HomeServicesRisk AdvisorySustainability & Climate Risk Reviews

Risk Advisory · ESG & Sustainability Assurance

Sustainability & Climate Risk Reviews

Climate risk has moved from a sustainability-team slide deck to a board-level financial disclosure obligation.

Chartered Accountants · Chennai · Hyderabad · Bangalore · Dubai · Since 1986

2,000+Clients since 1986
42 yrsCA practice
4Offices · India & UAE
24 hrsResponse time

Climate risk has moved from a sustainability-team slide deck to a board-level financial disclosure obligation. Regulators, lenders, and institutional investors now expect companies to identify, quantify, and disclose physical climate risk and transition risk with the same rigour applied to credit risk or liquidity risk. PNPC Global has advised boards and promoter groups across India and the UAE since 1986 on where their real exposure sits — not a generic ESG template, but a review grounded in your sector, your assets, your supply chain, and the specific disclosure regime that applies to you, whether that is SEBI's BRSR framework, an investor's TCFD-aligned questionnaire, or a lender's climate covenant. We do not hand over a report and disappear. We stay engaged through the next reporting cycle, the next audit, and the next investor due diligence round.

What it costs

Govt. feesGovernment & statutory fees as applicable to your case
Professional feeFixed professional fee — confirmed in writing before we start

No hidden charges. The exact figure is set in your engagement letter.

What Sustainability & Climate Risk Reviews is

A Sustainability & Climate Risk Review is a structured, independent assessment of how climate change and broader sustainability factors could affect an organisation's operations, assets, supply chain, and financial position — paired with a review of the governance and disclosure practices the organisation has in place to manage and report on that exposure. The discipline draws primarily on the recommendations of the Task Force on Climate-related Financial Disclosures (TCFD), which organised climate risk reporting around four pillars — governance, strategy, risk management, and metrics and targets — a structure that has since been carried forward into the IFRS Foundation's ISSB standards (IFRS S1 on general sustainability disclosures and IFRS S2 on climate-specific disclosures). In India, the operative framework for the largest listed companies is SEBI's Business Responsibility and Sustainability Reporting (BRSR) format, with BRSR Core introducing mandatory reasonable assurance on a defined set of ESG attributes for the top listed entities by market capitalisation, phased in from the top 150 entities and extending to the top 1,000 by FY 2026-27; a related, separate requirement for assurance over value-chain ESG disclosures has since been eased by SEBI to a voluntary basis.

The review distinguishes between two broad categories of climate risk. Physical risk covers the direct impact of climate change on assets and operations — acute physical risk from extreme weather events such as cyclones, floods, and heatwaves that can damage facilities or disrupt supply chains, and chronic physical risk from gradual shifts such as rising average temperatures, changing rainfall patterns, water stress, or sea-level rise in coastal locations that erode asset value or operating viability over time. Transition risk covers the financial and operational impact of the shift to a lower-carbon economy — policy and regulatory risk (carbon pricing, emission caps, the EU's Carbon Border Adjustment Mechanism affecting Indian exporters), technology risk (stranded assets as cleaner alternatives become commercially superior), market risk (shifting customer and investor preference away from carbon-intensive products), reputational risk, and legal risk from climate-related litigation, an area that has grown substantially worldwide over the past decade.

The review typically proceeds through scenario analysis — assessing how the organisation's assets, revenue, and cost base would perform under different plausible climate futures, commonly a lower-warming, orderly-transition scenario and a higher-warming or disorderly-transition scenario, drawing on publicly available pathways such as those published by the Network for Greening the Financial System (NGFS) or the International Energy Agency. This is not a prediction exercise — it is a structured way to stress-test strategic resilience against genuine uncertainty, and it is precisely the exercise that TCFD, ISSB, and increasingly lenders and institutional investors expect to see evidenced, not merely asserted, in disclosure.

For an Indian business, sustainability risk review sits alongside — and increasingly overlaps with — statutory and market-driven obligations: BRSR and BRSR Core reporting for listed companies above the applicable market-capitalisation threshold, Reserve Bank of India draft disclosure expectations on climate-related financial risk for regulated entities, Green Deposit and green taxonomy guidance emerging from RBI and SEBI, EU CBAM compliance for companies exporting carbon-intensive goods (iron, steel, aluminium, cement, fertiliser, hydrogen, electricity) to the European Union, and investor-driven frameworks such as the CDP (formerly Carbon Disclosure Project) questionnaire that PE and institutional investors increasingly require as part of portfolio ESG monitoring. For groups with a UAE presence, the review also factors in the UAE's National Climate Change Plan, its 2050 Net Zero Strategy, and sector-specific sustainability expectations under Dubai and Abu Dhabi free zone frameworks and ADGM/DIFC sustainable finance initiatives, so the India and UAE sides of a group are assessed under one coherent lens rather than two disconnected exercises.

When a Sustainability & Climate Risk Review is the right engagement

Your company is a top-1000 listed entity by market capitalisation and BRSR (or BRSR Core assurance) applies to you under SEBI's phased mandate, or you anticipate crossing that threshold within the next 2–3 years

An institutional investor, private equity fund, or lender has sent an ESG or climate questionnaire (CDP, TCFD-aligned, or lender-specific) and you need a credible, evidence-backed response rather than a marketing narrative

Your business exports goods in CBAM-covered categories (iron and steel, aluminium, cement, fertiliser, hydrogen, electricity) to the EU and needs to understand embedded-carbon reporting obligations and potential future cost exposure

Physical assets — manufacturing facilities, warehouses, agricultural operations, coastal or water-stressed locations — carry meaningful exposure to extreme weather, water scarcity, or long-term climate shifts that have not been formally assessed

Board or audit committee wants independent assurance on climate governance ahead of a fundraise, IPO, or credit facility renewal where climate risk disclosure is increasingly part of due diligence

You are preparing your first BRSR or sustainability report and need the underlying risk assessment, governance structure, and metrics framework built before the disclosure itself can be drafted credibly

