This article was co-authored by Dr. Matthew Gardner and Dr. Stephan Lienin.
What does this latest development in CR disclosure requirements mean for you?
In October 2014, the EU issued its directive on corporate disclosure of non-financial and diversity information by larger companies. In essence, this requires many companies headquartered or having significant operations in the EU to disclose non-financial data (e.g., environmental, social, and governance-related information) on a regular basis.
These companies are now trying to figure out what this directive legally requires from them, and the competitive pressures they may subsequently experience in their industries. While the legislation provides for a two-year transition period, EU member states will ultimately be required to put corresponding legislation in place in late 2016 to regulate reporting starting with business year 2017. There are many opinions about this directive and the resulting legislation that it will require. These include a concern that the EU has placed an undue burden on affected companies, and that significant red tape and financial outlay will be required. In our assessment, both these opinions are misplaced.
The Next Higher Bar in CR Reporting?
Expectations regarding corporate responsibility (CR) and/or sustainability — basically interchangeable terms in business today — have been steadily increasing over the last few years. With regard to CR reporting, in the early 2000s early movers were situated at the margins of mainstream industry or economies. Starting in 2007, state-owned companies in Sweden were legally required to publish sustainability reports according to the Global Reporting Initiative (GRI) framework. In 2010, the Johannesburg Stock Exchange introduced the requirement that South African companies listed on the exchange had to publish Integrated Reports that combined financial and non-financial information. Since then, sustainability or CR reporting has become commonplace, and even an expected part of business, for many companies.
One example of this shifting expectation is the Sustainable Stock Exchanges (SSE) initiative that explores the roles that stock exchanges can play in enhancing corporate transparency on environmental, social and corporate governance-related issues. Another is the Singapore Exchange, which announced in 2014 that it will step up their previously voluntary encouragement on sustainability reporting to a mandatory requirement for listed companies. Following a year-long consultation process, the exchange will publish specific guidelines in late 2015 and expect compliance starting 2017, the same year that the EU Directive will be fully implemented in national law. These examples illustrate that the EU Directive is a logical next step in a larger global regulatory development. It is thus unlikely to fizzle away during implementation — although it will likely be watered down to different degrees in the various EU member states.
What Does the EU Directive Build On, and What Does It Intend?
The EU Directive on the disclosure of non-financial and diversity information is closely linked to regulations regarding financial disclosures. In fact, it amends an earlier directive that regulates corporate annual financial statements, consolidated financial statements, and related reports. That earlier directive required companies to publish management reports that present a balanced and comprehensive analysis of the organization’s business and market position and specified that information on both financial and non-financial performance (such as environmental and employee matters) should be included “to the extent necessary.” The EU Directive now clearly spells out how that is to be done.
In the EU Directive the management report is specified as the default part of corporate reporting where the non-financial statement should be included. However, it also allows companies to issue the non-financial statement as a separate report if it covers the same financial year as the management report. The directive also requires that the statutory auditor or audit firm verify whether the non-financial statement has been provided.
While additional EU Commission guidelines on methodology and non-financial key performance indicators are still forthcoming, the EU Directive mentions a number of issues to consider for inclusion. While these suggestions are couched in terms such as should, may, or could, they give an indication of which kinds of disclosures may ultimately be required.
How Will the EU Directive be Implemented on the Ground?
With the directive, the EU has expressed a clear expectation for increased CR disclosure in Europe. The qualification that non-financial disclosures will be required only from larger companies of “public interest” (currently defined as exchange-listed companies, credit institutions; and insurance companies, with others to be included at the discretion of member state governments) reflects previous controversial debates about avoiding red tape, and clearly takes SME’s with less than 500 employees (or lower than ~$50 million in revenue) off the table. And the choice of a directive as the instrument means that — unlike for an EU regulation that would have been immediately in force across the union — there is leeway for the member states in how they implement or “transpose” this requirement into national legislation. The directive spells out a required result to be reached in a certain timeframe, but leaves the exact means up to the member states. The expectation is that they will keep the needs of their business community in mind and implement national requirements in a manner that avoids excessive burden.
The concrete nature of the required disclosures will become clearer once national implementation has been drafted in 2016. However, the directive already specifies that companies may rely on ISO 26000 or on the guidelines of the Global Reporting Initiative (GRI) in addition to a number of EU, UN, ILO, and OECD frameworks. It also mentions that national frameworks can provide guidance, and proponents of national initiatives like the German Sustainability Codex (DNK) are already advocating for the use of their frameworks. In addition, the EU Commission has been asked to prepare non-binding guidelines for implementation, including suggesting non-financial key performance indicators for consideration.
