ESG Value Chain Disclosures: Assurance Readiness Guide

BRSR Value Chain Reporting Requirements

SEBI's BRSR framework extends ESG disclosure requirements beyond the reporting entity's own operations to encompass its upstream and downstream value chain. This extension reflects the reality that a company's ESG footprint extends far beyond its organizational boundary -- often, the majority of environmental and social impacts occur in the supply chain rather than within the company's own operations.

The BRSR value chain disclosure requirements apply to the same 9 BRSR Core attributes that require reasonable assurance for the entity's own operations. For value chain reporting, companies must disclose ESG data from their top value chain partners, covering:

Upstream Value Chain (Suppliers)

• GHG emissions: Supplier-level Scope 1 and 2 emissions, which contribute to the reporting entity's Scope 3 Category 1 (purchased goods and services) emissions
• Water consumption: Water usage in the supply chain, particularly for water-intensive raw materials
• Waste generation: Waste produced by key suppliers in manufacturing processes
• Energy consumption: Energy use by suppliers, including renewable energy share
• Social metrics: Gender diversity in supplier workforce, wage practices, safety performance

Downstream Value Chain (Distributors, Customers)

• Product use-phase emissions: Where applicable, emissions from the use of products sold
• End-of-life treatment: Waste and recycling data for products at end of useful life
• Distribution impacts: Transportation and logistics emissions

Regulatory Timeline

SEBI's phased approach for value chain disclosures:

• FY 2024-25: Top 250 listed companies must include value chain data in BRSR Core reporting
• FY 2025-26: Top 500 companies (expected extension)
• FY 2026-27: Top 1000 companies (expected extension)

The value chain data is subject to the same reasonable assurance requirement as the entity's own BRSR Core data. This makes India one of the first jurisdictions to require assured value chain ESG disclosures at scale.

Supplier ESG KPI Collection

Collecting ESG data from suppliers is one of the most operationally challenging aspects of value chain reporting. Unlike own-operations data, which the reporting entity controls, supplier data depends on the willingness, capability, and data maturity of external organizations.

Supplier Segmentation and Prioritization

No organization can collect primary ESG data from every supplier. A practical approach requires segmentation:

Data Collection Methods

Multiple channels can be used to collect supplier ESG data, each with different trade-offs between data quality and practicality:

• Supplier self-assessment questionnaires: Standardized Excel or platform-based forms sent to suppliers with defined KPI templates. This is the most common approach but depends on supplier capability and willingness to respond accurately.
• Industry platforms: CDP Supply Chain, EcoVadis, Sedex, and sector-specific platforms aggregate supplier ESG data. These provide standardized formats but may not cover all BRSR Core attributes.
• Procurement system integration: Embedding ESG data collection into existing procurement workflows (e.g., adding ESG fields to purchase orders or vendor registration forms).
• Direct engagement programmes: For critical suppliers, direct capacity-building programmes help improve data quality. These may include training workshops, joint measurement exercises, and shared measurement protocols.
• Third-party data providers: Services like CDP, Bloomberg ESG, and MSCI provide pre-collected supplier data for publicly listed suppliers, though coverage of private/unlisted suppliers is limited.

Supplier Engagement Best Practices

• Communicate ESG data requirements as part of the supplier onboarding process and annual renewal
• Provide clear KPI definitions with calculation guidance to ensure consistent interpretation
• Align data collection timing with the supplier's own reporting cycle where possible
• Offer support and training for smaller suppliers with limited ESG data capability
• Integrate ESG data requirements into procurement contracts and supplier codes of conduct
• Use escalation mechanisms for non-responsive suppliers, including making data provision a condition of preferred supplier status

Data Quality Challenges with Value Chain Data

Value chain ESG data is inherently less reliable than own-operations data. Understanding the specific data quality challenges is essential for both managing stakeholder expectations and designing appropriate controls.

Coverage Gaps

Response rates for supplier ESG data requests typically range from 30-60% for first-year programmes. This means significant portions of the value chain may not be covered by primary data, requiring estimation for the remainder. Coverage improves over time as supplier engagement matures, but achieving >80% primary data coverage for Tier 1 and 2 suppliers typically takes 2-3 years.

Definitional Inconsistency

Different suppliers may interpret the same KPI differently. For example, one supplier may report GHG emissions using operational control consolidation while another uses equity share. Water "consumption" may be defined differently across jurisdictions. Without standardized KPI definitions provided to suppliers, aggregated data may not be internally consistent.

