Emerging fraud risks to consider: ESG

Many audit committees are highly focused on the risk of financial statement fraud, but a case is growing for audit committees to expand their discussion of fraud risk to encompass a growing variety of environmental, social, and governance (ESG) issues. ESG-related topics increasingly appear on audit committee agendas and factor into financial reporting discussions, but they tend to arise less often in the context of discussions about fraud risk.

Investors continue to demonstrate interest in understanding risks related to ESG issues, which is helping fuel regulatory focus on reporting and disclosures. The SEC has already issued proposals to expand disclosures related to cybersecurity and climate issues, and further proposals are expected in areas such as human capital. These proposals are likely to significantly increase the scope of information that will be included in regulatory filings in the coming years.

In preparation for expected new reporting requirements, many companies are in the process of developing more robust ESGrelated disclosure controls and procedures as well as internal control over financial reporting (ICFR). Some companies are developing ESG-related metrics for financial reporting and for incorporation into incentive compensation.

Ahead of these possible rule changes, fraud risk in this area should be top of mind for audit committees and a focal point in fraud risk assessments overseen by the audit committee. Many companies are currently providing information to investors that is not governed by the same types of controls present in financial reporting processes.