Last month, the International Organization of Securities Commissions (IOSCO) released its Environmental, Social and Governance (ESG) Rating and Data Products Providers: Final Report. This report gathered information on the current status of that market from ESG ratings firms, data providers, users of the ratings/data and companies subject to the ratings. As IOSCO put it:
Given that this part of the market does not currently fall within the typical remit of securities regulators, IOSCO has sought to strengthen its knowledge by undertaking a fact-finding exercise with ESG ratings and data products providers, users of ESG ratings and data products, and the companies that are the subject of these ESG ratings or data products.
In addition to its fact-finding exercise, IOSCO offered recommendations for national securities regulators and another set for ESG ratings and data providers to improve the quality of their outputs. The report and recommendations were well covered by in the media, law firm alerts and on LinkedIn.
I am not going to discuss what others already have. In reading the report, I picked up on something that hasn’t been explored – at least not that I have seen. Instead, today’s blog is about a topic I have written and talked about for years that was also featured in the report: accuracy of the raw ESG data reported by companies being rated.
This isn’t surprising given my background conducting EHS/sustainability audits at manufacturing and other types of sites around the world. It is kind of my thing. IOSCO found this is kind of a thing for them too, yet they didn’t issue a specific recommendation on the matter. Here are some of the more important excerpts from the report on the quality/reliability of ESG data generated by the companies being rated:
Raw data is gathered by ESG data products providers from companies’ public disclosures or from other publicly available information or collected through questionnaires; if raw data is not available, corresponding data points can be approximated. Feedback suggests that all data products derive from either collected or estimated raw data. [emphasis added]
The availability of reliable and high-quality data inputs is a critical component of ESG ratings and data products… Irrespective of how the information is sourced, the quality, reliability, and consistency of this information is an important consideration.
Processes for verification and update of data may vary among providers… checks can include, depending on the process: scrutinising for plausibility, screening for potential incoherencies, statistical and logical checks (looking for abnormal spikes and outliers, either at the company or/and at the industry level), checks against other sources such as governmental databases, and deviations against a peer group or against previous years.
Another fascinating insight from the report is that “users [of the ESG ratings/data] generally do not conduct any formal verification of the ESG ratings and ESG data products” and none of those users – none – “implement verification processes on raw ESG data underlying ESG ratings or ESG data products because such processes are resource intensive and may not be possible with available information.” This is contrary to my admonitions that those relying on things like ESG certifications or industry association audit programs should conduct their own due diligence on external processes/mechanisms on which they plan to rely.
IOSCO’s only recommendation for companies producing the raw data concerned “streamlining their disclosure processes for sustainability related information to the extent possible.”
What This Means
As I said, the report does not include a recommendation for improving the quality of ESG data generated and provided by the companies themselves. Even so, that is clearly a critical need. By now, it is generally understood that few companies subject ESG data to the same level of internal controls and verification that they apply to financial data. Ensuring ESG data is credible and worthy of reliance by raters before it is reported externally is a cornerstone of improving ESG ratings. IOSCO summed it up in what I think is the report’s final statement on the matter – “Raw data is a key factor to determine the quality of ESG ratings and data products.”
Raw ESG data quality can be improved by engaging internal audit teams or external experts such as technical EHS auditors. Accounting firms may be experts at internal controls and can play a role, but they rarely have expertise to validate technical information related to manufacturing processes, equipment, pollution control systems, safety management programs or in applicable EHS regulatory requirements.
We may never get to point of complete consistency and correlation between the ratings themselves, but at least ensuring ratings and third party data providers are using accurate raw data will help eliminate a major variable.