Empowering You
'Today & Always'

Material weaknesses continue to be a key indicator of the effectiveness of an organization’s internal control environment. Yet, the underlying drivers behind these weaknesses are often more complex than individual control failures. In this research report, we analyzed material weakness disclosures reported by 1,000 U.S. SEC filers across 2025 and 2026 to identify recurring themes, emerging trends, and the root causes contributing to ineffective Internal Control over Financial Reporting (ICFR). Our findings show that Segregation of Duties and Resource Constraints remain the most commonly reported material weaknesses, while deficiencies related to employee training, IT controls, and financial reporting processes continue to impact organizations across industries. The research also highlights how material weaknesses frequently occur together, revealing deeper governance, operational, and capacity-related challenges that extend beyond standalone control gaps. The report further explores industry-specific patterns, compares IPO and non-IPO filers, and examines the interconnections between different material weakness themes. The findings suggest that organizations making the greatest progress in remediation are those focusing on underlying causes—such as governance structures, talent, processes, and technology—rather than addressing individual deficiencies in isolation. Download the full report for detailed thematic analysis, industry insights, co-occurrence trends, and practical considerations for management teams, audit committees, and internal audit leaders seeking to strengthen their control environments and enhance financial reporting reliability

BRSR Reporting in India: Full Compliance Guide for Listed Companies  India’s sustainability reporting landscape changed permanently on the day SEBI mandated BRSR for the country’s top 1,000 listed companies. Four years into that mandate, one pattern has become impossible to ignore: companies that treat BRSR as a compliance task produce reports that satisfy a regulator. Companies that treat it as a governance discipline produce reports that attract capital, reduce risk, and set the agenda in their sector.  This document is written for CFOs, Company Secretaries, Heads of Sustainability, and Audit Committee members who want to understand not just what BRSR requires, but what separates a credible, investor-ready BRSR report from one that merely fills pages in an Annual Report.  What Is BRSR and Why It Is Not the Same as the Old BRR  The Business Responsibility and Sustainability Report (BRSR) was notified by SEBI in May 2021 and replaced the earlier Business Responsibility Report (BRR). The shift was substantive, not cosmetic. Where the BRR asked companies to describe their policies, BRSR demands quantitative performance data – numbers that can be tracked, trended, compared, and assured.  BRSR is grounded in the National Guidelines on Responsible Business Conduct (NGRBC), issued by the Ministry of Corporate Affairs, which define nine principles of responsible business. Every listed company in the top 1,000 by market capitalisation on BSE and NSE must now disclose how their business performs and not just how it is governed against each of those nine principles.  The nine NGRBC principles cover ethics and transparency (P1), sustainable products and services (P2), employee well-being (P3), stakeholder responsiveness (P4), human rights (P5), environmental stewardship (P6), responsible policy advocacy (P7), inclusive growth (P8), and consumer responsibility (P9). Together, they map onto the three pillars of ESG – environmental, social, and governance making BRSR India’s most comprehensive ESG disclosure framework to date.  Who Must File BRSR and What the Phased Expansion Means  BRSR became mandatory for the top 1,000 listed entities by market capitalisation beginning FY 2022-23. The applicability is assessed at the end of the calendar year i.e., 31 December on the basis of average market capitalisation from 1 July to 31 December, so boards must monitor whether their company is approaching or crossing this threshold. Voluntary adoption is encouraged for companies beyond the top 1,000, and those who begin early are materially better positioned when the mandate reaches them.   More significantly, SEBI has been deliberate about expanding BRSR’s scope in phases. BRSR Core – a defined subset of BRSR indicators within BRSR is applicable to all companies preparing BRSR. External assurance of BRSR Core, however, has been mandated in a phased manner:  for the top 150 listed companies from FY 2023-24, expanding to the top 250 from FY 2024-25, the top 500 from FY 2025-26 and the top 1000 from FY 2026-27. This phased architecture is SEBI’s clearest signal that BRSR is not a one-time disclosure event. It is a permanent, deepening feature of India’s capital market governance.  For companies that are not yet in the top 1,000 but are growing toward that threshold, voluntary BRSR adoption is not just a goodwill gesture. It is a head start on data infrastructure, governance processes, and stakeholder communication that cannot be built overnight. Pierag’s ESG & Sustainability Reporting and Assurance practice works with organisations at every stage of this readiness journey, from first-time voluntary reporters to companies already preparing BRSR and those mandated to undergo assurance requirements.  The Structure of BRSR: What the Three Sections Actually Require  BRSR is divided into three sections, and understanding their purpose is essential to preparing a disclosure that functions as more than a regulatory filing.  