A group with India and UAE operations wants one coherent climate risk assessment across both jurisdictions rather than two disconnected local exercises

Existing sustainability reporting has become a compliance-only, box-ticking exercise and the board wants it converted into something that actually informs capital allocation and risk management decisions

When a different engagement may serve you better

You need a full greenhouse gas emissions inventory (Scope 1, 2, and 3) built from first principles with primary data collection — that is a GHG accounting and carbon footprinting engagement, often a precursor to or component of a fuller climate risk review, but narrower in scope on its own

You need statutory financial statement audit assurance — that is a separate, mandatory engagement under the Companies Act and Standards on Auditing, distinct from voluntary sustainability assurance

You are a very early-stage business with minimal physical assets, no export exposure to CBAM-covered goods, and no institutional investor pressure — proportionate sustainability hygiene (a basic policy and periodic check-in) may suffice rather than a full formal review at this stage

You need site-level environmental compliance certification (pollution control board consents, environmental clearances) — that is regulatory environmental compliance, a distinct engagement from strategic climate risk assessment though the two are often coordinated together

You are looking for a broad enterprise regulatory compliance review covering all applicable laws, not specifically climate and sustainability — our Regulatory & Compliance Risk Review service is the better fit, and can be run alongside this one

You need specific engineering or actuarial modelling of physical asset damage probabilities (e.g., detailed flood-risk engineering studies) — we coordinate this with specialist technical partners where the risk profile calls for it, rather than performing the underlying engineering ourselves

Structure Comparison

Sustainability & Climate Risk Review compared with related ESG and assurance engagements

FeatureSustainability & Climate Risk ReviewGHG Inventory / Carbon FootprintBRSR Core AssuranceRegulatory & Compliance Risk ReviewStatutory Financial Audit
Primary objectiveAssess physical and transition climate risk exposure and governance readinessQuantify Scope 1, 2, and 3 greenhouse gas emissionsIndependent assurance on a defined set of mandated BRSR Core ESG attributesMap and rate regulatory breach exposure across all applicable lawsOpinion on true and fair view of financial statements
ScopeStrategy, governance, physical assets, supply chain, scenario analysisEmissions data across operational boundary and value chainPrescribed BRSR Core indicators only, per SEBI formatEnterprise-wide — every applicable regulator and licenceFinancial statements and underlying books of account
Mandatory or voluntaryVoluntary, though increasingly investor/lender-drivenVoluntary unless feeding into a mandatory disclosureMandatory (phased) for top listed entities by market cap under SEBIVoluntary — board/audit committee drivenMandatory under Companies Act for all companies
Frameworks referencedTCFD, ISSB IFRS S1/S2, NGFS scenarios, SEBI BRSR, RBI climate risk guidanceGHG Protocol Corporate StandardSEBI BRSR Core format and assurance standardCompanies Act, SEBI, RBI, FEMA, ISO 31000/COSO ERMCompanies Act, Ind AS, Standards on Auditing
OutputRisk register, scenario analysis, governance gap report, disclosure-readiness roadmapEmissions inventory report by scope and sourceAssurance statement on specified BRSR Core parametersRisk register with severity ratings and remediation roadmapAudit opinion and financial statements
FrequencyAnnual or cyclical, plus event-triggered (new site, new market, new investor)Annual, aligned with reporting cycleAnnual, aligned with BRSR filingAnnual or cyclical (2–3 years), plus event-triggeredEvery financial year — mandatory
Who typically commissions itBoard, audit committee, ESG/sustainability head, CFO ahead of investor diligenceSustainability team, often feeding BRSR or CDP disclosureStatutorily required for BRSR Core applicable entitiesBoard, audit committee, promoter groupStatutorily required — shareholders appoint auditor

These engagements overlap and are frequently bundled — a first-time BRSR filer, for example, typically needs a GHG inventory, a climate risk assessment, and governance-gap remediation together before the disclosure itself can be drafted with any real substance behind it. PNPC scopes each engagement based on your specific disclosure obligation, investor pressure, and stage of ESG maturity.

