ESG compliance FAQs
Honest, precise answers to the questions sustainability leads, finance directors and company secretaries actually ask. Last verified against gov.uk on 2 July 2026.
These are not generic sustainability platitudes. They are the questions we hear most often from mid and large UK companies working out what ESG compliance actually requires of them, answered with the facts pinned to their sources and with a clear line drawn between what is settled law today and what is still only proposed. Where a question has a precise, checkable answer — such as who is caught by SECR, or what a public tender demands under PPN 006 — we give it precisely, because a vague answer to a compliance question is worse than no answer at all.
The four questions we are asked most, and answer first below, are whether SECR applies to you at all, what Scope 1, 2 and 3 emissions actually are, whether buying solar or a power purchase agreement counts towards your net-zero target, and what ESG requirements tenders and pre-qualification questionnaires really impose. If your question is not covered, the deeper detail lives on the SECR thresholds, ESG for tenders and SECR reporting pages, or you can simply ask us directly.
Who legally has to report under SECR?
Two groups. First, all quoted companies, which report their global energy use and greenhouse gas emissions. Second, large unquoted companies and large LLPs, which report their UK energy use and emissions. Large uses the Companies Act test: you are caught if you meet at least two of three thresholds, 250 or more employees, turnover of more than 36 million pounds, and a balance sheet total of more than 18 million pounds. The disclosure goes in the directors' report (or an energy and carbon report for large LLPs) and is filed with your annual accounts at Companies House. There is one relief: a low energy user that consumes 40,000 kWh or less in the reporting period does not have to make the detailed disclosure but must state that it qualifies as a low energy user in its directors' report. These thresholds are verified against the UK government's environmental reporting guidelines as at 2 July 2026.
What are Scope 1, 2 and 3 emissions?
They are the three categories the GHG Protocol and the UK government's environmental reporting guidelines use to organise a company's greenhouse gas emissions. Scope 1 is direct emissions from sources you own or control, for example gas burned in your own boilers and fuel used in your own fleet vehicles. Scope 2 is indirect emissions from the energy you buy, principally purchased electricity, and also purchased heat, steam and cooling. Scope 3 is every other indirect emission across your value chain that you do not own or control, purchased goods and services, transport and distribution, business travel, waste, and the use of the products you sell, split into fifteen categories. For most businesses Scope 3 is by far the largest part of the footprint and the hardest to measure, which is exactly why it is the part large customers and public buyers ask about.
Does buying solar or a PPA count towards our net-zero target?
It can, but only for Scope 2, and only with honest caveats. Under the GHG Protocol's dual Scope 2 method you report two figures: a location-based figure using the average grid, and a market-based figure reflecting the electricity you have specifically contracted for. On-site solar or a well-structured power purchase agreement (PPA) reduces your market-based Scope 2 emissions, so yes, it counts towards that part of your target. Two things to be clear about. First, it does nothing for your Scope 1 fuel use or your Scope 3 value chain, which are often the bigger numbers. Second, the credibility depends on quality and additionality, a genuine on-site installation or a proper PPA is far more defensible than unbundled renewable certificates bought to flatter the figure. We build targets so a PPA counts where it genuinely should, and no further, which keeps the claim safe from a greenwashing challenge.
What ESG do tenders and PQQs actually ask for?
For major central-government contracts, the headline requirement is a Carbon Reduction Plan under Procurement Policy Note 006 (which updated the former PPN 06/21 to reflect the Procurement Act 2023). It applies to contracts with an estimated value above 5 million pounds per year including VAT, and the supplier must have, and publish, a Carbon Reduction Plan that confirms a commitment to net zero by 2050, states the current carbon footprint and sets out the measures to reduce it, in a set format. Beyond central government, selection questionnaires and PQQs from local authorities, NHS bodies, universities and large private buyers increasingly ask for your carbon footprint, your reduction targets, evidence of an environmental management system, and your policies on modern slavery and governance. The practical point is that ESG has become a gateway to winning work, not just a compliance chore, and a missing Carbon Reduction Plan can disqualify an otherwise winning bid. Verified against gov.uk as at 2 July 2026.
Is UK SRS actually law yet?
