Back on March 21, 2022, the U.S. Securities and Exchange Commission (SEC) proposed rules that would enhance and standardize climate-related disclosures provided by public companies—two years and unquantified lobby and legal dollars later, the final SEC Climate Disclosure Rules were announced today.
Organizations that fall under its purview will no doubt be rushing to understand what all the new Climate Disclosure Rules mandate and that’s where we’d like to help. As an experienced cybersecurity audit firm with a dedicated ESG practice, we’re practiced at guiding organizations through the complexities of new regulations.
In this article, we’ll detail what the SEC originally proposed for its Rules back in 2022, what requirements actually made it now that the rules have been formalized, and how you can prepare for this new scrutiny and begin positioning yourself well amidst this changing landscape.
What are the Requirements in the New SEC Climate Disclosure Rules?
Originally, the SEC proposed rules requiring publicly listed companies to periodically disclose a host of climate-related information, including:
- Any identified climate-related risks that have or are likely to affect company strategy, business model, and outlook
- Any oversight and governance of those identified climate-related risks by a company's board and management
- Their greenhouse gas emissions, which are divided into three categories:
- Scope 1: Direct emissions you produce through your sources
- Scope 2: Your indirect emissions, like those created through the generation of energy
- Scope 3: Emissions from your supply chain and end users of your products/services (that includes even things like gases that are emitted if your product goes to landfill where it releases methane while decomposing)
A significant change, the proposed (and ambitious) new Rules were meant to standardize and enhance climate-related disclosures for the sake of investor due diligence, but not everyone agreed all the proposed requirements were necessary—particularly in the case of Scope 3 emissions, the inclusion of which was heavily lobbied against.
In the end, here’s what made it into the final SEC Climate Disclosure Rules:
- Not all publicly traded companies are included, as was going to be the case in the original proposal. In the end, about 40% of the approximately 7,000 companies currently traded in the US will be impacted (though many of them are likely already disclosing the required data voluntarily due to pressure from investors).
- You do not have to declare the climate expertise of your board members (as was originally proposed).
- Scope 1 and Scope 2 emission disclosures are mandated only if companies deem those emissions are material. Scope 3 emissions reporting—or, reporting on those emissions generated outside your control—is not required at all.
- Regarding the required disclosure compliance date for the final reported Scope 1 and 2 emissions as well as the required assurance compliance date, the final Rules made a significant timing allowance:
Filer Type |
Scopes 1 and 2 Emissions Disclosure Compliance Date |
Limited Assurance Compliance Date |
Reasonable Assurance Compliance Date |
---|---|---|---|
Large Accelerated Filer (LAF) |
Fiscal year 2026 |
Fiscal year 2029 |
Fiscal year 2023 |
Accelerated Filer (AF) (other than smaller reporting companies (SRCs) and emerging growth companies (EGCs)) |
Fiscal year 2028 |
Fiscal year 2031 |
N/A |
How to Prepare for the SEC Climate Disclosure Rules
Obviously, those are important deviations from the original proposal and while these Rules may feature much fewer teeth, you’ll still need to meet those terms and there are two things you can do right now to serve your compliance.
1. Consider the IFRS S2 Standard (and a Related Assessment)
Much of the latest climate regulations across the world, including the SEC Rules, are originally based on recommendations from the Taskforce for Climate-related Financial Disclosures (TCFD)—a taskforce that was disbanded in December 2023 and its framework transferred to the International Sustainability Standards Board (ISSB), which is a subset of the International Financial Reporting Standards (IFRS).
All that history to say that, in August of 2023, the ISSB published the successor to TCFD—the IFRS S2 standard, which on TCFD recommendations and provides requirements for organizations on how to integrate and manage climate risks and opportunities.
These requirements cover four main areas:
- Corporate governance
- Strategy
- Risk Management
- Metrics and targets
Given this—as well as the influence of the original TCFD on the SEC’s Climate Disclosure Rules—adhering to IFRS S2 would make for a good first step toward compliance with the newly finalized regulation.
For added assurance for your customers and your own peace of mind, Schellman can support your implementation of IFRS S2 by performing a baseline and periodic scored assessment. Such an exercise would provide you with not just a granular perspective on your current capabilities to comply with the SEC Rules and other countries’ climate disclosure regulations, but also a phased roadmap to complete alignment.
2. Consider a Pre-Assurance Assessment Against a Voluntary Climate Framework
While companies subject to the new SEC Climate Disclosure Rules will have two full reporting cycles before the new requirements for third-party assurance of your climate disclosures come into effect, you can expect that when they do, the SEC will be as rigorous as they are during financial audits.
For many companies, that’ll likely seem daunting, but Schellman can ease that mountain to climb through a pre-assurance—or readiness—assessment. Once you align your organization’s disclosures with a voluntary climate disclosure framework—such as the Carbon Disclosure Project—you can undergo pre-assurance, which, along with scoring your climate initiatives, would also identify possible discrepancies between your current internal controls over financial reporting (ICFR) and the controls in place for greenhouse gas reporting.
Not only that, but this process would also prepare your internal auditors for the types of questions and evidence GHG verifiers would ask for during a full assurance assessment, which may become necessary should the SEC—or another climate regulation—adopt a requirement for such.
The Importance of GHG Emissions
Even as you consider these steps, you should also keep an eye on your Scope 3 emissions. The SEC may have squashed its requirement for their disclosure but—despite their being generated outside a company’s sphere of control—Scope 3 emissions remain incredibly relevant both to the climate discussion and as a benchmark for potential investors.
In fact, there are three good reasons why you should still consider your organization on the hook for reporting these kinds of emissions:
- Client demands:
- Large and well-known brands are going to reduce their Scope 3 emissions no matter what the SEC rules say—so if they’re among your clients, expect to see more tenders, requests for proposals (RFPs), and contracts that include pressure for your disclosures.
- California SB 253:
- Passed in October 2023, this law mandates everything in the original SEC proposal for its Rule—including Scope 3 disclosures—for all companies doing business in California, so whether you do business in that state directly or indirectly, you’ll likely be affected by its requirements in some way.
- European Union Corporate Sustainability Reporting Directive (EU CSRD):
- Similar to California’s SB 253, the EU CSRD applies to companies doing business in the EU and also requires Scope 3 disclosures.
Next Steps for Your ESG Initiatives
The newly finalized SEC Climate Disclosure Rule represents just the latest step in an evolving regulatory landscape that continues to search for the right balance between sustainability and good business. Now that you understand a little more about what the SEC requires in terms of climate disclosures, you’ll no doubt start making the necessary changes to facilitate the required ESG reporting, which can benefit your organization beyond compliance.
As you do go about incorporating ESG into your existing business model and operations, consider integrating it with your established compliance assurance processes that could yield several advantages.
But if you’re not yet there and are still struggling to discern the right solution for you, please schedule a meeting with our ESG team—with just a 30-minute consultation, we can help guide your organization in a direction that best suits your needs. For further insight on ESG and Sustainability matters and trusted advisory support, you can also visit our partners at Good.Lab.
About Schellman
Schellman is a leading provider of attestation and compliance services. We are the only company in the world that is a CPA firm, a globally licensed PCI Qualified Security Assessor, an ISO Certification Body, HITRUST CSF Assessor, a FedRAMP 3PAO, and most recently, an APEC Accountability Agent. Renowned for expertise tempered by practical experience, Schellman's professionals provide superior client service balanced by steadfast independence. Our approach builds successful, long-term relationships and allows our clients to achieve multiple compliance objectives through a single third-party assessor.