Beyond compliance: How assurance under California’s Climate Bill (SB 253) powers value creation

The regulatory landscape for climate disclosure is evolving at an unprecedented pace. With the enactment of California’s SB 253 and a wave of similar initiatives across the United States and globally, organisations are facing a new era of mandatory greenhouse gas (GHG) emissions reporting and assurance. Yet, while compliance is the immediate driver, the true opportunity lies in leveraging assurance not just to “tick the box”, but to unlock strategic value, build trust, and drive sustainable business performance. 

1. The new normal: assurance as a compliance imperative 

California’s SB 253 is a pacesetter for climate regulation in the US. From 2026, companies with over $1 billion in annual revenue doing business in California will be required to disclose Scope 1 and 2 GHG emissions, with Scope 3 following in 2027. Critically, these disclosures must be assured by an independent third party at the limited level of assurance for 2026, and at the reasonable level a assurance starting in 2030. The requirements are clear: emissions must be reported in line with the GHG Protocol, and the scope is global, reflecting total company emissions.

Other states, including New York, Colorado, New Jersey, Illinois, and Washington, also have their own proposed or enacted regulations, all converging on the expectation of robust, assured climate disclosures. This trend is mirrored internationally, with India, Australia, the EU, and Canada expanding their own assurance requirements for sustainability reporting.

2. Beyond compliance: the strategic value of assurance 

While regulatory compliance is non-negotiable, the real value of assurance extends far beyond meeting legal requirements. Organizations that approach assurance strategically can realise a host of benefits: 

• Improved Governance and Risk Management: Assurance strengthens internal controls, clarifies roles and responsibilities, and embeds sustainability into governance frameworks. 

• Informed Decision-Making: Reliable, assured data supports better business decisions, enabling leaders to allocate resources, manage risks, and seize opportunities with confidence. 

• Performance and Efficiency: Standardised, accessible reporting drives operational efficiency, connects business teams, and aligns efforts towards shared objectives. 

• Transparency and Trust: Assurance builds credibility with stakeholders, investors, customers, regulators, and employees, by demonstrating accountability and transparency. 

• Competitive Advantage: Companies that go beyond compliance, using assurance to drive continuous improvement, differentiate themselves in the market and are better positioned to respond to emerging risks and opportunities. 

Discover more on assurance services delivered by ERM CVS here

3. What does assurance actually involve? 

For many, the assurance process may seem daunting, especially if it’s a first-time experience. However, the fundamentals are well-established and, for those already engaged in voluntary GHG assurance (such as for CDP), the transition to regulatory assurance is less of a leap than it might appear. 

The assurance process typically unfolds in several stages: 

1. Planning and Scoping: Defining the scope, timeline, and documentation requirements, and confirming key sites and personnel. 
2. Evaluation and Testing: Analytical review of data, site visits (in-person or virtual), desk-based evidence review, and recalculations. 
3. Reporting: Final data review, drafting of the assurance report, and management feedback. 
4. Continuous Improvement: Incorporating observations, addressing risks and opportunities, and refining processes for future cycles.   

The core principles guiding assurance are relevance, faithful representation, consistency, verifiability, and understandability. In practice, this means disclosures must be complete, neutral, accurate, consistent across periods and entities, verifiable by independent observers, and clear enough for users to make informed decisions. 

4. Limited vs. Reasonable Assurance: what’s the difference? 

A key distinction in SB 253 is the phased approach to assurance. Limited assurance, required from 2026, involves moderate depth and coverage, typically 10-20% of totals, with procedures focused on inquiry, analytical review, and some detailed testing. The conclusion is expressed in negative language: “We are not aware that, in all material respects, XYZ are not appropriately stated.” 

Reasonable assurance, required from 2030, is more rigorous, 80-90% coverage, with extensive testing of internal controls, inspection, confirmation, and re-performance. The conclusion is positive: “We conclude that, in all material respects, XYZ are appropriately stated.” The shift to reasonable assurance means greater scrutiny and a higher bar for data quality and process maturity.  

The table below explains the differences between limited and reasonable assurance, including the type and amount of work required for each, and how the final conclusions are expressed. 

5. The assurance journey: readiness and practical steps 

Preparing for assurance is not just about compliance, it’s about building robust systems, processes, and cultures that support high-quality, decision-useful data. Key steps include: 

• Defining Scope and Boundaries: Ensure disclosures align with the chosen reporting framework (GHG Protocol + SB 253), cover all required operations, and clearly identify any exclusions. 

• Ensuring Completeness and Accuracy: Strive for 100% completeness, focusing on major sources but not neglecting smaller ones. Work with internal stakeholders to understand and improve accuracy. 

• Documenting Processes: Develop and maintain Inventory Management Plans (IMPs), Standard Operating Procedures (SOPs), and clear documentation of methodologies, assumptions, and data sources. 

• Evidence and Substantiation: Be prepared to provide evidence for key assumptions and decisions, maintain an audit trail and robust record-keeping. 

• Engaging Stakeholders: Involve internal audit teams, data owners, and site personnel early and often. Site-level engagement, whether in-person or virtual, enhances understanding, speeds up evidence review, and fosters internal awareness of sustainability issues.  

A readiness checklist is invaluable: know your gaps, have a plan to fill them, and consider a “dry run” of the assurance process to identify and address issues before the formal engagement. 

6. Upskilling your organization in readiness for SB253 

As your organization prepares to meet the requirements of California’s Climate Corporate Data Accountability Act (SB 253), upskilling becomes essential. At every stage of the journey, it’s critical to raise awareness, build internal audit capabilities, and equip teams to maintain compliance systems.  

• Leadership must understand their responsibilities under the law. 

• ESG professionals and internal auditors need to be trained to conduct assurance-ready audits aligned with recognized standards.  

• Broader teams, including sustainability, operations, and facilities, should grasp the basics of carbon accounting and their role in supporting compliance.  

Building organizational competence in assurance fundamentals, carbon data integrity, and strategic leadership ensures readiness for third-party verification and strengthens the credibility of climate disclosures. This proactive approach not only supports regulatory alignment but also helps mitigate reputational risk, ensures value can be created and builds trust with stakeholders. 

Read more on sustainability training and learn more about Carbon Accounting training courses here and ESG Internal Audit training courses here

7. Common challenges and FAQs 

The assurance process is not without its challenges. Common issues include outdated emission factors, reliance on estimates for parts of the inventory, missing data (such as fleet emissions), and questions about the need for prior year data. These are normal hurdles, and assurance providers expect to work through them collaboratively with clients. 

The key is to approach assurance as an ongoing journey, not a one-off exercise. Continuous improvement, learning from each cycle, and engaging with assurance providers as “critical friends” ensures that each year’s process is smoother and more valuable than the last. 

8. Conclusion: assurance as a catalyst for sustainable impact 

As climate regulation tightens and stakeholder expectations rise, assurance is no longer optional. But it is also not a burden to be endured. When approached strategically, assurance is a powerful tool for building trust, driving performance, and creating lasting value. 

By preparing early, investing in robust systems and processes, and embracing assurance as a catalyst for improvement, organisations can not only meet compliance requirements but also position themselves as leaders in the transition to a sustainable future. 

Contact us here or email now post@ermcvs.com