This two-part blog post series was co-authored by experts at Stok and Arcadis–two firms working to address climate risk across sectors.
A rapidly evolving wave of global climate regulation is inspiring—and requiring—corporate action. While it may seem daunting, early action on credible, jurisdiction-ready disclosures positions companies to meet investor demands, avoid compliance risks, and lead with resilience in a low-carbon economy.
But how? Check out our Part 1 for a quick primer on these regulations and what they may mean for your company, then dive in to our recommended approach.
A SMART, INCREMENTAL APPROACH: RISK-BASED AND FUTURE-READY
How can companies prepare for climate disclosure without “overdoing it” or getting overwhelmed?
Our answer is to develop an incremental, risk-based approach that prepares you for near-term and future regulation while maximizing the business value of the data and analysis involved.
Let’s take a look at what this means through a “choose your own adventure” lens. While we expect you’ll hit each step along the way, the exact sequence isn’t critical. Do what makes most sense for your business and where you are today in your compliance journey.
JUST GETTING STARTED? BEGIN HERE!
1. Confirm which regulations affect you: Identify which regulations apply to your organization based on revenue, employee count, and operational territory. Do this for near-term regulations, those that will be phased in over time, and those on the horizon that are not yet finalized.
2. Create a compliance timeline: Outline the deadlines for compliance with the regulations identified in Step 1. Placing these on a timeline can be an effective way to visualize how many and how quickly regulatory requirements will impact your business.
3. Define your risk appetite: Do this relative to relevant regulations and with consideration to their timing. Some companies, such as private and B2B, may have a higher tolerance for risk, while others will want to play it safe and avoid the potential for noncompliance fines, reputational damage, loss of market access or preferential vendor status, etc. Those with higher risk tolerance will lean more toward good faith efforts that react to near-term needs, while those with lower tolerance will take a more comprehensive and forward-looking approach. Some companies may hedge toward more risk near-term and less risk long-term. Defining risk early helps guide budget needs and decision-making and can avoid the potential for “overdoing it” now or redoing it later.
KNOW WHICH REGULATIONS AFFECT YOU? START HERE!
If you know which regulations impact you and have defined your company’s risk appetite, congratulations! At this point in your journey, it’s time to secure budget and resources and start working toward compliance readiness. The sooner you’re able to pull in specialized technical resources to help you through these steps, the more effective and efficient these steps will be.
4. Find your trusted advisor: A company facing new climate disclosure requirements—like CA SB 261 or Australia’s climate reporting rules—but lacking internal clarity, resources, or time to act, is in a vulnerable position. These regulations are complex, often vague in early stages, and carry reputational and legal risks if misunderstood or misapplied. That’s why a trusted advisor is critical: to interpret the rules and help you design a compliance roadmap tailored to your specific reality.
A good advisor works within the company’s resource constraints, aligns with its non-compliance risk tolerance, and creates a financially feasible plan that avoids over-engineering or under-delivering. Your advisor will factor in the company’s internal position (who’s leading the work), available data, stakeholder alignment, time commitment, and reporting history—all while helping prioritize the highest-impact activities. Ultimately, your advisor should help the company make strategic, defensible choices, so compliance is not just a box-checking exercise but rather a risk-informed, value-adding process that fits your company’s maturity and goals.
5. Make the business case: Even if your company has a low risk appetite relative to compliance with regulation, you may still need a business case due to a low non-compliance penalty. For example, non-compliance is a $50,000 penalty per disclosure cycle for CA SB 261, but the scope of work to address the regulation can ballpark around $150,000 depending on the number of assets evaluated.
We’ve seen business cases land best when they speak to regulatory compliance and to strategic benefits to the business related to and irrespective of regulation. Beyond avoiding non-disclosure or noncompliance fines, value may be captured in terms of:
-
-
- Streamlining compliance efforts to leverage existing data, reuse data to service multiple requests, and avoid rework down the line
- Minimizing operational interruption
- Acting as investor and reputational currency
- Leveraging additional insight during the underwriting process
- Demonstrating risk management to access a lower cost of capital
-
6. Confirm your budget: Compliance with regulations such as CA SB 261, Australia’s climate disclosure rules, and similar emerging mandates is typically funded through Sustainability, ESG, or Corporate Affairs budgets. These functions are often tasked with enterprise-wide climate reporting but are notoriously resource-constrained, especially as regulatory expectations grow faster than internal capacity. We recommend confirming the budget available to initiate compliance activities and then team with a trusted advisor to scope the work strategically, ensuring it aligns with both your risk appetite and the level of disclosure required.
7. Develop a gap assessment against IFRS S2: The IFRS S2 Climate-Related Disclosure Standard is the backbone of all corporate-level climate disclosure regulations. It is also the most comprehensive. Starting with a gap assessment of your existing data, systems, and disclosures relative to IFRS S2 provides a full view from which you can then whittle down as needed to set your compliance-ready north star and right-size to less comprehensive regulatory needs. This is your no-regrets approach. Whittling down is easier to do than expanding later, and doing so will also be more cost- and time-efficient in the long run. Once this full gap assessment is completed, it should not need to be done again. There are currently no climate-related regulations that go beyond IFRS S2, and this seems unlikely to occur anytime soon.
8. Work backwards to create a roadmap: Starting with compliance dates, reverse engineer a roadmap that gets you to where you want to be based on your defined risk appetite and where you are today. Outline priority steps, effort level, cost, and places where data requests, analyses, and stakeholder engagement can be streamlined and/or serve multiple use cases, including strategic business interests beyond compliance. As the adage goes, work smarter, not harder.
WHY IT PAYS TO START NOW
Early movers don’t just stay ahead of regulation–they build the internal capacity, data quality, and strategic foresight to turn compliance into competitive advantage. Plus, waiting until the last minute will result in higher fees and/or extended timelines because there is high demand for compliance support services.
LET’S GO!
Navigating today’s increasingly complex and rigorous climate risk regulations demands specialized, technical support. Partnering with trusted advisors like Stok and Arcadis will help you bridge strategy and execution, transforming uncertainty into a strategic action plan. Let’s build a roadmap that’s not just regulation-ready, but futureproof.
ABOUT THE AUTHORS
Colette Crouse, Director, Carbon Services, Stok
Colette leads Carbon Services for Stok and has over a decade of experience helping organizations develop and communicate their climate action programs. Colette has supported nonprofits, small businesses and Fortune 50s in establishing industry leading GHG accounting and data management practices, designing and operationalizing decarbonization strategies, and evolving internal expertise and programs to keep pace with changing standards and expectations. Colette also teaches Greenhouse Gas Accounting and Management at the University of Colorado, Boulder in the Masters of the Environment Program.
Kaylee Shalett, Global Technical Director, Climate Risk & Reporting, Arcadis
Kaylee is a climate resilience strategist with over a decade of experience helping companies turn climate risk into opportunity. As Global Technical Director for Climate Risk Assessments & Reporting at Arcadis, she has led 60+ cross-sector projects, supporting clients in embedding climate into enterprise risk management, creating decarbonization strategies that reduce risk and enhance cash flows, and aligning with IFRS S2 and emerging regulations. With a foundation in climate science and a focus on practical outcomes, Kaylee delivers data-driven, actionable strategies that build resilience and unlock long-term value.
