No.

23-2004 ICCSR Research Paper Series - ISSN 1479-5116

No. 23-2004 ICCSR Research Paper Series - ISSN 1479-5124

Assurance Statement Quality in Environmental, Social and Sustainability Reporting: A Critical Evaluation of Leading Edge Practice David Owen and Brendan ODwyer

Research Paper Series International Centre for Corporate Social Responsibility ISSN 1479-5116 Editor: Dirk Matten International Centre for Corporate Social Responsibility Nottingham University Business School Nottingham University Jubilee Campus Wollaton Road Nottingham NG8 1BB United Kingdom Phone +44 (0)115 95 15261 Fax +44 (0)115 84 66667 Email dirk.matten@nottingham.ac.uk http://www.nottingham.ac.uk/business/ICCSR

Assurance Statement Quality in Environmental, Social and Sustainability Reporting: A Critical Evaluation of Leading Edge Practice Professor David Owen and Dr. Brendan ODwyer

ABSTRACT Recent years have witnessed a continual growth in the number of companies reporting publicly on various aspects of their environmental and social performance. Accompanying this growth has been a discernible rise in the number of these reports that are being verified by independent third parties in order to increase the credibility of their contents for readers. In this paper we undertake a detailed critical analysis of assurance statements appearing in leading edge environmental, social and sustainability reports as represented by those shortlisted for the 2002 ACCA UK and European Sustainability Reporting Awards scheme. Prior studies have questioned the credibility of statements which appeared in the mid to late 1990s, raising fundamental questions as to their value for external stakeholders. Drawing on an evaluative framework centrally informed by the recently issued AccountAbility, FEE and GRI guidelines on assurance, we advance previous work by assessing whether current leading edge assurance practices offer more in terms of enhancing transparency and accountability than did their predecessors. Our analysis indicates some improvement in terms of the rigour of work undertaken and independence of the assurance exercise. However, it also exposes a large degree of management control over the assurance process, as evidenced by a reluctance to address statements to specific stakeholder constituencies and a general absence of stakeholder participation in assurance processes. Distinct approaches to assurance among accountant and consultant assurers are also highlighted with the former primarily adopting a cautious, limited approach aimed at providing low assurance levels. While consultant assurers take a more evaluative approach and appear to provide higher level assurance, their focus on aiding corporate strategic direction potentially blurs their independence. We contend that their apparent intertwining of the concepts of accountability and value added needs careful scrutiny as this may reflect an ultimate accountability to corporate management as opposed to other stakeholders. Authors David Owen is Professor of Environmental and Social Accounting at the International Centre for Corporate Social Responsibility (ICCSR) at Nottingham University Business School. Brendan ODwyer, BComm MBS DPA PhD ACA lectures in the Department of Accountancy at the Michael Smurfit Graduate School of Business, University

College Dublin where he is Programme Director of the Master of Accounting. Brendans main research interests encompass: corporate social accountability, social and ethical accounting, auditing and reporting, corporate governance, professional accounting body ethics, and qualitative research methods. His work has been published widely in a number of leading international refereed academic journals including Accounting, Auditing and Accountability Journal and The European Accounting Review. He is a member of the editorial board of Accounting, Auditing and Accountability Journal. Prior to joining academia, Brendan worked as a Chartered Accountant with Ernst and Young in Dublin. Address for correspondence Professor David Owen, International Centre for Corporate Social Responsibility, Nottingham University Business School, Nottingham University, Jubilee Campus, Wollaton Road, Nottingham NG8 1BB, United Kingdom, Email david.owen@nottingham.ac.uk
Dr. Brendan ODwyer, Department of Accountancy, Michael Smurfit Graduate School of Business, University College Dublin, Blackrock, Co. Dublin, Ireland, Email: brendan.odwyer@ucd.ie

ASSURANCE STATEMENT QUALITY IN ENVIRONMENTAL, SOCIAL AND SUSTAINABILITY REPORTING: A CRITICAL EVALUATION OF LEADING EDGE PRACTICE 1. Introduction

Recent years have witnessed a steady growth in the number of companies reporting publicly on various aspects of their environmental and social performance. For leading edge reporters, predominantly, but not exclusively, large companies operating in sensitive industrial sectors the preferred means of dissemination has increasingly become the production of a substantial stand alone paper and/or web based report. Since 1993, KPMGs tri-annual survey of reporting practice has charted the steady growth in the number of reporters. In the latest (2002) survey, for example, it is noted that 45% of the top 250 companies of the Global Fortune 500 (GFT250) now issue an environmental, social or sustainability report compared to 35% in 1999 (KPMG, 2002). A significant growth rate is also noted in the number of reports issued by the top 100 companies in eleven countries (including nine from Europe together with the USA and Australia) up from 13% in 1993 to 28% in 2002. Accompanying the growth in reporting has been a discernible rise in the proportion of environmental, social and sustainability reports that are verified by independent third parties. This trend is primarily driven by a realisation that the growing levels of disclosure are being undermined by a credibility gap arising from a lack of confidence in both the data and the sincerity of reporting organisations (Doane, 2000; Swift and Dando, 2002; Dando and Swift, 2003). According to KPMGs figures, 29% of GFT250 report issuers in 2002 had their reports verified (1999: 19%) whilst similarly 27% of top 100 companies included a third party verification statement in their report compared with just 18% in 1999 (see also, CSR Network, 2003; Kolk, 2003). Amongst leading edge reporters verification is significantly more prevalent, with SustainAbilitys (2002) analysis of sustainability reporting indicating that 68% of the worlds best sustainability reports feature some form of assurance statement. KPMG (2002) suggests that the increased prevalence of verification arises from the demand for reliable and credible information from management, for managing the companys environmental and social risks, and from stakeholders who want assurance that the report truly represents the companys efforts and achievements

(p.18). As Roger Adams, Technical Director of the Association of Chartered Certified Accountants (quoted in AccountAbility, 2003a) notes: All organisations want to show themselves in the best possible light. ACCA believes that independent external assurance is a vital part of the credibility and trust building process. The role of independent assurance is to ensure that the reporter presents an account that is fair, complete, unbiased and relevant. (p. 7) Significantly, in the light of Adams comments, studies of assurance practice in the context of environmental reporting have raised serious questions over the credibility of such exercises and fundamental doubts concerning any value thereby added to the reports produced from the perspective of external stakeholders. Kamp-Roelands (2002) highlights major inconsistencies in terms of subject matter addressed, audit scope, objectives and criteria employed, level of assurance provided, audit procedures employed and wording of audit opinions offered. In a more critical vein, Ball et al (2000) suggest that question marks over verifier independence and the degree of rigour applied to their work, evidence of auditee control over the process and an overriding emphasis on management systems as opposed to performance based issues are indicative of a managerial turn rather than the exercise representing any corporate commitment to external transparency and accountability (see also, Gray, 2000, 2001). Developments since the above two studies were carried out (for both the KampRoelands and Ball et al. studies the most recent reporting year utilised was 1997-98) suggest that this is an opportune time to re-visit the issue of assurance statement quality in order to ascertain the degree to which current practice exhibits similar weaknesses to the ones they highlighted. One key development, accompanying the increased popularity of reporting per se referred to above, has been the introduction of a social, in addition to the longer standing environmental, component into reports as what is commonly termed sustainability reporting becomes ever more prevalent. Significantly, KPMGs 2002 survey is described as being one of sustainability reporting whilst the previous ones were termed environmental reporting surveys. Figures produced in the 2002 survey indicate that 27% of the GFT250 and 35% of the top 100 company reports studied contained a significant social dimension. The 2002 survey draws particular attention to an increasing focus on social issues, 2