How it works
#Stage & What PNPC DoesCA Advice Portals Never GiveTimeline
1Scoping & Materiality Discussion — Understanding your real exposure before we plan the reviewWe ask what a generic ESG consultant's intake form never asks: are you BRSR Core applicable this year or approaching the threshold? Do you export CBAM-covered goods to the EU? Do any facilities sit in flood-prone, water-stressed, or coastal locations? Has any investor already sent a climate questionnaire you struggled to answer? These answers determine whether this is a light-touch governance review or a full physical-and-transition risk assessment with scenario modelling.Week 1
2Asset & Operations Mapping — Building the physical exposure pictureWe map every facility, warehouse, and material supply-chain node against publicly available climate hazard data — flood zones, cyclone-prone coastlines, water-stress indices, and heat-stress projections — rather than relying on a generic industry assumption. For manufacturing and agri-linked businesses, this stage is where the real financial exposure usually first becomes visible to the board.Week 1–3
3Transition Risk & Value Chain Assessment — Policy, market, and supply-chain exposureWe assess exposure to carbon pricing mechanisms (including EU CBAM for covered exports), shifting customer and investor preference, technology risk in carbon-intensive processes, and upstream supplier concentration risk where key suppliers themselves carry high transition exposure. This is where sector context matters enormously — a textile exporter and an IT services company face entirely different transition profiles.Week 2–4
4Governance & Oversight Structure Review — Does the board actually own this riskTCFD and ISSB both start with governance, not metrics — because a well-quantified risk with no board oversight structure behind it is not actually being managed. We assess whether climate risk sits with a board committee (audit committee, risk committee, or a dedicated ESG/sustainability committee), how frequently it is reported, and whether management incentives are linked to any sustainability metrics.Week 3–4
5GHG Inventory Review or Build — Scope 1, 2, and (where material) Scope 3Where a GHG inventory already exists, we review it for completeness and methodology against the GHG Protocol Corporate Standard. Where none exists, we scope and coordinate a first-time inventory build, prioritising Scope 1 and 2 first and identifying the most material Scope 3 categories (purchased goods, logistics, business travel) rather than attempting an unrealistic full Scope 3 build in year one.Week 3–6, parallel to other stages
6Scenario Analysis — Stress-testing strategy against plausible climate futuresWe run a structured scenario exercise using publicly available reference pathways (such as NGFS scenarios) — typically comparing an orderly, lower-warming transition against a delayed or disorderly higher-warming pathway — to assess directional impact on revenue, cost base, and asset value. This is a qualitative-to-semi-quantitative exercise calibrated to your data maturity, not a false-precision financial model dressed up as certainty.Week 5–7
7Risk Register & Prioritisation — Physical and transition risks rated by severity and likelihoodEvery identified risk — physical or transition — is rated on a consistent severity × likelihood matrix, distinguishing near-term operational risk from longer-horizon strategic risk, so the board can see at a glance what needs capital allocation attention this year versus what is a five-to-ten-year strategic consideration.Week 6–7
8Disclosure Gap Analysis — Mapping current reporting against BRSR / TCFD / ISSB / investor requirementsWe compare what you currently disclose (or plan to disclose) against the specific framework that applies to you — BRSR and BRSR Core indicators for applicable listed entities, TCFD's four pillars for investor-facing disclosure, or a specific lender's climate covenant format — and flag the precise gaps rather than a generic 'improve ESG disclosure' recommendation.Week 7–8
9Draft Report & Management Review — Findings shared for factual accuracy before finalisationWe share draft findings with facility managers, the sustainability team, and finance before finalising — not to soften findings, but because physical asset data (site elevation, historical flood incidents, water source dependency) often needs local, on-the-ground correction that a desk-based review alone cannot fully capture.Week 8–9
10Board / Audit Committee Presentation — Findings presented directly, in board-usable languageWe present the risk register and scenario analysis directly to the board, audit committee, or ESG committee — translating technical climate science and disclosure-framework language into decisions the board can actually act on: which sites need adaptation investment, which product lines carry transition exposure, what governance structure needs strengthening.Week 9–10
11Disclosure-Readiness Roadmap — Turning the risk register into a reporting planFor clients moving toward BRSR, BRSR Core assurance, or a first TCFD-aligned disclosure, we convert the risk register and governance findings into a phased roadmap — what can be disclosed credibly this cycle, what needs a further year of data collection, and what governance structure needs to be formalised before the disclosure claims it.Week 10–11
12Remediation & Adaptation Support — PNPC assists on the highest-priority itemsDepending on engagement scope, PNPC can directly assist in closing governance gaps — drafting a board ESG committee charter, setting up a climate risk register as a living document, structuring the first BRSR Core assurance engagement — rather than only identifying that the gap exists.Ongoing, per roadmap
13Annual Refresh & Assurance Cycle — Living framework, not a one-time reportPhysical hazard data, transition policy (including evolving CBAM rules), and investor expectations all move year to year. For retained clients, PNPC refreshes the risk register and scenario analysis annually, and coordinates the BRSR Core assurance engagement each reporting cycle so the framework stays current rather than aging into irrelevance.Annually, for retained clients

A full-scope Sustainability & Climate Risk Review, including a first-time GHG inventory build and scenario analysis, typically takes 9–11 weeks from scoping to board presentation for a mid-sized entity. A lighter governance-and-disclosure-gap review for a company with an existing GHG inventory can be completed in 4–6 weeks. BRSR Core assurance, where applicable, is scoped and timed separately to align with the client's annual reporting deadline.

Document Checklist
Corporate & Governance Documents

Certificate of Incorporation and details of listing status (if listed, market capitalisation ranking relevant to BRSR/BRSR Core applicability thresholds)

Board and any ESG/CSR/risk committee meeting minutes for the review period, including terms of reference of any committee overseeing sustainability

Existing sustainability, environment, or climate policy documents, if formalised

Organisation chart showing who owns sustainability reporting, risk management, and facilities/operations functions

Any prior year's BRSR, BRSR Core, sustainability report, or CDP response filed

Physical Asset & Operations Data

List of all owned and leased facilities with addresses, for hazard-data mapping (flood zone, cyclone exposure, water stress, coastal proximity)

History of any weather-related operational disruption in the past 5–10 years (flooding, cyclone damage, heat-related productivity loss, water shortage)

Water source dependency details for water-intensive operations (municipal supply, groundwater, surface water, desalinated supply for UAE facilities)

Energy source mix — grid electricity, captive generation, renewable energy procurement (PPAs, rooftop solar, open access)

Insurance coverage details for property, business interruption, and any climate-specific riders currently in place

Emissions & Environmental Data

Existing GHG emissions data if any inventory has been prepared, including methodology and boundary used

Fuel consumption records (diesel, natural gas, coal, etc.) across facilities for the reporting period

Electricity consumption bills/records across all facilities, with grid emission factor region identified

Logistics and transportation data — owned fleet fuel consumption and, where available, third-party logistics volumes

Waste generation and disposal records, and any existing water discharge or effluent treatment data

Supply Chain & Value Chain Information

List of top suppliers by spend, particularly for carbon-intensive inputs (steel, cement, chemicals, energy-intensive components)

Details of any exports to the EU in CBAM-covered categories (iron and steel, aluminium, cement, fertiliser, hydrogen, electricity) and current embedded-carbon reporting practice

Supplier ESG questionnaires or codes of conduct currently in use, if any

Details of any supplier concentration risk in climate-vulnerable regions or sectors

Investor, Lender & Regulatory Correspondence

Any ESG, climate, or sustainability questionnaire received from an investor, lender, or rating agency in the past 2–3 years (CDP, TCFD-aligned, lender-specific climate covenant, etc.)