Section A – General Disclosures covers the company’s identity and basic profile. It includes details of business activities, product and service categories, locations of plants and offices, employee and worker headcount (permanent and contractual, disaggregated by gender), and the structure of holding, subsidiary, and associate entities. It also requires disclosure of CSR obligations, whether the company has met its prescribed CSR spending for the year, and the company’s grievance redressal mechanism.  Section B – Management and Process Disclosures is where governance is documented. For each of the nine NGRBC principles, the company must disclose whether it has a policy in place, identify who governs that policy (including Board-level oversight), and confirm whether the policy extends to the value chain. This section forms the foundation on which the credibility of Section C rests. Weak governance disclosures in Section B undermine even the most robust data presented in Section C.  Section C – Principle-wise Performance Disclosures is the engine of BRSR. For each principle, companies must report against two categories of indicators: Essential Indicators (mandatory) and Leadership Indicators (voluntary, but increasingly expected by ESG rating agencies and institutional investors). The Essential Indicators alone span a wide range of quantitative metrics, including  greenhouse gas emissions, water and energy usage , waste management practices, employee wellbeing and safety measures, gender diversity, pay ratios, CSR programme outcomes, fairness in customer and supplier engagement, among others.  The credibility of Section C depends almost entirely on the data infrastructure a company has built. Companies that lack systems for tracking Scope 1 and 2 GHG emissions at facility level, or that  do not maintain disaggregated workforce safety data, will discover these gaps  during disclosure preparation often under filing pressure, when there is no time to address them properly.  BRSR Core: The Assurance Mandate That Changes Everything  In July 2023, SEBI introduced BRSR Core, with which the BRSR framework has been further strenghthened.  BRSR Core identifies a subset of Key Performance Indicators (KPIs) that are subject to mandatory assurance by an independent third party. The KPI set spans nine ESG attributes: GHG footprint, water footprint, energy footprint , embracing circularity – details related to waste management by the entity, enhancing employee wellbeing and safety, enabling gender diversity in business, enabling inclusive development, fairness in engaging with customers and suppliers, open-ness of business. In addition, companies are required to assess ESG performance across a defined portion of their upstream and downstream value chain; however, external assurance of value chain disclosures remain voluntary rather than mandatory.  Assurance is a high bar compared to self‑certification. It means the assurance provider must gather sufficient and appropriate evidence to conclude positively that the reported data is free from material misstatement. Self-certification or management attestation does not satisfy this requirement.  This matters for several practical reasons. First, the data underpinning BRSR Core KPIs must be generated by systems that have been designed for external validation. Ad hoc spreadsheet aggregation across business units will not hold up under third-party scrutiny. Second, the internal controls over that data must be documented and tested. Third, material discrepancies between assurance findings and reported figures create regulatory exposure.  Organisations preparing for BRSR Core assurance need a reporting and verification partner who understands both the sustainability framework and the assurance standards. Pierag’s ESG & Sustainability Reporting and Assurance practice is built specifically for this level of rigor. Our team includes professionals from diverse backgrounds – Chartered Accountants, Company Secretaries, Engineers, Environmentalists, Lawyers and specialists with advanced qualifications such as Masters in Sustainability, DipIFR (ACCA,UK), and certifications as GHG Accounting Lead Verifiers under ISO 14064.  The Five Compliance Gaps That Derail Most BRSR Filings  Having worked across listed companies at different stages of BRSR readiness, five failure patterns appear with regularity.  Gap 1: No system for Scope 1 and Scope 2 GHG data. Principle 6 under BRSR requires GHG emissions disclosure, and BRSR Core mandates its assurance. Most companies discover they have utility bills but no standardised protocol for converting them into CO2e figures across business units, fuels, and refrigerants. Building a GHG inventory aligned with a recognised framework (such as the GHG Protocol, ISO 14064, or IPCC Guidelines) takes time and requires clear methodology decisions that should not be made under time pressure.  Gap 2: Value chain blindspots. BRSR requires companies to assess the ESG performance of their upstream and downstream value chain specifically the top suppliers and customers by purchase and sales value. For most Indian manufacturers and service companies, this means engaging counterparties who have never been asked sustainability questions before. Companies that begin the value chain engagement 12 to 18 months early are far better positioned than those who attempt it in the quarter the report is due.  