Not yet. The UK Sustainability Reporting Standards, UK SRS S1 and S2, are the UK's version of the ISSB's global baseline (IFRS S1 and S2). The government has finalised them and made them available for voluntary use, the gov.uk guidance was last updated on 25 February 2026, but has not made them mandatory. Government and the Financial Conduct Authority are still considering whether to require certain UK entities, most likely listed companies first, to report against them, and the FCA consulted on changes to the UK Listing Rules with that consultation closing on 20 March 2026. So the honest position as at 2 July 2026 is: finalised, voluntary, and under active consideration for a future mandatory regime, but not law today. Anyone telling you UK SRS is already compulsory is overstating it. We build your reporting on the duties that bind you now, structured so adopting UK SRS later is an extension, not a rebuild.
SECR, ESG and net zero, what's the difference?
They are related but not the same. SECR is a specific, mandatory disclosure of your energy use and carbon emissions in your annual accounts, it is a legal reporting duty with a filing deadline. ESG is the broad umbrella, environmental, social and governance, covering everything from carbon and climate to labour practices, diversity, supply-chain ethics and board governance, only some of which is currently mandated in law. Net zero is a target, a state where your remaining emissions are balanced by removals, which the UK has committed to reach by 2050 in statute and which individual companies set their own dated targets towards. In short: net zero is the destination, ESG is the whole map, and SECR is one specific report you must file along the way. A good programme connects all three so the report, the strategy and the target reinforce each other.
Do SMEs have to comply with ESG reporting?
Mostly not directly, but increasingly in practice. SECR and the mandatory TCFD-aligned disclosure rules are aimed at quoted companies and large businesses, an SME below the SECR thresholds (250 employees, 36 million pounds turnover, 18 million pounds balance sheet) generally has no direct legal duty to make those disclosures. The pressure arrives indirectly, through the supply chain: a large customer reporting its own Scope 3 emissions, or bidding for a public contract under PPN 006, will ask its suppliers, including SMEs, for a carbon footprint, a reduction plan or ESG information. So a smaller business often needs a credible carbon baseline and a simple net-zero plan not because the law compels it, but because its biggest customers do. We are honest about that distinction rather than frightening SMEs with duties that do not apply to them.
How is a carbon baseline built?
A carbon baseline is a greenhouse gas inventory for a chosen base year, built to the GHG Protocol Corporate Standard. We start by setting the boundary, which sites, entities and activities are in scope, then gather the activity data: electricity, gas and other fuel consumption from your meters and invoices for Scope 1 and 2, and, where in scope, value-chain data for Scope 3. That activity data is converted to tonnes of CO2 equivalent using the UK government's official conversion factors for company reporting, the same dataset SECR and TCFD-aligned disclosures use, so the result is defensible. For Scope 2 we calculate both the location-based and market-based figures. The output is your total footprint, an intensity ratio, and the hotspots, which is what a target and a roadmap are then built against. Done properly once, the baseline feeds the report, the SBTi target and the plan without being redone each time.
What is a science-based target and the SBTi?
A science-based target is an emissions-reduction target set in line with what climate science says is needed to limit global warming, rather than a round number picked for a press release. The Science Based Targets initiative (SBTi) is the independent body that sets the methodology and validates company targets, typically a near-term target of around five to ten years and a long-term net-zero target. Having an SBTi-validated target gives investors, lenders and large customers external assurance that your goal is credible rather than aspirational. It is important to be clear that SBTi validation is voluntary and market-led, it is not a legal requirement, so we recommend it where it earns its keep, for a company under investor or customer pressure, and we do not pretend it is compulsory when it is not.
How long does an ESG programme take?
It depends on scope and data maturity, and we would rather set an honest expectation than a flattering one. A bounded, single-entity SECR baseline and disclosure for a company with reasonable energy data can often be delivered in a matter of weeks. A full Scope 1 and 2 footprint with a net-zero roadmap and an SBTi-aligned target across several sites is a multi-month engagement. A group programme with material Scope 3, which needs supplier engagement and data collection across the value chain, plus TCFD-aligned disclosure and independent assurance, typically runs across a reporting cycle and then continues year on year, because ESG reporting is an annual duty, not a one-off. The biggest variable is always Scope 3 and supplier data. We scope the timeline against your actual reporting deadlines so the disclosure is ready when the accounts are filed or the tender closes.
What does ESG compliance cost?
