Navigating SFDR Assurance: Is it needed, and to what extent? And how it relates to CSRD/EU Taxonomy

Greetings, fellow ESG enthusiasts! ??

Welcome to the 26th entry of our ESG Hot Topics blog series.

The topic of assurance in the Sustainable Finance Disclosure Regulation (SFDR) has become increasingly important—and rightly so—since it came into force in March 2021. It’s essential for financial market players and the broader ecosystem to understand the purpose and need for assurance in SFDR. When tackling the question of whether SFDR disclosures should be audited, it’s crucial to recognize that SFDR is part of an intricate web of sustainable finance regulations, primarily the EU Taxonomy Regulation and CSRD.

It’s important to adopt this perspective when reviewing and assessing SFDR, not just from a legal standpoint but also practically—considering its impact on undertakings and their legal obligations. While it might be tempting to think undertakings should act simply because it feels right, my years of experience in regulatory assessment and compliance lead me to approach such topics strictly from a legal viewpoint. In this post, I’ll delve into where SFDR intersects with assurance, what these requirements mean, and their implications for undertakings. As you can see below from the "Commission Delegated Regulation (EU) 2022/1288 of 6 April 2022 supplementing Regulation (EU) 2019/2088 of the European Parliament,"?that assurance is only mentioned 3 times when it comes to SFDR. And when it makes references to assurance, it only relates to CSRD or EU Taxonomy-related topics. And why, you might ask? It's because CSRD is the only Directive requiring assurance in forms of auditing, and those who are well informed know that CSRD does a direct link and connection from CSRD to the EU Taxnomoy, and the most notable one is Article 8 in the EU Taxonomy. See below connections with CSRD and the EU Taxonomy:

The SFDR's relevant legal requirements concerning assurance:

Before proceeding, it’s worth mentioning that SFDR disclosures are derived from the assets/investees. These investees report their environmental or climate footprints to the undertaking. These metrics align with traditional E, S, and G (Environmental, Social, and Governance) indicators outlined in SFDR’s Principal Adverse Impact (PAI) Statement. Notably, SFDR does not mandate specific data points for undertakings to report. Unlike CSRD, which provides ESRS (European Sustainability Reporting Standards) and contains 82 disclosures and 1,144 data points, SFDR primarily focuses on compliance requirements. If you read the regulation, you’ll notice it doesn’t prescribe metrics but provides detailed requirements for disclosing a financial product's environmental, social characteristics, or objectives, including what and how to report. This makes sense since many other frameworks, such as GRI, TCFD, SASB, UNPRI, and others, already provide comprehensive metrics for entities to disclose their ESG and sustainability footprints.

This approach aligns with the broader structure of sustainable finance: the real economy supplies sustainability data to the financial industry, which, in turn, provides this data to investors. Investors then evaluate whether the data is credible and aligned with the financial products they have purchased. This dynamic is central to the EU Sustainable Finance Package. Adding an extra layer to this is CSRD, which mandates that listed entities provide non-financial information (ESG data) to financial markets. This ensures that investors, especially those in highly liquid markets like the stock market, have credible, standardized non-financial data to make informed decisions. For UCITS funds with significant exposure to the stock market, this ESG data is crucial as it comes from listed entities across Europe. This data reflects what listed entities determine—through their Double Materiality Assessments (DMA)—as relevant to their stakeholders and society at large.

Regarding SFDR, the required disclosures pertain solely to activities related to the EU Taxonomy and whether they have been audited. Beyond this, SFDR doesn’t prescribe metrics except for PAIs. While fund managers can collect various indicators and metrics from their investees, these are not mandatory except for PAIs. Interestingly, PAIs are voluntary: fund managers can opt in or out, determine which are principal, and define what is adverse. Not all indicators apply universally—relevance depends on the underlying assets. For instance, if you’re not invested in real estate, real estate indicators won’t apply or be considered adverse. It’s simple logic.

To conclude, SFDR does not require financial market participants to perform assurance on their indicators. These indicators should be collected from the investees in which they are invested. This highlights the importance of private equity investors obtaining asset-level data. Unlike UCITS funds, which can rely on CSRD data from listed equities, private equity investors must ensure they have credible data for their disclosures. CSRD mandates limited or reasonable assurance for data disclosed by listed entities or large corporations, ensuring its reliability.

One final point on CSRD: what does having limited or reasonable assurance mean? In the next section, I’ll explore this concept in more detail.