Green loan, sustainability-linked loan, or green bond documentation, if any facility carries ESG-linked pricing or covenants

Correspondence with SEBI, stock exchanges, or RBI relating to sustainability disclosure requirements, if any

Any third-party ESG rating reports the company has received (MSCI, Sustainalytics, CRISIL ESG, or equivalent)

Financial & Strategic Planning Documents

Capital expenditure plan for the next 3–5 years, to assess alignment (or misalignment) with transition risk exposure

Business plan or strategy documents referencing new markets, products, or facility locations under consideration

Details of any carbon pricing, energy cost, or input cost sensitivity already modelled internally, if any

Cross-Border / UAE Interaction (if applicable)

UAE facility details and any existing UAE sustainability disclosure or free-zone ESG requirements the entity is subject to

UAE energy mix and water source details (given desalination dependency is a distinct climate consideration in the region)

Group-level sustainability policy, if the India and UAE entities report under a common parent framework

Any UAE green finance, sustainable finance, or climate-linked facility documentation for UAE group entities

Ongoing obligations
PhaseTriggered ByPNPC CA GuidanceRisk If Ignored
Initial Risk ReviewBoard decision, investor questionnaire received, or first BRSR cycle approachingFull physical and transition risk assessment, GHG inventory review or build, scenario analysis, and a governance gap report presented to the board or ESG committee.Undetected climate exposure surfaces later through investor due diligence, a lender's climate covenant review, or an actual physical disruption event — at a point where response is reactive and materially more costly than proactive assessment.
Disclosure-Readiness Phase (0–6 months post-review)Risk register and governance gaps identifiedPNPC supports building the disclosure framework — drafting the ESG committee charter, structuring the GHG inventory methodology, preparing the first BRSR or investor-facing climate disclosure with an evidenced basis rather than an aspirational narrative.Disclosures are drafted without an underlying risk assessment or governance structure behind them — a pattern regulators and sophisticated investors increasingly identify as greenwashing, carrying reputational and, in some jurisdictions, regulatory consequence.
First Formal Disclosure CycleAnnual report / BRSR filing deadline, or first CDP/TCFD-aligned response duePNPC reviews the disclosure draft against the applicable framework (BRSR, BRSR Core, TCFD, ISSB) for consistency with the underlying risk assessment and coordinates any required assurance engagement.Inconsistency between disclosed climate risk and internal risk assessment is a common finding in assurance and can undermine credibility with auditors, assurance providers, and investors reading successive years' reports.
Annual Cyclical Refresh12 months after initial review, or per board's ESG governance calendarRefresh of physical hazard exposure (facility changes, new sites), transition risk exposure (evolving carbon pricing, CBAM rule changes), and re-assessment of the risk register and scenario analysis against the current environment.Climate policy and hazard data evolve continuously — CBAM implementation details, RBI climate risk expectations, and physical hazard projections are all live and changing; a static risk register loses relevance within 12–18 months.
Event-Triggered ReviewNew facility, new export market, M&A, or a significant weather event affecting operationsFocused re-assessment of the specific new exposure — a new facility's hazard profile, a new CBAM-covered export line, or the broader implication of an actual climate-related disruption that has already occurred.A new physical location or export market is often where the next material, unassessed exposure sits, precisely because it has not yet been incorporated into the existing risk framework.
Pre-Transaction / IPO ReadinessFundraise, PE/VC round, or IPO process initiatedClimate risk assessment is aligned with the timeline of investor or merchant banker ESG due diligence, so gaps are identified and, where possible, addressed before external parties test them independently.Climate and ESG gaps discovered during investor due diligence increasingly affect valuation, deal terms, or in some cases investor appetite altogether, particularly for funds with formal ESG investment policies.
Board & Audit/ESG Committee Reporting CycleQuarterly or half-yearly board/committee meetingsOngoing status reporting on the climate risk register and disclosure-readiness roadmap, in a format the board can act on within the time available at each meeting.Boards that receive climate risk information only annually cannot demonstrate the active oversight increasingly expected under SEBI LODR governance norms and by institutional investors applying stewardship codes.
Frequently asked
What exactly is a Sustainability & Climate Risk Review?

It is an independent assessment of how climate change and broader sustainability factors could affect your organisation's assets, operations, supply chain, and financial position, paired with a review of whether your governance and disclosure practices are adequate to manage and report on that exposure. We assess both physical risk (direct climate impact on assets and operations) and transition risk (the financial impact of the shift to a lower-carbon economy), and benchmark your governance and disclosure against the framework that actually applies to you.

Practitioner noteThe most common misconception we encounter is that this is purely an environmental or CSR exercise. It is not — TCFD and ISSB both frame climate risk explicitly as financial risk, and boards increasingly need to treat it with the same rigour as credit or liquidity risk.
Is climate risk disclosure mandatory for my company in India?

It depends on your listing status and size. SEBI's BRSR (Business Responsibility and Sustainability Reporting) applies to the top listed companies by market capitalisation on a phased basis, with BRSR Core introducing a mandatory reasonable-assurance requirement on a defined set of ESG attributes, phased in from the top 150 listed entities and extending to the top 1,000 by FY 2026-27. A related requirement for ESG disclosure and assurance over a company's value chain has since been eased by SEBI to a voluntary basis. Companies below the applicable threshold are not statutorily mandated to file BRSR, but many face de facto obligations through investor questionnaires, lender covenants, or customer/supply-chain ESG requirements even without a direct statutory trigger.

Practitioner noteWe always confirm your specific applicability threshold at the scoping stage — market-cap rankings shift year to year, and a company just below the current threshold should still plan ahead rather than assume it is permanently out of scope.
What is the difference between physical risk and transition risk?

