Evaluating the Risk of Fraud in ESG Disclosures
by Melissa A. Dardani, CPA, CFE, MAcc –
March 1, 2023
As the financial markets shift toward a focus on ethical investing and responsible capitalism, corporate accountability becomes a significant concern of regulatory agencies, corporate shareholders and prospective investors. Environmental, social and governance (ESG) reporting can be viewed as a measure of corporate ethics in these categories — a measure that is often intangible and, therefore, difficult to quantify.
The Securities and Exchange Commission (SEC) has created a Climate and ESG Task Force within the Division of Enforcement and has introduced proposed enhancements to ESG disclosures made by investment companies and advisers. They also previously designated authority to the Financial Accounting Standards Board (FASB) to establish and maintain Generally Accepted Accounting Principles (GAAP) as the authoritative accounting standards for publicly traded companies. This article discusses the intersection of these two governing bodies as it relates to the risk of material misstatement of ESG factors in a company’s financial statements. Further, the Auditing Standards (AS) of the Public Company Accounting Oversight Board (PCAOB) can be applied to understand where the auditor’s responsibility theoretically begins and ends as it relates to risk in ESG disclosures.
Auditor's Responsibility for Supplemental Information
PCAOB AS 2110 describes the requirement for the auditor to understand the entity and its environment, including industry and regulatory factors, company objectives, strategies, key performance indicators and related business risk. An auditor must consider how a company incorporates ESG into its mission, vision and purpose for clues into its reliance on ESG factors to attract investors, employees and other stakeholders. In addition, key performance indicators (KPIs) and financial highlights reported by the company, proxy letters and published shareholder correspondence can help the audit team better understand the entity and environment.
In planning the audit and assessing the company’s risk, materiality thresholds must be established. A misstatement or omission is material if there is a substantial likelihood that it would influence the judgment of a reasonable user of the financial statements (AU-C §320.02). Materiality is generally considered in quantitative terms but can also be viewed qualitatively. For example, an occurrence of fraud is material without respect to transaction size. Risk and materiality assessment extends to supplemental information within or surrounding the financial statements.
The audit standards provide three tiers of requirements related to supplemental information. AS 2701 guides the auditor engaged to audit supplemental information and defines what constitutes relevant supplemental information. AS 2705 and 2710 define auditors’ responsibility for required (covered by FASB, GASB or FASAB) and optional supplementary information, respectively. They are summarized in the following table:
|Auditing Standard (PCAOB)
To obtain sufficient appropriate audit evidence to express an opinion on whether the supplemental information contained in the basic financial statements is fairly stated, in all material respects, in relation to the financial statements as a whole (AS 2701.02)
- Reconcile to the underlying accounting, records and financial statements (AS 2701.04c).
- Test the completeness and accuracy (AS 2701.04e).
- Determine criteria and methods, the appropriateness and consistency of the criteria and methods, and adherence to any relevant regulatory requirements (AS 2701.04a-b.)
- Assess the risk of material misstatement and other materiality considerations (AS 2701.03a-b).
- Assess any related relevant evidence obtained from the audit (AS 2701.03c).
- Obtain appropriate management representations (AS 2701.05).
To ensure information required by GAAP but reported outside the basic financial statements is reported in accordance with authoritative guidelines for measurement and presentation (AS 2705.06)
- Determine preparation methods, consistency of application, significant assumptions and adherence to any prescribed guidelines (AS 2705.07a).
- Verify consistency with management inquiries, audited financial statements and other knowledge obtained (AS 2705.07b).
- Apply additional procedures if necessary (AS 2705.07d).
To ensure voluntarily disclosed information that contains the audited financials is not materially inconsistent with the information or presentation of information in the financial statements (AS 2710.04)
- Read the information and determine its consistency with the financial statements.
Within the financial statements, ESG disclosures and measures could be found within debt or equity financing on the balance sheet, assets held by an investment company in accordance with an ESG strategy and revenues from grants or related expenditures for the purpose designated by the grantor and other government-issued credits and incentives for green practices. Non-financial-statement ESG disclosures or measures that may accompany the financial statements could include items discussing business strategy and risk, directors, executive officers, corporate governance, executive compensation and legal proceedings. Documents containing or referencing the audited financial statements that may contain relevant ESG disclosures could include the annual report or proxy statement to investors.
