JONES DAY TALKS®: ESG Reporting Rules: The SEC, CSRD, and California- Who's on the Hook?

Jurisdictions are requiring large corporations and other entities to report on the environmental risks they face and how their business operations impact the climate. In the second in a series of JONES DAY TALKS® podcasts regarding significant climate disclosure rules, our panel discusses the SEC’s rules announced in early March, the European Union’s Corporate Sustainability Reporting Directive (CSRD), and the State of California’s Climate Corporate Data Accountability Act and Climate-Related Financial Risk Act.

Podcast: Play in new window | Download

SUBSCRIBE TO JONES DAY TALKS

Subscribe on Apple Podcasts

Subscribe on Android

Subscribe on Google Play

Subscribe on Stitcher

LISTEN TO PREVIOUS PODCASTS

Read the full transcript below: 

Dave Dalton:

Jurisdictions around the world are moving toward mandating that large corporations and other entities compile regular reports on the social and environmental risks they face on how their business operations impact people and the environment. In the second in a series of JONES DAY TALKS® podcasts discussing significant climate disclosure rules, our panel compares the SEC's rules announced in early March, the European Union's Corporate Sustainability Reporting Directive or CSRD, and the state of California's Climate Corporate Data Accountability Act and Climate Related Financial Risk Act. Stay here. There's a lot to cover. I'm Dave Dalton. You're listening to JONES DAY TALKS®.
Based in Dallas, Jones Day partner, Ferrell Keel, has significant experience counseling clients on corporate governance and securities law compliance. She advises on SEC disclosure and compliance, stock exchange regulations and general corporate law matters. Chuck Whalen, a partner based in Chicago, advances the interest of clients in the energy industry by counseling and defending them in climate sustainability and environmental matters. He writes and lectures on environmental topics, and is active in several bar associations, including the environment energy and resources section of the ABA.
From our Paris office, Seth Engel works with European and U.S public and private companies to advise on strategic transactions. He also counsels clients on ongoing disclosure obligations in corporate governance matters, including on environmental, social and governance, or ESG. And Aidan Law is based in London, advises clients on matters relating to financial services regulation in the UK and Europe. He brings a combination of technical, private practice experience and real-world knowledge of how financial institutions operate, to clients gain from a number of years of senior in-house experience. Ferrell, Chuck, Seth and Aidan, thanks for being here today.

Chuck Whalen:

Thank you, Dave.

Ferrell Keel:

Thanks for having us.

Dave Dalton:

All right, let's go to Ferrell first. Ferrell, the SEC rules were outlined in a previous JONES DAY TALKS® podcast we released late last month, and we've got a link to that at the bottom of this page so that people can go back and listen. But a lot has happened since the SEC rules were released, if you will, not to mention the voluntary stay. Let's talk about the SEC rules at a high level, what they cover, who they apply to, and talk about the stay and what that means for people listening here. So Ferrell, to you first.

Ferrell Keel:

Sure. Thanks, Dave. So starting first with how you're on the hook, or who's on the hook. If you're an SEC registered company and you're filing periodic reports, so that's your 10-K, 10-Q, et cetera, and the equivalent for foreign private issuers, or if you're issuing securities on a registration statement under the Securities Act. So think a Form S-1 for equity issuances, S-4 for business combinations, et cetera. Then you're going to be on the hook, and you're going to have to think carefully about how these rules are going to be applying to you. And I like to think of the requirements as falling into three very, very high level buckets. But first we've got the scope 1 and scope 2 emissions. Obviously, people were very excited that scope 3 was struck from the final rule. And these will be required if these emissions are material to your business.
And then at some point down the line, you'll also be required to get that attestation from a third party. So that's bucket number one. Bucket number two is all of the Reg S-K disclosure. So this is that more traditional risk factor MD&A type disclosure. And for anybody out there who's already making TCFD disclosures, these are going to look and feel very familiar, although a bit lighter. And so in broad strokes, they cover a number of things, but to touch on a few of them, you have to identify material climate related risks and their specific guidance on how to describe those. Are they acute? Are they happening occasionally or regularly? Are they related to the transition for climate related issues? Then we've got risk management and oversight of those risks. How are you organized internally and making sure that your governance is appropriately thinking about all of these risks that you've identified.
You also have to talk about your strategy for handling those risks. You have to talk about your targets and goals to the extent they're climate related and to the extent that they're material. And you have to talk about quantitative and qualitative information and your MD&A about all the material expenditures that you are spending, and then also the impact on your financials. And I've mentioned the word material a lot in each of those. So that is the key thing for companies to be focused on. And as you mentioned, we have, our first podcast tackled this, so that's going to be the important thing for companies to be thinking about is what is material to their business. And then once you decide that, you'll be able to more easily understand how each of these rules are going to apply to your disclosures. And then lastly, we have the third bucket.
It's the Reg S-X, and that's all the things related to the financial statements. So you're going to have to disclose things like the impact of a severe weather event, and this is going to be subject to a bright line test of 'materiality,' but it's, for example, for related expenditures and losses.
 
