Complying with California Climate Disclosure Legislation – A Dozen Observations and Recommendations

Viewpoints
October 20, 2024
8 minutes

It’s time for companies to begin addressing California climate disclosure legislation in earnest. Now that the legislative term is over and California Governor Newsom has acted on the amendment bill that was before him, there is more clarity (albeit still some uncertainty) on what is required and when. In this post, we provide twelve thoughts on compliance with California’s climate disclosure legislation.

To recap, California adopted three pieces of climate disclosure legislation last year: 

  • The Climate Corporate Data Accountability Act (Senate Bill 253) requires annual public disclosure of scope 1, 2 and 3 greenhouse gas emissions by U.S.-organized entities doing business in California with total annual revenues exceeding $1 billion. Measurement and reporting are required to be aligned with the Greenhouse Gas Protocol. Under the Act, the first disclosures are required in 2026 for fiscal 2025.
  • The Climate‐Related Financial Risk Act (Senate Bill 261) requires biennial disclosure of climate-related financial risks in accordance with the Task Force on Climate-related Financial Disclosures framework or an equivalent requirement, as well as the measures adopted to reduce and adapt to the disclosed climate-related financial risks. Disclosures are required by U.S.-organized entities doing business in California with total annual revenues exceeding $500 million in the prior fiscal year. The first disclosures are required by the beginning of 2026.
  • The Voluntary Carbon Market Disclosures Act (AB 1305) requires an entity that makes claims regarding the achievement of net zero emissions, carbon neutrality or significant emissions reductions to make specified website disclosures. More prescriptive disclosure requirements apply if claims are made and the entity purchases or uses voluntary carbon offsets (VCOs). In addition, entities that market or sell VCOs in California have specified disclosure obligations. The VCMDA is silent on when the first disclosures are required, although timing is further discussed below. 

These Acts are discussed in more detail in our earlier post here.

In late September, Governor Newsom signed into law Senate Bill 219. SB 219 amends the Climate Corporate Data Accountability Act and Climate‐Related Financial Risk Act around the margins, as discussed in this post.

This past term, Assemblymember Gabriel, the sponsor of the VCMDA, proposed Assembly Bill 2331, which would have made several amendments to the VCMDA, including delaying the first disclosures to July 1, 2025. AB 2331 was reported out of the Senate with further amendments. However, the bill was not brought up for a final vote in the Assembly before the legislative term ended. It therefore did not go to the Governor. AB 2331 is discussed in more detail in this post.