like community involvement, equal opportunity, workforce diversity, human rights, supplier relations, child labour, freedom of association and fair trade, and goes on to note that we expect this trend to be continued in the following years and for sustainability reporting to become more integrated into business practice (p. 5). Such a major broadening of focus for the reporting exercise has clear implications for any accompanying assurance process, both in terms of scope of work carried out and constituencies placing reliance on it. Recognition of this fact seems apparent from the issuing of assurance practice guidance statements in recent years by influential bodies such as AccountAbility (1999, 2003b), the Federation des Experts Comptables Europeens (FEE, 2002) and the Global Reporting Initiative (GRI, 2002). Whilst apparently pursuing somewhat different agendas, all of these initiatives have the common aim of securing increased rigour in assurance practice, with a view to enhancing the credibility of the reporting exercise itself. Additionally, they provide a yardstick by which to judge the degree of reliance that can be placed on current assurance practice as being fair, complete, unbiased and relevant. Our aim in this paper is to undertake a critical analysis of assurance statements appearing in leading edge environmental, social and sustainability reports as represented by those shortlisted for the 2002 ACCA UK and European Sustainability Reporting Awards scheme. By investigating whether inconsistencies in approach and evidence of a managerial turn still permeate current practice we advance and update the work of Ball et al. (2000) in light of the recent increase in assurance practice. In addition, we also analyse the extent to which the contents of assurance statements satisfactorily address key elements forming the basis of the AccountAbility, FEE and GRI recommendations such as independence, clear identification of the scope of the engagement together with standards and criteria employed, materiality, completeness and responsiveness. This represents the first comprehensive attempt to evaluate leading edge assurance practice drawing on guidance issued by these influential bodies. Underpinning our analysis is a concern to answer the question as to whether current leading edge assurance practices offer more in terms of enhancing transparency and accountability than did their predecessors (see, Ball et al., 2000; Owen et al 2000). Before turning our attention to the analysis of assurance statements we look in a little more depth at the

AccountAbility, FEE and GRI guidelines that centrally inform our evaluative framework. 2. The AccountAbility, FEE and GRI Guidelines

AccountAbility issued an exposure draft of a Foundation Standard, AA1000, in November 1999, which was concerned with specifying the processes both organisations and assurance providers should employ to secure the quality of what they then termed social and ethical accounting, auditing and reporting. Subsequently a programme of work was begun to revise the standard via an envisaged AA1000 Series which is intended to guide organisations in establishing systematic accountability processes that involve Stakeholders in the generation of strategies, policies and programmes as well as associated indicators, targets and communication systems, which effectively guide decisions, activities and overall organisational performance (AccountAbility, 2003b, p.33). As part of this process a stand alone Assurance Standard has been produced which provides the basis for assuring a sustainability report, together with underlying processes, systems and competencies, against the AA1000 series definition of accountability and associated principles. In addition to providing guidance for the assurance provider in applying the AA1000 principles and in evaluating evidence in the context of assessing report credibility, the standard specifies the following elements that the Assurance Statement itself should cover: A statement on the use of the AA1000 Assurance Standard. Description of work undertaken, the level of assurance pursued and description of the agreed criteria to be used during the assurance process. Conclusions as to the report quality and underlying organisational processes, systems and competencies which must cover whether: i. ii. the report provides a fair and balanced representation of material aspects of performance (materiality) the organisation has an effective process in place for identifying and understanding activities, performance, impacts and stakeholder views (completeness) iii. the organisation has an effective process in place for managing aspects of sustainability performance and responding to stakeholder views, including any significant weaknesses in underlying processes, systems and competencies (responsiveness) 4

iv.

the report can be used by stakeholders (responsiveness)

It is further suggested that additional commentary may be offered highlighting progress in both reporting and assurance since the last report together with suggestions for improvements in reporting and underlying processes, systems and competencies for the next cycle. Finally, the standard requires assurance providers to make information publicly available, within the assurance statement or related public document, concerning their independence from the reporting organisation, impartiality towards stakeholders and their own competencies. FEEs 2002 Discussion Paper Providing Assurance on Sustainability Reports discusses three possible approaches to providing assurance on sustainability information, termed accountancy, social audit and consultancy. The accountancy approach, whereby the roles of report preparer and assurance provider are clearly distinguished, with the latter using a structured approach involving the analysis of risk and use of appropriate procedures to gather evidence prior to issuing a report stating the assurance given, is considered to fundamentally underpin the comprehensive assurance process advocated. The Discussion Paper notes that: In essence, the comprehensive approach is the accountancy approach, enhanced through accommodation of aspects of stakeholder dialogue taken from the social audit approach and the well-developed understanding of management systems and processes developed through consultancy methods (p.21). Significantly, the accountancy approach dictates the recommended way for communicating assurance to report users (in situations where the assurance provider is a professional accountant intending to convey a high level of assurance) with IFACs International Standard on Assurance Engagements (ISA 100) providing the template. This calls for the assurance statement to include: A title An addressee A description of the engagement objective and subject matter

A statement identifying the party responsible for the subject matter of the report and the responsibilities of the assurance provider In cases where the report is for restricted purposes, identification of the parties to whom the report is restricted and for what purpose it was prepared Identification of the standards under which the engagement was conducted Identification of the criteria against which the subject matter of the report was evaluated A conclusion concerning the subject matter evaluated, indicating any reservations or denial of a conclusion The report date The name of the assurance provider and place of issue of the report

In considering a number of practical difficulties which may arise in preparing an assurance statement some scope is offered for relaxing the rather constrained IFAC derived format outlined above. It is, for example, suggested that the credentials of the assurance provider may be disclosed in situations where users may be unaware of them, whilst it may also be necessary to explain the assurance providers degree of independence from the reporting company. Furthermore, whilst issues appertaining to stakeholder views and concerns do not feature centrally in assurance statement content, as is the case with AA1000, it is acknowledged that stakeholder dialogue is likely to be a significant issue in the reporting process itself and may therefore be referred to in the assurance statement, and indeed may be necessary in helping determine appropriate wording for the statement. Finally, scope is offered for providing some assessment of the companys sustainability performance, or reporting of that performance, although it is stressed that any such assessment must be clearly differentiated from the assurance on the sustainability report itself. Despite the above concessions, FEEs approach to sustainability assurance appears much more bounded by an attitude of caution than that of AccountAbility, with an overriding desire to avoid creating an expectation gap whereby a user mistakenly assumes that there is more assurance than is actually present (p. 17). Indeed much emphasis is placed on using the term assurance rather than audit or verification for the very reason that it conveys a lower level of endorsement than that of the latter two terms. 6

Whereas carrying out an assurance exercise is not mandatory under the GRI Sustainability Reporting Guidelines, auditability of information forms one of the laid down reporting principles considered essential for underpinning the production of a balanced and reasonable report. Furthermore, a working group was formed in 1999 to explore issues and options for strengthening the credibility of sustainability reports through various assurance mechanisms (GRI, 2002, p. 25). Guidance as to what might be included in an independent assurance report arising as a result of the groups consultations is contained in annex four appended to the Guidelines document. The guidance has much in common with that provided by FEE including recommendations that: A separately identified assurance statement is produced with a specified addressee identified. (It is suggested that this will normally be the board of directors, or, if agreed, the organisations stakeholders.) The respective responsibilities of report preparer and assurance provider are clearly distinguished. A statement of the scope and objective of the assurance engagement is presented. The criteria used in assessing evidence and reaching conclusions are provided. Standards applied are disclosed. A statement of the conclusion reached concerning the subject matter evaluated (with encouragement to report constructively on any reservations) is provided The identity and location of the assurance provider together with date of report is included. The GRI guidance, however, goes a little further than that of FEE in a number of instances. Firstly, it is specified that a statement affirming the assurance providers independence and freedom from bias and conflicts of interest should, rather than may, be included. Secondly, a brief description, or outline, of how evidence providing the basis for the conclusion reached was obtained is called for. Significantly, it is noted that this will include the extent to which different categories of stakeholders participated in the planning and execution of the assurance process and indicate any constraints on this process (GRI, 2002, p. 79). Finally, the GRI guidance is a little more prescriptive than that of FEE concerning wording of any conclusion reached in 7

that this should address the accuracy, completeness, reliability and balance of the sustainability report, relative to the scope of the engagement (GRI, 2002, p. 79). 3. Research Method and Sample

