Sunday, December 6, 2009

Unassured and fed up

I read many sustainability reports, and  many assurance statements. Today, i lost my rag. (I was cleaning the kitchen) The quality of sustainability report assurance is abysmal, on the whole. So many Companies taking good money to provide what should be a seal of quality on  sustainability reports offering not much more than a page of printed hot-air seems to me to be highly irresponsible. Maybe assurance assignments are easy money. Maybe they are not as sexy as reporting assignments. Maybe the providers just dont have the skills, or are not willing to guarantee the quality of their auditing work for fear of liability. Maybe someone might actually make a decision based on the quality of the assurance? What a disaster! Whatever the reason, assurance is just not making the grade. And worse, the Global Reporting Initiative, in awarding a "+" at each Application Level, without checking the quality, for so-called  assured reports, unwittingly perhaps, is complicit in this devaluation of the assurance process. So I took pen to paper (fingers to keyboard) and sent a letter to the CEO of the GRI. Here it is: 

Sunday ,6th December 2009
For the Attention of:
Mr Ernst Ligteringen
The Global Reporting Initiative

Dear Ernst, 
Quality of Sustainability Report Assurance Practices and Allocation of “+” in the GRI Report Check
As you may know, my business in Israel, BeyondBusiness Ltd, is a strong supporter of the GRI, and we are Organizational Stakeholders. We provide sustainability reporting services to a range of clients, who we always encourage to report against the GRI framework. My business partner, Liad Ortar, was the one who took the initiative to translate the GRI Framework into Hebrew back in 2006, creating greater accessibility for local Companies and paving the way for GRI reporting in Israel. In fact, we wrote the first GRI (Application Level B) report in Israel for Bank Leumi together with their team, the first GRI report at application level A for comme il faut, a private fashion Company, and now we are working on the first GRI report for a non-profit in Israel. In between, we have written several other GRI reports. We like the GRI framework and apply it for all types of organizations in all sectors. Of course, there are elements which could be improved in the future, but overall, we are strong advocates. In addition, we always encourage our clients to have their report checked by the GRI, to ensure confirmation of proper adherence to the guidelines.

There is one area, however, where I feel the GRI does not do justice to the reporting process, and this relates to Assurance. The role of Assurance is to enhance credibility and trust in the report, as a promise to stakeholders that the report has been independently, externally verified by a qualified expert, or group of experts, both in terms of the accuracy of content and the relevance of material issues, and in terms of the fair and balanced representation of the overall content. In checking reports, for the award of a “+” Application Level, the GRI checks only the presence of an Assurance Statement, not the quality of the content or the appropriateness of the assurer. The "+" award provides a benefit for Companies, as the “+” tends to promote the assumption that the GRI confirms that the Assurance Statement achieves the appropriate quality of verification, as per the GRI guidelines. Companies who publish an A+, B+ or C+ report indicate by definition that their report has adhered to these standards.

I read, write and regularly review reports. My reviews are published on for all to view. In performing such reviews, I try to assess whether the report presents a credible and trustworthy picture of the organization’s Corporate Responsibility activities. Of course, I always read the Assurance Statement, if there is one.

And now to the crux of my message.
In many cases, the Assurance Statement seriously lacks the ability to assure.

  • Often the statement is a partial assurance of only a very small sample of the report – for example – the carbon emissions.
  • Often the statement fails to give reasonable evidence that the Assurance Provider has done the rigorous work required to draw a conclusion about the quality and material relevance of the report.
  • In many cases, the Assurance Statement is signed off by a Company and it is not known who actually did the Assurance work. In one currently “featured” report, the name of the Assurer is not legible.  
  • In other cases, the Assurance statement is largely a reprint of the prior year’s statement.
  • I have seen one report where the Assurer was the very same consultant who supported the entire development and writing of the report, which is a serious breach of the assurance “quality standards” that require the Assurer to be a party “not unduly limited by their relationship with the organization or its stakeholders.”
  • One report, which is a currently GRI “featured report” is an integrated report and contains only an audit of the financial statements, and no verification of the sustainability content, as far as I can see.
  • And it is almost never clear what changes have been made to the report content prior to publishing as a result of the Assurer’s intervention.
And yet, the GRI automatically awards a “+” for all Assurance Statements, just because the Reporter shows they exist. This, in my view, undermines the contribution of the assurance process and devalues the GRI check.

