and Assessment requirements and the Pension Regulator’s Implementation Statement.
All of this policy talk might seem far off and somewhat irrelevant to companies. But investors have been sending a strong signal that they want a robust, highly accurate ESG reporting and ratings ecosystem, and these updates show that they’re zeroing in on companies’ internal controls and external assurances as a way to get what they want.