As noted earlier, our sample of assurance statements for analysis comprises those appearing in environmental, social and sustainability reports shortlisted for the 2002 ACCA UK and European Sustainability Reporting Awards. The total number of reports shortlisted was 81, of which 48 were from the UK. Of the UK reports 28 contained assurance statements (58%), whereas for the European reports, 13 assurance statements were located (34%). The latter figure, however, gives a rather understated picture of assurance practice within large European companies in that none of the seven companies shortlisted in the separate SME category for the European scheme featured an assurance statement within their report, whilst additionally we were unable to access English language versions of a further four reports. Excluding these eleven reports from the overall sample moves the percentage assured up to 59%, a figure much more in line with that observed in the UK. In carrying out our analysis we have followed the practice of earlier researchers (Ball et al., 2000; Kamp-Roelands, 2002) in looking for variations in approach between accountant and consultant verifiers and draw attention to notable differences where appropriate. Additionally, we have looked for differences in assurance practice applied to environmental and social/sustainability reporting exercises. A priori we would expect some variation in the former instance, with accountant verifiers presumably more likely than consultants to be influenced by the accountancy approach of FEE and the GRI. In the case of type of report we wouldnt, however, necessarily expect much in the way of differences of approach, save except perhaps for more reference to issues of stakeholder engagement and dialogue in the case of social/sustainability reporting. This is for two reasons. Firstly, the FEE (and to a large extent the GRI) guidelines, as noted, draw on IFACs ISA 100 standard, which applies to any report intended to convey a high level of assurance. Secondly, the term sustainability report is increasingly being used to cover the broad range of formats in which companies are reporting on their social and environmental performance, whether within individual social, environmental, corporate citizenship or environmental, health and safety reports; as part of their corporate 8

annual report; or in designated triple-bottom line and sustainability reports. (AccountAbility, 2003a, p.3). By implication, therefore, it would appear that AccountAbility are assuming their own assurance standard to be applicable to a broad range of reports. Table 1 provides a breakdown of the number of assurance statements analysed in terms of type of report and assurance provider. Table 1: Assurance Statements Analysed Type of Report Total Assurance Provider Accountant Environmental Social/Sustainability Total 13 (32%) 28 (68%) 41 9 10 19 (46%) Consultant 4 18 22 (54%)

Noteworthy from Table 1 is that the dominant position of consultant verifiers identified in the Ball et al. and Kamp-Roelands studies appears to have been significantly eroded (at least as far as our sample is concerned), although accountants seem more prominent in environmental rather than social/sustainability assurance provision. Also, the preponderance of social/sustainability reports contrasts somewhat with the picture painted by KPMGs (2002) survey referred to earlier, whilst however providing some support for AccountAbilitys assertion above. The evaluative framework employed for analysing our sample of assurance statements is developed from the AccountAbility, FEE and GRI guidelines outlined in the previous section. Key questions focussed upon are as follows: What level of basic information concerning the assurance provider and the assurance process is provided? Issues addressed are whether FEE and GRI stipulations as to clearly identifying the type of statement (title), the addressee and respective responsibilities of preparer and assurance provider are followed, and whether information concerning the assurance providers competencies is provided. 9

Is the degree of independence of the assurance provider from the reporting organisation made clear?

Is a clear description of work undertaken offered, covering such issues as scope of the assurance exercise, criteria and standards employed, together with the level of assurance being given?

To what extent do statements address the core assurance principles of materiality, completeness and responsiveness emphasised in AccountAbilitys AA1000 assurance standard?

Is any assessment of underlying processes and systems, reporting procedures and performance itself made, with weaknesses highlighted and recommendations/ strategic commentary offered?

In what form are opinions stated? For example, do conclusions reached on the report address issues such as accuracy, completeness, reliability and balance as called for in the GRI guidance?

A detailed questionnaire was partially derived from the instrument used in Ball et al. (2000). However, this instrument was substantially revised to accord with the evaluative framework outlined above. The initial analysis was undertaken by a research assistant who read each assurance statement in detail on numerous occasions. Give that there is an element of subjectivity in the interpretation of aspects of the evaluative framework, both authors then rechecked these results by reading the statements independently on several occasions. Numerous changes were made to the overall analysis and the statements were again analysed in depth by the authors to confirm and agree these revised findings.

4.

Results
Process

4.1 Information Provision Relating to the Assurance Provider and Assurance As one would expect, all assurance providers clearly identified themselves (which allowed us to separately identify accountant and consultant verifiers) and in the overwhelming majority of cases their statements were dated. Information provided on competencies was however patchy. Generally, Big 4 accountant verifiers were 10

content for the very name of the firm to indicate competence to undertake the assurance process. We identified only two instances (11% of the accountant sample) in which some clear indication was given of past assurance experience and four examples (22% of the accountant sample) of the particular area of expertise brought to bear on the assurance process being mentioned. In the former case, for example, KPMGs attestation report for Volkswagen AG notes that experience and findings from previous audits of environmental reports assisted them in identifying critical areas for examination and drawing up an audit strategy. In terms of disclosing areas of expertise, PriceWaterhouseCoopers (PwC) review of Abbey Nationals corporate citizenship report is identified as being conducted by their environmental management consultancy arm, whilst in a similar vein the verification of BASFs social responsibility report is attributed to Deloitte and Touche Global Environment and Sustainability Services. For their part, KPMG refer to the assembly of a multidisciplinary team of social responsibility and assurance specialists to undertake work on the Co-operative Insurance Societys social accountability report. Consultant verifiers were more likely to disclose details of past assurance experience, areas of expertise and relevant qualifications for undertaking the assurance exercise with almost half (48%) disclosing in this vein. For example, Ashridges verification report for Camelot refers to the verification team leader being a Certified Member and Director of AccounAbility while Casella-Stanger append to their verification statement for BAAs sustainability disclosures a note that they are a UK based environmental consultancy which has expertise in a wide range of areas, such as corporate social responsibility, EMS, risk, air quality, noise, water quality and ecology. Additionally, the company has experience in the design, development and verification of sustainability reports in a wide range of sectors, and several staff are registered with the Institute of Environmental Management and Assessment (EMA) as qualified auditors and members of AA1000. Turning to information provision concerning the assurance process itself, we were somewhat surprised to note that, notwithstanding the cautionary approach to terminology adopted in the FEE guidelines, verification statement or verifiers report was by a considerable margin the most popular term employed for independent opinion statements. This term was used on twenty occasions (49% of overall sample) which contrasts somewhat with the relative unpopularity of the term assurance 11

which appeared only six times (17%). It should however be noted that accountants were much less likely to employ the term verification, using it in just five cases (26% of accountants sample). Significantly, the accountant verifiers were also far more likely to draw attention to the respective responsibilities of report verifiers and preparers than were consultants. Indeed, we found only one occasion where no specific reference was made identifying responsible parties. This was in the context of Deloitte and Touches checking of certain data control procedures operated by Grundfos, in which case the firm is at pains to point out that neither an audit or review has been carried out in accordance with Danish accounting standards and that no assurance is provided on the correctness of the total report. For consultants, by contrast, on nine occasions (41%) no specific reference is made to the responsibilities of corporate management for report preparation, although it should be acknowledged that the responsibilities undertaken by the verifier are generally most clearly spelt out. One significant area where FEE and GRI guidelines seem to be having little impact is in the specification of an addressee for the assurance statement. In only eleven instances (27% of sample) did this occur and this was exclusively among the accountant verifiers. They identified the board of directors on seven occasions, the company itself on three and, rather quaintly, the readers of the report on the remaining one. Intriguingly, when looking at the constituencies the organisations report itself purports to address we see that employees are identified in 66% of cases, customers 59%, the local community 54% and shareholders 49%. We can but contrast the situation here with that of financial reporting where the report is prepared for shareholders and the audit report is also clearly addressed to the same constituency. There are significant issues of corporate governance to unpick in the realm of sustainability reporting that presently go somewhat unacknowledged. 4.2 Independence of the Assurance provider