Gap 3: Workforce data that cannot be disaggregated. BRSR requires headcount, turnover, employee wellbeing measures, training participation, and pay data to be broken down by gender, permanent and contractual status, and often by category of employees and worker. HR systems that were not designed with BRSR in mind frequently cannot produce this disaggregation without significant manual effort, which introduces error and is difficult to assure.  Gap 4: Prior-year inconsistencies. BRSR requires prior-year comparatives for most quantitative metrics. Companies that change their data collection methodology over the years – or that simply did not collect certain data points in prior years – face the uncomfortable choice between restating figures or disclosing gaps. Neither option is cost-free from a credibility standpoint, as both raise questions about data reliability and governance maturity.  Gap 5: Fragmented ownership of ESG reporting. BRSR preparation requires data from diverse functions such as Company Secretary, HR, Finance, Operations, Utilities, Marketing, and CSR, among others. When ESG reporting is treated as a siloed exercise led by a single department, the result is incomplete or fragile data. Effective governance demands a coordinated, cross‑functional approach where each function owns its data and internal controls, while oversight is exercised at a higher governance level typically the Board, Audit Committee, or a designated ESG Governance Committee. Without this integration, assurance providers and ESG rating agencies quickly detect inconsistencies, undermining credibility.  BRSR and GHG Reporting: The Scope 3 Question  BRSR’s current mandatory scope for GHG reporting covers Scope 1 (direct emissions from owned or controlled sources) and Scope 2 (indirect emissions from purchased energy). Scope 3  emissions from the value chain, including purchased goods, employee commuting, waste, and the use of sold products is presently a Leadership Indicator and is not yet mandatory.  However, listed companies with global investors, export-oriented businesses, or supply chain partners in the EU are finding that Scope 3 is being asked for regardless of whether SEBI has mandated it. ESG rating agencies score it. Foreign portfolio investors’ questionnaires request it. The EU’s Carbon Border Adjustment Mechanism (CBAM) is making Scope 3 data commercially relevant for exporters of carbon-intensive products such as iron and steel, aluminium, cement, fertilisers, electricity, hydrogen, and related industrial products.  Companies that invest now in comprehensive GHG inventorisation including Scope 3 estimation  are building an asset that serves BRSR and other global frameworks such as IFRS S2, CDP, and export compliance simultaneously. The earlier this work begins, the more reliable the baseline data becomes, and the more defensible the figures are when they eventually come under assurance scrutiny.  Technology-enabled data collection is increasingly central to scalability. Pierag’s Digital Support in ESG solutions help organisations automate emissions data capture, standardise reporting across facilities, and maintain the audit trails that assurance providers require.  The Investor and Capital Market Dimension  BRSR data is not filed in isolation . It  directly shapes how institutional investors – domestic and foreign evaluate listed companies in India.  ESG rating agencies draw on BRSR disclosures to generate company scores. These scores influence index inclusion decisions, ESG fund allocations, and lending covenants attached to green bonds and sustainability-linked loans. A growing share of Indian institutional investors are allocating portions of their portfolios to entities with measurable ESG objectives, and that proportion is rising.  The quality of BRSR reporting is as important as the data itself. A report filed with missing Essential Indicators, absent prior-year comparatives, or internal inconsistencies between sections does not merely lower an ESG rating. It signals to sophisticated investors that the company’s governance culture does not extend to non-financial disclosure. Conversely, a report with independently assured or assessed BRSR Core data, comprehensive Section C disclosures, and clear year-on-year trends tells a story of operational discipline.  Access to sustainable finance in India – green bonds, sustainability-linked loans, ESG-themed equity is becoming materially easier for companies with credible, assured ESG disclosures. SEBI’s independent assurance mandate,  RBI’s renewable energy priority sector classification, and International Capital Market Association (ICMA)-aligned frameworks are converging to make the quality of BRSR disclosures an increasingly important determinant of access to sustainable finance and the terms of capital.  CSR, BRSR, and the Governance Overlap  One area where BRSR compliance intersects with a separate regulatory requirement is CSR. CSR obligations under Section 135 of the Companies Act, 2013 apply to eligible companies, and BRSR Section A requires disclosure of whether these obligations are triggered.  Principle 8 – inclusive growth and equitable development extends this further, requiring details of overall CSR projects, projects in aspirational districts, amount spent, beneficiaries (including vulnerable groups), Social Impact Assessment results, community grievance mechanisms etc..  Integrating CSR reporting with BRSR disclosures creates a coherent, evidence-backed narrative of social value creation. For companies whose CSR compliance is managed separately from their sustainability reporting function, this integration requires deliberate effort – and an honest audit of whether the programmes being funded are generating the kind of outcome data BRSR actually asks for.  