Physical risk is the direct impact of climate change on your assets and operations — acute physical risk from extreme weather events like cyclones, floods, and heatwaves, and chronic physical risk from gradual shifts like rising temperatures, changing rainfall, or water stress. Transition risk is the financial and operational impact of the shift to a lower-carbon economy — policy risk (carbon pricing, CBAM), technology risk (stranded assets), market risk (shifting customer preference), and legal risk from climate-related litigation. Most businesses carry some exposure to both, but the balance differs enormously by sector — a coastal manufacturing facility skews toward physical risk, while a carbon-intensive exporter skews toward transition risk.

Practitioner noteWe find boards often over-focus on one category based on what is visible in the news cycle — flooding headlines drive physical-risk attention, carbon-tax headlines drive transition-risk attention — when the actual balance for their specific business may be quite different from what is top of mind.
What is TCFD and is it still relevant now that ISSB standards exist?

The Task Force on Climate-related Financial Disclosures (TCFD) published its recommendations in 2017, organising climate risk disclosure around governance, strategy, risk management, and metrics and targets. The IFRS Foundation's International Sustainability Standards Board (ISSB) has since built its climate-specific standard, IFRS S2, directly on the TCFD framework, effectively carrying its structure forward into a more formal global baseline standard. TCFD as a standalone reporting body has been formally disbanded with its monitoring role transferred to the IFRS Foundation, but the underlying four-pillar structure remains the practical backbone of most climate risk assessment and disclosure work, including much of SEBI's BRSR approach.

Practitioner noteWhen clients ask whether to build a 'TCFD report' or an 'ISSB report', we explain that the substance is largely continuous — get the underlying governance, strategy, risk management, and metrics work right, and the specific disclosure format can be adapted to whichever standard your primary stakeholder currently requires.
What is CBAM and does it affect Indian exporters?

The EU's Carbon Border Adjustment Mechanism (CBAM) requires importers of certain carbon-intensive goods into the EU — currently iron and steel, aluminium, cement, fertiliser, hydrogen, and electricity — to report the embedded greenhouse gas emissions of those goods. The mechanism's definitive regime began on 1 January 2026, and the financial obligation — EU importers buying CBAM certificates to cover reported embedded emissions — is scheduled to begin from 1 February 2027, with the first certificate surrender covering emissions from goods imported during 2026. Indian exporters of CBAM-covered goods to the EU are directly affected because their EU importers already need embedded-carbon data from them to comply, and the cost impact will ultimately flow back through the commercial relationship even though the formal payment obligation sits with the EU importer. CBAM rules continue to evolve — thresholds, phasing, and covered categories should be reconfirmed against the current EU regulation at the time of any transaction.

Practitioner noteWe see CBAM catch exporters off guard because the immediate compliance action (data reporting) falls on the EU-side importer, which creates a false sense that Indian exporters have no near-term obligation — in practice, EU customers are already asking their Indian suppliers for embedded-carbon data well ahead of the certificate-purchase phase, and being unable to answer credibly is itself a commercial risk.
Do we need a full greenhouse gas inventory before we can do a climate risk review?

Not necessarily as a strict precondition, but a credible review benefits from at least a first-pass Scope 1 and Scope 2 emissions picture, since transition risk exposure and disclosure metrics both depend on it. Where no inventory exists, we typically scope a phased build — Scope 1 (direct emissions) and Scope 2 (purchased energy) first, with the most material Scope 3 (value chain) categories added as data maturity improves, rather than attempting an unrealistic full Scope 3 build in the first year.

Practitioner noteWe actively discourage clients from delaying the entire climate risk review until a 'perfect' emissions inventory exists — governance and physical-risk assessment can proceed in parallel with a phased emissions data build, and waiting for perfection is itself a common reason first-time ESG programmes stall for years.
What is scenario analysis and why does it matter for disclosure?

Scenario analysis stress-tests your strategy against different plausible climate futures — typically an orderly, lower-warming transition scenario and a delayed or disorderly, higher-warming scenario — using publicly available reference pathways such as those published by the Network for Greening the Financial System (NGFS) or the International Energy Agency. TCFD and ISSB both expect evidence of this exercise, not just a statement that climate risk has been 'considered'. It converts a vague risk acknowledgement into a structured, defensible assessment of how revenue, cost, and asset value could move under different futures.

Practitioner noteWe calibrate the rigour of scenario analysis to the client's data maturity — a first-time exercise is often qualitative-to-semi-quantitative, directionally useful without false numerical precision, and we are explicit with boards about that distinction rather than presenting early-stage estimates as more certain than they are.
How long does a full Sustainability & Climate Risk Review take?

A full-scope review including a first-time GHG inventory build and scenario analysis typically takes 9–11 weeks from scoping to board presentation for a mid-sized entity. A lighter governance-and-disclosure-gap review for a company that already has an emissions inventory can be completed in 4–6 weeks. BRSR Core assurance, where applicable, is scoped separately and timed to your annual filing deadline.

Practitioner noteThe variable that most affects timeline is data availability at the facility level — a business with organised utility bills and existing energy records moves noticeably faster than one where this information needs to be gathered manually across multiple sites for the first time.
What does PNPC actually deliver at the end of the engagement?

A risk register covering identified physical and transition risks, each rated by severity and likelihood; a scenario analysis output; a governance gap assessment against TCFD's four pillars (or the specific framework applicable to you); a disclosure gap analysis against BRSR, BRSR Core, TCFD, ISSB, or a specific investor/lender requirement; and a phased disclosure-readiness roadmap. All of this is presented directly to the board, audit committee, or ESG committee, not just delivered as an emailed PDF.

Practitioner noteWe deliberately build the risk register as a living, reusable document rather than a static report appendix — clients who use it as an ongoing management tool get materially more value from the engagement than those who file the report away until the next cycle.
Do you assess our supply chain, or only our own facilities?

We assess supply chain exposure to the extent it is material to your risk profile — supplier concentration in climate-vulnerable regions, dependency on carbon-intensive inputs, and CBAM-relevant embedded-carbon data flows for EU-bound exports. A full supplier-by-supplier climate risk assessment across an extended, multi-tier supply chain is typically scoped as a more extensive follow-on exercise, calibrated to how much of your total footprint and risk genuinely sits upstream.