In total, just under half (46%) of assurance statements made some reference to the providers independence from the reporting organisation. Consultant verifiers (65% of cases) were more likely than accountant verifiers (39%) to provide such a statement or reference, particularly in the context of verifying social/sustainability reports. Indeed, for accountants, in the majority of cases simply labelling their statement as being independent was deemed to suffice. Generally, by contrast, the consultant 12

group offered a more complete description of the degree of independence prevailing in the reporter-assurance provider relationship. One example here is provided by ethics etcs statement on the Co-operative Banks partnership report that they hold a Business Direct account, but no other business or personal relationship with the bank or its directors and managers. Despite the accountant groups reluctance to provide a detailed statement of independence from the client company, it is easy to draw an inference of an arms length relationship from the generally detailed description provided of the respective responsibilities of report preparer and assurance provider drawn attention to earlier. Indeed, we came across no examples of accountant verifiers performing services for the client other than assurance provision in the context of the environmental and social reporting process. Whilst the overriding majority of the assurance statements from the consultant group suggested a similar arms length relationship, we did discover four instances where independence, either currently or potentially, was less than complete. The clearest example of this comes from csr networks validation of Balfour Beattys safety, environment and social report where ongoing consultancy contracts with the company are referred to: In 2002 these included advice on environmental metrics and data collection, and a third annual environmental management benchmarking exercise. Significantly, it is then noted that: Taken together, these contracts add depth to our appreciation of governance arrangements within the Group, but they also mean that our opinion cannot be viewed as fully independent (emphasis added). Interestingly, Ashridges verification of Camelots social and environmental report draws attention to the offering of advice and guidance on the appropriate performance measures to be included in the report but makes no similar acknowledgement of their independence being possibly compromised. The contrast with csr networks procedures is further highlighted by another instance, the latters assurance statement appended to FRC Groups social report, where it is stated that FRC have commissioned csr network to provide advice on social accounting

13

throughout the coming year. This presents a conflict of interest, particularly in relation to future assurance exercises (emphasis added). The final example of a less than fully independent relationship is provided by The Corporate Citizenship Companys attestation statement for South African Breweries corporate accountability report where attention is drawn to the fact that they have acted as consultants to the company since 1999. The nature of the relationship is rather underlined by Michael Tuffreys (co-founder of The Corporate Citizenship Company) external commentary on the report which commences with the resounding statement: Having worked with SAB since soon after its London listing, it is personally pleasing to see how frequently the company is now cited as a leader in social reporting. We would suggest that this is not the ideal way to commence an attestation statement if one wants to achieve credibility with ones readership. Indeed, the rest of the commentary does rather tend to accentuate the positive and ends with the rallying call that SABs record is already a strong one. Meeting the social challenge will make it stronger still. Whilst we have drawn particular attention to situations where the relationship between the company and its assurance provider may fall short of one of full independence, it must be acknowledged that these now appear to be very much the exception. However, similar issues of corporate governance that we drew attention to in the previous sub-section are again relevant when considering the concept of independence in the fullest sense of the term. Put simply, the assurance exercise is commissioned by corporate management, rather than individual stakeholder groups, who are thus able to place restrictions on the areas of performance and reporting upon which the assurance provider can bring to bear independent judgement. An example of this is provided in a footnote to Lloyds Register Quality Assurance Limiteds (LROA) verification statement on BT Groups 2002 social and environmental report where it is noted that:

14

 [v]erification scope is to confirm that the information presented is right. LRQA had no input to topics chosen or their content, this is the responsibility of BT, with support from the Independent Advisory Panel (emphasis added). 4.3 Description of Work Undertaken

Whereas all assurance statements make some reference to the scope of the exercise undertaken, only fifteen statements (37%) go on to provide clear and specific information on areas not reviewed or assessed. Information provision on the level of assurance provided and specific criteria employed is provided by less than half of the sample (41%). Accountant verifiers (53%) seem more likely than their consultant counterparts (30%) to spell out the exact level of assurance pursued. In a number of cases, notably in work performed by PwC, it is indicated that there are limitations in the degree of assurance being offered. Thus, for example, in their review of Abbey Nationals corporate citizenship report it is clearly stated that, we have not conducted an audit, as defined in auditing standards, and we do not express an audit opinion on the performance data and information in the Report. The same phrase appears in the firms review of BG Groups social and environmental report, with the additional information provided that work had been planned and performed, in order to obtain reasonable, rather than absolute, assurance on the information tested, although a belief is stated that the work carried out, provides a reasonable basis for our findings. The health warning appended to the attestation statement for BPs environmental and social review is rather more stark, indicating that the statement in itself, should not be taken as a basis for interpreting BPs performance in relation to its non-financial policies. By contrast, in a rare example of a non Big 4 accountants verification exercise, Rainbow Gillespie convey the fact that they have audited the social accounts of Traidcraft in accordance with AccountAbility 1000 Section 3 - Guidelines for the social and ethical auditor. Interestingly, the only two other examples of (Big 4) verification exercises offering a high level of assurance are both confined to environmental reports. PwC give an audit opinion concerning environmental and safety indicators published in Rhodias sustainable development report, whilst KPMG are clear that they are performing an audit of Volkswagens environmental report. Significantly, the existence of Generally Accepted Audit Standards for Audits of Environmental reports (IDW PS 820), issued by the German 15

Institute of Accountants, was instrumental in enabling the latter exercise to be carried out. Clearly, the lack of specific criteria, in terms of directly applicable auditing standards, is a major constraint on the level of assurance offered. The criteria employed by accountants are generally stated as reflecting emerging best practice together with the underlying principles within international standards for assurance engagements. We came across only twelve cases (29% of sample) where the verifier clearly indicated that a particular standard had provided the criteria employed in the assurance engagement. In the case of environmental report verification, in addition to the use of IDW PS 820 observed above we also noted three references to environmental management certification. For social/sustainability report verification the AA1000 Framework Standard and the recently issued Accountability Assurance standard are clearly achieving a position of some influence, being used substantially to guide the assurance process on eight occasions (29% of this sample) and partially once (URS Verifications assurance of Unilevers web based environment and society disclosures). Generally consultants were to the fore in using this standard, with assurance work at BAA, BAT, BT, Camelot, FRC and the Co-operative Bank being driven by the AA1000 approach. In addition to Rainbow Gillespies verification of Traidcraft, referred to above, the only other example we came across of an accounting firms use of the AA1000 standards is KPMGs statement on the Cooperative Insurance Societys social accountability report. In this case the three page verification draws particularly heavily on the provisions of the AA1000 Framework Standard and features a detailed review of improvements achieved by the society against the eight core principles of 1999 draft of the Standard. Whilst criteria underpinning verification work, as may be seen from the above, are generally not clearly specified, an overwhelming majority of statements do provide details of work undertaken on the assignment as Table 2 indicates.

16

Table 2: Nature of Assurance Work Undertaken % of Total Sample (41 reports) in data 93 85 12 17 56 85 10 % of Environmental Reports (13 reports) 93 69 15 8 69 77 8 % of Social/Sustainability Reports (28 reports) 93 93 11 21 50 89 11

Nature of Work Undertaken

Validation report

of

data

Validation of collection systems

Validation of achievement of targets Validation of governance arrangements Site visit(s) carried out Staff interviewed Stakeholders interviewed

Comparing figures on work undertaken during the assurance process in the above table with those appearing in Ball et al.s (2000) study suggests that a discernible improvement in the rigour with which the process is conducted has taken place. Notably, for our sample 93% of assurance providers make reference to having undertaken a review of data in arriving at an opinion as against 70% in Ball et al.s study. Additionally, 85% refer to having undertaken a review of systems (Ball et al. 43%), 56% to site visits (Ball et al. 32%) and 85% to having interviewed client staff (Ball et al. 61%). Significantly, the latter figure contrasts somewhat starkly with the number of statements (10%) that refer to interviews being carried out with stakeholders as part of the assurance process. Interestingly, however, for the few assurance providers commenting on governance issues, reference is generally made to the need for involving stakeholders more closely in the reporting process. Thus, for example, URS Verification Ltd note that the process of evaluation of stakeholder opinion is emerging and the link to reporting is yet to be clearly established in their verification of Unilevers report. In similar vein Bureau Veritass verification of BATs 17

social report refers to a need for the company to demonstrate actionable commitment to stakeholder issues if they are to build trust, and so improve inclusivity. 4.4 Materiality, Completeness and Responsiveness