Pierag’s CSR Advisory practice helps companies design, implement, and document CSR programmes that produce measurable impact, not just spending records, making Principle 8 disclosures a genuine reflection of community investment rather than a compliance entry.  Building an Assurance-Ready BRSR Programme: A Practical Roadmap  High‑quality BRSR reporting is not a once‑a‑year compliance exercise. Leading companies treat it as a year‑round discipline, embedding ESG data governance into everyday operations. The following staged roadmap reflects how organizations prepare for assurance with consistency and credibility:  Stage 1 – Gap Assessment: Conduct a structured review of current data against all BRSR Indicators. Identify data that does not exist, data that exists but cannot be disaggregated as BRSR requires, and data that exists but lacks the audit trail needed for assurance.   Stage 2 – Data Infrastructure Design: For each data gap identified, design the collection mechanism. This may involve integrating with ERP or HR systems, utility billing feeds, or establishing manual collection templates for facilities without automation. Document  methodologies to support assurance. Technology investment at this stage delivers the highest return.  Stage 3 – Materiality Assessment: Conduct a formal materiality assessment to engage internal and external stakeholders to determine which ESG issues and KPIs are most relevant to the company’s business model, industry, and geography. Under BRSR, disclosure across all nine NGRBC principles and their Essential Indicators is mandatory; materiality instead guides the depth of reporting, the choice of voluntary Leadership Indicators, and the prioritisation of narrative emphasis in Section C. A documented materiality process ensures that disclosures are purposeful, evidence‑based, and aligned with stakeholder priorities, thereby enhancing the credibility of the overall report..  Stage 4 – Internal Controls and Governance: Assign clear ownership for each BRSR KPI to a designated function and accountable individual. Define and document the control activities such as review, reconciliation and approval that govern each metric. Engage  the internal audit function to test a sample of these controls before the external assurance provider arrives.  Stage 5 – Report Preparation and Review: Draft the complete BRSR, ensuring figures are reconciled  across all sections. Conduct a thorough cross-reference check against other regulatory filings, including Annual Report (with its financial statements), stock exchange disclosures, and the prior-year BRSR. Ensure that qualitative narratives in Sections A and B are consistent with quantitative data in Section C.  Stage 6 – Assurance: For companies requiring assurance of BRSR Core, engage the independent assurance provider well in advance of the filing deadline. Assurance engagements typically require 6 to 10 weeks, depending on the size and complexity of the company. Early engagement provides sufficient time to address any findings and implement corrective actions before the final report is published.  Stage 7 – Post-Filing Strategy Review: Use the completed BRSR as a structured input into the following year’s ESG strategy. Review KPIs that underperformed against internal targets or peer benchmarks, and set forward-looking commitments where disclosures exist without defined goals. Brief the Board and Audit Committee on findings and the improvement roadmap.  Building Internal Capability: The Role of ESG Education  One underestimated dimension of BRSR compliance is the gap between what boards and management teams are asked to govern and what they currently understand about ESG and sustainability reporting. Board members who review and approve the BRSR must be able to exercise genuine oversight not simply sign off on a document they cannot interrogate.  This is not just a training issue. It is a governance one. When board members and senior leaders lack fluency in GHG accounting, materiality assessment, or the difference between limited and reasonable assurance, decisions about what to disclose, how to interpret findings, and where to invest in sustainability infrastructure are made without the foundation they require.  Pierag’s ESG Learning Academy provides structured capacity-building programmes for boards, audit committees, sustainability teams, and finance functions. The programmes are delivered through structured ESG self‑paced learning modules, customised workshops, training and capacity‑building sessions, and on‑demand courses and webinars. For companies facing BRSR  requirements, this literacy is not optional, it is a governance prerequisite.  Why Pierag: The CA and Assurance Angle  Most ESG advisory firms approach BRSR primarily as a reporting and communications exercise. Pierag approaches it as an assurance and governance discipline, and that distinction is consequential for listed companies whose disclosures face regulatory scrutiny and investor evaluation.  Our ESG and Sustainability practice is led by professionals from diverse backgrounds – Chartered Accountants, Company Secretaries, Engineers, Environmentalists, and Lawyers complemented by specialists with advanced qualifications such as Masters in Sustainabality, DipIFR (ACCA, UK), the ICAI Diploma in BRSR, and certifications as GHG Accounting Lead Verifiers under ISO 14064. Together, they bring deep experience in assurance engagements across large listed companies in India. We understand what an  assurance provider will test because our team has performed those tests. We know what effective ESG data controls must look like because we have designed , reviewed , and reported on them.  