That's just going to be 1% of your absolute value of pre-tax income. So that's a pretty low threshold and not really consistent what we would normally consider material. Those are the three buckets. And then as for the stay, what people are most anxious to hear about this since as planned, these rules are just around the corner and are going to require a lot of work from companies to get everything implemented that they're going to need to comply with them.
And so, about a month after the rules were adopted, so on April 4th, the SEC issued an administrative stay of those rules, and there were many challenges. It all ended up settling in the Eighth court. But what this practically means is that the compliance state for the rules is going to be told as the merits are debated in court. And the SEC has stated that at the conclusion of the stay, presumably after the litigation is complete, it's going to announce a new effective date. So we're going to have to see how the litigation unfolds, for example, whether there's a request for expedited briefing to really be able to predict the ultimate compliance state.

Dave Dalton:

I would guess, given the way these things tend to work, companies, clients should continue to prepare and not think anything's going to change dramatically with the stay. I mean, what are you advising people to do at this point, given the stay that came down last week?

Ferrell Keel:

Yeah, I mean companies definitely should be top of mind for them especially, and we'll get into this, but it's not just the SEC climate rules that are in place. We've got California, we've got other states creating new roles. We've obviously got all of the rules in Europe that this necessarily is going to have to be something that companies are thinking about and planning for.

Dave Dalton:

You know, swerve beautifully into our next question Ferrell, because I was about to ask your colleague, Aidan, about the CSRD, which came out of the EU, how that's affecting what the expectations are. That was entered into, I believe in early 2023. So Aidan, talk about exactly what the CSRD requires.

Aidan Law:

Okay, so CSRD requires, in some senses, broadly similar information, but it goes far beyond just what the SEC is after, which is unfortunate for global firms listening to this podcast, hoping that simply by complying with the SEC rule, they can get away with also having complied with the EU corporate sustainability reporting directive. So CSRD applies to a much broader range of companies, and it's not just listed companies. So if you are a "large company,' and those are companies with more than 250 employees, €50 million equivalent in turnover or €25 million in total assets, you need to meet two of those three tests. You will have to start reporting from your financial year starting in 2025, with your report due 2026. So when you think about those numbers, 250 employees, €50 million turnover, €25 million total assets, those aren't big numbers. And yet, we found a lot of companies struggling to actually run the analysis on which of their European subsidiaries are in scope or which European subgroups are in scope.
The biggest problem is the lack of harmony between some of these international standards. Whilst the Europeans continue to try to align CSRD with, for example, TCFD and probably other international regimes under IFRS and ISSB, the reality is that the European regime is far more extensive.

Dave Dalton:

So if I'm a US company with substantial, maybe not that substantial operations somewhere in the EU, you mentioned those aren't big numbers in terms of the turnover and number of employees and so forth. So a company with serious operations in the EU has to be on top of this, correct?

Aidan Law:

Yeah, absolutely. And I should have said at the beginning, the way to think of this is you've got your financial statements, your classic numbers that you file with your local company registry. You have your non-financial report, which is your management report. What CSRD does is significantly extend for in-scope companies what they need to put into that non-financial bit of your company report. And jumping ahead a bit here, I'm sure this is going to come up at some point, but the expectation is that these CSRD reports are all going to be publicly available. So that again creates a potential risk for those companies who are reporting under, for example, the SEC rule, and also having to report under CSRD, when actually, the language and disclosure requirements don't marry up. And so anytime there's a mismatch, you run potential risk.

Dave Dalton:

We'll talk about coordination and so forth later and overlap and who's accountable and responsible and so forth. Let's go to Seth real quick. Seth Engel, what would you add to what Aidan said about CSRD maybe in comparison to the SEC rules?

Seth Engel:

Sure. I think this is the topic of the moment, and Ferrell and Aidan helped lay out the SEC rules, and we're talking about the CSRD having these four buckets. One of those buckets will definitely be the climate and environmental type information that we're seeing being required in the SEC rules. So in that regard, there actually are some similarities, and we're thinking that there's some interoperability in terms of what people will be reporting under the SEC rules and porting that over and pulling it into their CSRD report. But there are at least three big buckets that really are different. Aidan referred to one of them, which is the S and the G. CSRD is not just the climate rules. The SEC says it in the name of the rules. The CSRD has extensive social and labor rules that are required, as well as governance matters.
So there's a whole area of law and of operational matters in business that folks aren't thinking about at all on the SEC rules that are going to have to get pulled into their CSRD reports. So that's just in terms of the extent of what's has to get reported. The second is what Aidan started referring to. It is about the scope of application and some of the logistics of this stuff. The SEC rules are simple. If you're registered with SEC, your reporting company, you have to comply with the rules. And Ferrell listed out some of those forms. CSRD is not quite as simple. We have these thresholds that Aidan referred to. We have an org chart. All of our multinational companies are going to have pretty complex org charts with a lot of companies dealing in the, EU, either formed or incorporated in the EU.
We're going to have to figure out what their subsidiaries have to report under. Who's caught by this? Are joint ventures caught? There's a whole world of practical matters. The last piece I'll mention is materiality. Ferrell mentioned the word materiality, what, six times? I didn't count all of them maybe, but the SEC is quite clear about what is material. There's, of course, a whole jurisprudence about it going back decades in the US. The CSRD requires what we call double materiality. What's financially material, so that's kind of the traditional notion of material. And then also impact material. So what is the company impacting on sustainability matters? That is a whole other dimension of materiality that is not accounted for in the SEC rules.
 
