The ESG reporting has been strongly shaped by climate-related disclosure over the past decade. Greenhouse gas inventories, net zero commitments, and Scope 1, 2, and 3 emissions reporting have become central features of many investor, regulatory, and corporate reporting processes. That emphasis remains important. At the same time, disclosure expectations are broadening beyond carbon alone toward a wider set of sustainability-related risks and opportunities, including questions of resilience and governance.

That broader lens reaches directly into day-to-day operations. Field teams, mobile technology, distributed assets, and remote-site infrastructure all expose organisations to practical risks that sit beyond emissions accounting alone. In practice, this can extend to asset stewardship and continuity planning for business-critical tools used in the field. For some organisations, that may include measures such as portable equipment insurance as part of a broader operational risk-management approach.

The Limitations of a Carbon-Only Lens

What Early ESG Frameworks Got Right — and What They Left Out

The Task Force on Climate-related Financial Disclosures, whose work has since been incorporated into the ISSB's IFRS S2 standard, made a major contribution to corporate reporting. It gave companies a structured framework for describing climate-related matters through four pillars: governance, strategy, risk management, and metrics and targets. In the UK and elsewhere, that framework helped organisations become more systematic in identifying and describing both physical climate risks, such as flooding and heat stress, and transition risks linked to policy, technology, and market change.

At the same time, these frameworks were designed primarily for climate-related disclosure. That meant broader sustainability-related matters outside the climate lens were not always addressed with the same direct focus. IFRS S1, the ISSB's general sustainability disclosure standard, broadens the scope by requiring entities to disclose information about sustainability-related risks and opportunities that could reasonably be expected to affect their prospects. In practice, that can bring issues such as resilience, continuity, and operational governance into scope where they are materially connected to sustainability-related risks and opportunities.

The UK's Sustainability Reporting Standards are closely based on IFRS S1 and IFRS S2. Under the FCA's current proposals, the new rules for listed issuers would apply to accounting periods beginning on or after 1 January 2027, with transitional reliefs for some disclosures. Organisations that treat that date purely as a future compliance milestone, rather than as a prompt to strengthen reporting systems and governance now, may leave themselves with limited preparation time if the proposals are finalised broadly as consulted on.

Continuity Risk as a Material ESG Issue

Where the New Frontier of Disclosure Sits

Business continuity has traditionally been managed within enterprise risk functions, supported by tools such as business impact analyses, recovery objectives, and incident response planning. What is evolving is the expectation from regulators and investors that material operational risks — and the governance structures overseeing them — be disclosed more transparently within sustainability-related reporting.

Professional guidance on operational resilience increasingly highlights the convergence between risk management, sustainability considerations, and organisational continuity planning. Rather than treating these disciplines as separate workstreams, many organisations are moving towards more integrated governance approaches as part of broader resilience strategies.

Within IFRS S1's materiality-based framework, continuity-related risks may fall within the scope of sustainability disclosure where they arise from material sustainability-related risks or opportunities. In practice, this can include areas such as:

• Supply-chain disruption, including concentrated supplier dependencies, geopolitical exposure, and climate-related operational impacts
• Digital and cyber resilience, particularly where operational disruptions could affect financial performance or access to capital
• Asset and operational continuity, including the ability to maintain service delivery during physical disruption, equipment failure, or workforce constraints
• Third-party and outsourcing risk, including the resilience and sustainability performance of key service providers and platform partners

Where such risks are financially material, investors and other stakeholders increasingly expect to see them addressed transparently within sustainability-related disclosures rather than treated solely as internal operational matters.

Digital Resilience: An Emerging Governance Priority

The convergence of cybersecurity and ESG is not always obvious, but it is becoming more visible in the compliance landscape. In many regulated and critical sectors, organisations are facing growing expectations to demonstrate effective governance over IT systems, incident response, and third-party digital risks.

Those capabilities can, in turn, affect the integrity and reliability of the sustainability-related data that investors and regulators use in assessing disclosure quality. In the UK, the Cyber Security and Resilience Bill is intended to strengthen the Network and Information Systems regime and expand resilience expectations for essential and digital services.

The following categories of continuity-related risk may intersect with sustainability disclosure frameworks:

Climate-related physical risk — Environmental dimension. Key context: UK SRS S2 / IFRS S2. Focus: Scenario analysis, resilience strategy, adaptation measures.

Cyber and digital resilience — Governance dimension (where operationally material). Key context: UK cyber resilience reforms / evolving NIS framework. Focus: Incident governance, resilience controls, and oversight structures.

Supply-chain sustainability risk — Social (and environmental under CSDDD) dimension. Key context: EU CSDDD / UK Modern Slavery Act. Focus: Due diligence systems, risk identification, and remediation processes.

Operational resilience and asset continuity — Governance / Risk management dimension. Key context: IFRS S1 materiality framework. Focus: Continuity governance where linked to material sustainability-related risks.

Third-party technology provider risk — Governance dimension. Key context: DORA (EU financial sector). Focus: ICT outsourcing risk governance and monitoring.

Workforce resilience risk — Social dimension. Key context: GRI social disclosures / IFRS S1 (where material). Focus: Human capital risk management and capability resilience.

Building the Integrated Risk Narrative

Organisations moving ahead of emerging disclosure expectations are not simply adding new sections to existing sustainability reports. Instead, some are beginning to rethink governance structures so that areas such as operational resilience, digital risk management, and climate adaptation can be considered within more integrated oversight and reporting frameworks.

In practice, this can involve closer alignment between sustainability materiality assessments and enterprise risk processes, clearer board visibility over resilience-related risks where they are financially significant, more continuous approaches to supply-chain due diligence, and greater consistency between sustainability disclosures and financial reporting — particularly in areas such as capital allocation and contingency planning. IFRS S1 is designed to sit alongside general-purpose financial reporting and requires disclosure of sustainability-related risks and opportunities that could reasonably be expected to affect an entity's prospects, which supports this emphasis on connectivity.

The broadening of sustainability-related reporting beyond carbon does not necessarily signal a reduced focus on environmental ambition. Rather, it reflects a growing expectation that the same structured approach applied to climate risk — including governance oversight, forward-looking strategy, and transparent metrics — may also be relevant to other material sustainability-related risks. In that sense, climate disclosure has helped establish a discipline that is increasingly being considered across a wider range of risk topics.