This means that when we help a company prepare for BRSR Core assurance, we are not speculating  about  what the assurance provider may find. We are building the data infrastructure and governance controls that meet an independent, evidence-based standard – the same level of rigor applied in statutory financial audits.  Our broader ESG & Sustainability Services practice covers the full spectrum: sustainability reporting and assurance, GHG inventorisation, Life Cycle Assessment, ESG strategy, CSR advisory, digital ESG tools, and structured capacity building. Whether your organisation is filing its first BRSR or preparing for  assurance of BRSR Core for the first time, we can help you move from reactive compliance to strategic ESG leadership.  Compliance Is the Floor. What You Build Above It Determines Value.  BRSR sets a minimum standard for what listed companies must disclose. It does not prescribe how well companies  should perform against those disclosures, or how strategically they should use the discipline of reporting to improve their operations, governance, and  stakeholder relationships.  The companies that will attract long-term institutional capital, access sustainable finance at competitive rates, and build trust with global supply chain partners are not the ones that merely file a compliant BRSR report. They are the ones that embed sustainability into performance measurement, risk management, and decision making and can demonstrate it through independently assured data.  BRSR makes that demonstration possible. What organisations choose to build above the compliance floor determines whether BRSR remains a cost of compliance or evolves into a source of competitive advantage.  Pierag Consulting is here to help you build above the floor. Talk to our ESG and Sustainability experts.  Explore Pierag’s latest thinking on ESG, sustainability reporting, and responsible business at our Insights Hub. Author – Ashlesha Aggarwal (Consultant)

Business implications for global capability centre strategy in India  Haryana’s Global Capability Centre Policy 2026 is more substantive than a generic investment announcement. The policy was notified effective 27 May 2026 and will remain in force for five years from the date of notification or until superseded by a new policy/amendment. It sets clear entry thresholds, location-linked incentives, employment-linked benefits, and R&D support measures that indicate a deliberate attempt to make Haryana a competitive GCC destination, particularly for higher-value and scalable operations.  Policy highlights at a glance  Eligibility thresholds  Minimum employment threshold: 100 employees on payroll or contract with ESI/PF numbers within 3 years of commencement of operations.  Large unit threshold: INR 125 crore fixed capital investment, or INR 50 crore with 500 direct employees.  Mega unit threshold: INR 400-700 crore fixed capital investment, or INR 125 crore with 1,250 direct employees.  Ultra-mega threshold: INR 1,500-6,000 crore fixed capital investment. Existing Unit Eligibility:  Existing GCC units expanding operations on or after 1 January 2026 are eligible  Investments made in the one-year period preceding policy notification qualify for retroactive benefits Human Resource Development and Night Shifts for Women  Employment generation subsidy: % of average gross monthly salary for 10 years (requires 1+ year continuous employment, valid ESI/PF)  Local employment threshold: >15% of total workforce  Floor subsidy: INR 48,000 p.a. when average monthly salary < INR 48,000  Night shifts for women: Three shifts permitted including night shifts, with mandated transportation and safety provisions  Innovation and R&D Support  Job-readiness support reimburses 50% of a 6-month stipend, up to INR 15,000 per month for 50 interns per annum.  For DSIR or CSIR-recognised R&D centres, capital subsidy is available at 50% of eligible capital cost, up to INR 10-50 crore, to be distributed in 5 annual instalments. Operational cost reimbursement benefit of 50% upto 2 crore per year CAPEX vs OPEX Support What stands out in the policy design  The policy is notable because it does not rely on a single headline incentive. Instead, it combines entry thresholds, location-based capital support, operating cost reimbursements, employment-linked subsidies, women-specific provisions, and innovation incentives into a layered package. This is closer to how new age GCC policies are typically structured: the business case is built across setup, scale, and sustained operations rather than around a one-time benefit.  Another important design feature is the location differentiation. Haryana is effectively signalling that it wants to balance the attractiveness of Gurugram with stronger relative support in other districts, explicitly prioritising investment in non-Gurugram districts to promote balanced regional development and position Tier-2 cities such as Panchkula and Hisar as GCC destinations. That has implications for companies evaluating whether they need immediate access to the NCR corporate ecosystem or are willing to trade some of that proximity for stronger incentive economics elsewhere in the state.  The policy also explicitly addresses women workforce participation through night shift allowances, enhanced subsidies, and safety/transportation provisions, making it more progressive than many earlier industrial policies.  