Helping clients meet their business challenges begins with an in-depth understanding of the industries in which they work. That’s why KPMG LLP established its industry-driven structure. In fact, KPMG LLP was the first of the Big Four firms to organize itself along the same industry lines as clients.

How We Work

We bring together passionate problem-solvers, innovative technologies, and full-service capabilities to create opportunity with every insight.

Learn more

Careers & Culture

What is culture? Culture is how we do things around here. It is the combination of a predominant mindset, actions (both big and small) that we all commit to every day, and the underlying processes, programs and systems supporting how work gets done.

Learn more

Data reliability and the legal implications of ESG disclosures

08.01.2022 | Duration: 10:23

KPMG Principal Parmjit Sandhu sits down with Partners from Seyfarth Shaw to discuss their recent article published by Bloomberg Law on the importance of obtaining reliable data and adopting internal controls to mitigate legal and accounting risks.

Listen Now
Backward 10s Play Pause Forward 10s

Podcast transcript

Parmjit: Welcome to a special podcast on data reliability and the legal implications of ESG disclosures. My name is Parmjit Sandhu and I’m a principal from KPMG’s Global Rewards Services Practice. I’m joined today by Tracee Davis, a partner and Candace Quinn, a senior counsel at the law firm of Seyfarth Shaw to discuss a recent article published by Bloomberg Law on the importance of obtaining reliable data and adopting internal controls around that data and to connect the dots at the macro level across legal and accounting considerations, in mitigating both legal and accounting risks. 

Transcript continued

We came together from previous great working sessions between KPMG and Seyfarth Shaw around ESG. In discussing our experiences on what we’ve seen in the market, we determined that data was a major factor driving greater economic importance on ESG. In considering how best to advice our clients in meeting these new demands, we both came to the conclusion that accurate data is the key driver and attention to developing best practices and acquiring, monitoring, analyzing and testing that data is critical to successfully managing the legal and accounting risks that we can see on the horizon in the ESG landscape. Tracee, how does data play an important role? What legal risks are you seeing with clients who are either developing a new ESG program or reimagining an existing corporate social responsibility initiative now facing? 

Tracee: Thank you so much Parmjit for having us. In essence, ESG should be viewed as a way of measuring a company’s ability to increase value or reduce operational losses as they relate to those ESG factors that might materially impact corporate profits. Various methods to measure performance exists, but not all data or frameworks for conducting the analysis are equal. For instance, independent rating and ranking agencies may each rely on different variables in accessing, for example, energy consumption. This can often result in the credit-like rating scores that a company receives from one rater being inconsistent with that of another. To control the narrative, voluntary ESG reports that we all often see are issued, or more formal certified disclosures are required. However, with greater disclosures, voluntary or otherwise, comes the heightened risk of litigation. Lawsuits, fines, penalties or other regulatory actions arise when day-to-day operations are not consistent with the company’s stated policies or public disclosures. And it’s not simply regulators who might sue. 

Most stakeholders have an avenue to bring a lawsuit. A consumer can claim the statements mislead them into buying the company’s product. Investors might claim fraud or fraudulent inducement caused them to invest in a company’s stock, or business adventure. And shareholders always have the ability to bring a claim for breach of fiduciary duty against the company’s board or management or a whistleblower employee might bring an action when the company fails to try and live up to its ESG commitments.

Parmjit: That’s really interesting, Tracee. So how can companies manage these risks?

Tracee: So, needless to say, ESG statements must be carefully vetted and internal controls must be implemented in order to be able to demonstrate when defending any claim that the company made reasonable efforts to meet its ESG goals. To also bring more uniformity to the market, we’re now seeing regulators proposing rules to mandate that companies disclose certain information. Candace, what are some of the more recent regulatory rules that are being proposed? 

Candace: Thank you, Tracee. Well, the SEC has undertaken a number of actions and proposals to address ESG, all of which are very data intensive. And these have included historic rules to enhance and standardized climate related data disclosure, which provide an affirmation of client concerns. Now the climate risk disclosure rules for which the comment period has expired require public companies to disclose climate data in their financial statements subject to review by an independent auditor. And also the rules require climate data to be disclosed in non-financial statements and would need to include a third-party attestation report from experts in greenhouse gas emissions. 