Practitioner noteFor most mid-market manufacturers and exporters, the highest-value first step is identifying the small number of suppliers that represent disproportionate transition or physical risk, rather than attempting comprehensive coverage of every supplier from day one.
How does this relate to BRSR and BRSR Core specifically?

BRSR is SEBI's prescribed sustainability disclosure format for applicable listed companies, covering environmental, social, and governance parameters in a structured format. BRSR Core is a defined subset of BRSR indicators that carries a mandatory reasonable-assurance requirement, phased in by market-capitalisation tier — top 150 listed entities from FY 2023-24, extending to the top 1,000 by FY 2026-27. A separate, related requirement for assurance over a listed entity's value-chain ESG disclosures has since been eased by SEBI from comply-or-explain to fully voluntary. Our climate risk review builds the underlying risk assessment, governance structure, and metrics that make a credible BRSR (and BRSR Core, where applicable) disclosure possible — the disclosure filing itself, and any required assurance, is coordinated as part of or alongside this engagement depending on your specific applicability.

Practitioner noteWe see companies attempt to complete their first BRSR filing without ever having done the underlying risk assessment — the disclosure ends up describing processes and risk awareness that do not actually exist yet in any documented form. That gap is exactly what an assurance provider or an attentive investor will find.
What frameworks does PNPC reference in this review?

Primarily the TCFD four-pillar structure (governance, strategy, risk management, metrics and targets), carried forward into the IFRS Foundation's ISSB standards (IFRS S1 and IFRS S2), SEBI's BRSR and BRSR Core format for Indian listed entities, the GHG Protocol Corporate Standard for emissions accounting, and NGFS climate scenario pathways for scenario analysis. For UAE group entities, we factor in the UAE's National Climate Change Plan and 2050 Net Zero Strategy context alongside relevant free-zone sustainability expectations.

Practitioner noteFrameworks provide the structure, not the substance — the real value of the engagement is in accurately mapping your specific physical and transition exposure and testing it honestly, not in producing a document that merely cites the right acronyms.
Our investor sent us a CDP questionnaire. Can PNPC help us respond?

Yes. CDP (formerly the Carbon Disclosure Project) questionnaires are increasingly used by institutional investors and larger corporate customers to assess supplier and portfolio-company climate performance. We help structure a credible response grounded in your actual risk assessment and emissions data, rather than a response that overstates maturity your organisation does not yet have — which tends to be discovered in subsequent years' comparisons or investor follow-up.

Practitioner noteA first CDP response with an honest, lower initial score and a credible improvement trajectory is generally viewed more favourably by sophisticated investors than an inflated first response that cannot be sustained or evidenced in year two.
Does climate risk review cover our UAE operations too?

Yes. PNPC has operating offices in Chennai, Bangalore, Hyderabad, and Dubai. For groups with an India-UAE footprint, we assess both sides under one coherent engagement — India-side BRSR/regulatory context and physical hazard mapping, and UAE-side considerations including desalination-dependent water sourcing, the UAE's National Climate Change Plan and 2050 Net Zero Strategy, and relevant free-zone or ADGM/DIFC sustainable finance expectations — rather than treating them as two disconnected local exercises.

Practitioner noteWater security is a distinct and often underweighted climate consideration for UAE operations specifically, given the region's dependency on energy-intensive desalination — we factor this explicitly into the UAE-side physical risk assessment.
What is 'greenwashing' and how does this review help us avoid it?

Greenwashing refers to disclosure or marketing claims about environmental or climate performance that are not adequately supported by underlying evidence, data, or governance — ranging from overstated sustainability claims to disclosures that are inconsistent with actual internal risk assessments. Regulators, stock exchanges, and increasingly courts globally are scrutinising this more closely. Our review's core discipline — building disclosure directly from an evidenced risk assessment and governance structure, rather than the other way round — is specifically designed to produce disclosure that can withstand scrutiny.

Practitioner noteWe flag any gap between a client's aspirational public messaging and their actual internal risk assessment directly and early — it is far cheaper to adjust the messaging before publication than to explain the discrepancy after an investor, journalist, or regulator identifies it.
Is this review useful for a company with no plans to raise external capital?

Yes, though the urgency and framing differ. Even without investor pressure, physical climate risk is a genuine operational and insurance risk — facility disruption from extreme weather affects any business regardless of ownership structure. Transition risk from carbon pricing or shifting customer preference is similarly indifferent to whether you have external investors. The review is simply framed more around operational resilience and cost management than disclosure and investor relations for closely-held companies without near-term capital-raising plans.

Practitioner noteWe have seen closely-held manufacturing businesses discover, through this exercise, that a single facility carries outsized flood or water-stress risk that had never been formally assessed — purely a resilience and insurance conversation, with no ESG-disclosure angle involved at all.
What role does the board play, and does climate risk need its own committee?

TCFD's first pillar is governance specifically because oversight structure matters as much as the underlying risk data. Larger or more exposed companies often establish a dedicated ESG or sustainability committee, or explicitly extend the audit or risk committee's mandate to cover climate risk. Smaller companies may adequately address this at full board level without a separate committee, provided oversight is genuinely documented — regular agenda time, defined reporting cadence, and recorded board discussion — rather than informally assumed.

Practitioner noteWe assess governance structure proportionate to company size and risk profile — recommending a dedicated committee for every client regardless of scale would itself be a disproportionate, box-ticking recommendation rather than genuine governance advice.
What happens if the review finds a serious, previously unassessed physical risk to a key facility?

We report it factually and flag it as a priority finding immediately rather than holding it for the final report. Depending on severity, this typically triggers a conversation about adaptation investment (flood defences, alternative water sourcing, backup power), insurance coverage adequacy, or in some cases a longer-term strategic question about the facility's location. We are not engineers or insurance brokers, and coordinate with specialist technical or insurance partners where the finding warrants deeper, specialist assessment.

