scenario analysis

Building Trust and Transparency: IA’s Impact on Mitigating ESG Risks

Increasing scrutiny on ESG claims and reporting

Regulators and governing bodies are paying closer attention to the accuracy and verifiability of the ESG claims organisations are making. In the last few weeks alone, we’ve seen numerous organisations challenged in Asia and across the globe on their ESG claims.

In March 2024, a legal complaint was filed against a Korean conglomerate and another company from the oil and gas industry under Korea’s new greenwashing law, which fines firms for greenwashing. They allegedly greenwashed their decarbonisation efforts by double-counting their renewable energy premiums—required under Korean law—with their company’s decarbonisation plans. Also in March, in Australia, an investment firm also faces a potential greenwashing civil penalty by the Federal Court of Australia after it was found to have misled investors on several of its ESG claims. In Europe, an airline was ruled to have broken the law due to its misleading and vague environmental ambitions and advertisements, which have been regarded as greenwashing.

Dynamic ESG regulatory landscape

Over 60 jurisdictions are phasing in new sustainability reporting requirements in the next one to three years. To name just two, the Singapore Stock Exchange (SGX) requires mandatory Climate Reporting  and external assurance of Scope 1 and Scope 2 Greenhouse gases (GHG),  and the EU’s Corporate Sustainability Reporting Directive (CSRD) by the EU is now in application.

Internal Audit, the third line of an organisation’s risk management framework, can play a critical and timely role in verifying the accuracy and validity of a company’s ESG reporting and claims, and more broadly, in providing objective assurance and insight on the effectiveness and efficiency of ESG risk management, internal controls, and governance processes.

The Role of Internal Audit

As Internal Audit considers how to incorporate ESG into its audit plan, it can start off small such as auditing GHG/ environmental data, to broader audits such as the Sustainability Reporting process or ESG governance, or focused areas such as the Materiality Assessment, Sustainable Procurement and Sustainable Finance. Below are some scope areas for Internal Audit’s consideration.

GHG Data Verification

The complexity of environmental data management suggests that Internal Audit can play an important role in checking that internal controls around environmental data are designed and operating effectively, such as the methodology for data collection is reasonable and the calculation of emissions data is accurate and regularly reviewed. The eventual reporting of emissions data should also be scrutinised, to ensure consistency between the data collected and reported.

In tackling the meticulous process of GHG data verification, Internal Audit can consider taking guidance from globally recognised standards for GHG measuring and reporting, such as the Greenhouse Gas Protocol’s Corporate Standard. Under the Corporate Standard, Internal Audit should be prepared to:

  • establish clear verification parameters (e.g., location, business units, emissions type),
  • define the materiality threshold for any discrepancies,
  • obtain detailed information on any other quality control procedures applied and
  • conduct site visits where necessary.
Pre-External Assurance Audit

In Singapore, external assurance will become mandatory through a phased approach, with listed companies and large, non-listed companies required to obtain external limited assurance on their Scope 1 and 2 GHG emissions data two years after they begin their climate reporting, or latest from financial year 2027 and financial year 2029 respectively.

To prepare for third-party assurance, we recommend that Internal Audit firstly conduct an internal review to check the house is in order. Relevant external assurance standards, such as the International Standard on Assurance Engagements on Greenhouse Gas Statements 3410 [1] or International Organization for Standardization Greenhouse Gases  (ISO 14064) may be useful references. Ahead of this review, all necessary GHG data, information about the organisation’s GHG-generating activities, procedures for identifying sources of GHG emissions, and how GHG data is collected and calculated should be available. Ideally, such a review should be planned to allow sufficient time to remediate identified deficiencies ahead of the external assurance review.  Paia has supported several companies through this journey, including providing training and support to Internal Audit teams as they broaden out to GHG data auditing.

Sustainability Reporting

 This would involve looking at the entire sustainability reporting process including how the materiality assessment is conducted including the comparison to peers; how stakeholder engagement is conducted including which internal and external stakeholders are represented and how they are engaged; reported ESG data, perhaps what is not reported compared to peers and why; targets set and tracking performance against them;  and sustainability initiatives – as well as how accurately and fairly they have been reported.

Accuracy and Verifiability of ESG claims

In 2023, an advertisement by Singapore consumer electronics company was banned by the Advertising Standards Authority of Singapore (ASAS) for greenwashing. The video advertisement claimed that consumers could ‘save Earth’ by purchasing the company’s energy-efficient product, and according to the ASAS, went against the country’s advertising code which requires advertisements to not mislead through inaccuracy, ambiguity, exaggeration or omission.

As organisations’ sustainability initiatives get more sophisticated, their reporting and communication, on the company website, marketing materials, advertisements etc. require robust governance and approval. Internal Audit can play its part in checking such controls operate effectively and have evidentiary support, thereby maintaining credibility and transparency.

ESG Strategy and Governance

This would involve looking at the process by which the ESG strategy is set; how this aligns to the overall strategy of the business; how this is operationalised, i.e., where ultimate accountability for sustainability initiatives sits; how this is governed and managed; what supporting processes and procedures are in place; and how the relevant parts of the business are trained to understand, assess and make the appropriate decisions related to sustainability matters, risks and opportunities.

At Paia, we strive to offer our clients clarity amidst the dynamic regulatory landscape. Whether you are determining how to incorporate ESG into your Internal Audit Plan, planning your next ESG Internal Audit or thinking about how to upskill your Internal Audit team in ESG, our team of specialists is here to support you. To find out more details, contact us at

[1] International Standard on Assurance Engagements on Greenhouse Gas Statements 3410