← Back to Blogs
Insights/Blogs
All IndustriesJuly 20265-6 min

The Credibility Problem in ESG Reporting

What BRSR Audits Are Revealing About Indian Companies

The Credibility Problem in ESG Reporting

Reading Time

6 min

Article Sections

6

Share Links

3

01

Article Section

Introduction

Part 01

India's top 1000 listed companies have largely completed the first phase of Business Responsibility and Sustainability Reporting (BRSR). The reporting infrastructure is in place and disclosures are being filed. But a different and more consequential challenge has emerged: the credibility gap between what companies report and what they can substantiate.

As assurance requirements under BRSR Core expand, auditors are conducting more structured reviews of ESG disclosures, and they are finding the same weaknesses repeatedly. The issue is rarely the absence of data. It is the inability to demonstrate that the data is accurate, consistently gathered, and traceable to verifiable sources.

The central challenge of BRSR has moved on. It is no longer about whether companies report. It is about whether what they report can be trusted.

02

Article Section

The Shift from Reporting to Assurance

Part 02

In the early cycles of BRSR, the primary objective was disclosure. Companies were learning what to report, how to structure responses, and which metrics applied to their sector. Getting the information on paper on time was the benchmark for success. That benchmark has shifted.

Investors conducting ESG due diligence, regulators reviewing BRSR Core compliance, and assurance providers engaged for limited or reasonable assurance are no longer evaluating disclosures in isolation. They are asking a different set of questions: how was this figure calculated, who owns this data, and what documentation supports this claim.

Meeting these questions requires four things many companies have not yet built into their ESG reporting processes: data accuracy that can be traced to primary sources, clear and consistently applied methodologies, supporting documentation that can be produced during an assurance engagement, and defined governance and accountability for ESG data at the business unit level. Where these elements are absent, auditors engaging with BRSR Core are identifying the same recurring weaknesses across sectors, company sizes, and reporting cycles.

03

Article Section

What Auditors Are Finding: Four Recurring Gaps

Part 03

Gap 1: Strong disclosures, weak evidence

Many companies can produce ESG figures but struggle to produce the documentation behind them. During assurance reviews, auditors frequently encounter missing source records, incomplete audit trails between raw data and reported figures, and heavy reliance on manually maintained spreadsheets. In some cases, the same metric appears differently across disclosures, with little evidence of reconciliation. This matters because assurance providers are required to verify the basis of reported information, not just the final numbers. A reported improvement in an ESG metric may appear credible on the surface, but without supporting records, the disclosure becomes difficult to substantiate.

Gap 2: ESG data is fragmented across functions

Sustainability data is generated across multiple functions, including HR, procurement, operations, and EHS teams. In many organisations, these functions operate in separate systems with limited coordination, making ESG data difficult to consolidate and validate. By the time figures are reported in the BRSR, they have often passed through multiple manual processes, increasing the risk of inconsistencies and errors. As a result, assurance reviews frequently uncover discrepancies that were not identified during reporting. This challenge is less about disclosure and more about data governance, without clear ownership, standardised processes, and integrated data management, reporting quality will continue to be affected regardless of how robust the final report appears.

Gap 3: Supply chain and Scope 3 data remain largely unverifiable

Supplier-related disclosures remain one of the most challenging areas in BRSR assurance. Many companies rely on data from suppliers that may lack structured reporting processes or standardised formats, so Scope 3 emissions are often calculated using incomplete datasets, assumptions, or industry estimates. These approaches are sometimes necessary, but they can create challenges during assurance reviews if methodologies and assumptions are not clearly documented.

Gap 4: Governance has not kept pace with reporting

In many organisations, the sustainability team is responsible for preparing the BRSR, but ownership of the underlying ESG data remains unclear. Auditors often find no formal accountability structures or controls to validate information before it is reported, which means that even when reported figures are accurate, the organisation may struggle to demonstrate how that accuracy was ensured.

04

Article Section

Why These Issues Persist and How Companies Are Closing the Gap?

Part 04

A compliance mindset, not a management tool

Many organisations still approach BRSR as an annual filing obligation, with data assembled once a year by a small sustainability team working against the clock. When data is gathered episodically rather than tracked continuously, errors accumulate undetected and documentation is reconstructed rather than produced, so the reporting cycle becomes a consolidation exercise rather than a management one.

Immature ESG data infrastructure and capability gaps that are widening

ESG data collection in most top 1000 companies remains largely manual and decentralised, with no systems capturing data at source under a defined governance structure. At the same time, SEBI's assurance requirements under BRSR Core and the rising ESG due diligence standards of institutional investors are evolving faster than most companies' internal ESG functions, widening the gap between what is being asked and what organisations can demonstrate.

What companies ahead of the assurance curve are doing differently

Companies ahead of the curve have shifted ESG data ownership from the sustainability team to the business units that generate the data, while maintaining documentation continuously, applying financial-grade internal controls, conducting pre-assurance reviews before external engagements begin, and integrating ESG data management into existing ERP, procurement, and HR systems rather than running it as a parallel exercise.

05

Article Section

Conclusion

Part 05

India's top 1000 companies have largely cleared the disclosure threshold. The framework is understood and the reporting templates are familiar. The next frontier is credibility.

As BRSR Core assurance requirements deepen and investor ESG scrutiny intensifies, the differentiator will not be which companies report the most data. It will be which companies can substantiate every disclosure they make with documentation, governance, and internal controls that demonstrate the figures were managed, not assembled.

06

Article Section

Frequently Asked Questions

Part 06

What is BRSR Core assurance and which companies need it?

BRSR Core is a mandatory subset of ESG disclosures where SEBI requires external assurance, starting with the top 150 listed companies by market cap and phasing in across the top 1000 over time.

Why are India's top companies failing BRSR audits despite filing disclosures every year?

Consistent annual reporting and audit-ready reporting are not the same, since companies can file accurate figures yet still lack the source records and internal controls assurance providers are required to verify.

What are the most common BRSR audit findings in Indian companies?

Auditors consistently find undocumented ESG data, fragmented information across functions, unverifiable Scope 3 figures, and undefined governance over who owns and validates ESG data.

How can companies improve ESG data governance for BRSR assurance?

The most effective first step is assigning clear data ownership to the business units that generate ESG metrics, followed by standardised templates, continuous documentation, and an internal pre-assurance review.

What does BRSR say about Scope 3 emissions reporting?

BRSR requires companies to disclose Scope 3 emissions to the extent data is available, along with the methodology and assumptions used, since assurance providers expect documented and consistently applied approaches rather than perfect figures.

Keep Reading

Related Blogs

Next Step

Ready to turn ESG complexity into strategic advantage?

Talk to ESG Astraa about disclosures, climate strategy, governance controls, and execution support for your team.