Dave Dalton:

This is a lot to untangle. And Seth, not to get too far into the weeds, and it's easy to Monday morning quarterback when it comes to policymaking. But you mentioned there's the E, the S, and the G. Was this too much for a lot of policymakers? I mean, ESG, I've heard some people even in the mainstream press... To put all this under one tent, one umbrella, was this a lot for companies to handle, let alone, enforcement at some point? This makes it tougher on a client, doesn't it?
Seth Engel:

Definitely. You can see in the US there's been an ongoing backlash to ESG matters for years now, and the EU we're experiencing it as well. If you look at France and then in Brussels, the farmers have been blocking highways. There's a lot of backlash to this, and part of it is due to the heavy regulatory regime. We're not going to get into it here, but the CSDDD, the due diligence directive that's come out was delayed a couple of times because some of the biggest EU companies are balking at some of the rules. So yeah, so there's an issue here, but as US companies are waking up to the EU rules that are going to start applying to them, they're starting to realize that there's a significant lift.
Aidan Law:

And Dave, I was just going to jump in there.

Dave Dalton:

Please, Aidan.

Aidan Law:

The context is important to note here. So what is the point of CSRD? What is it trying to achieve? It's trying to achieve two things, broadly speaking. It's trying to stop greenwashing, so stop people lying about their green credentials. It's also supposed to give investors comparable data about different companies, with the idea being that ultimately capital will flow to those companies who are greener or have stronger ESG frameworks. And the EU's approach to solving both of these issues is to be incredibly prescriptive and granular about the disclosures it requires. And by the way, this is a similar approach that's taken in financial services, legislation and elsewhere. So the EU's approach is, let's go granular, let's be incredibly methodical, and be very stringent about how companies need to disclose, so that you can ideally then take 10 different companies' disclosures, compare them side by side, and have meaningful comparative data.
 
Dave Dalton:

Sure, sure. You talk granular, and that makes people, not nervous necessarily, or maybe it does, but certainly there's a lot to take in on the front end for companies trying to be compliant and do the right thing. Speaking of doing the right thing, Chuck Whalen, let's talk about California. A very aggressive approach to all this. Sure seems like it. Two separate California Senate bills.
Who's impacted, when do the provisions take effect? And talk about what's meant by scope 1, 2, and 3 emissions. It sounds like all three are moving forward in the California legislation.

Chuck Whalen:

Absolutely they are. You have Senate Bill 253, is the bill that requires reporting of the scope 1, 2, and 3 emissions for entities that have over $1 billion of total annual revenue. The reporting starts for scope 1 and 2 with 2025 emissions. The report will be due in 2026, and it will be made public.
Reporting for scope 3 emissions begins in 2027. SB Senate Bill 261 is the second one that you mentioned. It is more along the lines of the climate risk disclosures that everyone else has talked about already. And the SEC and the EU, it requires a report on or before January 1st of 2026, and every two years thereafter for any entity that has total annual revenue above $500 million. And there's even a third bill in California that's already effective, that already requires reporting related to voluntary carbon offsets and claims of net-zero or carbon neutrality. It's more of a anti-greenwashing type of legislation than anything else.
I was interested to hear Aidan talk about the desire to streamline the reporting in a way that would allow comparability. We've already talked about three different regimes that require reporting of similar, yet different types of things, so I'm not sure that objective is going to be satisfied.

Dave Dalton:

Couple things, greenwashing has come up twice already in this conversation. And we did a podcast [year half], maybe two years ago with one of your partners in Paris and so forth, so I know that was an issue. But back to the timeline, and we're going to talk about timing more in a second, Chuck, these reporting days you're talking about, that's not a lot of runway for these companies. Are big corporates prepared for this? I know they're not blindsided exactly, but this is coming up fast. What are you hearing from clients? Are they going to be ready?

Chuck Whalen:
 
A lot of them are going to be ready because they're already using, at least for scope 1 and 2 emissions, various protocols to report them in their sustainability reports, and they'll be ready to do that. The text disclosure about financial risks associated with climate change is something they're going to be less ready to do.
It's interesting, a lot of the big corporates already are putting out reports that describe a lot of this and have a lot of the data on carbon emissions or greenhouse gas emissions. What the biggest difference is is the liability risk that it creates, because now all of a sudden, you have to have everything attested or certified to the level that your financial reporting meets. And that's a high hurdle for a lot of this stuff, especially when you think about scope three emissions, which are the indirect emissions throughout your value chain, where yes, there are some protocols for how you count those, but I don't think there's any real agreement on what that should look like or what the value is of reporting the scope 3 emissions.

Dave Dalton:

Well, you mentioned the risk of liability, and forgive my naivety here, but liable to a would-be investor, a customer, a consumer? Where's the risk? Who might call you on it if something were reported inaccurately? How does that play out?