The core principles of AccountAbilitys AA1000 Assurance Standard providing guidance to the assurance provider in reaching an opinion, those of materiality, completeness and responsiveness, are centrally concerned with issues of stakeholder engagement and inclusivity. The materiality principle requires the assurance provider to state whether the organisations report contains information about sustainability performance required by its stakeholders for them to be able to make informed judgements, decisions and actions (p. 14). According to the AA1000 Assurance Standard, information is material if its omission or misrepresentation in the Report could influence the decisions and actions of the Reporting Organisations stakeholders (AccountAbility, 2003b, p. 15). The completeness principle calls for an evaluation of the extent to which the reporting organisation can identify and understand material aspects of its sustainability performance (p. 17) which encompasses activities, impacts and stakeholder views. Finally, the responsiveness principle requires the assurance provider to evaluate whether the reporting organisation has responded to stakeholder concerns, policies and relevant standards, and adequately communicated these responses in its report (p. 18). We found instances of specific reference being made to materiality issues in thirteen assurance statements (31% of sample). However, the general procedure adopted was to offer a very broad statement rather than specific details of how materiality levels had been set or indeed what exactly material implied. For example, PwCs review of BG Groups social and environmental report notes simply that it addresses the material Health, Safety, Security and Environmental issues associated with BGs operations, whilst Ernst and Youngs attestation of BPs environmental and social review states that we are not aware of any material modifications that should be made to the HSE data which would affect assessment of group-wide HSE performance. Significantly, the latter report also points out that decisions regarding matters included in the review have been made by the company and that the degree to which the Review contents address key stakeholder concerns are based 18

on BPs judgement. We could find only two assurance statements which specifically and unambiguously addressed the issue of materiality from a stakeholder perspective. These were Bureau Veritas verification statement for BATs social report which focussed centrally on the stakeholder dialogue process employed by the company and KPMGs statement on CIS social accountability report which in drawing attention to improvements made by the company against the eight AA1000 (1999) principles noted under the materiality heading that: CIS is integrating social, ethical and environmental risks into a new risk management process. Stakeholder dialogue is used in risk identification and CIS is experimenting with various techniques of stakeholder dialogue with different groups and issues. One further example of reference being made to a stakeholder centred notion of materiality worthy of particular mention is PwCs review of Cable and Wirelesss environment report which notes that further work is required to strengthen the framework for gathering and reporting environmental information including: Development of a Group-wide approach to stakeholder engagement to confirm the material environmental issues at Group, business and site level. Turning to the issue of completeness, we found fourteen instances (34% of sample) where the assurance provider offered some specific degree of assessment of the extent to which the reporting organisation is able to identify and understand its own sustainability performance. Consultant assurance providers (39% of cases) appeared more likely to offer comment in this vein than accountant assurance providers (27%). Specific comment was made suggesting that all information was provided to enable stakeholders to make informed judgements on only four occasions (10% of sample). In particularly forthright style in this context Ashridges verification of Camelots social and environmental report claims confidence that: this report presents a true, complete, balanced and accurate account of how the organisation is implementing the values and principles stated in the success models relevant to each stakeholder group. However, their statement goes on to express two minor qualifications relating to the level of detail of data provision, making the full report difficult for all but the most 19

informed audience to read, and the identification of areas of performance where additional indicators would give a more complete picture of the companys environmental impact. A similar concern with report complexity causing difficulties for certain stakeholder groups is conveyed by csr networks assurance statement on FRC Groups social and environmental performance report which also expresses some reservations over completeness in noting that: The report goes some way towards covering the impacts of both the activity of the business and its governance and management. Areas for the future might include the benefits to society as a whole of taking materials out of the waste stream and further analysis of stakeholders such as policy makers. In all, we identified just thirteen instances (32%) where the assurance provider expresses some degree of uncertainty or reservation as to the accessibility of the report to stakeholders or possible areas of incompleteness in reporting. Finally, as far as responsiveness is concerned, in twelve (29%) of the assurance statements analysed clear reference was made by the assurance provider to the fact that an evaluation had been made of the extent to which the organisation had sought to identify stakeholder interests and concerns. Significantly, most statements refer to the need for the organisations concerned to do more in this regard. Fairly typical comments here appear in two reviews carried out by PwC. Firstly, in the case of BG Group it is noted that further work is required in terms of: development of a systematic Group-wide approach to engaging with relevant stakeholder groups to confirm the material social issues for BG and communication of the results of this engagement in future reports. Similarly, for Lattice Group attention is drawn to the need for: formalising the Group level approach to stakeholder engagement, particularly in order to confirm the material non- financial issues for the Group. Whereas reference to the organisations procedures (or lack of them) for identifying stakeholder interests and concerns features in assurance statements appended to both environmental and social/sustainability reports, far more detail appears in the latter cases, particularly in the relatively few instances where the assurance provider 20

has adopted the AA1000 Assurance Standard. In these cases reference is generally made to evaluation of the reporting organisation having: decided how to respond to expressed interests and concerns established associated policies, targets and indicators demonstrated that adequate resources have been allocated for their implementation, and communicated the above in its report in a manner that is both timely and accessible to stakeholders. Bureau Veritas verification of BATs social report provides a particularly good illustration here. Amongst statements made are the following: British American Tobacco has not yet defined and developed indicators and targets for areas or issues raised in dialogue and we would have liked to see more qualitative and substantial indicators included in this report, including time commitments and performance targets. British American Tobacco states it aims to move forward with a wider and more diverse means of stakeholder engagement, to review and communicate a broader set of values and to develop indicators and targets with stakeholders during the second reporting cycle. A clear budgetary commitment has been made to continue the accounting and reporting process. [Information conveyed in this social report] is both understandable and accessible to stakeholders who wish to gain a better understanding of the social and ethical issues facing British American Tobacco Group companies in the UK and how those companies plan to address the issues. 4.5 ASSESSMENT OF UNDERLYING PROCESSES AND SYSTEMS, REPORTING PROCEDURES
AND PERFORMANCE

Twenty-two assurance statements (54% of sample) made specific reference to instances of weaknesses in the organisations underlying systems, management practices, reporting procedures or overall performance. In all but one case (Ernst & Youngs attestation of BPs environmental and social review) some form of 21

recommendation for improvement was offered. Significantly, consultant assurance providers (70% of sample) were far more likely to go down this route than accountants (33%) with the procedure being adopted more commonly in social/sustainability report assurance (68% of sample) than for environmental reports (38%). In the main, recommendations were couched in fairly general terms. A fairly typical example here, albeit one that specifies a time scale for implementation, is csr networks validation of Balfour Beattys safety, health and environmental disclosures: Over the next year, we recommend that the company should assess the information that has been collated, progressively improve its completeness and quality, and set relevant improvement targets. The challenge now is to embed environmental management consistently in UK operations and to progressively extend these requirements to new acquisitions and the international businesses. The same consultants assurance statement for Musgrave Group is a little more specific in terms of recommending further development of key performance indicators: In particular, Musgrave Group should seek to develop relevant indicators of social and economic performance, for example group-wide health and safety, and the positive impacts on local (rural) communities through indirect job creation and support to social infrastructure. Some assurance providers went so far as to recommend specific reporting developments. For example, URS verification of Unilevers web based report recommended that the company consider reporting incidents in addition to prosecutions and fines in order to conform with emerging best practice. An even more hands on approach was adopted by Arthur D. Little in their verification of Novartis health, safety and environment report, where it is noted that: An example of the omission of relevant life cycle impact is the CO2 emission since it addresses only the emissions from energy generated by Novartis. To ensure that CO2 emissions from energy consumed from external suppliers is also addressed we propose to redefine the CO2 target accordingly (emphasis added).

