SEC Final Rule on climate-related disclosures: What is required and what to do now


Under the newly issued SEC Final Rule, “The Enhancement and Standardization of Climate-Related Disclosures for Investors,” registrants face new requirements to include climate-related information in registration statements and annual reports. The rule includes extensive new disclosure requirements that address climate-related risks, greenhouse gas (GHG) emissions and climate-related impacts on financial statements.


Below is an overview of the primary requirements in the final rule and the next steps for registrants. For a more comprehensive discussion of the requirements, see our full expanded snapshot. 




What are climate-related risks?


The final rule defines climate-related risks to mean “the actual or potential negative impacts of climate-related conditions and events on a registrant’s business, results of operations or financial condition.” Climate-related risks include both physical and transition risks. While physical risks may be easier to initially understand and identify, transition risks are more likely to affect a broader population of registrants.


“Physical risks” refer to acute and chronic risks to the registrant’s business operations and can refer to the operations of those with whom it does business. “Acute” risks are event-driven and may refer to short-term weather events such as hurricanes or floods, whereas “chronic” refers to long-term weather patterns such as rising temperatures and their related effects.


“Transition risks” refer to the actual or potential negative impacts on a registrant’s consolidated financial statements, business operations or value chains attributable to regulatory, technological and market changes designed to address the mitigation of, or adaptation to, climate-related risks. Examples of transition risks could be the loss of significant customers due to shifting customer preferences for sustainable products or services or increased operating costs associated with climate-related regulations.



What is required to be disclosed about climate-related risks?


The final rule requires qualitative disclosures on material or reasonably likely to be material climate-related risks, governance and risk management, and impacts on a registrant’s strategy, business model and outlook.



Governance and risk management

Registrants are required to disclose information about the board of directors’ oversight and governance of material climate-related risks. Registrants are also required to describe management’s role in assessing and managing climate-related risks. Examples of board oversight disclosures include the following:

  1. Identification of any board committee or subcommittee responsible for the oversight of climate-related risks
  2. Description of how the board committee or subcommittee is informed about climate-related risks
  3. How the board of directors oversee progress against climate-related targets or goals or transition plans, if applicable

Registrants are also required to disclose risk management processes. This includes any processes around identifying, assessing and managing material climate-related risks. 



Strategy, business model and outlook 

Registrants are required to disclose the actual and potential financial effects of material climate risks, including the impact on their strategy, business model and outlook. This includes a narrative discussion of whether and how the risks have affected, or are reasonably likely to affect, their consolidated financial statements in the short- and long-term. If a registrant’s strategy includes a climate transition plan, it would need to describe any adopted plan to manage material climate-related risks. Similarly, if a registrant uses internal carbon pricing in its reduction strategy, it would have to disclose certain information about the carbon pricing strategy.


While a climate scenario analysis is not required, registrants need to discuss the resilience of their business strategy and any tools they use to assess the impact of climate-related risks. If a registrant conducts a climate-related scenario analysis, using it as a tool to assess and manage material climate-related risks, details such as the parameters, assumptions, analytical choices used and financial impacts are required for disclosure.


What to do now

The SEC’s requirements do not mandate the board or management to obtain climate-related expertise or undertake new activities. However, registrants are required to comply with the SEC’s disclosure requirements. It is expected that many registrants will consider the significance of climate-related risks to their business when assessing the need for additional skill sets or climate risk-related activities. Where physical or transition risks are significant, investors and other stakeholders may expect a robust response.  Establishing a climate risk management process takes time, and it may not be possible to achieve the desired maturity in a single annual reporting cycle. Accordingly, entities are encouraged to understand the expectations of the board, audit committee and investors when developing their approach to climate risk management and to allow for an adequate implementation period.



Targets and goals

If a registrant has set any targets or goals related to the reduction of GHG emissions or any other climate-related targets or goals that would materially affect the registrant’s business, it would need to disclose a detailed description of the goal. Climate-related targets or goals would include any that are related to energy use, water use, conservation or restoration, among others. If carbon offsets or renewable energy credits (RECs) are used to meet targets, disclosure of certain information is required. 


What to do now

Registrants that have already considered or disclosed information using the Task Force on Climate-Related Financial Disclosures (TCFD) framework will have a head start in this area. 


For those just beginning, a critical first step is undertaking a climate risk assessment to identify both physical and transition risks. This will likely include input from stakeholders across the organization and potentially external stakeholders (such as insurance companies). This may be performed internally, however, many organizations may benefit from working with a service provider, particularly for the initial assessment.  


Over time, registrants, particularly those with significant climate-related risks, may consider integrating climate-related risk management into the overall enterprise risk management (ERM) process.


Show image description -->

The proposed disclosures are structured around material climate-related risks, both physical and transition risks, which may involve stakeholders from around the business. Stakeholders include facilities and operations, finance, legal, regulatory, sales cycle, supply chain and talent.




What are GHG emissions?


Greenhouse gases are defined by the Environmental Protection Agency as gases that trap heat in the atmosphere (for example, carbon dioxide, methane and nitrous oxide). Greenhouse gases are a naturally occurring function of the atmosphere, helping to regulate the Earth’s temperature. However, when a surplus of greenhouse gases are in the atmosphere, temperatures rise, resulting in global warming. Some common sources of greenhouse gases are fossil fuel combustion, waste in landfills, fertilizers, animal waste and intense industrial manufacturing processes such as aluminum smelting.



