On October 7, 2023, California adopted a new set of far-reaching climate laws in the form of SB 253, the Climate Corporate Data Accountability Act (CCDAA), and SB 261, the Climate-Related Financial Risk Act (CRFRA) (collectively, the “California Climate Accountability Regime”). Because of the sheer size of the California market—the world’s fifth largest economy—the new legislation effectively will re-shape the Environmental, Social and Governance (“ESG”) and climate transparency debate far beyond the state’s borders.
Under the CCDAA, companies operating within California with annual revenues exceeding $1 billion must begin publicly reporting their greenhouse gas (“GHG”) emissions, including indirect emissions impacts resulting from their activity, starting in 2026. Under the CRFRA, companies operating in California with annual revenues exceeding $500 million must publish biennial climate-related financial risk reports disclosing both climate-related financial risk and measures taken to reduce and adapt to such risk by January 1, 2026. Covered companies under both bills must pay an annual fee, the amount of which is to be determined.
California’s Comprehensive Climate Accountability Regime
California has now outpaced the U.S. Securities and Exchange Commission, which back in March 2022 proposed a climate rule that would require public company registrants to disclose certain climate-related information in their annual reports and registration statements. And California sweeps in a potentially broader swath of companies because the California Climate Accountability Regime applies to both public and private companies that exceed certain revenue thresholds. In light of the size of the California market, these new state rules may effectively set a new national standard.
CCDAA
The CCDAA requires public and private companies “doing business” in California, with total annual revenues exceeding $1 billion in the prior fiscal year, to publicly report their direct and indirect GHG emissions. The bill does not define “doing business,” but it seems likely it will be interpreted broadly by stakeholders. For example, the California Tax Code defines “doing business” as “actively engaging in any transaction for the purpose of financial or pecuniary gain or profit” and regulators seem primed to apply an equally capacious definition here.
The CCDAA categorizes GHG emissions by scope, requiring companies to publicly disclose Scope 1 and 2 emissions starting in 2026, and Scope 3 emissions starting in 2027. Scope 1 emissions are those that stem from sources that the company owns or directly controls, regardless of location, including, but not limited to, fuel combustion activities. Scope 2 emissions are indirect GHG emissions from consumed electricity, steam, heating, or cooling purchased or acquired by a company, regardless of location. Scope 3 emissions are indirect upstream and downstream GHG emissions, other than Scope 2 emissions, from sources that the company does not own or directly control and may include, but are not limited to, purchased goods and services, business travel, employee commutes, and processing and use of sold products. Scope 3 emissions essentially include everything up and down a company’s value chain—a broad category where there is variance of opinion and practice in the nuance.
Measuring and reporting of GHG emissions must conform with the Greenhouse Gas Protocol (“GHG Protocol”) standards, informed by guidance developed by the World Resources Institute and the World Business Council for Sustainable Development. Covered companies must also obtain independent, third-party assurance of their public disclosure. Scope 1 and 2 emissions must be verified with “limited assurance” beginning in 2026, and with “reasonable assurance” beginning in 2030. Assurance for Scope 3 emissions will be verified with limited assurance starting in 2030. On or before January 1, 2025, the California State Air Resources Board will develop and adopt regulations overseeing the CCDAA’s disclosure requirements.
Failure to comply with the law’s requirements may result in an administrative penalty of up to $500,000 per reporting year.
CRFRA
The CRFRA requires public and private companies “doing business” in California with annual revenues exceeding $500 million to prepare a biennial climate-related financial risk report. The report must disclose the company’s (1) climate related financial risk, and (2) measures adopted to reduce and adapt to climate-related financial risk. “Climate-related financial risk” is defined in the bill as material risk of harm to immediate and long-term financial outcomes due to physical and transition risks. This includes risk to corporate operations, provision of goods and services, supply chains, employee health and safety, capital and financial investments, institutional investments, financial standing of loan recipients and borrowers, shareholder value, consumer demand, and financial markets and economic health.
On or before January 1, 2026, covered companies must publish their report to the company’s website. Failure to include the required disclosures in the report may lead to an administrative penalty of up to $50,000.
Compliance: Interplay with the SEC Proposed Climate Rule and EU Corporate Sustainability Reporting Directive (“CSRD”)
While the California bills are similar to the SEC proposed rule on climate-related disclosures, there are material distinctions.
First, the California Climate Accountability Regime applies to both public and private companies, while the SEC’s proposed rule applies only to public companies reporting to the SEC.
Second, the CCDAA requires disclosures for Scope 1, 2, and 3 GHG emissions, whereas the SEC proposed rule—perhaps recognizing the difficulty in quantifying Scope 3 emissions—only mandates Scope 3 disclosure from upstream and downstream activities if (1) the GHG emissions are “material” or (2) if the registrant has set a GHG emissions target or goal that includes Scope 3 emissions. The California law essentially compels covered companies to request GHG emissions data from non-covered companies (i.e., non-California companies or those with less than $1 billion in revenue) in their supply chain, making the reach of the CCDAA considerably more expansive than first meets the eye.
Companies required to comply with the EU-adopted CSRD will not find that the California Climate Accountability Regime imposes material new burdens. The CSRD likewise applies to any companies doing business in Europe above a certain revenue threshold (public or private, even if non-EU) and dictates comparable disclosure requirements.