Chuck Whalen:

Well, in California, the two Senate bills limit the enforcement mechanism primarily to the government enforcers like the attorneys general or the district attorneys. However, all of the information has to be made public and publicized as broadly as possible, and that leads to potential claims by investors, by customers. In some cases, we've seen airlines be sued by their customers for statements on their cocktail napkins about their environmental net-zero attributes. So it's everything.

Dave Dalton:

Okay. Let's talk about timing. Let's go back to Ferrell first. Let's talk about possible implementation times. And again, all this is evolving and changing and so forth, especially in light of the stay with the SEC rules.
But Ferrell, if you had to bet in terms of full implementation for the SEC regs, where might that come down? When do people need to really make sure, hey, we're ready?

Ferrell Keel:

So I guess to set the stage, if the rules hadn't been challenged, the first disclosures would've been made by large accelerator filers in their 10-K that was filed in 2026, and that would've covered information for fiscal year 2025. So obviously, if we're in 2024, that's next year. There are various phases for certain aspects of the rule, so that's where we would be if it weren't challenged.
But now with the stay, it's possible that these court proceedings are going to extend into 2025. And on the one hand, hopefully we'll get to see the merits of the litigation and see that all play out sooner since the procedural and stay related questions have been mooted. But on the other hand, there's an incentive for the petitioners and maybe even the SEC to slow down the process. The petitioners have this stay in hand. The rule is on ice, and it will remain that way for however long it takes the Eighth Circuit to decide the ultimate merits of the case. I think it's also worth noting that we all know that there's an upcoming election, and so it's another reason that both maybe the petitioners and the SEC, given finite resources, may be willing to pump the brakes a bit on the timing, because it's a little bit of a question, how much effort are they willing to put in when there's this real possibility of 180 degree change of an administration?

Dave Dalton:

Sure, sure. Yeah, you can't ignore the larger political factors. That's for certain. Let's go back to Seth. CSRD. Do companies have some runway to prepare to comply, or where are we in terms of a timeline with CSRD?

Seth Engel:

Fortunately or unfortunately, in EU, there's a little bit less of a litigious nature to the legal system. Some of these rules are already set in stone, as is the timing. So as you mentioned at the top, CSRD has already been adopted by the European Union, and so the timeline is set in stone in the directive. So starting in 2025 for 2024, is the very first year in which companies that have a security list on a regulated market in the EU and more than 500 employees must begin reporting under the CSRD. So that's a relatively small group of companies.
But starting in 2026 for financial year 2025, is when the next round starts, and that's everyone who's large. And the word large, those are companies that meet the thresholds that Aidan defined at the very top. And it'll keep going through to 2029. There's an ongoing phase. We say that at the European level. And then keeping in mind that the directive is not law by itself. It needs to be transposed by the EU member states. And so those EU member states are doing that now, and they need to be doing that by June 2024. Conscious that this podcast might be listened to in the future, but being transposed as we speak by the individual countries.

Dave Dalton:
 
We should do a whole different program just on that, now that I'm thinking about it Seth, because there are a lot of moving parts there in terms of all the EU nations and how they implement and comply and so forth. But let's go back to Chuck about California. Which of those rules are already in force, or when do companies have to start reporting? Again, we're treading a little bit here, but just so people understand here.

Chuck Whalen:

Well, for California, it's a little bit more complicated question, in that statutes are already in force and effective. The reporting dates, however, are a little bit up in the air for two reasons. One is that for SB 253, the one that requires reporting scope 1, 2, and 3 emissions, there's a rulemaking required this year by the California Air Resources Board to define the specifics of the emissions reporting, the methods, and some other items related to how you account for transactions and the like.
Those rules haven't been proposed yet, and it's not clear that the board will get them done by the end of the year. And then it's certainly not clear what's going to happen if in the beginning of 25 there aren't rules that tell you what you have to be reporting for calendar year 25. Governor Newsom in California also has suggested that more time is required, and did not give the board a budget this year to make the rules that the statute requires. On the voluntary carbon market bill, the AB 1305 bill, that of course is in effect. But the sponsor of the bill keeps proposing legislation or making statements to try to put off the first reporting date until the beginning of '25 instead of the beginning of '24, as would've occurred with the legislation as written and enacted.

Dave Dalton:

All right, good summation so far. We're coming to a very exciting part of the program called Who's on the Hook, meaning who do the various regs apply to? Let's stay with Chuck for a second. Okay. A management team's going to wonder how various rules impact them. Chuck, what sort of company falls under the California rules?

Chuck Whalen:

It is not necessarily a company. It's any entity that does business in California and has total revenues over the thresholds that are established in the two Senate bills. One is 500 million for the financial risk disclosure, and 1 billion for the climate number reporting, if you will. The scope one, two, and three emission reporting. And the definition of doing business in California does not exist in the statute, so we're making that up.

Dave Dalton:
 
Really?

Chuck Whalen:

Yes.

Dave Dalton:

So what do you tell a client?

Chuck Whalen:

You look at things that are similar. There's a tax provision that defines what you have to have in terms of employees, revenues, property in California to have to file taxes in California. The Senate bills reference that in their legislative history, and that's what we've been using as a guidepost.
But there's other guideposts. There's whether you would be in a position where you could be sued in a California state court, if you have those kinds of contacts with the state. There's whether you have done enough business that you have to qualify to do business in the state. So there's at least three or four different guideposts that you could use to determine if you're doing business in California.
Dave Dalton:

Okay. Aidan Law, same question with regard to CSRD. Who's covered by this?