Verification Limitations

The reporting entity typically cannot directly verify the accuracy of supplier-reported data. Unlike own-operations data, where source documents (bills, meters, system extracts) are internally accessible, supplier data is reported by external entities with limited transparency into their data collection processes.

Temporal Misalignment

Suppliers may report on different financial years or calendar years than the reporting entity. This creates temporal mismatches that must be managed through either alignment agreements, pro-rating, or disclosure of the time period covered.

Scale and Complexity

Large organizations with thousands of suppliers face a massive data management challenge. Even limiting primary data collection to Tier 1 suppliers may involve 50-200 data submissions requiring processing, validation, and aggregation.

Estimation Approaches for Value Chain Data

Estimation is a necessary and accepted component of value chain ESG reporting. The key is to use defensible estimation methodologies and disclose them transparently.

Data Quality Hierarchy

Apply a hierarchy that prioritizes higher-quality data:

1. Level 1 -- Primary, verified data: Supplier-specific data that has been independently verified or assured (highest quality)
2. Level 2 -- Primary, unverified data: Supplier-specific data self-reported by the supplier but not independently verified
3. Level 3 -- Proxy data: Data from a comparable supplier or industry segment applied as a proxy
4. Level 4 -- Secondary data: Industry-average emission factors or benchmarks (e.g., from databases like Ecoinvent, DEFRA, or IPCC)
5. Level 5 -- Spend-based estimates: Emissions estimated based on procurement spend and economy-wide emission intensity factors (lowest quality)

Documentation of Estimation Methods

For each estimated data point, document:

• Which estimation level from the hierarchy was used
• The source and vintage of any emission factors or benchmarks applied
• The allocation basis (e.g., revenue, physical quantity, number of units)
• Any adjustments made for geographical or sector-specific differences
• The sensitivity of the estimate to key assumptions
• Plans to improve data quality in subsequent reporting periods

Improving Estimation Accuracy Over Time

Organizations should have a clear trajectory for moving up the data quality hierarchy. A typical improvement path:

• Year 1: Spend-based estimates for most suppliers; primary data from top 10 suppliers
• Year 2: Primary data from top 30 suppliers; proxy data for next tier; spend-based for the rest
• Year 3: Primary data from top 50+ suppliers; some verified; proxy for next tier
• Year 4+: Majority of material suppliers providing primary data; continuous improvement in verification rates

Controls over Supplier-Reported Data

Since the reporting entity cannot directly generate value chain data, controls must focus on the processes for collecting, validating, and processing supplier-reported information. These controls are what the assurance provider will evaluate.

Data Collection Controls

• Standardized templates: Provide suppliers with pre-formatted data collection templates that include built-in validation (e.g., unit checks, range checks, completeness checks)
• KPI guidance documents: Distribute clear KPI definition sheets to suppliers with calculation examples
• Submission deadlines: Enforce defined timelines for data submission with follow-up mechanisms for non-respondents
• Training and support: Offer guidance sessions for suppliers unfamiliar with ESG data reporting

Data Validation Controls

• Plausibility checks: Compare supplier-reported values against industry benchmarks, prior-year data, and expected ranges based on the supplier's size and sector
• Internal consistency checks: Verify that related data points are consistent (e.g., energy consumption correlates with production volume)
• Outlier identification: Flag and investigate data points that deviate significantly from expected values
• Back-to-supplier verification: For significant anomalies, request supporting documentation or clarification from the supplier
• Sample verification: For a sample of suppliers, request underlying source documents (utility bills, production records) to corroborate reported figures

Data Processing Controls

• Aggregation checks: Verify that supplier-level data is correctly aggregated into value chain totals
• Unit standardization: Ensure all supplier data is converted to consistent units before aggregation
• Double-counting prevention: Implement checks to prevent the same supplier data from being counted multiple times in different categories
• Completeness tracking: Maintain a tracker showing which suppliers have responded, which data points are actual vs estimated, and overall coverage percentages

Assurance Readiness for Value Chain Disclosures

The assurance provider's approach to value chain data differs from own-operations data. Understanding what the provider evaluates helps organizations focus their readiness efforts.