Now the SEC also requires human capital resource data to be disclosed to the extent it is material to understanding the company’s business. And the SEC also approved NASDAQ’s board diversity disclosure rule, requiring companies listed on the NASDAQ Exchange to have a diverse board or provide an explanation.

Now, the SEC also opened a comment period for paper performance proxy disclosure as incentive pay is increasingly linked to ESG outcomes. Now the SEC is looking for more transparency in what data is included in determination for investors to evaluate the company’s compensation practices. Also, the SEC proposed rules mandated disclosure of material cyber security breaches in corporate risk management strategy, and there are many more.

The importance of data accuracy and reliability cannot be stressed enough. As Tracee pointed out, whether the disclosure is voluntary or mandatory, the legal risks are no less important. The SEC Enforcement Division has undertaken active ESG regulatory review and pursued legal action including junctions and significant fines for companies making false and misleading statements, known as greenwashing. The SEC is not the only agency addressing ESG. Other federal agencies, including the Department of Labor are increasing ESG concerns and state legislators are also. Now, for example, the DOL has issued guidance to fiduciaries regarding investment company sponsored pension plans, identifying when they may consider climate change and other ESG factors. However, due to recent court decisions, regulatory authority to various agency is under scrutiny.

To address disclosing ESG, there are several frameworks, such as SASB, Now, Value Reporting Foundation. And there’s GRI and there’s TCFD. As companies review these standards, we advise clients to seek legal counsel to perform materiality assessments, identify risks and ESG factors relevant to long term profit. So how do companies practically approach complying with these complex regulatory requirements in practice? Well, Parmjit and her team at KPMG are focusing on the types of controls needed around ESG data to achieve data reliability. Parmjit, could you please share some of those insights with us? 

Parmjit: Yes, absolutely, thanks, Candace. So the SEC’s focus, as disclosed by Commissioner Crenshaw, tells us that a significant aspect of the solution here is to establish internal controls around the collection and the robustness of ESG data, which will ultimately drive the quality of the company’s disclosures. So in practice, this means in the first instance, that companies must assess their internal systems infrastructure to determine how to utilize them for ESG purposes. And then test them for reliability. And this is even before any external audit begins, because some work needs to be done to prepare for that.

Candace: And Parmjit, what about the external data?

Parmjit: Yes, that’s a great question Candace. Many companies rely on external vendor data, but they will need to now access that vendor’s internal controls around that data. So companies can’t practically do this for scores of vendors. And so over time, we expect vendors will need to start offering more end-to-end services to minimize the number of vendors a company needs to use. So the most practical and relevant experience companies have on internal controls is from sox compliance. And that knowledge must be leveraged here to deliver on the data needs for legal ESG disclosures. But know that getting this right is critical, given this data is what investors, shareholders and employees will ultimately rely on to determine the extent to which a company has met their ESG strategy. And that in turn could have huge implications for the company’s future.

So as an example of how ESG data has economic importance, several PE firms have recently laser focused on ESG integration as a way to enhance profitability in the businesses that they are investing in. In fact, there have been recent success stories where a business was worth several multiples of the original investment as a result of that ESG integration. 

So that brings us to the end of the podcast. ESG is here to stay and continues to involve. So stay tuned to developments in this space.

Tracee: Thank you, Parmjit, for having us. We appreciate having this opportunity to talk about the legal developments in this space.

Candace: And thank you, Parmjit, we look forward to working with you and KPMG’s team.

Parmjit: Likewise, Tracee and Candace, once again, thank you for being with us today. Please feel free to read the Bloomberg Law article linked on this page for a more detailed dive into this topic. Thanks again for listening.


KPMG LLP does not provide legal services.


Explore more

Thank you!

Thank you for contacting KPMG. We will respond to you as soon as possible.

Contact KPMG

Use this form to submit general inquiries to KPMG. We will respond to you as soon as possible.

By submitting, you agree that KPMG LLP may process any personal information you provide pursuant to KPMG LLP's Privacy Statement.

An error occurred. Please contact customer support.

Job seekers

Visit our careers section or search our jobs database.

Submit RFP

Use the RFP submission form to detail the services KPMG can help assist you with.

Office locations

International hotline

You can confidentially report concerns to the KPMG International hotline

Press contacts

Do you need to speak with our Press Office? Here's how to get in touch.