A Dozen Compliance Observations and Recommendations

  • While negotiations over the amendment bill were pending, we generally advised a wait-and-see approach to preparing for compliance with the Climate‐Related Financial Risk Act. Earlier in the summer, there was speculation that compliance might be pushed back by two years until 2028, as proposed by the Governor. Given the contemplated January 1, 2026 compliance date, companies that have not done so should develop a compliance strategy and begin preparing for compliance.
  • As noted above, the Climate-Related Financial Risk Act contemplates disclosing climate-related risks in accordance with the TCFD framework. The good news for many companies is that they are fairly far up the compliance curve, since they already publish TCFD-aligned disclosures.
  • However, most climate risk disclosures are only partially aligned with the TCFD framework. The Climate-Related Financial Risk Act requires covered entities to provide the recommended disclosures to the best of their ability, provide a detailed explanation of any reporting gaps and describe the steps that will be taken to prepare complete disclosures. Therefore, subject entities should:
    • Do a gap assessment of current disclosures against the TCFD framework;
    • Determine which gaps can be addressed to the best of their ability for the first required report;
    • Develop an action plan for addressing those gaps; and
    • Develop a longer-term action plan for addressing any remaining gaps. 
  • Although the California Air Resources Board has work to do under the Climate-Related Financial Risk Act, it does not impact companies’ ability to publish disclosures. For example, CARB is required to set the annual fee to be paid by companies and to adopt penalty regulations. CARB also is required to contract with a climate reporting organization to prepare a biennial report on the disclosures made under the Act. However, CARB is not required and does not need to adopt more detailed disclosure regulations under the Act.      
  • Shifting gears, many entities that will be required to report GHG emissions under the Climate Corporate Data Accountability Act also are not starting from scratch, since they already report at least scope 1 and 2 emissions data in accordance with the GHG Protocol. In any event, for those that do not already do so, collecting scope 1 and 2 GHG emissions data is unlikely to be an insurmountable lift given the relatively limited reporting boundary. There are numerous tools and software solutions that can help, as companies know since they have been bombarded by vendors over the last year. For companies that have not already done so, now is the time to start demoing solutions and to onboard a solution, to ensure that the systems, processes and record-keeping are in place to measure and report fiscal 2025 scope 1 and 2 GHG emissions data.
  • The Climate Corporate Data Accountability Act also will require limited assurance over reported scope 1 and 2 emissions. Many companies are less prepared for this compliance requirement, which will require additional rigor in GHG reporting. Although there still is a bit of time to make a decision, companies will need to select an assurance provider. Companies that also are subject to the SEC’s climate rule (assuming it survives) and/or the European Union’s Corporate Sustainability Reporting Directive – which also require third-party assurance – likely will want to use the same assurance provider they plan to use under those regulatory mandates. In most cases, this will be the firm used for the company’s annual financial statements audit.
  • In preparation for reporting and assurance, companies required to report under the Climate Corporate Data Accountability Act – including those that already collect and report GHG emissions data – should assess their alignment with the GHG Protocol and the sufficiency of their applicable controls and procedures. Many companies will want to consider a pre-assurance review. 
  • The Climate Corporate Data Accountability Act also will require subject companies to report on scope 3 emissions. However, for purposes of this Act, scope 3 compliance can be tackled a bit later since that requirement lags by a year (fiscal 2026 data to be reported in 2027), limited assurance over scope 3 GHG emissions data is not required until 2030 and, as discussed in the next point, there is still lingering uncertainty over when reporting will be required.
  • CARB is tasked with developing and adopting implementing regulations under the Climate Corporate Data Accountability Act. Originally, CARB was required to do so by January 1, 2025. SB 219 pushed the date back to July 1, 2025. The compressed period between adoption of implementing regulations and first compliance is not helpful for companies, since it gives them less time to address the regulations adopted by CARB. However, there is significant skepticism that CARB will be able to meet even the extended deadline and therefore speculation that compliance with the Climate Corporate Data Accountability Act will be delayed even without a further amendment to the Act. But, as noted above, since scope 1 and 2 readiness in most cases is not likely to be a major undertaking, we recommend that companies take preparatory steps to be ready for this piece of the Climate Corporate Data Accountability Act.
  • Keep in mind that, to minimize duplication of effort, reports prepared to meet other national and international GHG emissions reporting requirements can be submitted, if they also meet the requirements of the Climate Corporate Data Accountability Act. Subject companies will in most cases want to use their CSRD and/or SEC climate rule disclosure to comply with the Climate Corporate Data Accountability Act. In any event, compliance across these regulations should be integrated given the partial overlap in disclosure and assurance requirements and related compliance processes and procedures.
  • To the extent that companies want a voice in shaping the regulations to be adopted under the Climate Corporate Data Accountability Act, now is the time to develop an engagement strategy, whether through trade associations or directly.
  • The most immediate of the three compliance requirements is the Voluntary Carbon Market Disclosures Act. By its terms, the VCMDA took effect on January 1, 2024. Shortly after it was signed, the sponsor indicated that he intended the first annual disclosures be made by January 1, 2025, to provide reporting entities with sufficient time to align their business practices with the stated objectives of the VCMDA prior to being subject to potential civil fines (see our earlier post here). Thus far, California public prosecutors have held off on bringing civil actions under the VCMDA. There is likely to be some attention paid to enforcement in 2025. Accordingly, companies should assess whether they market or sell voluntary carbon offsets or make claims that come under the Act. If so, current disclosures should be assessed against the VCMDA’s requirements and enhancements should be made if applicable. 

A Bonus Observation

Keep in mind that the Climate Corporate Data Accountability Act and Climate-Related Financial Risk Act are being challenged in court. If that challenge is successful, companies will not be required to comply with either of the Acts, or they may be relieved from compliance in part if the court accepts only some of the arguments challenging the Acts. However, even in the face of this challenge, we generally recommend that companies take the compliance steps discussed above, since most companies are subject to overlapping mandates in other jurisdictions and, even for those that are not, the direction of travel is more voluntary GHG emissions and climate risk data collection and reporting, to meet commercial requirements, stakeholder expectations or aid in resiliency planning.    

About Our Practice

Ropes & Gray has a leading ESG, CSR and business and human rights compliance practice. We offer clients a comprehensive approach in these subject areas through a global team with members in the United States, Europe and Asia. Senior members of the practice have advised on these matters for more than 30 years, enabling us to provide a long-term perspective and depth and breadth of experience that few firms can match. For further information on the practice, click here.

Subscribe to Ropes & Gray Viewpoints by topic here.