Practitioner noteThe most valuable finding in these reviews is often not a new risk nobody knew about, but a risk operations teams had informally flagged for years without it ever reaching board-level capital allocation discussion — the review gives it a formal, documented pathway to the board.
How much does a Sustainability & Climate Risk Review cost?

Fees depend on the number of facilities and their geographic spread, whether a first-time GHG inventory needs to be built, the applicable disclosure framework (BRSR Core assurance carries its own defined scope and cost), and whether UAE operations are in scope. PNPC provides a written scope and fee proposal after the initial scoping conversation, before any chargeable work begins.

Practitioner noteWe do not price this off a generic per-site rate card without first understanding your data maturity — a business with organised facility and energy data moves faster and costs less than one where this information has never been centrally collected, and we reflect that honestly in the proposal rather than pricing everyone the same.
Can this review support a green loan or sustainability-linked loan application?

Yes, in many cases. Lenders offering green loans or sustainability-linked loans increasingly require evidence of a credible sustainability risk framework and, for sustainability-linked structures, defined and monitored ESG-linked performance metrics as a condition of preferential pricing. A recent, well-documented climate risk review with defined metrics and targets can support this application, though the specific format and metrics a particular lender requires should be confirmed with them directly.

Practitioner noteWe can tailor the report's executive summary specifically for a lender audience where that is a known objective at the scoping stage — the underlying assessment rigour does not change, but the framing and metrics emphasis can be adjusted.
Who should be the internal sponsor for this engagement?

Ideally a board member (audit committee chair, risk committee chair, or a dedicated ESG committee chair where one exists), with the CFO, company secretary, or head of sustainability as the operational coordinator. Anchoring the review at board level — rather than solely within an operational sustainability function — preserves the governance credibility that TCFD and ISSB both expect to see evidenced, and ensures findings translate into actual capital allocation decisions rather than staying at operational level.

Practitioner noteWe have seen sustainability functions produce excellent technical risk assessments that never influenced an actual board decision because the sponsorship sat entirely below board level — board sponsorship from the outset avoids this.
How is this different from an internal audit of environmental compliance?

An internal audit of environmental compliance typically checks adherence to existing environmental regulations, licences, and consents — a backward-looking, compliance-focused exercise. A Sustainability & Climate Risk Review is forward-looking and strategic — it assesses exposure to future climate scenarios, transition dynamics, and evolving disclosure expectations, alongside (but distinct from) current regulatory compliance status. Many clients benefit from both, run as complementary rather than overlapping exercises.

Practitioner noteWe coordinate with a client's existing environmental compliance function or advisor where one exists, rather than duplicating that work — the climate risk review builds on, rather than replaces, environmental compliance assurance.
What is 'stranded asset' risk and does it apply to us?

A stranded asset is one that suffers unanticipated or premature write-downs, devaluation, or conversion to a liability because of shifts associated with the transition to a lower-carbon economy — for example, fossil-fuel-dependent equipment that becomes commercially unviable as cleaner alternatives fall in cost, or a facility whose primary customer base shifts away from a carbon-intensive product line. It is most directly relevant to energy, heavy industry, and carbon-intensive manufacturing, but the underlying logic (capital committed to an asset whose economic life may be shortened by transition dynamics) is worth assessing for any business with long-lived, carbon-intensive fixed assets.

Practitioner noteWe assess this specifically where a client's capital expenditure plan shows continued investment in carbon-intensive technology or equipment with a 15–20 year expected life — the scenario analysis stage is where this exposure becomes most visible and actionable.
Does the review consider water risk separately from broader physical climate risk?

Yes, where material. Water stress — whether from reduced rainfall reliability, groundwater depletion, or (for UAE facilities) desalination dependency — is treated as a distinct chronic physical risk category, particularly relevant for water-intensive manufacturing, agriculture-linked businesses, and any facility in a water-stressed region as identified by publicly available water risk indices.

Practitioner noteWater risk is one of the most commonly underweighted physical risks in first-time reviews, particularly for businesses outside the most visibly water-stressed states — we make a point of assessing it explicitly rather than assuming it is immaterial by default.
How often should the review be refreshed?

Most clients settle into an annual refresh aligned with their board's ESG or risk governance calendar and their disclosure filing cycle (BRSR or equivalent), supplemented by event-triggered mini-reviews whenever there is a material change — a new facility, a new export market, an actual weather-related disruption, or a significant change in transition policy such as evolving CBAM rules.

Practitioner noteWe build the refresh cadence into the original engagement discussion so it becomes a planned governance item on the board calendar, rather than something that has to be remembered and re-commissioned from scratch each year.
Can PNPC help set science-based or net-zero targets, not just assess risk?

We can support the initial framing and governance structure for target-setting — establishing a credible baseline emissions year, identifying realistic near-term reduction levers, and structuring how targets will be governed and tracked. Formal validation against the Science Based Targets initiative (SBTi) methodology, where a client wants that specific external validation, is coordinated with SBTi's own process, which sits outside PNPC's direct assurance role but which we help clients prepare for.

Practitioner noteWe caution clients against announcing a public net-zero or science-based target before the underlying baseline and reduction pathway are genuinely credible — a publicly announced target that is later missed or walked back carries more reputational cost than a more modest, achievable target announced with real substance behind it.
What is the difference between reasonable assurance and limited assurance for BRSR Core?

Limited assurance involves the assurance provider performing procedures designed to reduce risk to a moderate level, resulting in a negative-form conclusion (nothing has come to our attention to indicate the information is materially misstated). Reasonable assurance involves more extensive procedures, comparable in rigour to a financial statement audit, resulting in a positive-form opinion. SEBI's BRSR Core framework itself mandates reasonable assurance across its phased glide path (top 150 listed entities from FY 2023-24, extending to the top 1,000 by FY 2026-27) — there is no lighter limited-assurance tier within BRSR Core itself. Limited assurance applies to a separate, related requirement: ESG disclosures for a listed entity's value chain, which SEBI has since moved from a comply-or-explain basis to a fully voluntary basis.