Aidan Law:

So again, it's not as clear in Europe as it is with the U.S. rule. So there's two answers to the question. The first is that if you are a European entity or you are a European subsidiary within a group and you were required to report, then it's that entity which is on the hook. And as Seth mentioned earlier, while another key difference in the EU is that this CSRD is having to be implemented in every member state. And so local companies acts are being amended to reflect and implement the broad requirements of CSRD. And so generally speaking, it looks like if a company improperly disclosed something under CSRD or just simply didn't do it at all, it would normally be a breach of the company's ACT reporting requirements in any given member state. And again, like very broad brush, it looks like directors are generally severally and jointly liable for failures in their statutory reporting.

And then the question is, well, who can sue those directors? And again, it's a matter of national law, but it seems that shareholders and potentially other groups may be investors, other investors or creditors could also potentially bring claims against those companies for disclosure failings. One thing we haven't discussed so far, which is another huge difference in the scope of the work that companies are having to do in getting ready for complying with CSRD, is that CSRD disclosures extend to the value chain of the reporting company. So if I'm an airline and I buy tons of steel to make my airplanes, then I will have to get information on the, for example, carbon emissions or other material points of those entities in my supply chain and put those disclosures into my own report.
Now clearly, if I'm going to be relying on data from a third party, then there's all sorts of questions about liability as well there. If you tell me an incorrect data point, I rely on that, I put it in my report, am I liable? Well, maybe. But if you are out of scope, say you're an Asian company that isn't bound by CSRD and you've given me bad data, how do I... Clearly there's no regulatory comeback for that Asian entity, so you are then into potential civil claims or other forms of redress. So the chain of liability attached to chain of activities and value chain is mind-boggling.

Dave Dalton:

Well, yeah, I guess you answered this already, but if I'm working, you said a steel company, I'm an airline, I'm building airplanes, I'm buying steel from a Canadian company. I still have to report their carbon footprint information as far as CSRD is concerned.
Aidan Law:

So you have to do your materiality analysis on which are the material elements of your supply chain, and then certain of the specific disclosures of which there are over 1100 specific data points in CSRD. I said it was granular, but to put a number on that, I think it's something like 1,142, off the top of my head, data points that are going to have to be assessed, some of which require specific reference to entities within the value chain. So it's not everything has to be aggregated, but there's a lot of homework to be done on value chain.
Dave Dalton:

Certainly. Let's go to Seth Engel. And we're still talking about CSRD. When I was doing some reading and some research preparing for this, I saw something, there's a provision relative to a third country undertaking in the CSRD. Is that what Aidan was just talking about or is that something, different, Seth?

Seth Engel:

There are a bunch of ways that non-EU companies that are incorporated or formed in the country outside the EU will get caught by the CSRD. One of them is what Aidan referred to, which is you're in the value chain of a company that is caught by the EU, and you're going to be requesting information with respect to some of the CSRD matters. And in a way, you're going to be on the hook for that information.
The second way is as a subsidiary of an EU company that is caught by the CSRD. So if you're within what we call the EU subgroup, there's this concept of a synthetic consolidation for sustainability purposes. You'll be caught by the CSRD, and your parent company that is an EU company will be requiring you to provide the information that they need to prepare their report. The third way, and I think that is probably the most famous, and what you've probably heard of in some of the press, is the global report for the non-EU parent company, the ultimate parent company. In 2029 for FY 2028 information, the global group will be required to have a CSRD report. In other words, the ultimate parent company of the EU company will be required to publish a CSRD report.
Now, people should be scared by that, but just so to measure some expectations, it's expected that those standards will be a slightly less onerous than the standards we're seeing today. The 1,100 or so data points that Aidan mentioned, it is what it is.

Dave Dalton:

Sure. Still heavy lifting.

Chuck Whalen:

Yeah. This is Chuck, and I just have a question for Seth and Aidan about whether they already see companies in their purchasing requiring different contract terms for their suppliers so that they have at least some contract to get information from suppliers?

Aidan Law:

Well, so I think the answer is yeah, we definitely see that. It's an extension of what you see in some procurement policies from large multinationals already. And so, this could be an extension of being required to provide, for example, diversity and inclusion data or to provide certain other metrics.
Clearly though, there's a sea change in asking for some DNI data up to 1,100 data points about the minutiae of your unionization in Asia or something. So it's a completely different scale. So we are not seeing companies at a level of preparedness who are requesting and putting in contracts or procurement terms, specific provisions to address CSRD itself. But I don't see any other way how this is going to work. You're going to have to have contractual provisions, daisy chains together to ensure that there is a contractual right to get the data that the company will need to comply with applicable law, and that's all it boils down to, but that underestimates or belies the amount of effort that firms are going to have to go to comply with that contractual provision.

