Decoding ASIC Regulatory Guide 280: What It Means For Directors

Introduction

The rules of corporate reporting shifted on 31 March 2025. With ASIC Regulatory Guide 280 now live, mandatory sustainability reporting is no longer a future project. It is embedded into governance, finance, and operations. The modified liability regime offers breathing space, but it is not a shield. It is a runway to build systems that stand up to audit, investor scrutiny, and full civil exposure from 2028.

This guide translates RG 280 into a practical plan. It covers the transition period protections for 2025–2027, AASB S2 compliance requirements, scope 3 emissions reporting, scenario analysis, data quality and auditability, and how to integrate climate-related financial disclosures with financial reporting.

What RG 280 Changes Right Now

Who must report and when

• Group 1 entities begin immediately for periods commencing on or after 1 January 2025 (large listed and equivalent private entities).
• Group 2 and Group 3 phase in from July 2026 and July 2027.
• The framework is anchored in the Treasury Laws Amendment (Financial Market Infrastructure and Other Measures) Bill 2024 and applies existing director obligations to sustainability reporting.

What directors must declare in the transition period

• For periods commencing 1 January 2025 to 31 December 2027: a reasonable steps director declaration covering compliance with the Corporations Act and AASB S2.
• From 1 January 2028: unqualified declarations and full civil liability.

Where the modified liability regime applies (and does not)

• Protected statements: certain future-focused climate statements inside the sustainability report and specific cross-references required in the Operating and Financial Review (s 299A).
• Not protected: marketing collateral, investor presentations, ASX announcements, AGM Q&A, and other statements outside the sustainability report. These remain fully exposed to civil action.

Why this matters

• Messaging must be consistent across all channels to avoid greenwashing claims.
• The window to build capability is limited. By 2028, controls need to be mature, data auditable, and methodologies defensible.

Turning the Modified Liability Regime Into a Plan

Immediate priorities

• Map obligations and scoping: entity boundary, reporting periods, material topics under AASB S2, and dependencies across finance, operations, sustainability, and IT.
• Establish a governance charter: board oversight cadence, management committees, and decision rights for disclosures.
• Confirm the internal control environment: risk assessment, process narratives, key controls, control owners, and evidence required.
• Define an internal assurance approach: first and second line reviews pre-issuance. Engage external auditors early on scope, evidence expectations, and readiness.

Build a single source of truth for climate data

• Create a central ESG data model with standard definitions, emission factors, organisational boundaries, and change logs.
• Automate data capture from source systems where possible. Reduce manual spreadsheets and copy-paste.
• Implement version control, user access, and audit trails. Every number should be traceable back to a source.
• Align reporting calendars with financial close to support integrated reporting and cross-references.

Controls external auditors commonly expect

• Documented methodologies for scope 1, 2, and scope 3 emissions, including emission factors and calculation logic.
• Segregation of duties for data entry, review, and approval.
• Evidence packs: raw data extracts, reconciliation spreadsheets, and sample testing results.
• Management review controls with thresholds, variance analysis, and sign-off records.
• Disclosure controls ensuring the sustainability report aligns with the financial statements and OFR.

AASB S2 Compliance Playbook

Scope 3 emissions reporting without chaos

• Start with a materiality screen: map all 15 Scope 3 categories and prioritise those likely to be material by spend, volume, influence, or risk.
• Use a tiered measurement approach: supplier-specific data where available; otherwise reputable databases and proxy methods with clear assumptions.
• Build supplier engagement programs: clauses in procurement contracts, data templates, and cadence for updates.
• Track data quality: coverage, timeliness, and confidence levels, with a plan to improve year on year.

Scenario analysis that finance can use

• Model at least two scenarios: 1.5°C pathway and a scenario above 2.5°C, covering policy, technology, and market shifts.
• Link scenarios to financial planning: revenue sensitivity, cost of capital, impairment testing, and capex timing.
• Make assumptions explicit: carbon prices, demand curves, energy mix, and physical risk exposure by location.
• Reconcile with strategic plans: ensure capital allocation and transition projects reflect scenario insights.

Transition plans and the OFR

• Set decarbonisation milestones, interim targets, and governance for delivery.
• Map dependencies: technology adoption, procurement changes, and policy signals.
• Cross-reference within the OFR: ensure climate-related risks, opportunities, and financial impacts are consistent across the sustainability report and the OFR.

Data Quality And Auditability By Design

Materiality, estimates, and uncertainty

• Define materiality thresholds for climate metrics and narrative disclosures, aligned with investor needs and regulatory expectations.
• Disclose estimation methods, ranges, and limitations. Avoid false precision.
• Maintain a change log each period: emissions factors updated, methodology shifts, boundary changes, and restatements if required.