I suggest the GRI should take a stronger stand on the subject of assurance, and that the GRI should check that:

  1. The Assurer is external to the reporting organization and not  engaged in any other form of service provision with the Reporting Company for at least 12 months prior to providing assurance.
  2. The Assurer has relevant experience of corporate responsibility practices qualifies him or her to do the work, and signs the Statement in his or her name.
  3. The Assurance Statement relates to the entire content of the report, disclosing the detailed methodology used.
  4. The Assurance Statement makes reference to specific core material issues and whether the reporting Company has addressed these in the report
  5. The Assurance Statement gives positive confirmation, and not a statement of several negatives that confirm only that the Assurer has not noticed inconsistencies or errors, but has positively done the work to conclude that the content is accurate and relevant.

Anything less, should not deserve a "+".

In a review of several of the current featured reports on the GRI Website, I find that adherence to the above criteria is low. Few of the statements I reviewed suggest a professional and quality approach to assurance, and the GRI approach seems to condone this.

I would like to recommend, that the GRI adopts a new policy to read and check Assurance Statements, and award “+” only if the Assurance Statement and the Assurer meet the above criteria.

This does not preclude a Company including a consultant’s statement, or opinions of experts relating to part or all of the report. This is often a nice touch, and adds value, but it does not carry the validity of a formal Assurance Statement which earns the Company the highest level of adherence to the GRI Framework with a “+” designation.

I would be grateful if the GRI would consider this recommendation and a possible change to its practice with regard to the checking of assured reports in the future. I send you this letter as an open letter, which I plan to publish simultaneously on my Reporting Blog , in the hope that it will generate some discussion from other reporting professionals as you consider this recommendation.

Thank you for reading this letter, and for all the GRI does to promote sustainability.
I look forward to hearing from you 

Warm regards,

Chunky Monkey Me Elaine 


That was the letter. I don't expect that the GRI response will be an ethusiastic YES OF COURSE, though i do believe the GRI, as a multi-stakeholder organization, will be receptive to feedback, and hope this will be taken in good spirit. Whatever the response, I could not remain passive on this issue, which irks me time and time again every day as I dip in to some report or other.
By the way, the report mentioned above which has an assurance statement signed illegibly - well, see what you can make of this

Maybe it was written by an alien ? produced a good report about  Assurance approaches in July 2008 called AssureView.This report discusses quite well the difficultues of assurance including the fact that there is no "common currency" or accepted methodology of performing assurance of non-financial data. The conclusion hits the nail on the head:

So what do you think ? Am i unassured and fed up all alone ? Should the GRI change its policy? Do you read and believe Assurance Statements ? And how important is all of this?

elaine cohen is the joint CEO of BeyondBusiness, a leading reporting and social-environmental consulting firm . Visit our website at:


Clayton T Ford said...

Really interesting and valuable perspective, particularly from someone in your position and with your experience Elaine. Thanks for raising, and more importantly taking action on your perception / frustration.

Assurance becomes increasingly vital as CSR reporting becomes more and more mainstream, and the 'commercial' and reputation benefits become increasingly apparent.

My personal experience inside just one company is slightly different - whereby I have been surprised, then impressed, by the rigour of review of data and claims I have submitted to our annual global report. However, this is just one example and others may have different persepctives.

I think the principles you have recommended to the GRI are a very worthy starting point - great piece.

elaine said...

UPDATE: Monday morning 7th December, immediately after receiving my letter, Ernst Ligteringen, CEO of the GRI personally wrote this positive response:

Dear Elaine,

Thanks for your letter, your interest in improvements in GRI Guidance and your recommendations in this respect.

