Most sustainability teams don't discover data quality problems in their climate assessments until an auditor or external reviewer finds them. By then, the disclosure has either been submitted or is days from deadline. Every quality gap that creates audit exposure maps to a specific fix. This article explains what those gaps are, why CSRD (the EU Corporate Sustainability Reporting Directive) and TCFD (the Task Force on Climate-related Financial Disclosures) flag them, and what your team can do before the next reporting cycle.
Why do CSRD and TCFD auditors reject climate risk disclosures?
Auditors most often reject disclosures because the underlying data cannot be verified, compared or reproduced, not because the risks themselves were missed.
CSRD requires large companies to disclose material climate risks alongside their financial accounts from 2025 onwards. TCFD requires scenario-based analysis that auditors can trace back to documented assumptions. Both frameworks demand data that is not just present, but defensible. When the underlying data is estimated, inconsistently sourced or locked in a system that third-party reviewers cannot access, auditors reject the disclosure, even if the narrative is well-written.
Six data quality requirements determine whether a climate risk assessment will survive audit scrutiny under CSRD or TCFD. Each one maps to a specific action your team can take before the next reporting cycle.
What are the six climate data quality requirements and what do they mean in practice?
Each one corresponds to a specific audit risk your team can act on. Working through them before you submit is faster than reworking a failed disclosure.
1. Availability
CSRD's double materiality assessment requires evidence about climate risks at an asset or site level, not just at portfolio level. If your organisation operates in regions where environmental monitoring infrastructure is thin, such as parts of Southeast Asia or sub-Saharan Africa, the underlying data may not exist in the form the framework requires. Auditors can accept data gaps, but they cannot accept undocumented ones. The response is to record what data exists, what was estimated, and what assumptions underpin those estimates.
2. Reliability
Reliable data is consistent across reporting periods and verifiable by a third party. If your 2024 TCFD disclosure used a particular climate model or emissions scenario, your 2025 disclosure needs to use the same one, or explicitly document why it changed. Switching methodologies between reporting years without explanation is one of the most common flags in external reviews. It signals either a lack of internal governance or an attempt to manage the numbers, and auditors treat both the same way.
3. Comparability
CSRD asks companies to contextualise their climate risks against peers and sector benchmarks. Without standardised metrics and shared definitions, that comparison is not possible. The International Sustainability Standards Board (ISSB) and the European Financial Reporting Advisory Group (EFRAG) are converging on common disclosure standards, but most organisations are not yet using internal classification systems that map to either. A practical starting point is checking whether your climate data taxonomy aligns with IFRS S2 (International Financial Reporting Standards S2), the ISSB's climate-specific standard.
4. Accessibility
Data that exists but cannot be accessed by the people who need it creates the same audit risk as data that doesn't exist. In larger organisations, climate data is often distributed across facilities management systems, ESG platforms, insurance records and finance tools, none of which talk to each other. When an external auditor asks to trace a disclosure back to its source data, someone in the sustainability team needs to be able to do that in hours, not weeks. For a detailed breakdown of what auditors look for in CSRD disclosures, see our guide to audit and assurance for CSRD.
5. Granularity
Portfolio-level climate data is not sufficient for CSRD or TCFD. Both frameworks require identification of material risks at asset level. A single aggregate score for a European property portfolio tells an auditor nothing about which sites face flood risk, which face heat stress or which face both. Moving from portfolio-level to asset-level data is often the single largest data quality improvement an organisation can make and the one with the most direct impact on audit readiness.
6. Forward-looking projections
TCFD's scenario analysis requirement is forward-looking by design. Historical loss data and current hazard scores are necessary but not sufficient. Your disclosure needs to show how risks change under different emissions pathways, typically a below 2°C scenario and a higher-warming scenario. Many organisations have this analysis done once by a consultancy, never update it, and submit the same scenario outputs for three or four reporting cycles. As frameworks mature, that approach will fail audit with increasing frequency.
Practical tip: Before your next reporting cycle, ask your climate data provider to confirm in writing which of these six attributes their outputs satisfy. Any gap they cannot address is an audit risk you need to document and mitigate before submission.
Data quality self-assessment: questions to ask before your next disclosure
Work through these before you submit. A "no" on any item maps to a specific gap your team needs to document or close.
Can your team point to a specific data source for every geography in your portfolio. Have you formally documented where gaps exist and what your team estimated in their place?
