Starting January 1, 2025, new rules of conduct for the Board of Statutory Auditors will come into effect, applicable to both listed and unlisted companies. These rules require an integrated approach to sustainability reporting, ensuring that companies comply with European and Italian laws and standards.

The New Role of the Board of Statutory Auditors

The Board of Statutory Auditors is tasked with overseeing compliance with laws, bylaws, and principles of sound administration. Specifically, it must ensure that sustainability reporting is prepared and published in accordance with current regulations and that ESG risks are managed appropriately. This includes verifying that the individual or consolidated sustainability reporting, when prepared, is drafted by the directors in compliance with the provisions of Legislative Decree 125/2024, which includes the use of an electronic format.

According to the obligations under Legislative Decree 125/2024, the Board of Statutory Auditors must:

  • inform the governing body of the public interest entity of the outcome of the attestation activities on the compliance of sustainability reporting and submit the additional report under Article 11, along with any observations;
  • monitor the financial and sustainability disclosure process and make recommendations/proposals to ensure its integrity;
  • oversee the effectiveness of the internal quality control system, risk management, internal audit, and sustainability reporting (individual and/or consolidated);
  • monitor the statutory audit of the financial statements and the attestation of compliance of the individual/consolidated sustainability reporting;
  • verify and monitor the independence of statutory auditors, sustainability auditors, or auditing firms;
  • be responsible for the selection process of statutory auditors (including sustainability auditors) or auditing firms.

The Board of Statutory Auditors also plays a crucial role in overseeing the company's internal control system, with a particular focus on sustainability and ESG risk management.

An Adequate Internal Control System

The Internal Control System can be defined as the set of rules, procedures, and organizational structures aimed at identifying, measuring, managing, and monitoring risks. An adequate internal control system is essential for the sustainable success of a company. The Internal Control and Risk Management System (ICRMS) is critical for data collection and ESG risk management. The Board of Statutory Auditors ensures that the ICRMS is adequate and functioning, guaranteeing that data collection procedures for sustainability reporting are accurate and reliable. Additionally, it oversees the adequacy of organizational structures and the achievement of ESG strategic objectives. This includes verifying that administrative and accounting systems are adequate and operational, contributing to the achievement of the company’s sustainability goals. To ensure an adequate internal control system, it is essential for companies to have a robust internal regulatory framework for accurate sustainability reporting.

This framework must include guidelines, procedures, and policies to ensure regulatory compliance and the completeness of the reported information. Moreover, the effective implementation of information flows between the Board of Statutory Auditors and other corporate control bodies is crucial. This coordination ensures that all parties involved work together to monitor and achieve sustainability goals. A possible internal regulatory framework could be structured as follows:

  • policy documents (Group Integrated Policy, Diversity and Inclusion Policy, Environmental Sustainability Policy, Corporate Policy on the Protection of Human Rights);
  • code of ethics;
  • ESG process guidelines;
  • Internal Control and Risk Management System guidelines;
  • Sustainability Officer Regulations;
  • ESG account plan definition document;
  • internal control system guidelines for sustainability reporting;
  • data collection procedures (data production attestation letters);
  • data collection forms.

Practical Guide for Auditors

EU Directive 2022/2464 and Legislative Decree 125/2024 impose sustainability reporting obligations on large enterprises and listed SMEs. The Board of Statutory Auditors must ensure that companies comply with these provisions, contributing to corporate transparency and accountability.

Below is a series of recommendations for Auditors:

  • familiarize yourself with the organizational model and the organizational chart related to sustainability reporting;
  • incontrare le funzioni aziendali preposte alla reportistica di sostenibilità;
  • meet with corporate functions responsible for sustainability reporting;
  • meet with the Sustainability Officer or the person in charge of sustainability reporting;
  • meet with second and third-level control functions (risk management, compliance, and internal audit);
  • familiarize yourself with the process and related internal regulatory system (guidelines, procedures, service orders);
  • familiarize yourself with the objectives of the ESG plan;
  • exchange information with the Supervisory Body;
  • meet with the sustainability reporting auditor to deepen the audit plan, key sustainability reporting issues, and the attestation process;
  • implement and oversee the receipt of a functional information flow also on sustainability matters;
  • participate in the Risk Control Committee and the Sustainability Committee, where applicable;
  • periodically monitor the progress of ESG objectives;
  • oversee the approval of sustainability reporting and its publication (also on the company website);
  • inform the governing body (observations on the additional report under Article 11) and stakeholders (through the annual report).

Conclusions

As discussed above, the Board of Statutory Auditors plays a fundamental role in ensuring the adequacy and effectiveness of the internal control system, with a particular focus on sustainability and ESG risk management.

By adopting the new rules and regulations, the Board of Statutory Auditors can be a valuable aid in helping companies achieve their sustainability goals and maintain compliance with national and European standards.

Edited by Matteo Morgagni (Certified Accountant), Mauro Lonardo (Partner, Certified Accountant)
Mauro Lonardo
International Contact Partner
View profile
Rome office
+ 39 06 575 49 63