We do take this kind of feedback very seriously; reason while I will ask my colleagues to look closely at your recommendations and discuss them. We will get back to you when we do have a considered response. As it won’t be a routine response it might take us a moment, for which I ask your understanding.

With best wishes,

Great !

elaine said...

Hello Clayton, many thanks for your response. Yes, I am sure there are some Assurers who do a thorough job and add value and credibility.
Thanks for reading and taking the time to respond.
regards, elaine

Unknown said...

Hi Elaine.

Read your entry with great interest and definitely agree. Most assurance statements I have come across here in Sweden looks "copy paste", even when comparing different assurance organizations statements.

I like your recommendations to GRI. I hope they will be implemented as time progresses.

Keep up the good work!


elaine said...

Thank you Tomas both for reading and for your positive comments, and insights about assurance. Every opinion counts.
best regards, elaine

elaine said...

Second Update
Monday 7th September 2009
A response from Mike Wallace, Director of the Sustainability Reporting Framework at the GRI, who says:

Hi Elaine
Your comments are very much appreciated, especially given the time and resources you continue to invest in GRI and in your comprehensive overview of this situation.

The Report Services team is part of my team and we are actually in the process of reviewing the Application Check and Assurance situation. I’ll be meeting with my team later this week (I’m currently in the US) and we’ll get back to you with details about what we’re planning and how these changes will address your concerns (or hopefully most of them).

We’ll be back to you as soon as possible.
My reaction: It's not easy for an organization such as the GRI to juggle with all the demands of diverse stakeholders. I think this is a great example of responsiveness and demonstration of willingness to consider new ideas. I look forward to hearing the GRI thoughts on this subject.

UKati said...

Hi Elaine,
I was very happy to read your post, because it reflects what I feel in Hungary. We set up our own CSR business a year ago, "departing" from a large CSR consultant company, since we did not agree with many things. We have two focuses within CSR, trainings and GRI related services. Report writing is one main branch in this, but assurrance is another. I was fed up (like you) with the possibilities and the quality and value of existing assurrance possibilities in Hungary. No useful critics, that would really make a company improve, no rigorous check of GRI application level (sometimes I wonder whether they have read the G3 at least once from beginning to end), meaningless sentences that are the same from year-to-year and from report-to-report. For this reason we developed a report evaluation system of 3 levels, where bronze is only GRI application level check, silver includes also data and data gathering process exmaination and verification, and exper view and recommendation, and the third level (gold) includes above all previously mentioned a panel discussion with experts of the stakeholders. Unfortunately the name of our company (alternate) is not considered as trutwotrhy as some of the big accountant firms... We won only one tender this year, for CIB Bank, and I had the project ending discussion jut last week. I was surprised to hear the manager saying, that they got more than expected, he did not think someone would really check how they gather and handle data, and they got what they were aiming at, the weaknessess of their processes! The result they noticed was, that the people doing that work felt they were taken seriously, and now they put extra effort on improving the processes. You can see the report and assurance here the assurance statment unfortunately cannot reflect the detailed results of the work we have done, as you wrote, it is difficult to show, which changes were made due to the verification process. I would be interested in what you think, because we want to improve our methods continuously. One interesting thing I came across during the work was, that even that they had an external consultant helping them with the report, most of the things I had them correct was related to proper GRI adherence, like having 3 years data, or having a statement why they don't. Sorry for the long comment! Keep up the good work!
Your fellow GRI OS and enthusiastic GRI fan

elaine said...

hello Katalin (Ukati) , thanks for reading and for your fabulous comments and insights!!! I looked at the CIB report and Assurance process and simply love the work you have done!! Would love to talk more about this by email - - please do drop me a line so we can talk in more detail. I very much understand and agree with the points you make about large firms and the difficulty of breaking through their grip on the market. You should make sure the GRI know about your methodology - i am sure this will be helpful as they say they are reviewing this right now. I will do a separate piece on the blog about your assurance approach - so lets be in touch, warm regards, elaine

Related Posts with Thumbnails