Seth Engel:

Totally agree. I was just going to add, one of the items that we're recommending is folks put together CSRD questionnaires for the value chain. And this goes to Aidan's point earlier about value chain reporting. There's going to be a substantial amount of information that folks are going to need to obtain from their suppliers, and then ultimately from their customers as well. So to the extent that they can do that, folks are going to start sending out these questionnaires to the extent they haven't. And there's some flexibility built into the CSRD if that information is not available after reasonable effort, but people are going to have to show that they're trying.

Dave Dalton:

Seth, who does that on the ground from a logistical practical? Is it in-house counsel for a company? Is it purchasing and procurement? Who quarterbacks that information gathering, I wonder?

Seth Engel:

That's a great question. And sure, Aidan and I have talked about this. [inaudible 00:35:32] Aidan's, someone who's been in-house before. Our clients are now hiring to fill these roles. So the sustainability role is a very hot topic, and everyone is hiring on that.
In some ways, they are the quarterback. And whether they're seated in legal or compliance or elsewhere, there is going to be an involvement of a whole bunch of different teams, like you mentioned, which would include procurement.

Dave Dalton:

Okay. It's going to be fascinating to watch. Hey, before we close out this section, let's go back to Ferrell. Ferrell again. We're talking about who's on the hook, who's covered, who must comply. In terms of the SEC, and we've talked about this at least twice. It's listed companies, correct? But does it get more involved with that? Are there other things people should know in terms of who comes under the SEC umbrella?

Ferrell Keel:

Yes. If you're filing a 10-K or 10-Q under the Exchange Act, or if you're issuing securities on a registration statement under the Securities Act, you're going to be required to comply with these things. But a few things to note. So the pace of how these rules are being implemented and the effectiveness dates are going to depend on your registrant type. So whether you're a large accelerated filer or an accelerated filer or non-accelerated/SRC, EGC, et cetera. So the dates and timelines are a little bit different for each type of entity, so that's an important thing to think about.
Going back to this question of materiality, once you determine that, then you'll really be able to pinpoint the various provisions in the rule that are going to be applicable, or maybe they won't be. So that's going to be really important for the companies to think about.

Dave Dalton:

Sure, sure. Let's talk about, a little more, let's talk about scope and requirements. We'll go to Seth first. And none of the three areas we're talking about, whether it's EU, California or the SEC requirements in the states, none of this sounds easy, but Seth, if you had to put it out there, if you had to guess or say, how would you rank these in terms of lease to most burdensome in terms of what it's going to take an entity to comply?

Seth Engel:

Well, I may have geographical biases by being based in Paris, France. It seems pretty clear that the CSRD is going to be a real lift for companies. And the number of data points, the fact that the value chain needs to be covered and the fact that there's a double materiality analysis which need to be implemented, and then add on top of that the scoping issue that Aidan and I have been talking about, there's going to be some strategic decisions here as to who is covered by the CSRD and how the publication is being made. So there's a whole lot of strategy that's going to go into the CSRD report.

Dave Dalton:

Let's go over to Chuck and talk about, and hearing this discussion, Chuck, any large distinctions or differences between the rules that we've discussed? Anything come to mind?

Chuck Whalen:

Yeah, I would point to two or three things. There's a patchwork of different applicability standards. California and CSRD are similar in terms of focusing on the size of the companies involved. The SEC is substantially different by focusing on companies that already are registered. And then the fact that you have the social and governance types of disclosure that are part of CSRD in Europe have not really been addressed yet by either California or the SEC rules.
 
Dave Dalton:

Aidan, picking up on what Chuck just said, are there other similarities between the rules that are notable, things you've noticed?

Aidan Law:

Yeah, the greenhouse gas standards are broadly similar. I'd love to answer the question you asked. The differences almost reveal more.

Dave Dalton:

Sure.

Aidan Law:

One of the big challenges is going to be that, for example, the materiality assessment that we all know and love under the SEC regime, that's not the same. Even when you're thinking about financial materiality, that's not necessarily the same materiality standard that you'll need to use when doing your CSRD financial materiality analysis. There's a whole separate set of guidance about how you do a materiality analysis. And so you have to think in European language when you are doing any element of CSRD. We had one client we were speaking to recently who'd done an initial materiality assessment, but then have been told by the third party verifier that they need to then go back and think about, well, actually, did I do this in compliance with the way the EU thinks about materiality, or have I just done the US piece again?

Although I suppose that is one common point actually, that both regimes will require some level of assurance from effectively an auditor. And so this is going to be a limited assurance standard in the first wave, and it's entirely possible. I think this is quite likely under CSRD given how challenging it's going to be, but I think it's plausible that we'll see qualified opinions issued by these third party auditors where firms have been either unable to verify certain data or there are gaps because it's so onerous that it's just not been possible to obtain data, or they should have started collecting it now, but weren't able to do so for whatever reason. To your earlier point about there being sufficient runway, there's definitely not for all companies sufficient runway to start putting in place processes to capture data so that you have quality data for your first reporting period.

Dave Dalton:

Sure. And this is probably a dangerous if not inappropriate question, but do the enforcement agencies get it? I mean, they say, look, this is new. People are trying to untangle and figure this out. They're making the effort, they're on the path. Do you see people getting hammered right out of the blocks or will there be some, not a grace period, exactly Aidan, but will the regulators understand, look, they're trying to comply, they're putting things in place? How does this play out if someone crossed the line they shouldn't have?