Has your team used the same climate model and emissions scenario as your previous disclosure. If the methodology changed, has your team put the reasoning on record?
Does your team use the same risk terminology as IFRS S2 or EFRAG's ESRS (European Sustainability Reporting Standards), so an auditor can compare your outputs directly to sector benchmarks?
Can your team pull the source data behind any figure in your disclosure within a single working day?
Can your team show which specific sites or assets face material climate risk, rather than presenting a single aggregate score across the portfolio?
Has your team run scenario analysis across at least two emissions pathways and updated it in the last 12 months?
What can your team do to close data quality gaps before the next reporting deadline?
Four strategies address the most common gaps, and all four can be started without a full platform change.
Converge on global disclosure standards. The gap between CSRD, TCFD and IFRS S2 is narrowing. Aligning your internal process with IFRS S2 now means your methodology will hold up as standards converge, rather than requiring a full rework in 18 months.
Adopt shared taxonomies. Classification inconsistencies between what your sustainability team calls a "physical risk" and what your finance team calls a "climate-related liability" create comparability failures. When both teams work from a shared taxonomy mapped to regulatory definitions, those inconsistencies don't reach the disclosure.
Document your methodological choices. For every metric in your disclosure, your team should be able to answer: where did this number come from, what assumptions does it rest on, and what would change if those assumptions shifted? This is what auditors call an audit trail. Most sustainability teams don't have a complete one.
Use open-source and neutral data platforms. The Network for Greening the Financial System (NGFS) recommends platforms such as OS-Climate and the Net-Zero Data Public Utility as free, standardised sources of climate scenario data. Using these, rather than proprietary models that cannot be independently verified, improves both the reliability and comparability of your disclosure.
How Smart Resilience helps compliance teams meet these data standards
Smart Resilience's Climate Assessments run on pre-computed global hazard models covering flood, heat, wind, water stress and wildfire, and output audit-ready reports mapped directly to TCFD, IFRS S2, CSRD and UK SRS. Every figure comes with transparent assumptions, full data lineage and an audit-ready change log, so when an auditor asks where a number came from, your team can answer in hours. Imperial Brands deployed the platform across 50 countries and cut their climate analysis costs by 50 percent.
If any of the six checklist questions above returned a "no," the platform is built to close that gap before submission.
Frequently asked questions
What is the most common reason CSRD climate disclosures fail audit?
Poor data quality rather than missing risk identification. Auditors reject disclosures when underlying data cannot be verified, compared or reproduced. The three gaps that appear most often are lack of availability, insufficient granularity and comparability failures caused by inconsistent methodologies between reporting periods.
What does CSRD require in terms of climate data quality?
CSRD requires companies to disclose material climate risks based on data that is available, reliable, comparable and granular enough to identify risks at asset level. It also requires forward-looking scenario analysis under at least two emissions pathways, documented with transparent assumptions that an auditor can trace.
What is the difference between portfolio-level and asset-level climate data?
Portfolio-level data gives a single aggregate score for a group of assets. Asset-level data breaks that down by individual site or location. CSRD and TCFD both require asset-level data because a portfolio average cannot identify which specific sites face material risk.
How do TCFD and CSRD differ in their data requirements?
TCFD focuses on scenario-based analysis: how risks change under different emissions pathways, typically 1.5°C and higher-warming scenarios. CSRD adds a double materiality requirement, meaning companies must assess both how climate affects the business and how the business affects the climate. Both require documented, auditable data.
What is IFRS S2 and how does it relate to CSRD?
IFRS S2 is the International Sustainability Standards Board's climate disclosure standard, requiring companies to report climate-related risks and opportunities alongside financial statements. It overlaps significantly with TCFD. The ISSB and EFRAG are converging their standards, so aligning with IFRS S2 now reduces the risk of a methodology rework when CSRD requirements tighten.
What open-source tools can help close climate data gaps?
The Network for Greening the Financial System recommends OS-Climate and the Net-Zero Data Public Utility as free, standardised sources of climate scenario data. These platforms improve data comparability and reliability because their methodologies are transparent and independently verifiable, which reduces audit risk compared to proprietary models.
Climate disclosures rarely fail audit because the science is wrong. They fail because the data infrastructure behind them cannot be verified, traced or updated. The six attributes above give your team a diagnostic framework that applies regardless of which reporting standard you're working to.
