As noted above and discussed in detail in Chapter 3, the provision of assurance for S&ER is one way of assuring a degree of reliability, and this proposition was supported by some of the interviewees: “I think it definitely adds value to the stakeholders in that they’ve got some confidence in what you’re actually, they need to trust an organisation and sometimes they don’t do that so by having an assurance statement in there it gives them confidence in what they’re actually reading is true (Org D)”; “I think it is really, really important. I think you know if we’re going to have a reputation like financial reporting then that independent assurance is a very important process (Org E)”; “It’s also a good process to make sure that you are addressing those material issues after they’ve checked you’ve identified them and the data collection, well you’ve just got to do that for any disclosure I believe. So, I just think that that’s good management (Org F, Interviewee 2)”; and “I think if you’re doing a full GRI report, and it depends on how you
161
present it, you know. If you don’t have assurance, what are you saying, that you’re lying? You know, it’s, especially when it comes to safety stats and others (Org I)”.
However, the value of assurance practices was also questioned, with the interviewee from Org C commenting “I think there’s a general understanding that external assurance brings credibility to your disclosures […]. Has that been proven? I’m not too sure. I haven’t seen any evidence or research to suggest that.” Of those cases that did not provide assurance for their reports, it was noted that “[y]ou know, it’s always comes down to a cost benefit issue (Org H)”, and:
“I mean, there are parts of the data that I know we could get assured but at the moment, first of all it wouldn’t add value to the business to have it assured. There’s no one asking us why we haven’t had it assured. And secondly, some of the systems for collecting, particularly like HR data, so the number of people we have in organisation, those sorts of things, each of the businesses have their own separate systems and trying, trying to do that would just be an absolute nightmare. There’s no value add for us at this point in time (Org B)”.
Of the cases studied Orgs D, E, F G and J obtained external assurance for their social and environmental reports. As discussed in Chapter 3, external assurance may be undertaken by accountant or consultant assurance providers, and there has been some debate in the literature with respect to who is best placed to provide assurance for S&ER. Of those cases that provided external assurance for their S&ER, there was a mix between the use of accountant and consultant assurance providers. Org F was the only organisation to use an accountant provider for the assurance of their entire report. However, Interviewee 2 noted that “it was not a targeted approach to go with ‘the big four’, it was, we went to tender and theirs was the most suitable in a tender process [and] it’s not the audit team from [name of assuror], it’s an actual risk and assurance business that is specialised in sustainability assurance, so it’s a specialist team that sits within [name of assuror] (Org F, Interviewee 2).”
Orgs D, E and G all used consultant providers, and when asked why the interviewee from Org D, after giving the question careful consideration commented that “I don’t think we’ve ever actually articulated that position but for me it’s, I think, those consultants have a better understanding of the world and a lot of, and some of the data and information and the stories are not quantitative
162
type stories, so, I think a broader view on sustainability and performance measurement as opposed to an accounting numbers thing is better (Org D)”. Org G had experience with both accountant and consultant assurance providers and was thus able to provide a perspective on the differing approaches between the two:
“So we used to use [name of accountant assuror] a few years ago when we first started reporting. That was very focused audit on a number of environmental data points. So that was going right down into the detail and you know five numbers in the report, which was useful ‘cause we were just getting started but then we decided, look that’s not as valuable anymore cause there’s a the whole rest of the report that we’ve got no testing over. So now we use the assurance standard and we’ve [name of consultant assuror] doing it and so that’s just that general look over. From my perspective, I don’t really care if it’s 21 tonnes of waste or 21.4 tonnes of waste. I care that it’s in the order of magnitude and that’s what they’re checking. So they’re not going back and checking everything single invoice to the nth degree, they’re checking that, overall, we’re tracking waste, we’ve got a place to put all the information, it adds up to the right amount and it’s, and that’s what we need for this because it’s not, yeah, so that’s useful (Org G).”
Whilst Org F used an accountant provider, and Orgs E and G used consultant providers, Org J were unique in that
“what we did is we went out to tender and in the end we awarded the AA1000 component to a boutique and the greenhouse gas emissions piece to the accountancy house that does our financial audit, to integrate it more with the financial audit and the fact that they are working with our finance teams and that given that carbon effectively now is $23 a tonne, it’s now a financial consideration for the organisation and needs the same level of scrutiny but also we’re embedding that accounting into our finance systems as well. So it reflects that kind of progress we’re making in that space. And you might say, well why don’t you just give your audit partner the whole gig? We feel very strongly about AA1000, we feel very strongly about having leading accredited practitioners leading that process. Our sense is that those leaders truly understand the
163
importance of materiality as seen through the eyes of stakeholders and I’m yet to see the large accountancy practices demonstrate that here in Australia. [...F]rom our perspective at the moment, the boutiques have a real strength, real capability in that responsiveness, identification, responsiveness to stakeholders, they really do get AA1000 and that’s a powerful thing for us (Org J).”
Regardless of whether an accountant or consultant provider was used, the interviewees suggested that the use of AA1000 was the most desirable aspect when selecting an assurance provider, with Interviewee 2 from Org F noting “in our tender process, we only asked for AA1000 qualifications and it was simply a matter of who was the best organisation to provide us with the services”, and the interviewee from Org E “we find that the most useful because we are obviously very concerned about the accuracy of the data, definitely, but also that whole, the completeness of the story. Are we, you know reporting on what’s material, are we reporting on what our stakeholders want to hear and we feel that the AA1000 process and standard really has a good set of principles that try to ensure that (Org E).”
It was suggested in Chapter 3 that consultant assurance providers may be best suited for the discharge of S&EAA due to their greater propensity to use the assurance standard AA1000, which as with the GRI is based upon the principle of stakeholder inclusivity. Engagement with stakeholders is essential for determining for what it is that an organisation is to be held responsible, and the provision of assurance helps ensure that stakeholders can rely upon the information reported. However, it is not possible for organisations to engage with all relevant stakeholders, and thus the final step of the normative S&EAA model requires engagement with stakeholders in the assurance process. The purpose of this step is to endeavour to ensure that responsibilities to stakeholders are identified and addressed, and is discussed further in the following section.