Aidan Law:

Personally, I don't see regulators as being the primary threat here for companies. So I think it's going to be more what in the U.S. You would think of as the plaintiff bar who, for example, have been following oil companies, say, for example, who are always in the spotlight for environmental disclosures. NGOs might look at filings and say, well, hang on, this is incorrect, or you haven't done this, and it's going to be those sorts of people trying to bring claims. I don't think regulators have the bandwidth or the resource to go through hundreds of pages of individual company filings to mark their homework. We might see that as time goes on, but that wouldn't be the thing I'd be most worried about initially.

Dave Dalton:

Makes sense.

Chuck Whalen:

Aidan, and I would add to that, there's going to be in the US a lot of looking back at sustainability reports that have been published over the past few years and comparing those with the filings that are made under the SEC rules, the CSRD, the California rules, and plaintiffs bar asking, "Well, why did the statements change? When were they right? When were they wrong?"

Aidan Law:

Yeah, absolutely.

Dave Dalton:

Let's go back to Ferrell and finish out this section. If you're a company preparing for all this, how should they view this from a practical and maybe even a cost perspective in terms of scope?
Does the biggest scope always win in terms of preparing for perhaps multiple regulatory oversight?

Ferrell Keel:

I mean, it's obviously going to be very case by case, depending on the size of each company. But from at least the SEC perspective, companies are going to be hesitant to throw the proverbial kitchen sink of CSRD and other disclosures into their SEC filings, simply because that's opening them up to additional shareholder litigation risk.
So if you're putting that information in your registration statement or your 10-Ks and 10-Qs, et cetera, you could get a claim from a shareholder that they're buying and selling securities based on that information and that they made that decision, and so therefore, they have more of an ability to challenge the correctness of that information. So to the extent companies are making disclosures in these various jurisdictions with various scopes, that relates to Chuck and Seth and Aidan's points, they're just going to be very careful to ensure that there's consistency among all of the disclosures, even if those scopes are different.

Dave Dalton:

Sure. Sure. Well, let's pick up on scope a little bit and go over to Chuck. How would you advise clients who might be covered by multiple recording requirements at this point? And we're early on in all this, but what do you tell a client?

Chuck Whalen:

Well, they have two realistic options. One of them is to prepare the biggest scope report that you mentioned, Dave, and then take that and do what they do with their sustainability reports now and have an appendix at the end that identifies which parts of that report are relevant to specific parts of CSRD or SEC or the California rules.
The other way to do it, which is where Ferrell's comment is leading, is to prepare the smallest scope report and file that everywhere with an addendum that covers the additional items for the particular regime that you're filing under.

Dave Dalton:

Seth, I had a note here to ask you about litigation profiles in the various jurisdictions. Can you give us an overview of what's happening in the EU?

Seth Engel:

Sure. We talked about greenwashing. Some of what we're seeing is already based on the current ESG reports, sustainability reports that folks are publishing down a voluntary basis. There's already litigation, whether it's in the EU or it's in the U.S frankly, based on information published outside the U.S. For this sustainability information. There has been shareholder litigation, there's been shareholder activists, but there's also been NGO litigations in a lot of these European countries.

In continental Europe, they're standing for some NGOs to bring a third party claim against issuers of sustainability information just for the fact that their stated purpose of the NGO is to protect the environment or to assist in sustainability matters. So we're already seeing litigation, for example, on specific matters, on the way scope 3 is being calculated by a company in Europe. So we expect to continue to see that. To Aidan's point earlier about the regulators, they currently, in some of these countries don't exist, a regulator, to cover this information. And there's no way that there's the bandwidth to cover all of them, particularly the privately held companies that are going to be publishing. It's a little bit different for the public companies. If you're publicly listed in France or elsewhere, you'll already have a whole bunch of obligations under your reporting, and we expect that system to remain the same.

Dave Dalton:

Sure. Let's go over to Ferrell again. Same question as it applies to the United States and the SEC. What's going on in terms of the litigation landscape? How would you characterize the climate?

Ferrell Keel:

Yeah, so similar to what Seth said, this idea of greenwashing isn't going away. It's at the heightened risk. Once this information goes into your SEC filings, you're going to be opening yourself up more to the shareholder litigation risks or claims that your information isn't accurate. But I think there's another aspect of risk that is opening up as well, which is all of this information that's going to be required by the SEC rules, a lot of it relates to governance and oversight, particularly from the board. The more information that's put out there, the more that shareholders have something to latch onto and make some sort of accusation of a breach of oversight duty. And so, there's also that risk. It's not just that the information may be wrong in your SEC filings. It may be a claim that directors aren't doing their jobs efficiently. And it's going to make everyone really be on their toes, to say the least.

Dave Dalton:

Sure, sure. Chuck, tell us about California. I got to imagine it's no less complicated there.

Chuck Whalen:

That's absolutely right. It's California. California has been a hotbed of greenwashing litigation, and it will continue to be that way. There's a view among some of our partners that the California Senate bills were written by plaintiffs' lawyers just looking to get more information in the public record that they could then use as grist for their litigation melts.
 
