This is not an isolated sentiment. On May 13, 2021, the Financial Times published, “Measuring what matters: the scramble to set standards for sustainable business.” The authors noted that, “the current measurement and reporting landscape can be frustrating and confusing. In fact, more than three-quarters of respondents to our FT Moral Money questionnaire thought there were too many different measurement standards.”
Indeed, according to the Financial Times, “by 2018, more than 600 ESG ratings and rankings existed globally, according to consultancy SustainAbility.” But how many of these ratings are actually in widespread use? And for firms with limited resources, which sets of ESG standards should be selected by their management accountants?
The purpose of this article is to assist organizations that have decided to incorporate ESG metrics into their management accounting and reporting systems, but that need guidance about selecting their standards from among the hundreds of available options. This advice is directed to CPAs in the private sector that work for such organizations, as well as CPAs in public practice that provide advisory services about the data management function.
Standards versus Regulations
A July 2018 CPA Journal article by this author, “Transforming Integrated Reporting into Integrated Information Management,” relied on a model called “the Integrated Reporting Framework” to define a schematic data framework for an internal ESG data management system. This model, known colloquially as the Six Capitals Model or the Octopus Model, was the primary product of a standards-setting organization called the International Integrated Reporting Council (IIRC).
What happened to the IIRC since 2018? It merged with the Sustainability Accounting Standards Board (SASB) in 2021 to create the Value Reporting Foundation (VRF). One year later, the VRF consolidated into the International Financial Reporting Standards (IFRS) Foundation.
Some CPAs, pondering this dizzying array of organizational changes, might conclude that companies should ignore such entities and simply create data management systems that produce data that is required by regulation (or law). There are however two obvious concerns that make this approach infeasible:
- ▪ New regulations often reflect the priorities of the political party that currently holds power. The United States, for instance, was a central member of the Paris Climate Accords during the Obama administration, a withdrawn non-member during the Trump administration, and (once again) a central member during the Biden administration. A data management system that is based on governmental rules would thus be “whipsawed” by such political volatility.
- ▪ The design of new laws and regulations is often informed and influenced by the experiences of standard setting organizations. For example, Exxon Mobil has relied heavily on the standards of the International Petroleum Industry Environmental Conservation Association (IPIECA). This trade association was founded during the 1970s, long before the emergence of contemporary ESG laws and regulations. Thus, its political lobbying influence would be negated if energy companies like Exxon Mobil ignored its trade association’s industry standards and simply reacted to legal and regulatory changes.
To be sure, information management systems must be capable of producing external reports that meet government requirements. But because of these two concerns, it is more practical to utilize professional standards to define the parameters of an ESG information management system than the transitory laws and regulations that may exist at any specific point in time. The preferred approach (i.e., to use standards over laws and regulations) is analogous to utilizing FASB standards to define bookkeeping practices instead of relying upon IRS taxation or SEC disclosure regulations to do so.
Which Standards Do Companies Actually Use?
To answer this question, it’s instructive to review the actual choices of a representative set of companies across industry sectors. The food and beverage, oil and gas, and media and entertainment industries represent a suitably diverse trio.
McCormick & Company, headquartered in Maryland, produces spices for food and beverage industry customers across all (small, medium, and large) segments. Which ESG standards setters do they reference in their 2022 Purpose Led Performance (PLP) report (https://bit.ly/3QsvfVi)?
The indices and data section refers to four standards setters: the Global Reporting Initiative (GRI). SASB, Task Force on Climate Related Financial Disclosures (TCFD), and the United Nations (UN).
Halliburton is obviously a very different type of organization; as one of the world’s foremost crude oil production service companies, its customers are focused on the large end of the energy industry sector. Which ESG standards setters do they reference in their 2022 Annual & Sustainability Report (https://bit.ly/44Z0g7F)?
Once again, the data tables section refers to four standards setters: the GRI, SASB, the TCFD, and the UN.
The Walt Disney Company is a global entertainment and media firm, based in California, that sells its products and services directly to consumers (i.e., B2C) and also distributes them to a wide variety of small, medium, and large retailers (i.e. B2B). Which ESG standards setters does Disney reference on its “ESG Report Center” guide to its Corporate Social Responsibility (CSR) Reports (https://bit.ly/3OMBtxZ)?
It explicitly cites four sets of reporting frameworks: the GRI, SASB, the TCFD, and the UN.
