The Regulations Driving Climate Risk Reporting

As the global climate crisis intensifies, governments and regulatory bodies are responding by implementing policies that require businesses to disclose their climate-related risks and strategies. This shift aims to provide transparency to investors, stakeholders, and governments, ensuring that companies are actively assessing and mitigating climate risks.

In this post, we’ll outline key regulations driving climate risk reporting, focusing on California’s SB 261, the EU’s Corporate Sustainability Reporting Directive (CSRD), and the Federal Supplier Climate Resiliency Rule.

Beehive’s AI-powered enterprise climate risk management (ECRM) software makes it easy to comply with these regulation.

California SB 261

Overview: California Senate Bill 261 is a state-level mandate requiring large companies to assess and disclose their climate-related financial risks.

Requirements: Companies must prepare and submit a climate-related financial risk report detailing both physical and transition risks from climate change. The report must include plans to address these risks, covering anticipated effects on the business.

Who It Applies To: SB 261 applies to all U.S.-based companies that do business in California and have annual revenues exceeding $500 million.

Timeline: SB 261 was signed into law on September 27, 2024. The first reporting deadline is January 1, 2026, with biennial reporting requirements thereafter.

Penalties: Non-compliance can lead to fines of up to $50,000 per year.

EU Corporate Sustainability Reporting Directive (CSRD)

Overview: The CSRD is a European Union regulation that significantly expands the scope and depth of sustainability reporting requirements for companies operating in the EU.

Requirements: Companies must report detailed information on how environmental, social, and governance (ESG) factors, including climate risks, impact their business. The directive also introduces an assurance requirement, meaning companies must have their reports verified by a third party.

Who It Applies To: The CSRD applies to all large companies (defined by exceeding two of the following: €40 million in net turnover, €20 million in total assets, and 250 employees) and all listed companies in the EU. It also includes non-EU companies with significant operations in Europe (so any US company with >$150m in revenue in the EU.)

Timeline: Reporting begins in 2025, covering the 2024 financial year. Smaller listed companies have until 2026. Non-EU companies have until 2029.

Penalties: Penalties for non-compliance vary by country but can include significant fines and restrictions on business operations, or jailtime for executives.

Australian Climate Risk Disclosure (ASRS / AASB S2)

Overview:

Australia has introduced mandatory climate-related financial disclosure requirements aligned with the ISSB framework, implemented through the Australian Sustainability Reporting Standards (ASRS), including AASB S2 (Climate-related Disclosures). The regime is designed to standardize how companies disclose climate risks and opportunities, bringing Australia in line with global frameworks like IFRS S2 and TCFD.

Requirements:

Companies must disclose how climate-related risks and opportunities affect their strategy, business model, and financial performance. This includes governance and risk management processes, scenario analysis, transition and physical risks, and quantitative metrics such as Scope 1, 2, and (eventually) Scope 3 emissions. Disclosures must be integrated with financial reporting and are subject to phased-in assurance requirements.

Who It Applies To:

The rules apply to large Australian companies and financial institutions, as well as listed entities, based on size thresholds tied to revenue, assets, and employees. Large private companies are explicitly included. Subsidiaries of foreign companies operating in Australia may also be captured if they meet the thresholds—meaning many US and global companies with significant Australian operations will be in scope.

Timeline:

Mandatory reporting began in FY2025, with a phased rollout based on company size. The largest companies report first, followed by medium and smaller large entities over subsequent years. Scope 3 emissions disclosures and reasonable assurance requirements are phased in over time, extending into the late 2020s.

Penalties:

Non-compliance can result in regulatory enforcement by ASIC, including fines, corrective disclosures, and potential director liability. While early years include certain relief provisions (particularly around Scope 3), enforcement risk increases as assurance requirements ramp up and disclosures are more tightly linked to financial statements.

Conclusion

The regulatory landscape around climate risk reporting is rapidly evolving, with more regions implementing stringent requirements. Businesses, especially those operating across multiple jurisdictions, must stay informed and proactive in meeting these regulations. Non-compliance can lead to significant financial penalties and reputational risks, emphasizing the importance of understanding and preparing for these climate disclosure requirements.