What are the disclosure requirements for GHG emissions?


If found to be material, aggregated GHG emissions are a required disclosure for the most recent fiscal year in the year of adoption and for historical periods prospectively. While the regulation is based on the GHG Protocol, only Scope 1 and Scope 2 emissions are required for disclosure.


Disclosed emissions are defined as:

  • Scope 1: Direct GHG emissions from operations owned or controlled by the registrant
  • Scope 2: Indirect GHG emissions from the generation of purchased or acquired electricity, steam, heat or cooling consumed by operations owned or controlled by the registrant.

Third-party assurance is phased in for accelerated and large accelerated filers. 


Greenhouse gas emissions | Scope 1 and 2


Sources owned or controlled by the company


Mostly the purchased quantity of commercial fuels (e.g., natural gas)



  • Company facilities
  • Company vehicles
  • Equipment
  • Combustion in owned or controlled boilers, furnaces and vehicles
  • Emissions from chemical production or controlled process equipment
Purchased electricity for own use


Purchased electricity, steam, heating and cooling in buildings and production processes.

What to do now

If not already completed, management is encouraged to prioritize the development of a GHG inventory. Depending on the complexity of the entity, identifying and obtaining relevant GHG emissions data may take a significant amount of time and resources. Some entities may choose to use an outside service provider or software solution to calculate GHG emissions, whereas others may be able to perform the calculation internally. Regardless of the chosen path, all in-scope registrants will need to collect the source data for use in their calculations. Accordingly, management is encouraged to proactively consider and allocate appropriate time and resources to support this undertaking.


Despite the absence of Scope 3 emissions within the final rule, the European Union’s Corporate Sustainability Reporting Directive (CSRD) and California’s Senate Bill 253 both require Scope 3 reporting. These regulations impact public and private companies and are expected to impact many SEC registrants, requiring them to calculate, report and obtain assurance over their GHG emissions, including Scope 3 emissions.





What disclosures are required in the financial statements?


For the most recent fiscal year in the year of adoption and for historical periods prospectively, registrants will need to disclose climate-related financial metrics, estimates and assumptions underlying the preparation of the consolidated financial statements. The new financial statement disclosure requirements in S-X Article 14 apply to all domestic and foreign SEC registrants, except for asset-backed issuers.  



Financial metrics


Registrants are required to disclose, in a footnote to the audited financial statements, capitalized costs, expenditures expensed, charges and losses incurred as a result of severe weather events and other natural conditions. Registrants are also required to disclose information for capitalized costs, expenditures expensed and losses related to carbon offsets and RECs. 



Estimates and assumptions


Registrants are required to disclose whether and how their estimates and assumptions used to produce the consolidated financial statements have been materially impacted by exposure to risks and uncertainties associated with severe weather events and other natural conditions, or by any climate-related targets or transition plans disclosed by the registrant.





Registrants are required to establish and maintain effective disclosure controls and procedures over all climate-related disclosures, which are subject to Section 302 certifications and are included in the registrant’s periodic reports. In addition, management is responsible for internal control over financial reporting (ICFR) covering the new climate-related disclosures in the notes to the financial statements.





What are the applicable compliance dates?   


The final rule includes phased-in compliance dates to accommodate all registrants. The table below reproduced from the SEC's fact sheet gives a summary of reporting deadlines for a registrant, using fiscal year beginning, or FYB.


Show image description -->

Disclosure compliance dates vary based on filing status.

What to do now

After gaining an understanding of the Final Rule’s new reporting requirements, registrants will need to focus on the following challenges and practical considerations as they prepare to adopt the new requirements and enhance their climate-related disclosures for investors:

  • Understand how climate-related risks are governed and managed: Registrants will need to consider which individuals or groups in the organization are best equipped to oversee, prioritize and manage climate-related risks.
  • Identify material climate-related risks: Registrants need to identify where physical and transition risks exist across all areas of the business in determining relevant material climate-related risks.
  • Understand financial impacts: The disclosures within the footnotes to the audited financial statements may require significant additional effort for registrants. Capitalized costs, expenditures, charges and losses incurred related to severe weather events and other natural conditions may need to be disclosed as soon as fiscal year beginning in 2025. Integrating these disclosures into existing ICFR frameworks may prove to be time-consuming for registrants. Within their filings, registrants will need to certify that both ICFR and disclosure controls are procedures are effective.
  • Prepare for external assurance over Regulation S-X disclosures: The controls over the calculations and disclosures included in the footnotes will be subject to audit in the first year of reporting. Registrants should perform an ICFR gap assessment to evaluate the design effectiveness of relevant internal controls and should assess the sufficiency of the audit evidence available to support these disclosures.
  • Quantify and report material GHG emissions: Registrants will need to perform an analysis to understand whether their Scopes 1 and 2 GHG emissions are material and require disclosure. If these emissions are material, registrants will need to develop or refine their GHG inventory, including evaluating the completeness and accuracy of reported emissions.
  • Prepare for external assurance over GHG disclosures: LAFs and AFs will need to obtain external assurance over their reported GHG emissions. Even with a phased-in period between initial reporting and limited assurance, the effort needed to achieve assurance will be significant. Well before assurance is phased in, registrants should assess the sufficiency of documentation over their GHG emission calculations, including any estimates used to fill data gaps.



Featured ESG insights