22

In terms of the areas in which weaknesses were noted, and associated recommendations offered, most commonly addressed were underlying processes and systems (39% of cases) followed by issues relating to report content (34%) and the preparation process (22%). In six cases verifiers went further in providing views on the acceptability of the reporting organisations performance. Most specific were Casella Stangers verification of Canary Wharfs environment and social report and Entecs verification of The Environment Agencys report which both commented in some detail on the organisations record in achieving performance targets. The only reference we came across to acceptability of social performance, however, was Earth Tecs verification of Pennon Groups environmental and social report where it is noted that: The Groups strong social performance in the sector has been recognised by the Dow Jones STOXX Sustainability Indexes. Whereas, in the main, observations on, and recommendations for improving, systems and reporting procedures were fairly brief, there were three examples of substantial strategic commentary being offered. Significantly, all were by consultants - csr network for BA, LE Group and United Utilities, together with Casella Stangers Strategic Overview of BAAs Long Term Progress Since 1997 (the year that the firm were appointed as verifiers). The latter, in particular, is a particularly detailed commentary which offers analysis of BAAs sustainable development programme, success in achieving environmental targets, progress in developing environmental key performance indicators and progress made in implementing recommendations from the previous years verification exercise. Clearly, informed comment of this nature may be regarded as adding value for the reports readership. At the same time, however, questions are inevitably raised as to whether combining what is essentially a consultancy function with a separate arms length assurance exercise compromises the integrity of the latter, particularly when no indication of fee levels for the respective commissions is offered. 4.6 Nature of Assurance Opinions Offered

One of the more illuminating features of our analysis was the rather terse use of wording in the opinions of most Big 4 accountant assurance providers. Significantly, there was an absence of the use of the term true and fair in these opinions despite 23

its ubiquity in financial statement opinions. Whilst most accountants opinions addressed issues surrounding the accuracy and reliability of the transfer of information from management systems to reports, their explicit limitations of scope, referred to earlier, tended to lead to the crucial issue of completeness of reporting being ignored in their opinions. Consistency was the term generally favoured by accountant assurance providers in the wording of their opinions. A fairly typical statement is that provided by Deloitte and Touche in Denmark which focussed on confirming that submitted data were consistent with the source documentation presented to us and thereby provided some confirmation of data collection procedures. However, a reader might be more comfortable if the wording requested by them was used instead of presented to them, as the latter could easily imply that the company decided what information would be presented hence making a mockery of the assurance procedures. It is also interesting to contrast the use of the term consistent here to that used by PwC in their opinions on Cable and Wireless, Volkswagen AG, BG Group and Lattice Group. Here, the information in the reports is deemed not inconsistent with the findings from PwCs work. Whether not inconsistent equates with consistent is left up to the reader to decide. Additionally, PwC in London favoured the use of the term appropriate representation when assessing how the reports of BG Group and Lattice Group reflected social and environmental policies and governance arrangements. However, from reading the assurance statements in full it is difficult to understand how appropriate is to be defined, and by whom. Whereas few accountant assurance providers explicitly addressed the issue of completeness in their opinions, KPMGs opinion on Volkswagen AG provided an exception in stating that the report is a complete and appropriate representation insofar as materially relevant of the impact of on the environment of the Volkswagen Marque. As we noted earlier, KPMGs opinion on CIS social accountability report also assessed the report against the AA1000 principles, one of which is completeness. The KPMG/PwC opinion on Shell Internationals report is one of the few to deal explicitly with performance issues in noting that in the case of certain information appearing in the report, for which page number references are given, the data 24

properly reflect(s) the performance of the reporting entities. Additionally, Rainbow Gillespie provide an opinion on Traidcrafts social accounts that, the companies social impact on the stakeholder groups reported upon has been fairly presented . However, the desire of most accountant assurance providers to warn against placing too much reliance on their reviews is evident in the final statement contained within PwCs opinion on sections of Unique Zurich Airports environmental report: Our statement should be read in conjunction with the inherent limitations of accuracy and completeness for environmental data, as well as in connection with the scope of reporting on page 5. The opinions of consultant verifiers tended to portray a more re-assuring picture for the reader, with statements predominantly attesting to the accuracy, reliability and completeness of reporting by companies. For example, csr network, who provided assurance for six (15%) companies in our sample, had a separate section entitled accuracy and completeness in all of their statements. Fairly typical of the opinions offered in this section is the following extract from their assurance statement for BAs social and environmental report: For the air emissions, fuel efficiency, energy, noise, people relationships and citizen report sections, we have found the data collection systems to be robust and that the underlying trends are substantially correct. However, later in the section a greater degree of reservation is expressed when they refer to BAs environmental indicators only representing a reasonable overview of the companys key impacts. The word reasonable is used in a similarly (at least implicitly) negative manner by the same firm in noting that FRCs social report provides a reasonable basis for understanding the key aspects of the companys behaviour and social and environmental impact. In contrast to the accountant assurance providers, we found only one instance where the term consistent was used by consultants in relation to information reported. Far more common was mention of fairness and balance in terms of information presented, significantly, words that accountants generally refrained from using. For example, RPS Consultants speak of Countryside Properties report providing a fair reflection of the environmental, social and community activities undertaken by the 25

company, whilst Arthur D Little note that Novartis HSE report contains a fair summary of relevant HSE impacts at Novartis own sites. For their part, Earth Tech in their verification of Pennon Groups environmental and social report find that it provides a fair and balanced representation of the significant environmental and social sustainability issues and actions being taken under the control of the Pennon Group. Finally in this context, a particularly strong endorsement of Unilevers web based disclosures is offered by URS Verification: URSVL considers that the report text and data relating to environmental performance and management addresses the significant environmental aspects of the business and these have been reported in a fair and balanced manner. In summary, clear distinctions between accountant and consultant assurance provider opinions pervade our sample. From our analysis, a greater level of assurance can be gleaned from the opinions of consultants, which certainly offer more in terms of robustness and fullness of commentary. This review of opinions, of course, is simply consistent with our earlier impression that there are very few instances where Big 4 assurance providers are prepared to offer a high level of assurance to report readers. Consultant assurance providers seemingly have far fewer inhibitions. Whether their boldness is fully justified would be easier to ascertain if details of fees paid for such assurance work were routinely disclosed, as is the case with financial audit engagements. 5. Discussion and Conclusions

Our objective in this paper was to carry out a critical analysis of assurance statements appearing in leading edge environmental, social and sustainability reports as represented by those shortlisted for the 2002 ACCA UK and European Sustainability Reporting Awards scheme. Using an evaluative framework centrally informed by the AccountAbility, FEE and GRI guidelines, we examined the extent to which the contents of assurance statements satisfactorily address key elements of these guidelines such as independence, clear identification of the scope of the engagement together with standards and criteria employed, materiality, completeness and responsiveness. This represents the first comprehensive attempt 26

to evaluate leading edge assurance practice drawing on guidance issued by these influential bodies. Underpinning this analysis was a concern to ascertain whether current leading edge assurance practices offer more in terms of enhancing transparency and accountability than did their predecessors. Hence, our analysis significantly advances the work of Ball et al. (2000) in light of the recent increase in assurance practice. Contrasting the findings of this study with those of Ball et al. (2000), which utilised a similar sample of assurance statements drawn from the ACCA Environmental (now Sustainability) Awards Scheme shortlists, appears to indicate some improvement in terms of rigour of work undertaken and independence of the exercise. Additionally, a greater degree of focus on the performance (as opposed to simply management systems) dimension is discernible, particularly in the case of assurance exercises conducted on social/sustainability reports which employ AA1000 methodology. However, even in these cases, stakeholder input into the assurance process is very much the exception despite Henriques (2003) assertion that in order to enhance trust in reporting assurers [need to] be well connected to the stakeholders and understand their issues well. Moreover, stakeholder engagement with the reporting organisation per se is often minimal (an issue mentioned in a number of assurance statements), which, in itself threatens the credibility of these exercises. Hence, there is still a large degree of management control over the reporting, and indeed assurance, process. Assurance providers are appointed by management, who may place any restrictions they choose on the assurance exercise, and they effectively report to management. Significantly in this latter context, save for one mention of the assurance statement being directed at its readership, on the few occasions that an addressee is specified it is corporate management. The contrast here with governance structures underpinning the financial audit process is only too clear. This reluctance to address the assurance statement to specific constituencies seems to imply they are primarily providing value to management thereby reflecting a perceived demand for verification of this information from management as opposed to stakeholders (see, KPMG, 2002, p. 18). The reluctance to address assurance statements to specific stakeholder

constituencies also has implications for assurance on the materiality of the information provided. In the AA1000 Assurance Standard (AA1000b, p. 15), information is deemed material if its omission or misrepresentation could influence 27