The SEC as a Gatekeeper
According to a May 2022 SEC report, 2.4 percent of all funds as of September 2021 had names containing ESG buzzwords such as sustainable, responsible, ESG, climate, carbon or green. Further, the Forum of Sustainable and Responsible Investment has also documented growth in ESG funds, from 55 in 1995 to 1,741 in 2020. ESG marketing practices in a competitive capital market can be aggressive and misleading. In response, in May 2022, the SEC proposed enhanced disclosures by investment companies and advisers about ESG investment practices. If passed, the Investment Advisers Act of 1940 and the Investment Company Act of 1940 would be amended to require registered investment companies and advisers to provide additional information related to their ESG investment practices.
Under the proposal, investment companies, which include mutual funds, closed-end funds and exchange-traded funds (ETF), among others, would be subject to increased ESG disclosure requirements. Broadly, funds would be designated as one of the following:
- An ESG-Focused Fund, meaning ESG factors are a significant or main consideration in selecting investments or in its engagement strategy with portfolio companies;
- An Impact Fund, which seeks to achieve a specific ESG impact; or
- An Integration Fund, which considers ESG factors for investment decisions among other factors.
There are defined strategies within the ESG-Focused Fund category, and the investment company must indicate which one(s) it is employing. They include tracking an ESG index, applying an inclusion or exclusion screen to investments based on industry and activities, employing ESG proxy voting policies, and engaging with portfolio companies regarding ESG. The required disclosures are to be included in the management discussion and analysis section of the annual report. This information would theoretically fall under the purview of AS 2701 as supplemental information required pursuant to the rules and regulations of a regulatory authority (AS 2701.A2(b)).
The SEC proposed rules also include the requirement to tag their ESG disclosures using Inline XBRL for ease of accessibility. Providing a data structure for these disclosures ensures investors, market participants and other stakeholders can extract, filter, reduce, aggregate and otherwise analyze the information being put forth by the funds, furthering the transparency to stakeholders and accountability of the reporting companies. The proposed Inline XBRL taxonomy requirement for ESG disclosures is evidence of its materiality in the eyes of the SEC.
The Intersection of FASB and the SEC
The SEC’s proposal is focused on added disclosure requirements for investment companies. Yet, as a result of the proposed requirements, there could be an unintended consequence to portfolio companies seeking this type of institutional investment. Information required by the investment company in making their ESG investment decisions will require reliance on the portfolio companies’ audited financial statements, as well as their verbal and written assurances. Material misstatement by the portfolio company impacts the stakeholders of their financial reports, including the investment companies.
As for auditors of investment companies, AS 2701.A2(b) defines supplemental information as that which accompanies the financial statements and that is required pursuant to the rules and regulations of a regulatory authority (such as the SEC). In order to fall under the broader guidance of AS 2701, the information must also be covered by the auditor’s report on that information in relation to the financial statements, which includes that the financials are, in all material respects, fairly stated. The auditor must consider areas of the basic financials in any ESG-related figures and disclosures. They must consider what evidence, if any, is necessary to obtain assurance that the basic financial statements are fairly stated in all material respects.
For investment companies, a disclosure of investments is required under ASC 946-210-50-1 and SEC Regulation S-X Rule 6-04. While it is not the responsibility of the external auditor to perform “pass-through audit procedures” of the companies listed on the schedule of investments, the schedule is part of the basic financial statements and thus cannot be ignored. The auditor should consider if obvious discrepancies exist between the proposed changes to the investment companies’ annual report and the schedule of investments.
When evaluating audit risk, the auditor should understand if the investment company has an ESG risk management process in place to aid in vetting out the portfolio companies prior to engaging in an investment partnership. The audit risk model accounts for inherent risk and control risk in assessing the risk of material misstatement (AS 1101). Thus, the more effective and robust system of internal control surrounding a company’s ESG efforts means that less audit evidence is required.
This article appeared in the Spring 2023 issue of New Jersey CPA magazine. Read the full issue.