The documentation and evidence trail

• For each KPI and disclosure, keep a ready-to-share evidence pack: source data, transformation logic, controls performed, sign-offs, and exception handling.
• Catalogue third-party data sources and factors used, including licences and version dates.

System integration with ERP and EPM

• Integrate sustainability data into ERP, EPM, and BI tools to enable reconciliation with financials.
• Use master data governance: consistent vendor IDs, site codes, and chart-of-accounts mappings to reduce reconciliation friction.
• Create a monthly ESG close that mirrors the financial close to stabilise the year-end process.

Governance, Literacy, And Accountability

Roles and responsibilities across the business

• Establish a RACI across finance, operations, sustainability, risk, legal, and IT.
• Nominate accountable executives for scope 3, scenario analysis, transition plan, data quality, and disclosure controls.
• Form a disclosure committee that reviews both sustainability and financial reporting for consistency.

Board climate literacy and training

• Provide briefings on AASB S2, RG 280, modified liability regime, and investor expectations.
• Run deep dives on material climate risks and opportunities, including funding implications.
• Schedule table-top exercises to test disclosure judgments and crisis communications for potential greenwashing claims.

Consistency across channels

• Align sustainability report, OFR, website, roadshow decks, and ASX disclosures.
• Use approved language for forward-looking statements and uncertainty.
• Maintain a register of claims and credentials used in public communications with evidence support.

ASIC Enforcement And What To Expect

• ASIC has signalled a proportionate and pragmatic approach during the phase-in while expecting continuous improvement.
• Expect supervisory engagement where data quality, governance, or disclosures appear weak or inconsistent.
• Prepare now for firmer expectations post-2027 when full civil liability returns.

Practical Checklist: Reasonable Steps This Year

Governance and accountability

• Board-approved sustainability reporting charter and calendar
• Named executive owners and a disclosure committee
• RACI and escalation pathways documented

Controls and assurance

• Risk assessment covering climate-related financial disclosures
• Process narratives with key controls and control owners
• Evidence packs prepared for all material metrics and narratives
• Pre-issuance internal reviews and early external auditor scoping

Data and systems

• Single source of truth for ESG data with audit trails
• Integration plan with ERP/EPM and BI tools
• Supplier data collection templates and expectations
• Change log for methods, factors, and boundaries

Reporting and consistency

• AASB S2 mapping checklist completed
• Scenario analysis documented with financial linkages
• OFR cross-references aligned and reviewed
• External communications consistency review completed

Metrics And Milestones To Track

• Coverage: percentage of sites, suppliers, and spend with actual data
• Timeliness: days to ESG month-end close
• Data quality: error rates, exceptions cleared, and control effectiveness
• Assurance readiness: number of evidence packs ready and reviewed
• Improvement: year-on-year scope 3 data quality uplift by category

Common Pitfalls To Avoid

• Treating sustainability reporting as a stand-alone exercise, separate from finance
• Over-relying on consultants without building internal capability and challenge
• Under-documenting assumptions and proxies used for scope 3
• Inconsistency between the sustainability report, the OFR, and public statements
• Leaving scenario analysis disconnected from capital planning and risk

Useful Resources

• ASIC regulatory guides overview: https://asic.gov.au/regulatory-resources/regulatory-guides/
• AASB sustainability reporting hub: https://www.aasb.gov.au/sustainability-reporting/
• Corporations Act 2001 overview: https://www.legislation.gov.au/
• Treasury climate-related financial disclosure materials: https://treasury.gov.au/
• NGFS climate scenarios: https://www.ngfs.net/
• GHG Protocol Scope 3 Standard: https://ghgprotocol.org/standards/scope-3-standard

Internal reads

• How to build an ESG single source of truth that finance trusts: /blog/esg-data-governance
• AASB S2 compliance checklist and templates: /blog/aasb-s2-compliance-checklist
• Integrating climate data into planning and forecasting: /blog/integrated-esg-finance

Conclusion

RG 280 raises the bar for governance, data quality, and disclosure discipline. The modified liability regime provides a narrow window to build capability with reduced civil exposure, but expectations for reasonable steps are real. The organisations that treat the transition period as a build phase for robust, investor-grade reporting will be ready for 2028 and beyond.

If you would like a practical head start, explore the AASB S2 checklist, evidence pack templates, and the ESG data model guide linked above. Share this guide with your reporting team, and subscribe for updates as ASIC issues further guidance.