The SEC’s proposed amendments to Regulations S‑K and S‑X to require new climate-related disclosures will, if adopted, require an expansion in the scope and responsibilities of audit committees. As described in our prior memo, the rules contemplate domestic and foreign issuers disclosing, in registration statements, annual reports and audited financial statements, information on board and management climate-related risk oversight and governance, material climate-related risks and opportunities over the short-, medium- and long-term, Scopes 1 and 2 greenhouse gas (GHG) emissions, impact of climate-related events on line items of audited financial statements, and climate-related targets, goals and transition plans (if any). Accelerated and large accelerated issuers will also be required to provide third-party attestation on their Scopes 1 and 2, and in certain cases Scope 3, emissions over time.
While the SEC’s proposed rules are drawn from the recommendations of the Task Force on Climate-Related Financial Disclosures (TCFD) and the Greenhouse Gas Protocol, elements of the proposed rules are more prescriptive and expansive in nature and will require expanded oversight by audit committees. In particular, the requirement for climate-related line items in audited financial statements will come within the scope of a registrant’s internal control over financial reporting (ICFR). Climate-related disclosures within registration statements, including information filed in annual reports and incorporated by reference, will also be subject to liability provisions under the Securities Act of 1933 and will not be afforded protections under the forward-looking safe harbors pursuant to the Private Securities Litigation Reform Act. Additionally, all public climate-related disclosures are subject to the liability provisions of Section 10(b) and Rule 10b-5 of the Securities and Exchange Act of 1934. The fact that climate disclosures will need to be prepared within the 10‑K filing window may also warrant additional forward-planning, including drawing upon and enhancing existing internal processes used for financial and ESG-related reporting.
Governance and Oversight
For companies that have not already engaged in climate-related reporting or otherwise allocated climate oversight and governance responsibilities within the board and management, the board will need to consider whether the entire board, the audit committee, a risk committee or a stand-alone committee should be tasked with oversight of climate-related risks and disclosures, and related internal controls and procedures. The proposed rules require disclosure of whether the board or a committee will oversee climate-related risks, the processes and frequency which the board or the responsible board committee discusses climate-related risks, and how the board or a committee considers climate-related risk as part of its business strategy and risk management financial oversight, among other governance disclosures. While oversight responsibilities can be allocated to a different board committee, or divided among committees, the audit committee’s established financial reporting and compliance responsibilities and expertise will drive at least some portion of disclosure oversight to the audit committee. This is particularly true as it relates to climate-related line item disclosures in financial reporting and oversight of internal controls and processes used to compile climate-related data. Where some or all of the climate-related reporting responsibility will be allocated to a different committee, such as a risk committee, special attention should be placed on updating existing responsibilities to ensure that no gaps exist and that such other committee is also addressing the processes and procedures that will be required by the rules. Boards may also need to identify core skills and competencies needed to meet the heightened oversight expectations mandated by the proposed rules as well as the requirement to disclose whether “any member of a registrant’s board of directors has expertise in climate-related risks” including “sufficient detail to fully describe the nature of the expertise.” Coordination between the board and management may also need to be reviewed to ensure the board is receiving timely information on material climate-related issues affecting the company and that management, in turn, is implementing processes to monitor, identify and assess climate-related risks.
Disclosure Controls and Procedures
The proposed rules will also require companies to review their internal controls and procedures on climate-related disclosures. Under the proposed rules, companies will need to disclose: risks and opportunities (including the impact on corporate strategy, the business model and outlook), Scopes 1 and 2 emissions for all issuers, Scope 3 emissions (if material or if the issuer has set Scope 3 targets, with smaller reporting companies exempted), internal carbon pricing (if used), and transition plans and scenario analysis (to the extent used by the issuer). In addition, the proposed rules will also require a financial statement note concerning the impact of severe weather events, other natural conditions and transition activities on financial statement line items, and financial estimates and assumptions impacted by such climate-related events and transition activities. Importantly, the proposed rules contemplate climate-related line items disclosed in a registrant’s financial statements to come within the scope of ICFR and the SEC continues to consider whether GHG emissions disclosures should be subject to a similar degree of heightened scrutiny. Accordingly, the board and its audit committee will need to engage in discussions with management and the company’s independent auditors on what changes will need to be implemented to ensure ICFR effectiveness if the SEC’s proposed rules are implemented.
Third-Party Assurance
Beginning in 2024 and 2025, respectively, accelerated and large accelerated filers will be required to have an independent third party verify the required Scope 1 and 2 emissions disclosures. Initially, this verification will require “limited assurance” (a form of negative assurance which does not include an assessment of the sufficiency of internal controls), later increasing to affirmative “reasonable assurance.” The attestation service provider will need to meet minimum qualifications and independence requirements, and the accompanying attestation report will similarly need to meet minimum standards. As proposed, the rules do not require the assurance provider to be a traditional auditor. Audit committees should consider which firms are capable and best suited to engage in the assurance process, with an eye towards any processes such firms will require for both levels of assurance.
Scenario Analyses, Transition Plans and Internal Carbon Prices
The new rules will require companies to disclose scenario analysis and carbon pricing, if used, as well as any transition plans. The release defines scenario analysis as tools “used to consider how … climate-related risks may impact a registrant’s operations, business strategy, and consolidated financial statements over time” or “to test the resilience of their strategies under future climate scenarios, including scenarios that assume different temperature increases.” If adopted as proposed, companies may need to examine their planning process to confirm whether disclosure is required, as the SEC’s commentary on this new disclosure notes, rather expansively, that disclosure must disclose “if a registrant uses scenario analysis or any analytical tools to assess the impact of climate-related risks.” (emphasis added). Internal audit functions should remain cognizant of different planning exercises outside of the established financial process, for instance, where individual business units may engage in climate analysis.
Companies that have adopted a transition plan (broadly defined to include strategies and implementation plans to reduce climate-related risks) will also be required to disclose such plans in public filings. This will include transition risks such as laws, regulations or policies restricting GHG emissions, conservation laws, regulations and policies, the imposition of a carbon price and changing demands or preferences of consumers, investors, employees, and businesses. Companies have the option to, but are not required to, disclose climate-related business opportunities. In addition, disclosures regarding transition plans will need to describe actions taken during the year to achieve the plan’s targets or goals. As with scenario analysis, internal processes may need to be re-evaluated to ensure that relevant planning exercises are adequately disclosed.
The proposed disclosure requirements regarding carbon prices and transition planning may also warrant close attention. Companies that use an internal carbon price would be required to disclose the price per metric ton of carbon dioxide equivalent, the total price and an estimate of how it will change over time, and the scope of measurement of carbon dioxide equivalent (if different from the scope used for emission disclosures).
* * * *
The details of these proposed rules, and their intersection with existing auditing and reporting functions, require significant attention and care. As climate-related disclosure moves from a theoretical exercise, or, more recently, investor-driven voluntary disclosures, to exacting regulatory requirements, boards and their audit committees will need to consider how their existing roles should evolve in this new, carbon-conscious landscape. While the proposed rules would not be effective until fiscal year 2023 at the earliest, audit committees may wish to take the opportunity now to begin discussions with the company’s legal and internal control functions, along with external auditors, on climate-related disclosures.
This post comes to us from Wachtell, Lipton, Rosen & Katz. It is based on the firm’s memorandum, “The SEC’s Proposed Climate-Related Disclosure Rules: Thoughts for Audit Committees,” dated April 4, 2022.