ASIC’s Climate Reporting Rules Demand Urgent CFO Action | Image Source: www.dentons.com
SYDNEY, Australia, March 31, 2025 – With the long-awaited publication of Regulatory Guide 280 (RG 280), Australia has officially entered the age of mandatory financial disclosure related to climate. For the largest companies in the country and the thousands of small businesses that operate through supply chains, this new regulatory framework marks a seismic change in how sustainability and climate risks are reported, managed and integrated into financial decision-making. But under the technology, a clear message emerges: the clock marks, and the pressure is in the hands of the frames, especially the CFO, so that the climate signals correctly – and quickly.
According to the Australian Securities and Investment Commission (ASIC), RG 280 describes the climate-related disclosure obligations imposed by Chapter 2M of the Companies Act 2001. The guide details a stagnant compliance schedule based on the size of the company, starting January 1, 2025, for the largest companies, which have more than 500 employees, $500 million in revenues, or $1 billion in assets. By 2027, companies with only 100 employees will also be required to comply. For many financial leaders, the transition from sustainability as a strategic aspiration to regulated liability has officially begun.
According to ASIC, the objective behind RG 280 is to promote consistent, comparable and useful climate information. But the rules do not just set out reporting expectations, but introduce new obligations, management duties and stringent documentation requirements that many companies, especially those without mature ESG practices, may find discouraging. However, Kate O’Rourke highlighted the broader objective: “Consistent, comparable and high-quality financial information on the climate facilitates reliable and informed decisions by investors and other users of this information
Who should report and when?
The progressive implementation of climate reporting obligations is one of the most important elements of RG 280. ASIC classifies reporting entities into three groups according to size thresholds: corporate income, asset value, and employee accounting. Group 1 entities with shorter deadlines include those with income of at least US$500 million, US$1 billion in assets or 500 employees. The average group 2 entities (US$ 200 million or 250 employees) began reporting from 2026 July. In July 2027, Group 3 entities, whose income was only $50 million, were mandated.
Importantly, ASIC notes that even entities that are not directly required to report data may need to comply with climate data requirements. This is particularly true for small enterprises integrated into large supply chains. As the ASIC press release stated, “many small businesses are part of the value chain of large companies, which means that they may need to participate in climate reporting over time, even if they do not have a direct obligation to report on climate.”
What is required in a sustainability report?
The sustainability report should contain more than general statements of intent. According to RG 280, companies are required to provide forward-looking information, scenario analysis, disclosure of greenhouse gas emissions of scope 1, 2 and 3 and clearly defined transition plans. ASIC also insists on keeping detailed sustainability records for seven years, without being classified as a crime of strict liability.
The guide also outlines the specific responsibilities of managers, who must be careful and diligent, question the assumptions contained in the reports and understand the financial impact of climate risks. ASIC stresses that managers cannot blindly trust experts, but that they must conduct independent testing on the basis of available evidence. As part of the transitional relief, the amended management reporting requirements will apply until 2028 and a more stringent regime will be introduced at a later date.
What are the protected statements and why are they important?
One of the most balanced elements of RG 280 is the modified liability regime for “protected statements”. This is legal coverage for certain forward-looking climate statements, such as scenario analysis or range 3 emissions, but only during specific reporting periods and only when the information meets sustainability standards. Importantly, voluntary disclosures outside the sustainability report are not protected unless required by Commonwealth law.
This means that companies must walk carefully. Declarations in the prospectus, product disclosure statements (PDS) or annual reports may assume full responsibility if they are not explicitly protected. In accordance with RG 280, institutions should establish governance systems to determine which declarations are protected and where they appear. Without these guarantees, even well-intentioned transparency could expose businesses to legal risk.
How should UFOs address implementation?
According to Deloitte’s recent comment, many CFOs are struggling to bridge the gap between regulatory requirements and operational capacity. More than 60% of CFO respondents said they were primarily responsible for climate reporting, but only 15% believed they were using it as a competitive advantage. Andrea Culligan, Deloitte’s partner, argues that “a wait-and-search approach” will no longer cut it. Delays in international standards, such as the EU CSDD, may have raised doubts, but Australia is paying.
Darren Gerber, Climate and Sustainability Partner at Deloitte Australia, advises CFOs to build on existing structures: Use existing risk management frameworks to integrate climate data; Insert reporting tasks into ongoing digital transformation initiatives; Pilot small projects in supply chains to generate momentum; Implement automation and AI tools to process large data sets. These steps not only accelerate compliance, but can help companies find strategic value in sustainability reporting.
What about emission range 3 and scenario analysis?
The most difficult aspect of climate reporting is often the disclosure of emissions from range 3 – indirect emissions occurring throughout the value chain. ASIC RG 280 recognizes this and allows institutions to use primary and secondary data sources, but only if they are “reasonable and compatible” without “inadequate spending or effort.” Unfortunately, what constitutes an “indefinite effort” remains indefinite, leaving much to interpretation.
In the meantime, climate scenario analysis should consider a low-level future (1.5°C) and a high-level future (2.5°C or higher). These scenarios aim to assess the resilience of an entity through multiple climatic trajectories. Companies need to explain the assumptions underlying their analysis, the data sources used and how these findings have been integrated into the business strategy. This requires a strong capacity for interdepartmental modelling and collaboration.
How will ISIC compliance be strengthened?
ASIC has embarked on a “proportional and pragmatic approach” to implementation in the early years. However, this does not mean indulgence through counsel. The regulator has indicated that it will work with businesses to understand disclosure errors, but will take enforcement action when misconduct is “serious or reckless.” ASIC will also review sustainability reports and may issue responses that require changes in non-compatible disclosures.
Importantly, this supervisory position coexists with ASIC’s strong position on green washing. According to ASIC Fact Sheet 271 and Report 791, misleading or exaggerated sustainability claims are a major priority for implementation. The overlap between climate disclosure laws and the enforcement of the law against green washing leads stakeholders to deal with companies that do not audit their climate-related communications.
How can businesses get help or support?
ISIC also described the circumstances in which entities may seek redress, including extension of hospitality reports, submission of consolidated group reports, or even audit exemptions. Remedies may be granted if compliance results in misleading disclosures, unreasonable charges or conflicts with legislative intent. However, this exemption will be granted on a case-by-case basis, and only after demonstrating that the value of disclosure is exceeded by the compliance burden.
For businesses seeking assistance, advisory services such as those offered by Dentons and Deloitte are essential. These organizations recommend the establishment of a list of ”reasonable measures” of due diligence, similar to the processes used in the POI and the financial perspective. They also advise on the integration of sustainability indicators in departments and on the use of early reporting cycles as learning opportunities rather than as compliance exercises.
In practice, success is likely to be reduced to the extent that the CFO and the boards will align the strategy with regulatory compliance. As sustainability reporting becomes the new standard, organizations that consider it a strategic investment rather than a compliance burden will not only avoid regulatory barriers, but will emerge as industry leaders in the credibility of the GSS.
In the end, ASIC’s RG 280 is more than a report guide, it’s a wake-up call. In an increasingly climate-sensitive market, transparency is not optional; It is essential. And for those who act early and wisely, this is an opportunity to lead.