What the Assurance Provider Evaluates

• Supplier engagement process: Is there a systematic programme for collecting ESG data from value chain partners?
• Supplier segmentation: Is the prioritization approach reasonable and documented?
• Data collection methodology: Are standardized templates, KPI definitions, and guidance provided to suppliers?
• Validation procedures: Are plausibility checks, outlier analysis, and consistency reviews performed?
• Estimation methodology: Are estimation approaches documented, reasonable, and applied consistently?
• Coverage disclosure: Is the proportion of actual vs estimated data transparently reported?
• Year-on-year improvement: Is there a plan to improve data quality over time?

What the Assurance Provider Does NOT Do

It is important to understand that the assurance provider does not typically:

• Visit supplier sites to independently verify supplier-reported data
• Perform detailed testing of supplier internal controls
• Provide assurance on individual supplier ESG data
• Guarantee the accuracy of supplier-reported information

Instead, the assurance opinion on value chain data is based on whether the reporting entity's processes for collecting, validating, and processing value chain data are reasonable and whether the resulting disclosures fairly represent the available information within the disclosed limitations.

Practical Steps for Listed Companies

The following action plan helps listed companies approaching BRSR value chain assurance readiness:

Phase 1: Foundation (Months 1-2)

1. Map your value chain to identify upstream and downstream partners
2. Segment suppliers using the tiering approach (Critical, Significant, Remaining)
3. Define which BRSR Core attributes will be collected at each tier level
4. Document the value chain boundary and coverage approach

Phase 2: Infrastructure (Months 2-4)

1. Develop standardized supplier data collection templates with KPI definitions
2. Establish a supplier engagement programme (communication plan, training, support)
3. Implement a data management system for receiving, storing, and processing supplier data
4. Define validation rules and plausibility check procedures

Phase 3: Collection and Validation (Months 4-8)

1. Distribute data collection templates to Tier 1 and Tier 2 suppliers
2. Monitor response rates and follow up with non-respondents
3. Apply validation checks to received data and resolve anomalies
4. Apply estimation methodologies for suppliers not providing primary data
5. Document all estimation approaches and data quality classifications

Phase 4: Assurance Preparation (Months 8-10)

1. Compile value chain evidence packs for each BRSR Core attribute
2. Prepare a coverage and data quality summary disclosing actual vs estimated percentages
3. Conduct internal testing of value chain data processes
4. Brief the assurance provider on the value chain approach and known limitations

Value chain ESG data will never achieve the same precision as own-operations data. The objective is not perfection but rather a credible, transparent, and continuously improving representation of the organization's value chain ESG footprint.

Frequently Asked Questions

What are value chain ESG disclosures under BRSR?

Under BRSR, value chain ESG disclosures require listed companies to report ESG data from their upstream (suppliers) and downstream (distributors, customers) value chain partners for the BRSR Core attributes. This includes GHG emissions, water and waste data, energy consumption, and social metrics from key supply chain partners. SEBI requires this for top 250 companies from FY 2024-25.

How do I collect ESG data from suppliers?

Common approaches include: supplier self-assessment questionnaires with defined KPI templates, procurement platform integrations, industry-standard data exchange formats (e.g., PACT/Catena-X for carbon data), direct supplier engagement programs, and use of third-party sustainability platforms. The approach should be proportionate to supplier materiality -- focus data collection efforts on the top suppliers contributing 80% of procurement spend or emissions.

Can estimated data be used for value chain ESG disclosures?

Yes. Given the practical challenges of collecting primary data from all value chain partners, SEBI and assurance standards recognize the use of reasonable estimates. However, the estimation methodology must be documented, the proportion of estimated vs actual data must be disclosed, and the assurance provider will evaluate the reasonableness of estimation approaches. Primary (supplier-specific) data is preferred over secondary (industry-average) data where available.

How does the assurance provider verify value chain data?

The assurance provider evaluates the processes and controls the reporting entity has in place for collecting, validating, and processing value chain data. This includes reviewing supplier data collection procedures, testing validation checks applied to supplier-reported data, evaluating estimation methodologies, assessing the completeness of value chain coverage, and selectively verifying supplier-reported data against available supporting evidence.

What are the biggest challenges with value chain ESG assurance?

The primary challenges are: (1) Low supplier response rates for ESG data requests, (2) Inconsistent data quality and definitions across diverse suppliers, (3) Limited verifiability of supplier-reported data, (4) Reliance on estimates and secondary data for significant portions of the value chain, and (5) Scope boundary decisions for complex multi-tier supply chains. These challenges require robust methodologies and transparent disclosure of data quality limitations.