The Credibility Problem in ESG Reporting

Data Accuracy Figures that can be traced back to primary sources — not estimates or reconstructed numbers assembled at reporting time.

Clear Methodologies Documented calculation approaches that are applied consistently year-on-year and can be explained to an external assurance provider.

Supporting Documentation Records that can be produced during an assurance engagement — source logs, system exports, approval trails.

Governance and Accountability Defined ownership of ESG data at the business unit level, with clear sign-off before figures are consolidated and reported.

Gap 1: Strong Disclosures, Weak Evidence Many companies can produce ESG figures, but they often struggle to produce the documentation behind them. During assurance reviews, auditors frequently encounter missing source records, incomplete audit trails between raw data and reported figures, and heavy reliance on manually maintained spreadsheets. In some cases, the same metric appears differently across disclosures, with little evidence of reconciliation. This matters because assurance providers are required to verify the basis of reported information, not just the final numbers. A reported improvement in an ESG metric may appear credible on the surface, but without supporting records, the disclosure becomes difficult to substantiate. As BRSR assurance expectations increase, companies must focus not only on reporting data, but also on maintaining the records and controls needed to defend it.

Gap 2: ESG Data Fragmented Across Functions Sustainability data is generated across multiple functions, including HR, procurement, operations, and EHS teams. In many organizations, these functions operate in separate systems with limited coordination, making ESG data difficult to consolidate and validate. By the time figures are reported in the BRSR, they have often passed through multiple manual processes, increasing the risk of inconsistencies and errors. As a result, assurance reviews frequently uncover discrepancies that were not identified during reporting. This challenge is less about disclosure and more about data governance. Without clear ownership, standardized processes, and integrated data management, reporting quality will continue to be affected regardless of how robust the final report appears.

Gap 3: Supply Chain and Scope 3 Data Largely Unverifiable Supplier-related disclosures remain one of the most challenging areas in BRSR assurance. Many companies rely on data from suppliers that may lack structured reporting processes or standardized formats. As a result, Scope 3 emissions are often calculated using incomplete datasets, assumptions, or industry estimates. While these approaches are sometimes necessary, they can create challenges during assurance reviews if methodologies and assumptions are not clearly documented. As investors and regulators place greater emphasis on value-chain emissions, companies must strengthen supplier engagement and data collection processes to improve the reliability and credibility of their ESG disclosures.

Gap 4: Governance Has Not Kept Pace with Reporting In many organizations, the sustainability team is responsible for preparing the BRSR, but ownership of the underlying ESG data remains unclear. Auditors often find that there are no formal accountability structures or controls to validate information before it is reported. This creates a governance challenge: even when the reported figures are accurate, the organization may struggle to demonstrate how that accuracy was ensured. As assurance requirements increase, having clear ownership, review processes, and data controls is becoming just as important as the data itself.

A Compliance Mindset, Not a Management Tool Many organisations still approach BRSR as an annual filing obligation. Data is assembled once a year, often in the months before the deadline, by a small team working against the clock. When data is gathered episodically rather than tracked continuously, errors accumulate undetected, documentation is reconstructed rather than produced, and the reporting cycle becomes a consolidation exercise rather than a genuine management one. The consequence is that BRSR disclosures reflect what could be assembled, not necessarily what the organization knows about its own ESG performance.

Immature ESG Data Infrastructure ESG data collection in most top 1000 companies remains largely manual and decentralized. There are no systems that capture data at source, in real time, with a defined governance structure. The absence of this infrastructure means that every reporting cycle depends on a consolidation exercise involving multiple teams, multiple formats, and multiple points of potential error, none of which are systematically controlled. Manual processes are difficult to audit by design: they create no logs, no version history, and no clear chain of custody between raw data and reported figures.

Expectations Outpacing Internal Capabilities SEBI's assurance requirements under BRSR Core and the rising ESG due diligence standards of institutional investors are evolving faster than most companies' internal ESG functions. Companies that were considered strong reporters two years ago may now fall short of assurance expectations because the standard against which their disclosures are evaluated has risen. The gap between what is being asked and what organizations can demonstrate is widening. Closing it requires structural change, not a more careful approach to the next reporting cycle.

Q1. What is BRSR Core assurance and which companies need it? BRSR Core is a mandatory subset of ESG disclosures where SEBI requires external assurance from India's top listed companies, starting with the top 150 by market cap. The requirement is being phased in across the top 1000 companies, making assurance readiness a near-term priority for most large Indian corporates.

Q2. Why are India's top companies failing BRSR audits despite filing disclosures every year? Consistent reporting and audit-ready reporting are not the same. Companies can file accurate figures annually but still lack the source records, documentation trails, and internal controls that assurance providers are required to verify. The gap is not in the data itself, but in the organisation's ability to substantiate it.

Q3. What are the most common BRSR audit findings in Indian companies? Auditors consistently find four weaknesses: undocumented ESG data, fragmented information across HR, procurement, and operations teams, unverifiable Scope 3 and supply chain figures, and undefined governance over who owns and validates ESG data. These gaps appear repeatedly across sectors and company sizes.

Q4. How can companies improve ESG data governance for BRSR assurance? The most effective first step is assigning clear data ownership to the business units that generate ESG metrics, rather than leaving consolidation to the sustainability team alone. From there, companies should standardise data templates, maintain source documentation continuously, and conduct an internal pre-assurance review before the external engagement begins.

Q5. What does BRSR say about Scope 3 emissions reporting? BRSR requires companies to disclose Scope 3 emissions to the extent data is available, along with the methodology and assumptions used where primary supplier data is absent. Assurance providers do not expect perfect figures — but they expect documented, consistently applied calculation approaches that can be traced and defended.