How to comply with the SEC’s climate risk disclosure rule
It’s official. With the March 6 rule finalization by the U.S. Securities and Exchange Commission (SEC), many publicly traded U.S. companies must now disclose their climate-related risks, including:
- Who is accountable for overseeing, governing and managing these risks
- The actual or likely impact of these risks on financials, business model and overall strategy
- Whether climate risk is incorporated into an enterprise risk management program
- Material Scope 1 and Scope 2 greenhouse gas (GHG) emissions (for large, accelerated filers, beginning in 2026 and with assurance requirements coming later)
- Any mitigation programs the company has put in place, such as an internal cost of carbon, climate scenario modeling or a net-zero transition plan
- Financial costs incurred by extreme weather events, including those caused by climate change
This highly anticipated ruling makes it clear that businesses must now look at climate data through a risk lens in order to maintain a competitive advantage and stay compliant.
What’s more, if your company has issued a net-zero plan or promised to eliminate GHG emissions, you’ll now be required to report annually on how (or if) you’re reducing your emissions or using offsets like tree-planting, carbon capture or renewable energy generation to compensate for these emissions.
Many U.S.-listed companies that weren’t already making similar disclosures to comply with the EU’s Corporate Sustainability Reporting Directive, or with California’s recently enacted Corporate Data Accountability Act, will now need to do so. With the SEC rule, even more companies need to act quickly to reduce their risk.
What do boards and companies need to do to be in compliance?
This ruling has implications even for companies that are not directly impacted, because it creates a baseline of transparency that will be expected by stakeholders. If your company is publicly traded or considering an IPO, it’s time to escalate climate risk reporting as a priority.
Companies must dedicate their time and energy to a full understanding of emerging frameworks and consider how these frameworks connect to strategy, specifically how new ESG requirements intersect with:
- Investor expectations
- Public perception
- Customer expectations
- Market shifts
If the company has stated a climate goal, such as a net-zero target, the board will need to make sure it has the right competencies to get there. If emerging market dynamics signal a market shift — such as an energy company transitioning from oil and gas to renewables — the board will need to understand how to proactively pivot business strategy to capture value.
How will the company manage differing requirements across multiple regimes and regions? In terms of the overall compliance picture, companies will need to figure out how their SEC-mandated disclosures will navigate the “alphabet soup” of sustainability frameworks: TCFD, GRI, SASB and beyond, not to mention requirements from individual states in the United States to regulations in the EU.
Critically, in terms of compliance, the board will need to grasp what’s material now — and what will be material one year, two years and five years from now. But materiality will also be critical to understanding how to prioritize ESG actions and tie them to business strategy.
And here’s where risk teams and a materiality assessment come in — identifying stakeholders and what’s at stake financially, reputationally and more.
What do compliance and audit teams need to do?
With a materiality assessment in hand, companies not only have a sightline connecting ESG strategy to impact — for their audit teams, they have a foundation for data governance.
Ideally, the company has begun to fine-tune data collection and reporting in anticipation of the SEC’s new obligations. Questions to cover include:
- What data do you need to assemble?
- Who’s responsible for this data?
- Do you have the necessary underlying documentation?
- Does the data adhere to the SEC’s requirements?
- Is it accurate?
When auditors are legally required to provide assurance on climate risk programs, trust in the data becomes more important than ever.
Climate risk data will now be held to a level of rigor previously reserved for financial disclosures. Fortunately, many CFOs have been proactively working with audit teams to prepare, starting with a thorough inventory of their systems and processes. Do they have the right systems in place for collecting data? What questions will they need to ask in order to get the information they need and confidently sign off?
As climate-related impacts appear in more and more financial reports, auditors play an increasingly important role. For compliance, they’re establishing governance for data collection and reporting. For risk, they’re evaluating how climate impacts are generated and captured. And for the board, their work plays an increasingly important role in making the right choices for the company and its future.
How Diligent can help companies address climate risks and opportunities
The Diligent One Platform is purpose-built to integrate carbon accounting and climate risk into a holistic, comprehensive view of risk management. It empowers organizations to stay ahead of the regulations and market shifts that have an impact on sustainability and supply chains, while also making it easy to benchmark progress and to surface contextualized climate risk data for the board.
Additionally, Diligent centralizes and automates the collection and analysis of your sustainability data, so audit-ready reporting is quick and painless. Diligent also helps document and manage policies around climate risk, and makes it easy to implement and monitor controls around those risks.
Finally, the Climate Leadership Certifications from the Diligent Institute equips boards and executives with the knowledge they need to oversee climate risk and to be able to spot opportunities that present themselves.
Download our SEC climate disclosure checklist to learn what your organization should do now, and how Diligent's Carbon Accounting software and the Diligent One Platform can help you aggregate and report the data you need to comply.