Over the next 12 months, following years of discussion, debate and voluntary compliance, mandatory sustainability reporting requirements will impact tens of thousands of businesses.
The risks of non-compliance with these requirements are relevant not only for corporates but also their insurers. Those preparing now – by ensuring their sustainability data is reliable and by engaging stakeholders across the business via a holistic approach to reporting processes – will stand in good stead.
In this insight, we explore some of the latest key developments in sustainability reporting, highlighting some of the risks and ongoing uncertainties for all organizations, as well as specific considerations for insurers.
September saw the signing of a new law introducing climate reporting obligations for in-scope entities doing business in California. The law extends to both private and public companies with specific revenue thresholds. Given California is the fifth largest economy in the world by gross domestic product, the impact of this legislation is significant.
Bill SB 291, as the legislation is known, enacts several amendments to the Climate Corporate Data Accountability Act (SB 253) and the Climate-Related Financial Risk Act (SB 261), known as the Climate Accountability Package. The disclosure of scopes 1, 2 and 3 greenhouse gas emissions and submission of biannual climate-related financial risk reports will now be a legal requirement for certain businesses.
Alongside California, the EU has also adopted mandatory sustainability reporting requirements. In-scope companies, which again are determined by factors including employee count, balance sheet total and net turnover, are already preparing for the Corporate Sustainability Reporting Directive (CSRD), with some reporting beginning in 2026 against 2025 activities.
Disclosures will initially be subject to limited assurance (lower level of confidence), moving to reasonable assurance (high level of confidence) in 2028 once the EU has published its ‘Reasonable Assurance’ standards. Challenges have arisen, however, as not all EU member states have transposed the CSRD into their respective national laws. Several member states, including Germany and the Netherlands, are still at draft or consultation stage. This has prompted the EU to send letters of formal notice, which give such members two months to respond and complete the transposition.
Minor deviations are also arising during the transposition stage, creating challenges for companies in such jurisdictions. Even where transposition has occurred, interpretative questions are still emerging. In Ireland, for example, queries have been raised over the definition of ‘Applicable Company’ and the provision of exemptions for certain subsidiaries.
If your organization is in scope for CSRD, being familiar with the requirements in the relevant member state jurisdiction is key. While this can be challenging when drafts are still being negotiated, we recommend organizations should continue to monitor the relevant legislation and take part in final consultations and feedback sessions to support their preparations for compliance.
The repercussions for non-compliance with the new sustainability reporting requirements are varied but onerous, demonstrating the significance of the information organizations are disclosing. Aside from reputational risk and corporation sanctions, there are other legal implications and monetary fines that can come into play.
As CSRD amends other member state laws, it does not set specific fines or penalties for non-compliance. Instead, CSRD requires member states to provide for penalties within their own laws that are ‘effective, proportionate and dissuasive.’ This means each EU member state may have different fines and penalties and enforcement can vary across jurisdictions.
Likewise, investor scrutiny, auditor liability, reputational damage and civil or criminal liability may also arise as a result of non-compliance.
Disclosure requirements in California also reference financial penalties. However, the potential for further legal action due to misstatements or omissions in such disclosures is considerable, not least driven by the growth in greenwashing risk in the US. [1]
The inclusion of fines as a penalty for non-compliance will raise separate questions about how far companies will be able to insure against such fines, given the different requirements at jurisdiction level about the insurability of fines and penalties.
Entities within scope should prepare now for their new reporting obligations, though understanding, assessing and preparing to disclose against these and other evolving reporting requirements may prove challenging. Getting a holistic overview of how the different jurisdictional requirements interrelate can help, along with establishing a clear timeline of actions to ensure compliance.
Where material, we also recommend insurers take steps to understand the number of their policyholders in scope for these new disclosures.
Where underwriters in potentially exposed lines of business are aware which clients are subject to such disclosures, they can better enable exposure management teams to carry out scenario assessments and provide a feedback loop from claims teams to report on the extent of any notifications relating to the new requirements. This will help insurers by being aware of potential exposure, while also enabling discussions with policyholders on how they are preparing for these new areas of risk.
For specialist support understanding the risks which your policyholders may be subject to, and how to manage such risks and opportunities, get in touch.
In this special episode of a ESG series looking at the climate risks faced by insurers, we hone in on the transition risks arising from the shift to a low carbon economy.
In this special episode of our ESG series, we examine how insurers may need to adapt their catastrophe and other models to better capture the longer-term risks and exposures from climate change.