Impact on Companies Outside the EU?
Once implemented in national law, the directive will directly impact EU-based companies that have over 500 employees and are “public-interest companies.” This term is defined elsewhere in EU guidelines as companies that are stock exchange listed, are credit institutions (banks) or insurance companies, or have been determined to be of public interest by the respective member state. Following the publication of the directive, it was estimated early on that around 6,000 companies in the EU would be directly affected once national regulations are in place in late 2016.
In the meantime, Denmark has already become the first European country transposing the directive by amending the Danish Financial Statements Act in May 2015. Following reporting requirements for a smaller set of large stock–listed and state-owned companies effective 2016, full implementation of the Danish regulations effective 2018 will require all large companies in Denmark — more than 1,000 companies overall — to comply. This illustrates that across the EU, the number of companies ultimately affected may be much higher than initially expected. Beyond that, if those companies required to report start asking their suppliers to provide them CR information for their reports, all companies doing business with them will feel the pressure of increasing CR disclosure expectations as well.
Similar to EU-based companies, businesses headquartered in countries that are not in the EU but are members of the European Economic Area (EEA) — Liechtenstein, Norway, and Iceland — will be impacted by incorporation of the directive into the Annexes or Protocols of the EEA Agreement. Such amendments are required for EU acts that are EEA relevant, which has been determined to be the case for the present EU Directive.
However, an even larger group of companies that are not headquartered in the EU will be impacted by mandatory reporting requirements: the non-EU headquartered corporations that do business in EU member states via local subsidiaries that fall under the directive’s requirements. The directive specifies that subsidiary undertakings shall be exempt from mandatory reporting if they are covered in a consolidated non-financial statement of their parent group that meets the directive’s requirements. Many corporate group and holding companies will likely elect to publish a non-financial report that meets the EU requirements, probably at the strictest directive implementation level from within those member states where they do business, rather than invest in having each of their subsidiaries do their own reporting.
What Are Your Options?
If your company or its subsidiaries are likely to be affected by mandatory non-financial requirements under the EU Directive, you have several options to consider:
1) You may decide to do nothing for now and observe how the directive is ultimately implemented into national law. You may also decide to conduct a minimal CR monitoring and reporting effort — if you are not already doing so — to get your feet wet with regard to CR topics. This can include a simple prioritization exercise (materiality assessment) and basic disclosures of data and CR achievements. Both options have the upside of avoiding significant investment. The downside is that once reporting is required of your company, setting up the systems and processes can become a fire drill that is much more costly than building your CR infrastructure step by step with enough time to find the most meaningful option.
2) If you are willing and able to start laying more robust foundations for CR reporting and activities at this point in time, you may consider implementing an established CR framework for your monitoring and reporting efforts like the one provided by the Global Reporting Initiative (GRI) reporting guidelines. This requires a more substantial prioritization or materiality exercise, which should include at least some external stakeholder participation or validation, as well as monitoring and disclosure of performance information according to standard indicator protocols. The choice of, for example, “core” or “comprehensive” GRI guideline implementation depends on the amount of data available at your company with reasonable effort, and on the appetite of top management to disclose corporate policies, including those related to governance and compensation. If you are doing this for the first time, or if you are upgrading from the previous G3 to the current G4 version of GRI reporting, this requires a certain level of investment. The benefit is that you can demonstrate your commitment to CR clearly and credibly, and not only be well prepared for impacts of the EU Directive but also reap the benefits in marketing, customer relations (including supply chain questionnaires), and investor relations.
3) If you want to be an acknowledged leader on CR, and have the means and commitment, you have a number of interesting options to consider. You can expand your prioritization or materiality exercise into a comprehensive, participative dialogue that supports cultural change and engages customers, investors, and other external stakeholders in building trusted, lasting relationships. And you can use the content generated in more traditional non-financial or integrated reporting formats for social media and similar dialogue initiatives with the groups that ultimately determine your business success.
Dr. Bernd Kasemir is a managing partner at Sustainserv, a Zurich, Switzerland, and Boston, Massachusetts, based sustainability and corporate responsibility consultancy. Kasemir leads the Sustainserv sustainability strategy practice and also leads many of the company’s sustainability reporting projects.
Dr. Matthew Gardner is a managing partner at Sustainserv. He is based in the Boston office and is responsible for a portfolio of projects and clients across the sustainability strategy, data and communications practices.
Dr. Stephan Lienin is Sustainserv’s managing partner in Zurich. He manages a wide range of projects including sustainability strategy and communications efforts, and is also responsible for some of Sustainserv’a large multi-stakeholder engagements and public-private partnership projects.