Getting Ahead of the Coming ESG Reporting Requirements
Blog
November 18, 2024 9:00 AM
The U.S. Securities and Exchange Commission is pursuing new reporting regulations around ESG, or Environmental, Social, and Governance. This information is used to tell investors how socially responsible a company is. For many companies, some of these new reporting requirements cover things they don’t currently track, so it’s important to start developing processes for gathering that data for when the regulations take effect.
What is ESG Reporting?
Let’s break down ESG. First, Environmental. In March, the SEC passed initial regulations around emissions reporting. This was an early sign that the SEC is getting serious about ESG. A federal appeals court put the new regs on hold, but we can expect some form of them to take effect soon. The data we will have to report fall into scope one, two, and three emissions. Scope one and two are direct and indirect emissions that fairly easy to measure, such as how much electricity our buildings use each year. Scope three is more broad and covers everything from business travel to emissions produced by our products. Next is Social. This describes what our company does to support the world and the communities where we do business. What programs do we employ to promote diversity in our organization? What is the percentage of minorities in leadership roles? Finally, Governance. This describes how we manage all of these factors together, including what mandates we put on ourselves and how we comply with regulations in the many jurisdictions where we operate.
Being a global company, we are ahead of the game in some respects. We are already adhering to the European Union’s Corporate Sustainability Reporting Directive (CSRD), an equivalent standard with many data points that will likely dovetail with the new SEC rules. The UK and Brazil, where Corpay does a lot of business, have similar standards. Even California has its own mandates for companies doing business there. These various requirements are in many cases a prelude to what is to come at the federal level.
Organizing a Mountain of Data
Once we have identified the broad categories of information we will need to gather, it’s time to decide which data points are relevant. Having winnowed them down, the challenge is efficiently collaborating with our teams around the world to pull it all together in a way that is consistent and will stand up to an audit, even if the audit doesn’t happen for two or three years. We are using a tool called Workiva, a cloud-based solution that has workflow functionality and controls who can update certain data points based on region, position, or other criteria. As we collect data, we map it to the specific requirements for California, Europe, and the SEC, enabling us to generate the appropriate reports. Think of a pivot table in an Excel workbook. Once we can create these reports, it becomes part of the monthly closing process and can be audited. This technology has been a fabulous solution for us, but gathering and organizing this volume of data is still a daunting task.
The Clock is Ticking
The timing of the new SEC reporting requirements isn’t certain, but our analysis suggests during the first quarter of 2026, we will be required to report on 2025 outputs. That means we need to be up and running ideally by January 2025. Being ready includes not only creating the system for gathering the data and generating the reports, but also training all of our businesses around the world on the new processes and imparting the importance of being ready.
I’m sometimes asked whether the presidential election will affect how the new SEC regulations will roll out. It’s a truism that Republican administrations tend to be less heavy handed than Democratic administrations when it comes to regulating businesses. That said, the SEC is an independent agency with five presidential-appointed commissioners serving staggered five-year terms. Whether the way the new regulations are implemented will become politicized remains to be seen.
Conclusion
In closing, my advice to companies, especially global companies, who will be subject to the new SEC regulations on ESG, if you haven’t started getting organized, it’s time. You need to be thinking about how you will collect your data, who you will work with at each of your locations around the world to get it, and how you will organize the data in a way that will stand up to scrutiny. What you don’t want is an auditor requesting information that you haven’t even collected. Do the heavy lifting now to avoid a headache later.