the decisions and actions of stakeholders. From this, we can assume that identified stakeholders are viewed as the key users of these reports, so why the reluctance to address assurance statements to them? If these reports are addressed only to management they merely represent an internal assurance exercise being published externally. If credibility and trust are to be enhanced, the next wave of assurance statements will need to move beyond this restrictive approach which implicitly defines materiality as it pertains to management. Providing statements to management for management is hardly likely to counter the apparent scepticism surrounding social/ sustainability reporting (Dando and Swift, 2003). This reluctance to identify key constituents is also reflected in the lack of any substantive consideration of materiality, defined in stakeholder terms, in assurance statements. Materiality is a thorny and emerging issue in the area of assurance (Zadek, 2003) but as Zadek (2003) points out: if stakeholders dont think the information is relevant [or material], it just wont count [and] public reporting [will] flunk as an accountability mechanism. AccountAbilitys recent attempt to provide a five part test of materiality may provide for improved assurance by guiding providers more specifically, as well as providing greater legal protection for reluctant directors (AccountAbility, 2003d). However, this would also mean involving stakeholders more in assurance processes (see JustAssurance, 2003), which, as we outline above, is not prevalent among our sample. An increasingly clear distinction is emerging between the approaches of accountant and consultant assurance providers. The former tend to adopt a cautious approach that largely focuses on the issue of consistency of information appearing in the organisations report with underlying data sets. The phrase true and fair is conspicuously lacking in accountants opinion statements, whilst completeness of information provision is generally not attested to. Indeed, accountant assurance providers are in many cases at pains to point out that, in the absence of generally accepted social audit standards, high level assurance cannot be offered. The only exceptions to this rule occurred in two instances of clearly delineated assurance 28

exercises conducted on environmental reports and two further occasions when assurance of sustainability reports was conducted under AA1000 provisions. However, despite this, recent evidence produced by Accountability (2003c) suggests that early adopters of the AA1000 Assurance Standard perceive mainstream accountancy bodies as reluctant to provide a statement of assurance that goes beyond an opinion on the accuracy of the data included in the report (Accountability, 2003c, p.6). They tend to engage in little real time assurance (for example, by attending stakeholder engagement meetings, where they occur) and in their concern for a high level of detail in the assurance process are accused of reducing it to a mere data checking exercise. This trend stands in stark contrast to the broader holistic strategic risk based approaches to financial audit that have been promulgated by the Big 4 over the past decade which take a big picture view of enterprises and focus on audits adding value to clients (Higson, 1997; Winograd, Gerson and Berlin, 2000; Solomon and Peecher, 2001). In fact, the accountants approach to assurance in this study bears a striking resemblance to an equivalent of the outmoded first generation financial auditing approach where transactions in books were directly verified (Higson, 1997, p. 200). In conjunction with the reluctance to consult stakeholders, their approach also resists providing assurance on information chosen by user[s] (Elliott, 2002, p. 139), which has been deemed part of the future of 21st century assurance for accountancy firms (Elliott, 2002). Given the recent emergence of standards such as AA1000 it will be interesting to track if these accountancy firms are willing to start providing more high level assurance involving stakeholders in the near future and why, outside of their complaints regarding the non-existence of appropriate standards, they have been reluctant to do so to date. In contrast to the accountant assurance providers, consultant assurance providers tend to focus much more on the issues of completeness, fairness and overall balance within their opinion statements. Furthermore, they tend to provide more in the way of commentary on systems, reporting and performance weaknesses. Consultants also tended to take more of an evaluative approach and in contrast to many of the accountant assurers were involved as the reporting process emerged as opposed to merely arriving at the end to verify data collection procedures and accuracy. In sum, consultants would appear to adopt a more strategic approach to the audit exercise, which might be considered as adding value to the process from the perspective of 29

external stakeholder groups (Investment Responsibility Research Center [IRRC] 1996). Ironically, this is exactly the approach one might have expected from the Big 4 providers given the recent trends in financial audit assurance. There is some indication, particularly from our analysis of the accountant assurers, that little thought has gone into what assurance statements are supposed to be providing. The accountants reluctance to mention their credentials suggests that they may rely on their brand name as opposed to any substantive work to covey an impression of assurance in reporting. In the recent study of early adopters of the AA1000 Assurance Standard referred to above, one participant stated that we need the assurance provider to provide a brand that is trusted by stakeholders (AA1000, 2003c). From our analysis, we can only conclude that the reluctance to specify credentials may reflect the symbolic nature of these exercises. It seems to be the case that, in many instances, indicating that a social/sustainability report is assured by a respected assurer is deemed enough to convey the credibility required on the report. It is a mere badge of approval, whatever its substantive content. On a cautionary note, from the perspective of assurance being viewed as a central element in holding powerful economic entities accountable to their stakeholders, the added value approach of consultants referred to above seems highly problematical. As Gray (2000) points out, once social accounting and auditing moves away from its focus on holding the organisation to account it operates largely as a management tool rather than a mechanism of democratic society. Wheeler and Elkington (2001), for example, write in gushing terms of the accountability agenda being superseded by a value adding agenda for companies, their markets and their main stakeholders. For them, the term assurance, rather than portraying a lower level of endorsement is, a more powerful and strategically relevant alternative to audit or verification, carrying as it does the sense of governance, stewardship and strategic risk management (p. 10). Significantly, what this will entail for the assurance process will be: partnerships with public relations and communications professionals and with other agents and brokers (i.e. not just company managements) who can assist in designing what should and should not be part of the assurance framework. (p.12)

30

To us, this suggests that, to quote Power (1997, p. 127), more [assurance will] not necessarily mean more and better accountability merely more value added for management as they manage key risks imposed by various stakeholder groups who need to be controlled. However, a key irony in the added value approach of consultants in our sample is that, despite the potentially compromising position they find themselves in, they tend to, through their assurance statements, provide the reader with higher levels of assurance on the reports and processes they assess. This is an issue that would benefit from more in-depth exploration with these assurance providers in order to ascertain how they juggle these potentially sensitive roles. In our view, it is, however, very difficult to envisage how more robust levels of assurance can be brought about when the assurance provider is effectively accountable to corporate management (the paymaster) and in the absence of any countervailing power (Frank, 2001) to which he or she may have recourse in the case of dispute. This has been an ongoing concern in financial auditing for many years given that, despite shareholders legally appointing auditors, corporate management effectively undertake this role with shareholders mostly rubber stamping their recommendation thus leaving auditors at the mercy of management. As others have pointed out, any dependence on the organisation by assurors could lead to sensitive issues being ignored in the assurance processes (ODwyer, 2001) with materiality being defined in narrow terms. The nature of these power relations and their potential influence on the reporting process need greater in-depth exploration and also bring us back to our concern for greater stakeholder involvement and empowerment in assurance. If crucial governance issues and the intertwining of the very different concepts of accountability and value added continue to be ignored then current efforts to standardise environmental and social auditing practice will sow the seeds of their own failure and an ongoing expectations gap will evolve. We fully accept that our analysis above, while detailed and comprehensive, is based on a specific sample, albeit that of recognised leading edge practitioners, and infers levels of assurance based on statements released externally. In order to examine in greater depth the complexities and challenges involved within these assurance 31

processes we need to engage with assurance providers directly to obtain their perspectives on the processes they undertake. Issues such as the assuror appointment process, perceived threats to their independence, their relationship with top management, the potential for conflict and their commitment to assuring accountability need exploration. Given the assurance statements merely provide us with some output on the nature of the work undertaken, we need to also investigate assurers evolving relationships with management, the means by which assurance statements are drafted and approved, assurers perceptions of their key responsibilities and of the value they add to the credibility of the reporting process from the perspective of key stakeholder groups.

6.