CSRD Assurance Requirements: Limited vs. Reasonable Assurance

The Corporate Sustainability Reporting Directive (CSRD) introduces rigorous standards for sustainability reporting across the EU. A critical aspect of the directive is the assurance of sustainability information to ensure the disclosed data's reliability and credibility. Here’s an overview of the essentials regarding limited and reasonable assurance under CSRD:

1. Limited Assurance

• Definition: Limited assurance involves an auditor providing a negative conclusion—stating that no material misstatements were identified in the sustainability reporting.
• Scope of Work: Compared to reasonable assurance, fewer tests focus on specific, less extensive procedures.
• Obligation under CSRD: Initially, statutory auditors or audit firms must provide limited assurance to verify compliance with Union sustainability reporting standards, Article 8 of Regulation (EU) 2020/852, and the process used by the company to identify the reported information.

This phased approach allows companies and auditors to adapt to the requirements gradually, ensuring a smoother transition.

2. Reasonable Assurance

• Definition: Reasonable assurance provides a positive conclusion, meaning the auditor issues an opinion on the accuracy of the sustainability information based on detailed evaluations.
• Scope of Work: This entails more extensive testing, including evaluation of internal controls—substantive testing to assess compliance and accuracy.
• Future Requirements: Once the European Commission adopts the necessary assurance standards, reasonable assurance will become mandatory by October 2028. This step ensures parity between financial and sustainability reporting standards.

3. Progression from Limited to Reasonable Assurance

The CSRD mandates a gradual transition:

• Initially,?limited assurance?was required?to accommodate market readiness and cost considerations.
• Transitioning to reasonable assurance as assurance standards and practices mature.
• This progression supports the development of the sustainability assurance market and minimizes immediate financial burdens on companies.

4. Assurance Providers

• Statutory Auditors: Primarily responsible for assurance, ensuring financial and sustainability reporting consistency.
• Independent Assurance Providers: Member States may accredit these entities to enhance market diversification, subject to stringent requirements:?professional ethics, independence,?confidentiality, training, continued education, and quality assurance systems.

5. Uniform Standards and Member State Flexibility

• The European Commission will issue uniform assurance standards for limited (by October 2026) and reasonable assurance engagements, ensuring consistent practices across Member States.
• Member States can set national assurance standards until EU standards are in place, accredit independent providers, and supervise their activities.

6. Cost Considerations

• Limited Assurance: Less costly due to the narrower scope of work.
• Reasonable Assurance is more comprehensive and consequently more expensive. The gradual transition mitigates the financial impact on companies.

7. Importance of Assurance in Sustainability Reporting

• Enhances the credibility and reliability of sustainability information for stakeholders.
• Ensuring consistency between financial and sustainability reporting is critical for decision-makers like investors and regulators.
• Supports the EU’s broader objectives of transparency and sustainability in corporate operations.

8. Training and Accreditation for Auditors

• Statutory auditors must undergo specialized training in sustainability reporting and assurance.
• Practical training of at least eight months in sustainability assurance is required for new qualifications.
• Existing auditors can continue to provide assurance but must meet continued education requirements.

9. Oversight and Supervision

• Member States must ensure robust oversight mechanisms for all assurance providers, whether statutory auditors or independent firms.
• Supervision frameworks should align with existing regulations for financial audits to maintain quality and independence.

10. Market Diversification and Independence

• The Commission aims to foster a diversified assurance market to reduce concentration risks and safeguard auditor independence.
• Member States must ensure fair competition and avoid conflicts of interest in providing assurance services.

CSRD Assurance Requirements: A Detailed Overview

The amended Corporate Sustainability Reporting Directive (CSRD) introduces comprehensive rules for statutory audits and sustainability reporting assurance. These updates address the qualifications, procedures, and regulatory requirements for assurance engagements related to sustainability reporting, ensuring high quality, independence, and consistency across the EU. Below are the key highlights of these updates:

Scope and Subject Matter

• Expansion of Audit Responsibilities: The directive now explicitly includes the assurance of annual and consolidated sustainability reporting alongside statutory audits of financial accounts.
• Definitions: Statutory Auditor: A natural person authorized to carry out statutory audits and, where applicable, sustainability assurance.Audit Firm: An entity authorized to perform both statutory audits and sustainability assurance.Key Sustainability Partner: The statutory auditor(s) primarily responsible for sustainability assurance at the group or subsidiary level.

