On October 26, 2016, a New York state judge ordered PriceWaterhouseCoopers LLP (PwC) to produce documents related to an ongoing New York Attorney General (NYAG) investigation into whether Exxon Mobil Corporation (Exxon) committed financial fraud by failing to disclose the financial and operational impacts of known climate change-related risks to the business. The court order, if it withstands appeal, is further indication that public companies need to begin managing climate risk as an enterprise level concern, even though significant uncertainty remains regarding the level of public disclosure required. Out of an abundance of caution, companies should also not expect any internal climate risk projections, audits and assessments to remain private.

In the immediate case, the court rejected opposition to the production, finding that neither New York nor Texas law recognizes an accountant-client privilege that would enable Exxon to bar PwC from releasing the subpoenaed documents to the NYAG's office. The documents at issue relate to the projected cost of future carbon risks and Exxon's application of those projections to its asset and reserve allocation decisions. The NYAG also seeks documents related to PwC's role in compiling Exxon's greenhouse gas emissions data submitted voluntarily to the independent non-profit Carbon Disclosure Project, or "CDP".

The PwC subpoena supplements another, sent nearly a year ago by the NYAG, seeking a range of climate-related documents and information going back to 1977. That subpoena sought documents related to Exxon's knowledge of the array of physical risks caused by climate change, including ocean acidification, rising sea levels, extreme weather, and accelerated permafrost melting that leads to releases of massive stores of methane. The subpoena also sought production of information related to how Exxon integrated climate impact information into its energy forecasts, statements of demand for fossil fuels, securities disclosures, advertisements, and communications with trade groups.

The NYAG opened the investigation of Exxon pursuant to New York State's Martin Act (New York General Business Law, article 23-A, sections 352-353) after information was made public that Exxon had, over many decades, conducted thorough research on climate change and its resulting impacts. The investigation is not focused on whether Exxon misrepresented its internal findings about climate science, but rather on possible financial fraud related to Exxon's failure to include, in its statements to investors and the U.S. Securities and Exchange Commission (SEC), information regarding Exxon's knowledge of the direct and indirect impacts of climate change. The SEC has launched a similar investigation.

Assessing and Disclosing Material Information on Climate Change-Related Risks

The NYAG investigation highlights a potential concern for every public company over whether it should forecast and disclose its own climate change-related risks. That concern stems from federal securities law, which could expose any company to similar investigations or potential liability for not disclosing climate risks reasonably deemed "material" to the financial performance of that company. Such non-disclosure risk may initially depend on whether a public company has conducted and disclosed (or failed to disclose) any forecasts it has made as to the impacts of climate change on its business.

In 2010, the SEC published interpretive guidance "to public companies regarding the Commission's existing disclosure requirements as they apply to climate change matters." This guidance is "…intended to assist companies in satisfying their disclosure obligations under the federal securities laws and regulations." The guidance does not explain what risks a company should assess – nor does it fully explain how a regulated company should evaluate whether such risks are "material." Instead, the SEC provides only general guidance as to when climate-related risks and impacts might trigger a federal disclosure requirement. It identifies four broad categories of risk that may require disclosure:

  • Regulatory Risk. A company should consider whether the impact of pending or existing regulations is material to that company's operations, interests or assets.
  • International Legal Risk. A company should consider and disclose, when material, the risks, impacts and effects on the company from the implementation of treaties or international accords relating to climate change.
  • Business Risk. A company should consider an array of indirect impacts and consequences created by legal change, technological innovations, political action, and scientific developments regarding climate risks and opportunities.
  • Physical Risk. A company should evaluate the actual and potential material impacts to company assets and liabilities caused by certain environmental changes (e.g., extreme weather, increased drought, pestilence, rising sea levels) attributable to climate change.

The guidance also directs companies to focus on the four most pertinent disclosure requirements in the SEC's required periodic filings, including Form 10-Ks under Regulation S-K and stand-alone Form 20-F:

  • Item 101, Description of Business.
  • Item 103, Legal Proceedings.
  • Item 303, Management's Discussion and Analysis (MD&A).
  • Item 503(c), Risk Factors.

To assess "Regulatory Risk(s)", for example, the SEC Guidance advises public companies to be specific, and to identify risks in the context of the above sections of Regulation S-K or any other SEC rule or regulation. The Commission also notes the "two-step" analysis for disclosure under Item 303 (MD&A): first, a company's management must evaluate whether a pending piece of legislation or regulation is "reasonably likely to be enacted"; second, it must determine whether the legislation or regulation "is reasonably likely to have a material effect on the registrant, its financial condition or results of operations."

Climate-related risk and opportunity information is arguably material "if there is a substantial likelihood that the disclosure of the omitted fact would have been viewed by the reasonable investor as having significantly altered the 'total mix' of information made available."

The NYAG investigation raises a potentially significant new twist on the SEC disclosure requirements. Specifically, if a company conducted internal assessments and evaluations of its Regulatory Risks, Business Risks, and Physical Risks, yet failed to adequately disclose how such forecasts were known to affect their business, could that company be exposed to non-disclosure liability if the disclosure of such assessments might have affected a reasonable investor's decision making? If answered in the affirmative, the same rationale could hold true for any public company that has conducted, but not adequately disclosed, climate risk assessments that forecast material impacts to the company.

Clarifying How Companies Should Evaluate Climate Change-Related Risk Disclosures

To apply this emerging area of securities law, a public company must first determine what is and what is not "material" – but as yet there is no binding legal guidance on the materiality of climate change risks. Moreover, identifying material climate risk information is extremely difficult given the ubiquity of climate change impacts themselves. If climate change arguably affects every company in some way, individual companies will need significant further guidance to determine what level of materiality might trigger a disclosure requirement.

Such efforts are already underway. During the multilateral negotiations last year that resulted in the Paris Agreement on climate change, the G20 Financial Stability Board launched the Task Force on Climate-related Financial Disclosures (TCF). The TCFD's assignment is to promote more effective climate-related financial disclosures that will: (A) support informed investment, credit, and insurance-underwriting decisions about reporting companies, and (B) enable a variety of financial market participants to better understand the concentrations of carbon-related assets in the financial sector and the financial system's exposures to climate-related risks.

On March 31, 2016, the Task Force published Phase I of its report, identifying several principles necessary to an effective climate-disclosure regime. These include the need to: (1) present relevant information, (2) be specific and complete, (3) be clear, balanced, and understandable, (4) be consistent over time, (5) be comparable among companies within a sector, industry, or portfolio, (6) be reliable, verifiable, and objective, and (7) be provided on a timely basis. The TCFD's Phase II report will be published as early as mid-November, and could provide a basis for governments to design new disclosure criteria and guidance on climate risks under some form of "scenario-based" stress-testing that could be administered on a sectoral basis.

Out of an abundance of caution, companies should not operate under the assumption that internal climate risk projections, audits and assessments will remain private. Noting that some investors have urged even greater disclosure of climate risks, and that the concept of "materiality" may need revision with regard to climate risk, the SEC sought feedback on what level of disclosure is "important to an understanding of a registrant's business and financial condition and whether there are other considerations that make these disclosures important to investment and voting decisions." The SEC received more public comments on this issue than any other requested as part of the concept release. Until the SEC resolves this issue, companies should consider taking a proactive approach – helping to frame future disclosure requirements that would be practical, workable, and not unduly burdensome. Moreover, companies that have embarked on climate risk assessments should audit the degree to which such assessments are applied internally.