So that is the kind of litigation that we expect to see, and that was part of the reason that I asked the question to Aidan and Seth about what they're seeing in procurement and with respect to the value chains, because I anticipate that instead of the litigation just being against the company that's reporting, depending on what the nature of the claim is, that company's going to turn around and third party and all of the people in the supply chain that it relied on to make a particular statement.

Dave Dalton:

Sure. Is there merit? Or from a strategic standpoint, does it make sense to ring-fence certain operations in the EU or California to limit the reach of some of these requirements, limit the reach and scope? Is that a viable strategy? And anybody can take this one.

Chuck Whalen:

From the perspective of California, you have to be operating in California to be subject to all of the laws they've passed so far. If you ring-fence your California operations, in theory, the operations outside of California wouldn't be subject to the law. In practice, as I mentioned earlier, there's the Air Resources Board rules that have to be issued, and those may try to rope in the entire corporate family in determining annual revenue, and we just don't know yet. Talked to one client about thinking about doing that, and they decided it just wasn't worth the pain of trying to go through separating the California operations from everything else. So that's one data point.

Dave Dalton:

Sure, sure. What about the EU, Aidan or Seth? Anything you'd add?

Aidan Law:

This is a topic we're thinking about a lot. It's really hard because it's based on size tests and materiality. In the short term, there potentially are some structuring options to either, for example, de-list certain instruments from regulated markets in the EU. That's obviously a pretty extreme option, but in terms of ring-fencing from a corporate perspective, it's really hard. It's one thing if you imagine a conglomerate that might do mining in certain countries, it might have a retail business, it might make packaging, it might build aircraft. It might be possible in some situations to take certain business lines and try and ring-fence them if you could. But if you're a homogeneous business that just does the same thing everywhere, then it's really hard. And what we're finding is that most companies don't have good granular level data that CSRD assumes because they're used to just doing everything on a consolidated basis. And why would they do otherwise? So I don't know what Seth thinks, but it's really challenging to try and think about structural ways to limit liability, at least for the longer term position.

Seth Engel:

Totally agree. Sorry, just quickly. There's often a tax reason that folks have the structure that they have. Tax or other reason, but when you are incorporated in certain countries in the European Union, and that's the holding company for your group, that's a real big change in your corporate structure if you're going to try to rank that.

Dave Dalton:

Let's finish up by talking about Europe one more time, and here's why. It seems like Europe's a bit ahead of most of the rest of the world in terms of implementation of these sorts of regs and these standards and so forth. Aidan, Seth, what might U.S. Companies or any company, maybe not based in EU, what might they learn from the experiences of European entities that are maybe a couple of laps ahead of the rest of the world in complying? What would you tell them?

Aidan Law:

So my biggest recommendation would be to... And we didn't really talk about this in the context of EU, but governance, I think, is going to be really important. I used to run change projects in- house. At the end of the day, this is a data gathering exercise and a disclosure exercise. There's nothing fundamentally too terrifying about it, at least when you think of it in those terms.
If you can get the right internal team and structure together, maybe leaning on your existing financial reporting team or folks who are used to pulling disclosures together, if you can start putting in place a game plan now, working out where you think you might get this information from, even like how regularly is information available, is it quarterly, is it monthly, there's some obviously key suppliers or elements of the value chain we're going to have to think about. And if there are, let's try and get ahead of that and try and get some data or contractual provisions agreed with them to help us do it. Because the more planning and better structure you can get in place now, you won't in a year's time be thinking, "Okay, we know we've got a lot of work to do, but we've got no idea who's going to do it or how it's going to get done." It might be a mundane, non-legal point, but planning at this stage, I think, will reap huge dividends in future.

Dave Dalton:

Really, really subtle advice. Thanks, Aidan.

In fact, you know what? Let's leave it right there. Panel. This has been great. Ferrell, Chuck, Seth Aidan, terrific content today. And I would be remiss if I didn't mention this is the second in a series of podcasts that Jones Day is producing. So look for at least another four segments to come out over the next couple months regarding ESG type recording requirements.
But thank you so much panel for being here today. You were terrific. Please, let's stay in touch. There are probably more programs to come. Thanks so much for your time today.

Seth Engel:

Thank you, Dave.

Chuck Whalen:

Thanks, Dave.

Dave Dalton:

All right, thanks y'all.

To contact Ferrell, Chuck, Seth, or Aidan, please visit jonesday.com. And a quick reminder, this was the second in a series of podcasts we're planning regarding climate disclosure rules. So subscribe to JONES DAY TALKS® at Apple Podcasts, or wherever else you find your podcast programming, so you won't miss anything. JONES DAY TALKS® is produced by Tom Kondilas. As always, we thank you for listening. I'm Dave Dalton. We'll talk to you next time.
Thank you for listening to JONES DAY TALKS®. Comments heard on JONES DAY TALKS® should not be construed as legal advice regarding any specific facts or circumstances. The opinions expressed on JONES DAY TALKS® are those of lawyers appearing on the program and do not necessarily reflect those of the firm. For more information, please visit jonesday.com.