Educational and Professional Requirements

• Qualifications: Statutory auditors must complete theoretical instruction, practical training, and a professional examination to qualify for sustainability assurance. The examination must include legal requirements for sustainability reporting, sustainability analysis, and due diligence processes.
• Practical Training: A minimum of 8 months of practical training in sustainability-related assurance or services is required.
• Continued Education: Approved auditors must acquire updated knowledge on sustainability reporting standards through ongoing professional development.

Assurance Standards

• Two-Tier Approach: Limited Assurance: To be implemented using EU-delegated assurance standards by October 2026, ensuring the basic reliability of sustainability reporting. Reasonable Assurance: To be phased in by October 2028, subject to feasibility assessments, providing higher scrutiny and positive conclusions.
• National Standards: Member States may apply their assurance standards until EU-wide standards are in effect but must notify the European Commission of these standards.

Assurance Procedures

• Assurance of Consolidated Sustainability Reporting: The group auditor is responsible for consolidated sustainability assurance. The auditor must evaluate and document the work performed by subsidiary-level auditors.
• Assurance Report: This report must include the scope of the engagement, the applied standards, and the opinion on compliance with sustainability requirements. Where multiple auditors are involved, disagreements are documented in the report. The report must be signed by the responsible statutory auditor(s) and may be integrated into the financial audit report if both are conducted simultaneously.

Public Registration and Transparency

• Audit Registers: Public registers must specify whether auditors and audit firms are approved for sustainability assurance and disclose details of key sustainability partners.
• Transparency Reports: Audit firms must publish annual transparency reports, including information on their sustainability assurance engagements.

Governance and Oversight

• Audit Committees: Assigned responsibilities include monitoring sustainability reporting processes, internal controls, and auditor independence. Member States may allow the administrative or supervisory body to perform these tasks.
• Quality Assurance Reviews: Reviews must assess compliance with assurance standards, independence, and resource allocation. Temporary exemptions (until 2025) apply for reviewers lacking sustainability assurance experience.

Independence and Non-Audit Services

• Prohibited Services: To avoid conflicts of interest, statutory auditors conducting sustainability assurance for public-interest entities are prohibited from providing certain non-audit services, including sustainability reporting preparation.
• Approval of Non-Prohibited Services: Non-prohibited services require audit committee approval, ensuring safeguards for independence.

Enforcement and Sanctions

• Sanctions for Non-Compliance: Member States must establish effective penalties for inadequate sustainability assurance. Penalties include temporary bans and declarations invalidating non-compliant assurance reports.
• Investigations and Complaints: Systems must be in place to handle complaints and investigate statutory auditors’ assurance practices.

Harmonization and Equivalence

• Third-Country Auditors: Audit and assurance practices from third countries must meet equivalent EU standards. Member States may assess equivalence independently until the Commission adopts uniform criteria.
• Delegated Acts: The European Commission will adopt detailed assurance standards and equivalence criteria to ensure consistent application across the EU.

Transitional and Implementation Measures

• Existing Auditors: Statutory auditors approved before 2024 are exempt from some requirements but must meet continuing education standards.
• Phased Transition: The gradual shift from limited to reasonable assurance minimizes disruptions and allows the assurance market to adapt.

Audit and Assurance Market

• Opening the Market: Member States may accredit independent assurance providers to reduce market concentration and promote competition.
• Free Movement of Services: Independent providers accredited in one Member State can operate in others, fostering cross-border assurance services.

Regulatory Developments

• Assurance Standards for Public Good: Standards adopted by the Commission must contribute to high-quality and credible sustainability reporting.
• Future Reviews:?By 2028, the Commission will assess assurance market concentration and the effectiveness of implemented measures, potentially proposing further legislative adjustments.

Looking for expert ESG support? Whether you need an ESG Advisor or help with ESG data collection to streamline your workflows and ensure compliance, we’ve got you covered!

At A Triple C Consulting, we combine?ESG legal expertise?(partnering with a top Magic Circle law firm in Luxembourg), a?cutting-edge ESG data platform, and?climate and carbon accounting capabilities?in?one?seamless solution.

Let’s make ESG reporting easier, smarter, and more impactful. Reach out today! ??????

Best regards,

Albin Axelsson

Founder of A Triple C Consulting

[email protected]

www.atriplecconsulting.com

Note: The content provided in this newsletter is for informational purposes only and should not be construed as financial or legal advice.