A lack of confidence in non-financial information is hindering its utility for users assessing an organization’s performance and potential for long term value creation. Using their knowledge of management and process control, professional accountants can do much to improve confidence in the non-financials. Focusing on the key principles of control can help focus effort and investment.

Integrating non-financial information and metrics into the established control arrangements applied to the financials will help to improve their decision value as well as enhance connectivity of financial and non-financial information. Greater confidence in the non-financials is sorely needed for integrated reporting to be successful, and in applying other reporting good practices such as:

Accounting for the business beyond its immediate financial position involves data and measurement of a full range of “capitals”. A multicapitals perspective is the basis of the International Integrated Reporting Framework. Value creation is dependent on six forms of capital that an organization uses or affects - financial, manufactured, natural, human, intellectual, and social and relationship.

This approach responds to the reality that in largely knowledge and digital based economies, much of the market value of many companies is derived from intangible assets, such as people and relationships, innovation, and reputation. Information on these assets is increasingly referred to as pre-financial given it relates to strategic assets or performance that will have a monetary impact at some point.

To better understand past, present and future performance therefore requires reliable information for managers and external users. The problem is that much non-financial information is unreliable because of poor controls such as undocumented processes, reliance on one or few individuals working in a silo, opaque methodologies and calculations, and limited oversight and approvals.

Enhancing confidence and usefulness of non-financial information can be achieved by treating it in the same way as financial information that finds its way into financial and regulated reports. This involves applying the key concepts and principles of (internal) control over financial reporting that are typically required in many countries through a combination of corporate governance and company law and regulation, which typically requires governing boards to confirm in the annual report the adequacy of the organization’s controls.

A useful resource, the recently published, Leveraging the COSO Internal Control Integrated Framework to Improve Confidence in Sustainability Performance Data, highlights how control over sustainability performance data can be improved using COSO, one of the most widely used frameworks for establishing internal controls. The report recommends that an organization beginning to design its internal control over key “sustainability” performance data should consider COSO’s approach involving a cycle of determining objectives, identifying and assessing risks, identifying control activities, and evaluating effectiveness.

The integration of controls at the governance, system, and process levels can greatly improve the value of data and information, leading to a less intensive assurance engagement with auditors.

Applying this level of control involves tapping into the expertise of professional accountants in the finance and accounting team, internal audit, and compliance, and who are competent in control and related areas such as data governance and IT audit.

Developing control over the reporting of non-financial information is an iterative process. Information supporting some metrics might be readily defined and measured. Others might be of emerging importance, and management needs time to understand how best to use it. This will involve evaluating how much data reliability (versus estimation) is needed to support management action and decision making.

Time and effort will be needed to apply higher levels of control to information outside core business systems and processes. Consider the following critical aspects of control to achieve integration of decision useful non-financial information:

  1. Awareness and accountability: All those involved in the collection, validation, management, and communication of information need to be aware of the usefulness of the information and how effective controls will enhance usability and confidence. Accountability from the first lines of defense (line managers and operational functions) to the last lines of defense (internal audit, the board, and independent assurance) need clarity to ensure effectiveness and efficiency.
  2. Cross-functional workflow: Cross-functional team involvement will draw upon the expertise of different areas including finance and accounting, operations, risk management, and internal audit, as well as other functions such as health and safety, human resources, environmental, sustainability, real estate, procurement, etc. The finance and accounting team can help educate and train others on how improve data quality through effective control but also need to recognize when subject-matter expertise is needed.
  3. Standardization: To be controllable, data and its collection and calculation need to be simplified and standardized. Data elements, process, timing, and responsibilities need to be centrally defined. As in the reporting of financials, a chart of accounts for specific data points and metrics allows for a uniform approach to collecting data from different parts of the organization. This can be integrated into the financial consolidation system and IT platform which should already have well-established controls.
  4. Materiality: The prospective volume of data and metrics can lead to a reluctance to establish effective control, and lead to questions surrounding effort required and resource expenditure. Therefore, it is important for the finance leader and finance function to understand what information is relevant and material to value creation to direct subsequent investment in control of this information. Understanding the business model and the capitals and resources needed to do business, as well as the key areas of performance, help to make informed assessments on materiality of non-financial information.

For confidence in non-financial information to improve, CFOs and their finance functions need to play a more significant role in showing how the principles and concepts of internal control can be applied more broadly.

They also need to be aware of innovative approaches to enhancing transparency on non-financials. Maturity assessments, perhaps involving an external provider, can be particularly helpful to management and external users in developing their understanding of critical areas of value creation or destruction. For example, the PwC Insight Report for The Crown Estate’s Total Contribution Statement informs users about the UK Crown Estate’s maturity of key indicators and how “hard” or “soft” the information is. This helps users both understand the Crown Estate’s broader performance and make informed decisions on how they use and trust the information.

Additional reading:

Stathis Gould

Director, Member Engagement and PAIB

Stathis Gould is responsible for IFAC member engagement and leads IFAC’s advocacy for professional accountants working in business (PAIB) and the public sector. A key element of his work is developing thought leadership and guidance in support of enhancing the recognition of and confidence in professional accountants as CFOs, business leaders, and value partners in the context of sustainability/ESG, data and digital transformation, and other emerging business trends and issues.

Before joining IFAC, Stathis worked at the Chartered Institute of Management Accountants (CIMA), where he was responsible for planning and overseeing a program of policy and research that promoted and developed management accountancy. Prior to serving the accountancy profession, he worked in various roles in the private and public sectors in the UK. There, Stathis delivered financial and performance management in the National Health Service and worked for a technology company responsible for delivering the localization of software and content across the globe.

Stathis holds a BA in European Business Studies, an MBA (with distinction), and a postgraduate certificate in Environmental Management, Economics, and Policy. He is a member of the Institute of Management Accountants.