Practitioner noteClients often conflate the two — BRSR Core assurance for the listed entity itself is reasonable assurance from the outset, not a lighter-touch formality; it is the now-voluntary value-chain layer that carries the limited-assurance concept, and getting this distinction right matters when scoping the assurance engagement.
Do smaller, unlisted companies gain anything from this review, given BRSR does not apply to them?

Yes, for several practical reasons even without a direct statutory trigger — supply-chain ESG requirements from larger corporate customers (who themselves face BRSR value-chain expectations), private equity investors applying ESG screening even at growth-stage investment, lender interest in sustainability-linked facilities, and straightforward operational resilience against physical climate risk that applies regardless of listing status. Many of our unlisted mid-market clients commission this review specifically because a larger customer or a PE investor has started asking questions they could not yet answer credibly.

Practitioner noteWe scope proportionately for unlisted clients — a lighter governance-and-risk-mapping exercise without the full BRSR Core assurance apparatus, calibrated to their actual current pressure points rather than a full listed-company-grade programme they do not yet need.
How does PNPC ensure independence, given you may also handle our tax and statutory audit work?

Where PNPC is the incumbent CA firm for a client's other compliance work, we are transparent about that relationship in the engagement scope. Where genuine independence is required — particularly for any formal BRSR Core assurance engagement, which carries its own independence standards analogous to statutory audit independence — we structure the assurance team separately from the team handling the client's other advisory work, consistent with how we manage independence across our broader assurance practice.

Practitioner noteFor listed entities where independence expectations are highest, we discuss this explicitly at the scoping stage, including where appropriate proposing a genuinely separate engagement team or partner sign-off structure for the assurance component specifically.
What is the single most common gap PNPC finds in first-time reviews?

In our experience, it is the absence of a documented governance structure — climate and sustainability risk is often being managed informally by one or two engaged individuals (frequently in the sustainability, HR, or CSR function) with no formal board-level oversight, no defined reporting cadence, and no linkage to capital allocation decisions. The underlying risk data, once gathered, is often more available than expected; the governance wrapper around it is usually the weaker link.

Practitioner noteWe prioritise fixing the governance gap early in the remediation roadmap precisely because it is the pillar every other framework (TCFD, ISSB, BRSR) places first — a strong risk register with no governance structure behind it will not satisfy an assurance provider or a sophisticated investor.
Why PNPC Global
FeatureGeneric ESG ConsultancyBoutique Sustainability-Only FirmPNPC Global
Grounding in your actual financials and risk frameworkOften treated as a standalone workstream disconnected from core financial riskDeep ESG expertise but limited integration with tax, audit, and corporate advisory contextIntegrated with your existing CA relationship — climate risk assessed alongside financial and regulatory risk, not in isolation
India-specific regulatory depth (BRSR, BRSR Core, RBI climate guidance)Often applies a global template loosely adapted to IndiaStrong on international frameworks, variable depth on India-specific SEBI/RBI mechanicsBuilt around SEBI BRSR/BRSR Core and evolving RBI expectations as the primary operating context
Cross-border India-UAE coverageNot typically offered as a single engagementRarely offered — most boutiques are single-jurisdictionSingle team, both jurisdictions, from our own Chennai and Dubai offices
Assurance capability for BRSR CoreOften subcontracted or referred externallyVaries — some lack formal assurance credentialsIn-house Chartered Accountancy assurance capability, integrated with the risk assessment itself
Continuity of relationship across audit, tax, and ESGOne-time transaction, separate provider from your other advisorsStandalone relationship, disconnected from your statutory audit and tax advisorySame firm, often the same engagement partner, across your climate risk review, statutory audit, and tax advisory
Fee structure for mid-market entitiesCan be priced for large-enterprise budgets, disproportionate for mid-marketMore proportionate but limited broader advisory depthProportionate, transparent, agreed in writing before work begins
Access when a question arises laterFormal account management, response times varyVariable, depends on firm sizeDirect phone/WhatsApp access to your engagement CA

What the PNPC package includes

  1. 01

    Scoping consultation to understand your specific disclosure trigger, sector exposure, and data maturity before the engagement is priced

  2. 02

    Physical risk mapping across every facility using publicly available climate hazard data — flood, cyclone, water stress, and heat exposure

  3. 03

    Transition risk assessment covering policy, market, technology, and legal risk relevant to your sector, including CBAM exposure for covered exporters

  4. 04

    GHG inventory review or first-time phased build, aligned to the GHG Protocol Corporate Standard

  5. 05

    Structured scenario analysis using publicly available reference pathways, calibrated to your data maturity

  6. 06

    Governance gap assessment against TCFD's four pillars and, where applicable, ISSB and SEBI BRSR requirements

  7. 07

    Disclosure gap analysis against BRSR, BRSR Core, TCFD, ISSB, or a specific investor/lender requirement

  8. 08

    Severity × likelihood risk register covering both physical and transition risk, built as a living management tool

  9. 09

    Direct presentation to your board, audit committee, or ESG committee — not just an emailed PDF

  10. 10

    Disclosure-readiness roadmap with realistic phasing for your first or next reporting cycle

  11. 11

    Optional BRSR Core assurance engagement, scoped and timed to your annual filing deadline

  12. 12

    Direct contact with your engagement CA — by phone and WhatsApp — for the life of the relationship

Speak directly with a PNPC Chartered Accountant about your organisation's climate and sustainability risk exposure. Not a generic global ESG template, not a disconnected sustainability-only boutique — a practising CA firm that has advised boards across India and the UAE since 1986, and that builds your climate disclosure on an evidenced risk assessment rather than an aspirational narrative.

← Back to Risk Advisory
Talk to a CA