There is no honest single price, because an ESG programme is scoped on your business, and we would be misleading you to quote a headline figure. The cost is driven by the size of the company and which regimes catch it, the number of sites and meters in the carbon inventory, how mature your existing data is, whether you need a SECR-only disclosure or a full TCFD-aligned and UK-SRS-ready programme, and above all whether Scope 3 value-chain emissions are in scope, which is the single largest variable because it involves supplier engagement. A bounded single-entity SECR baseline sits at one end of the range and a multi-site group programme with material Scope 3 and assurance at the other. We give a firm quote once we understand those variables, and we set out clearly what each tier includes so you are never paying for scope you do not need.
What is greenwashing and how do we avoid it?
Greenwashing is making an environmental claim that is misleading, unsubstantiated or exaggerated, saying you are carbon neutral or net zero, or that a product is green, without the evidence to back it. It is a real legal and reputational risk: the Competition and Markets Authority's Green Claims Code sets out how environmental claims must be truthful, clear, substantiated and not omit material information, under consumer protection law. You avoid it by doing the opposite of what most vague ESG pages do: quantify claims against a properly built baseline, report both location-based and market-based Scope 2 rather than cherry-picking, be clear about what a PPA or an offset does and does not cover, disclose your methodology, and never call something net zero without a credible plan and, where appropriate, a recognised standard such as PAS 2060 or ISO 14068 behind it. Honest, quantified disclosure is both better compliance and a stronger competitive position.
What is materiality and a materiality assessment?
Materiality is the judgement about which ESG issues matter enough to focus on and to report. A materiality assessment is the structured process of identifying and prioritising them, engaging the business and often its investors and value chain to decide which environmental, social and governance topics are significant. Increasingly the framework used is double materiality: assessing both how sustainability issues affect the company financially (financial materiality) and how the company's activities affect people and the environment (impact materiality). It matters practically because you cannot report everything, and because both TCFD-aligned disclosure and the UK Sustainability Reporting Standards expect you to focus on material risks and opportunities, and Scope 3 reporting explicitly requires you to report material categories. A good materiality assessment is what keeps a programme focused and a report credible rather than an unfocused list of everything.
Is an ESG report audited or assured?
It can be, and increasingly investors, lenders and boards ask for it. Independent assurance of a sustainability or greenhouse gas disclosure is usually carried out under ISAE 3000 or, for greenhouse gas information specifically, ISAE 3410, at either a limited or a reasonable level of assurance. A SECR disclosure sits within the directors' report, which is subject to the normal statutory audit framework, though the carbon figures themselves are not always separately assured unless the company chooses it. The direction of travel is towards more assurance, not less, the government has been consulting on an oversight regime for the assurance of sustainability-related disclosures. The practical point is that a report built to be assurance-ready, with a clear methodology and a defensible data trail, is far cheaper and less painful to assure than one assembled at the last minute, which is how we build them.
Is SECR the same as ESOS?
No, though they catch a similar size of business and are often confused. SECR is a reporting duty: you disclose your energy use and carbon emissions in your annual accounts. ESOS, the Energy Savings Opportunity Scheme, is a mandatory energy-audit scheme for large undertakings — broadly those with 250 or more employees, or meeting turnover and balance-sheet thresholds — which requires you to audit your energy use and identify savings on a set cycle; Phase 3 action plans were due by 5 December 2024. So ESOS is about finding efficiency opportunities through an audit, while SECR is about disclosing your energy and carbon figures in the directors’ report. Many companies are caught by both, and the energy data gathered for one feeds the other, which is why we look at them together rather than in isolation. These points are verified against gov.uk as at 2 July 2026.
Do the SECR and TCFD thresholds mean the same thing?
No — and conflating them is a common and costly mistake. SECR catches quoted companies, and large unquoted companies and LLPs, where large means meeting at least two of three Companies Act thresholds: 250 or more employees, turnover over £36 million, and a balance sheet total over £18 million. Mandatory TCFD-aligned climate-related financial disclosure, under the Companies (Strategic Report) (Climate-related Financial Disclosure) Regulations 2022, uses a different and higher bar: the largest traded companies, banks and insurers, plus private companies and LLPs with more than 500 employees and turnover over £500 million, and AIM-listed companies with more than 500 employees. So a company can be well within SECR scope but nowhere near TCFD scope. Getting each test right for your specific structure is the first thing we do, because it determines what you actually have to produce. Both sets of thresholds are verified against gov.uk as at 2 July 2026.