Thus, across this very diverse array of organizations, there is a consistency in the standards setters chosen. Based on these results, one can answer the following two questions:
- ▪ How many ESG standards setters do we really need? The answer is four.
- ▪ Which standards setters, out of the hundreds of available options, should we choose? The answers are the GRI, SASB, TCFD, and UN.
But why is this true? And is it likely to remain true?
The Four Needs
It’s important to note that users of ESG reporting data represent a variety of stakeholder groups with different types of needs. Users, for example, may include internal or external stakeholders who (each) may face a variety of less or more urgent risks. Furthermore, some of these stakeholders may focus on industry specific considerations, whereas others may not.
It can be helpful to define four specific types of metrics that serve these different types of needs. Although data users do not necessarily require one single standards setting organization to focus on each need, a “one standards setter for each need” market structure represents an efficient solution. The four needs are as follows:
- ▪ Metrics to manage extreme risks
- ▪ For all other non-extreme scenarios, metrics that address the risk impact from the perspective of external stakeholders
- ▪ Metrics to address the needs of internal stakeholders, some of which are universal across all entities
- ▪ Metrics to address the needs of internal stakeholders, others of which are specific to industry sector.
Each of these four needs is structurally unique and self-evidently relevant to the users of ESG data. Thus, it is unsurprising that firms as different as McCormick, Halliburton, and Disney have settled on four standards setters to help define their ESG metrics.
The Four Leaders
Each of the four leading standards setters has focused on meeting a specific need. Although there are significant overlaps, each entity approaches the design of its standards in a unique manner.
The GRI promulgates standards that address universal concerns for internal stakeholders. Its approximately three dozen standards focus on such ubiquitous topics as Market Presence (202), Procurement Practices (204), Energy (302), Waste (306), Training and Education (404), and Security Practices (410).
SASB promulgates standards that address industry specific risk factors by publishing customized guidance in 77 distinctly defined industry sectors. These industries vary widely, encompassing such diverse sectors as asset management and custody activities, healthcare delivery, and cruise lines.
The UN promulgates standards that address the risk concerns of external stakeholders. Its 17 categories or “goals” also vary widely, encompassing such diverse factors as quality education, affordable and clean energy, and decent work and economic growth. Its 169 metrics or “target indicators” are grouped into these 17 categories.
Because climate change appears to represent the most significant extreme risk facing humanity, the TCFD presently maintains a predominant position among standards setters. The TCFD has expanded the traditional focus on metrics by developing standards for the practice of enterprise risk management in general and scenario analysis in particular.
Why have the GRI, SASB, TCFD, and UN become so widely accepted in the ESG field? It’s because they have each been successful in addressing one of the four needs of ESG reporting. They are likely to remain so for the foreseeable future because their four needs collectively encompass the gamut of concerns that challenge internal and external stakeholders.
Of course, it is always possible that other standards setters will emerge and eclipse the current cohort. The International Sustainability Standards Board (ISSB), for instance, has been created by the IFRS Foundation to develop sustainability disclosure standards and recently released its first two efforts in this arena. At the present time, however, the ISSB is not cited in the ESG reports of American firms.
Likewise, it is always possible that new government laws and regulations may begin to drive the ESG reporting sector. Currently, though, it appears likely that government will move more slowly than the private sector.
Even in the European Union (EU), where ESG disclosure laws are more prevalent than in the United States, the Corporate Sustainability Reporting Directive (CSRD) only went into effect in January 2023. However, all EU member states must now “transpose” the CSRD into their national legal systems, with actual disclosure requirements not required until 2024.
ESG Report Design
So what sources should a CPA turn to if their CEO asks you to design an ESG report? And how often may you need to revise your choices?
If a trio of firms as diverse as McCormick, Halliburton, and Disney can all agree on using GRI, SASB, TCFD, and UN, anyone can. One can explain these choices by explaining that these metrics encompass the needs of both internal and external stakeholders, risks that are both high priority (i.e., extreme) and low priority, and challenges that are both universal and industry specific.
Will the choice of standards setters be permanent? Possibly not; after all, some other entity may eventually emerge that does a better job of addressing the full array of user needs than the GRI, SASB, TCFD, and UN. Recall that FASB itself replaced the Accounting Principles Board (APB) in the 1970s when it became evident that a newer entity was needed.
Nevertheless, unless this occurs, or unless a pair of ESG entities merge with each other, it is likely that these four standards setters will serve as the primary sources of ESG metrics in the near future. There is too much logic to having “four leaders for four needs” for the current paradigm to change significantly.