References

AccountAbility, 1999. AA1000 Framework: Standard, Guidelines and Professional Qualification. AccountAbility, London. AccountAbility, 2003a. The State of Sustainability Assurance. AccountAbility, London AccountAbility, 2003b. AA1000 Assurance Standard. AccountAbility, London. AccountAbility, 2003c. AA1000 Assurance Standard Practitioners Note. AccountAbility, London. AccountAbility, 2003d. Redefining Materiality: Practice and public policy for effective corporate reporting. AccountAbility, London. Ball, A., Owen, D. L. and Gray, R. H., 2000. External Transparency or Internal Capture?: The Role of Third Party Statements In Adding Value To Corporate Environmental Reports. Business Strategy and the Environment 9 (1), 1-23. CSR Network, 2003. Material World: The 2003 Benchmark Survey of Global Reporting. CSR Network Limited, Bath, UK. Dando, N., Swift, T., 2003. Transparency and Assurance: Minding the credibility gap. Journal of Business Ethics 44 (2) 195-200. Doane, D., 2000. Corporate Spin: the troubled teenage years of social reporting. New Economics Foundation, London. Elliott, R.K., 2002. Twenty-first century audit assurance, Auditing: A Journal of Practice and Theory 21 (1), 139-146. Fedration des Experts Comptables Europens (FEE), 2002. Providing Assurance on Sustainability Reports. Discussion Paper, Fedration des Experts Comptables Europens, Brussels. Frank, T. 2001. One Market Under God: Extreme Capitalism, Market Populism and the End of Economic Democracy. Secker & Warburg, London Global Reporting Initiative (GRI), 2002. Sustainability reporting guidelines on economic, environmental and social performance. Global Reporting Initiative, Amsterdam. Gray, R. H., 2001. Thirty Years of Social Accounting, Reporting and Auditing: What (If Anything) Have We Learnt? Business Ethics: A European Review, 10 (1), 915. Gray, R.H., 2000. Current Developments and Trends in Social and Environmental Auditing, Reporting and Attestation: A Review and Comment. International Journal of Auditing 4 (3), 247-268. 32

Henriques, A., 2003. How to trust a verifier. Ethical Corporation Magazine. http://ethical.corp.com/content_print.asp?ContentID=685. Accessed 22 December 2003. Higson, A., 1997. Developments in audit approaches: from audit efficiency to audit effectiveness?: in Sherer, M., Turley, S. (Eds.), Current Issues in Auditing. Paul Chapman publishing, London, pp. 198-215. Investor Responsibility Research Centre (IRRC), 1996 Environmental Reports and Third Party Statements. IRRC, Washington. Justassurance, 2003. http://www.justassurance.org/. Accessed December 24 2003. Kamp-Roelands, N., 2002. Towards a Framework for Auditing Environmental Reports, unpublished PhD thesis, Tilburg Univerity, The Netherlands. Kolk, A., 2003. Trends in Sustainability Reporting by the Fortune Global 250. Business Strategy and the Environment 12 (5), 279-291. KPMG, 2002. International Survey of Corporate Sustainability Reporting. KPMG Global Sustainability Services, De Meern, The Netherlands. ODwyer, B. 2001. The Legitimacy of Accountants Participation in Social and Ethical Accounting, Auditing and Reporting. Business Ethics: A European Review, 10(1), 27-39. Owen, D. L., Swift, T. A., Humphrey, C., Bowerman, M. 2000. The New Social Audits: Accountability, Managerial Capture or the Agenda of Social Champions? European Accounting Review 9 (1), 81-98. Power, M., 1997. The Audit Society: Rituals of Verification. Oxford University Press, UK. Solomon, I., Peecher, M. E., 2001. Assurance Services: An Introduction. SouthWestern College Publishing, Ohio, US. Swift, T., Dando, N., 2002. From methods to ideologies: closing the assurance expectations gap in social and ethical accounting auditing and reporting. Journal of Corporate Citizenship 8, 81-90. SustainAbility, 2002. Trust Us: The Global reporters 2002 survey of corporate sustainability reporting, SustainAbility, London. Wallage, P., 2000. Assurance on sustainability reporting: an auditors view 19, 53-65. Wheeler, D., Elkington, J., 2001. The end of the corporate environmental report? Or the advent of cybernetic sustainability reporting and communication. Business Strategy and the Environment 10, 1-14. Winograd, B. N., Gerson, J. S., Berlin, B. L., 2000. Audit Practices of PricewaterhouseCoopers, Auditing 19 (2), 175-182. Zadek, S., 2003. Materiality in Reporting. Ethical Corporation Magazine. http://ethical.corp.com/content_print.asp?ContentID=928. Accessed 22 December 2003.

33

Research Paper Series International Centre for Corporate Social Responsibility ISSN 1479-5116 Editor: Dirk Matten
The ICCSR Research Papers Series is intended as a first-hand outlet for research output of ICCSR. These include papers presented at symposiums and seminars, first drafts of papers intended for submission in journals and other reports on ongoing or completed research projects. The objective of the ICCSR Research Papers Series is twofold: First, there is a time goal: Given the quality of ICCSR publication, the targeted journals normally require large time spans between submission and publication. Consequently, the ICCSR Research Papers Series serves as a preliminary airing to working papers of ICCSR staff and affiliates which are intended for subsequent publication. By this, research output can be made available for a selected public which will not only establish ICCSRs lead in advancing and developing innovative research in CSR but will also open the opportunity to expose ideas to debate and peer scrutiny prior to submission and/or subsequent publication. Second, the ICCSR Research Papers Series offers the opportunity of publishing more extensive works of research than the usual space constraints of journals would normally allow. In particular, these papers will include research reports, data analysis, literature reviews, work by postgraduate students etc. which could serve as a primary data resource for further publications. Publication in the ICCSR Research Paper Series does not preclude publication in refereed journals. The ICCSR Research Papers Series consequently is interested in assuring high quality and broad visibility in the field. The quality aspect will be assured by establishing a process of peer review, which will normally include the Editor of the ICCSR Research Papers Series and one further academic in the field. In order to achieve a reasonable visibility the ICCSR Research Papers Series has full ISSN recognition and is listed in major library catalogues worldwide. All papers can also be downloaded at the ICCSR website.

Published Papers No. 01-2003 No. 02-2003 Wendy Chapple & Richard Harris Accounting for solid waste generation in measures of regional productivity growth Christine Coupland Corporate identities on the web: An exercise in the construction and deployment of morality David L. Owen Recent developments in European social and environmental reporting and auditing practice A critical evaluation and tentative prognosis Dirk Matten & Andrew Crane Corporate Citizenship: Towards an extended theoretical conceptualization Karen Williams, Mike Geppert & Dirk Matten Challenges for the German model of employee relations in the era of globalization Iain A. Davies & Andrew Crane Ethical Decision Making in Fair Trade Companies Robert J. Caruana Morality in consumption: Towards a sociological perspective Edd de Coverly, Lisa OMalley & Maurice Patterson Hidden mountain: The social avoidance of waste

No. 03-2003

No. 04-2003 No. 05-2003 No. 06-2003 No. 07-2003

No. 08-2003

No. 09-2003 No. 10-2003

Eleanor Chambers, Wendy Chapple, Jeremy Moon & Michael Sullivan CSR in Asia: A seven country study of CSR website reporting Anita Fernandez Young & Robert Young Corporate Social Responsibility: the effects of the Federal Corporate Sentencing Guidelines on a representative self-interested corporation Simon Ashby, Swee Hoon Chuah & Robert Hoffmann Industry self-regulation: A game-theoretic typology of strategic voluntary compliance David A. Waldman, Donald Siegel & Mansour Javidan Transformational leadership and CSR: A meso level approach Jeremy Moon, Andrew Crane & Dirk Matten Can corporations be citizens? Corporate citizenship as a metaphor for business participation in society (2nd Edition) Anita Fernandez Young, Jeremy Moon & Robert Young The UK Corporate Social Responsibility consultancy industry: a phenomenological approach Andrew Crane In the company of spies: The ethics of industrial espionage Jan Jonker, Jacqueline Cramer and Angela van der Heijden Developing Meaning in Action: (Re)Constructing the Process of Embedding Corporate Social Responsibility (CSR) in Companies Wendy Chapple, Catherine J. Morrison Paul & Richard Harris Manufacturing and Corporate Environmental Responsibility: Cost Implications of Voluntary Waste Minimisation Brendan ODwyer Stakeholder Democracy: Challenges and Contributions from Accountancy James A. Fitchett Buyers be Wary: Marketing Stakeholder Values and the Consumer Jeremy Moon Government as a Driver of Corporate Social Responsibility: The UK in Comparative Perspective Andrew Crane and Dirk Matten Questioning the Domain of the Business Ethics Curriculum: Where the Law ends or Where it Starts? Jem Bendell Flags of inconvenience? The global compact and the future of United Nations David Owen and Brendan ODwyer Assurance Statement Quality in Environmental, Social and Sustainability Reporting: a Critical Evaluation of Leading Edge Practice

No. 11-2003

No. 12-2003 No. 13-2003

No. 14-2003

No. 15-2003

No. 16-2004

No. 17-2004

No. 18-2004 No. 19-2004 No. 20-2004

No. 21-2004

No. 22-2004 No. 23-2004