Robust independent assurance of sustainability reports trumps mere data verification for securing stakeholder trust, argues Jason Perks

It’s time to make up our minds about how sustainability reporting is assessed. One option is to restrict our remit to basic verification of data. The other is to pursue much more extensive evaluations of how well reports address what matters to stakeholders. I am worried that we may be about to take the wrong road.

If we go down the verification route, it’s unlikely that sustainability reports will properly address companies’ material issues or drive strategic responses. The alternative – robust, stakeholder-based assurance – offers far more value to stakeholders and companies.

Of course, assurance can include verification of claims and data, but that is just one element. It also means establishing the extent to which the report addresses the issues that concern stakeholders and have an impact on the business. It is about checking not only that the things in the report are right but also, more fundamentally, that the right things are in the report.

The choice of direction is upon us today in large part because of pivotal work that’s going on to develop two key sustainability frameworks.

The G4 version of the influential Global Reporting Initiative guidelines is currently out for consultation. At Two Tomorrows, we are lobbying for G4 to provide clear guidance on what kind of assurance companies should seek.

At the moment, reporters can add the “+” suffix to the GRI application level they have attained even for superficial verification of one small part of the report. We want GRI to encourage more meaningful, high-quality assurance, in particular by applying more stringent criteria to the use of the “+” symbol.

Meanwhile, the work of the International Integrated Reporting Committee is gathering pace. The IIRC is aiming to create a framework for integrated reporting that brings together financial, environmental, social and governance information in a consistent and comparable format.

But the fact that IIRC is driven by the accountancy profession means that simply integrating a standard set of sustainability metrics could become the de facto approach in integrated reporting. This would severely restrict the potential of reports to give a full account of a company’s performance on its particular material issues.

Get beyond the data

The other main danger is that companies might be tempted to get their financial auditors to examine the whole integrated report. This could encourage data verification at the expense of specialist assurance of the sustainability content. Non-financial reporting should be based firmly on stakeholder needs. In particular, any integrated reporting framework needs to be clear that assurance should examine how well the company has identified, addressed and reported its material issues.

At a recent roundtable examining the future of assurance, participating companies were agreed that, while systems and data checking do add value, stakeholder involvement and a clear set of principles for assurance are vital for credibility. 

However, without a clear lead from GRI or the IIRC, it may be difficult to bring about a more general change in behaviour. The reality is that many large companies still publish unassured reports, and the majority of those who do seek an independent check of their report are still only going for verification.

What we need most, if assurance is to deliver on its potential, is a single, internationally accepted framework. This would be a boon for stakeholders because it would enable them to compare companies’ sustainability performance confidently. It would also be a big help to companies trying to decide how best to have their reports independently assessed.

I believe this is achievable in the next decade because, in the AA1000 Assurance Standard (AA1000AS), we have something that’s proven and generally applicable. AA1000AS mandates the use of three principles of accountability: inclusivity, materiality and responsiveness. At our recent roundtable, attendees resoundingly confirmed the validity of these principles for assurance.

Of course, AA1000AS is not the only assurance standard out there, and it has flaws, which need to be addressed over time. But it is the only standard specifically designed for sustainability and based on an inclusive stakeholder-based approach.

Even if AA1000AS isn’t yet widely used for assurance, it is gaining ground among the leaders in sustainability. In the last four annual Corporate Responsibility Reporting Awards, the winners of the Credibility Through Assurance category have all used the standard – including The Co-operative.

Irrespective of whether AA1000AS will be the unifying standard, if the sustainability report is to be a genuine way of helping businesses be more sustainable, it is vital we choose proper stakeholder-led assurance over verification.

Jason Perks is group director of corporate sustainability agency Two Tomorrows. He is a member of the interim standards board for the AccountAbility AA1000 series of standards.