The Convergence of Sustainability, Financial Reporting, and Audit and Risk Teams—Integration or Collision?

This is the third part of our blog series on COSO’s new guidance. In case you missed it, you can check out part one here and part two here.


COSO’s new guidance “Achieving Effective Internal Control of Sustainability Reporting (ICSR)” is particularly timely given the recent adoption of the Corporate Sustainability Reporting Directive (CSRD) in the European Union, forthcoming final regulations on climate risk from the U.S. Securities and Exchange Commission, and expected global standards from the International Sustainability Standards Board (ISSB).

COSO believes the use of the Internal Control—Integrated Framework (ICIF-2013) coupled with its new guidance will help build trust and confidence in environmental, social, and governance (ESG) reporting, public disclosures, and enterprise decision-making surrounding sustainability issues. To create a robust, effective ESG program, one of the first—and most critical—steps is determining how to bring collaborators together. It will truly take a village, and that’s why many organizations have already started assembling a team or task force, and why you should too.

Why now is the time to bring teams together

COSO has been talking about the importance of bringing key teams together for years. In fact, the Executive Summary mentioned its 2017 publication “Leveraging the COSO Internal Control—Integrated Framework to Improve Confidence in Sustainability Performance Data” in its new guidance and how it:
“Advocated for greater integration between sustainability and finance teams as an essential driver of the path forward to improved internal and external reporting on sustainability and enhanced data quality for management of sustainable business issues.” 

However, at that time, few companies had begun that journey.

COSO’s new guidance points out that sustainability and ESG reporting is now a top focus for a broad range of stakeholders, including CEOs, boards, investors, regulators, customers, and more. 

COSO also found that when compared to 2017, “more companies are now in various stages of implementing controls and governance processes over the collection, review, and reporting of sustainability information,” and mentions how crucial it is to build a multifunctional team that includes sustainability, finance and accounting, risk management, legal, and internal audit professionals.  

“While organizations are at different stages in this process, the need to bring together people with experience and expertise in the many dimensions of sustainable business with people experienced in ICFR continues, in our view, to be an essential element of successful design and implementation of ICSR and management of sustainability issues.”

Introducing sustainability information to the financial reporting arena—along with the growing importance of ensuring consistency and comparability of sustainability data—is raising the stakes for organizations and those responsible for external reporting. This increased scrutiny magnifies the added pressure financial reporting teams feel when it comes to sustainability information, which they have little experience with.

This growing demand for expanded sustainability reporting information stems from several drivers, including:

1. Communities: In contrast to an organization’s financial reporting, groups other than investors are relying on corporate information to understand how a reporting entity’s transactions, operations, and activities impact external stakeholders, such as policy makers that speak for communities—both local and global—and the people and natural resources that they represent.
    
2. Customers: In both B2C and B2B worlds, customers are looking for more sustainability information and transparency. Large commercial buyers are seeking internal information from their suppliers so that the buyers, in turn, can tell consumers and their business buyers that the sourced goods and services are sustainable. 
   
   Buyers are responding to their own stakeholders as they commit to overall reductions in GHG emissions and waste, and to preventing human rights violations such as modern slavery or child labor.
    
3. Employees: Many employees also seem increasingly interested in their companies’ policies and practices regarding major environmental and social issues. This also affects recruitment and retention strategies, as many consider a company’s environmental and social commitments when deciding where to work.
    
4. Organizational structure/convergence: As professionals in the finance, internal audit, risk, and compliance functions start to work more closely with sustainability reporting teams (that is, the sustainable business information value chain), they will bring expertise to manage data quality and internal controls.
   
   Professionals in corporate finance functions, along with their counterparts in internal and external audit, already have the fundamental skills needed to effectively assess objectives, risks, structures, policies, and processes relating to sustainable business.  
   
   In this case, organizations can look to leverage existing talent for new areas. Cross-training that includes the finance function can help promote good data collection practices, controls, and reporting infrastructure. Similarly, sustainability teams can help train finance teams on subject matter related to various aspects of sustainable business management and ESG reporting in a way that considers the business model and strategic direction.
    
5. ESG controller: Some organizations are creating a new functional role called the sustainability CFO or ESG controller to oversee sustainable business information processes, manage sustainable business activities, and produce external ESG reporting.

How the right technology can bring these teams together

Meaningful sustainable business information comes from both centralized and decentralized data flows. For example, human resources may have centralized data regarding personnel and independent contractors using a commercial platform. On the other hand, its facilities management may be decentralized without systems to capture relevant sustainability data. That data also needs to be reviewed for completeness, accuracy, relevance, and reliability. 

Organizations need to prioritize the design and implementation of oversight systems and controls around sustainable business activities and information. In designing control and oversight activities, understanding the balance of centralized versus decentralized information can provide valuable insights for establishing an effective, integrated oversight plan that reduces risks and helps meet organizational goals. It also highlights the benefits the right technology brings to the equation. 

Technology that enables collaboration across the diverse teams responsible for gathering, summarizing, analyzing, and reporting sustainability information through multiple financial and non-financial channels to ensure consistency and comparability will play a key role in effective programs.

There is significant value in having a single source of truth that supports all teams involved with sustainability reporting and at all levels of the organization.

Leveraging existing technology and modernizing your processes by investing in innovative technology solutions can alleviate specific sustainability reporting challenges highlighted by COSO, including:

• Communicating responsibilities to employees (and third parties) with clarity and adequate background information (through policies and procedures, contractual language, etc.)
• Managing data from outside parties, such as vendors, government entities, and more
• Formalizing existing ad hoc processes, including evaluating and documenting the reliability of information sources using internal control techniques such as inquiry, walk-through, document inspection, recalculation, and reconciliation
• Documenting, automating, and simplifying a myriad of data gathering and aggregation processes, enabling teams to focus more on analysis
• Enhancing cross-disciplinary communications and collaboration among departments to bring the appropriate expertise to discuss questions, issues, and decisions
• Working with internal audit to reevaluate and respond to risks with appropriate internal controls

Helping your organization navigate this new journey of maturing your sustainability reporting and preparing all involved for the rigors of assured ESG reporting will require significant effort—and might even feel daunting for some. 

The good news is that you don’t have to take this journey alone! There are consultants and experts available to provide advice and resources as well as technology that can support your full sustainability program end to end. I’m talking about a platform purpose built to handle this kind of thing—one that unites your data and processes, automates routine tasks to reduce human error, and enables collaboration across all impacted teams.

At Workiva, we know the unique collaboration and data challenges that sustainability reporting presents, and we can help! Our connected platform unites GRC, ESG, and financial reporting to increase collaboration, improve accuracy, and simplify the assurance process. Request a demo today to see how it works!

Join hundreds of other talented finance professionals virtually at Amplify 2023 on Sept. 21. Access 13 sessions and earn up 8 CPE credits! Register now.