What businesses should assess  For businesses, the policy should be assessed on three levels.   First, there is threshold fit: whether the planned investment and employment model aligns with the policy’s eligibility structure.   Second, there is commercial fit: whether the CAPEX, OPEX, and employment-linked benefits are material enough to change the economics of the proposed GCC.   Third, there is execution fit: whether the company can realistically access, document, and sustain compliance with the benefit conditions over time.  This is particularly relevant for firms planning phased expansion. Since benefits are tied to defined investment and employment thresholds, the sequencing of hiring, fit-out, and operational launch may materially influence the eventual value capture. In other words, policy value here is not just about where a GCC is located, but also how the rollout is planned.  Market implications  The policy strengthens Haryana case as a GCC destination for organisations looking beyond traditional metro concentration. Its combination of NCR adjacency, enterprise density, policy-backed support, specific R&D provisions, women-specific workforce provisions, and streamlined facilitation through the AI-enabled Single Window 2.0 (Intelligent Investment Facilitation Portal) established in Gurugram for streamlined approvals, land allocation, and incentive access makes it especially relevant for companies building more specialised and higher-value centres rather than simple cost-arbitrage units.  At the same time, the policy also raises the competitive bar for companies comparing Indian states. The decision is likely to turn less on headline visibility and more on the detailed interplay between incentive value, location suitability, talent access, and implementation ease.  Closing perspective  For organisations assessing India-based GCC expansion, the Haryana policy is best read as a location strategy input rather than a standalone decision trigger. The policy becomes most meaningful when tested against the intended operating model, talent design, timeline, and long-term scale ambition of the proposed GCC.  That is also where a more measured advisory lens becomes useful: not to oversell the policy, but to evaluate whether it genuinely improves the business case compared with other options. A well-grounded market entry or expansion plan should therefore connect policy interpretation with execution realities such as entity structuring, hiring ramp-up, real estate planning, and governance design.  Pierag Consulting supports organisations with GCC expansion by helping translate policy incentives into a workable business case, operating model design, and execution roadmap across feasibility, setup, and scale phases.

For over a decade, India’s Global Capability Centres (GCCs) operated with a clearly defined value proposition: cheaper, faster, scalable. They were the engines of efficiency—delivering back-office support, technology services, and operational scale at a fraction of global costs. But that narrative has run its course. Today, India stands at a defining moment in the evolution of GCCs. Declared the GCC Capital of the World by NASSCOM in 2024, the country is no longer just an outsourcing destination—it is a strategic nerve center for global enterprises. As we move deeper into this decade, it is increasingly clear that this is India’s decade to lead the GCC transformation globally. The numbers tell a compelling story. India’s GCC market, currently valued at $82.1 billion, is projected to grow to $100–110 billion by 2030. This growth reflects more than scale—it signals a shift in perception. India has decisively transitioned from being a low-cost destination to becoming the world’s preferred hub for high-value digital, engineering, and research work. Yet, despite this progress, one fundamental truth remains: Relevance is no longer driven by cost—it is earned by creating value. The Resource Provider Trap Many organizations still fall into what can be termed the “resource provider trap”—where success is measured by headcount, utilization, and cost arbitrage rather than business outcomes. This approach is increasingly fragile. It leaves organizations exposed to automation, macroeconomic uncertainties, and the growing risk of commoditization. Even more concerning is the disconnect between perception and reality. While over 90% of GCC leaders acknowledge their expanded strategic role, performance metrics in many organizations continue to revolve around full-time equivalents (FTEs) rather than measurable impact. This gap is no longer just an operational inefficiency—it represents a strategic vulnerability. At the same time, global disruptions have highlighted another critical capability: agility and resilience. GCCs have emerged as vital anchors of business continuity. During COVID-19, India-based teams rapidly adapted to remote work models, ensuring uninterrupted operations. More broadly, in scenarios of geopolitical instability or regional disruption at headquarters, GCCs provide a distributed execution model that enables business continuity. In essence, GCCs are no longer just delivery arms—they are risk mitigators and continuity enablers. India’s Moment: Scale Meets Strategic Value India’s GCC ecosystem is not only expanding—it is deepening in capability and influence. The country today hosts over 2,100 GCCs operating across more than 3,700 units, with approximately 506 Forbes Global 2000 companies maintaining a presence in India. This reflects an unparalleled level of global enterprise integration. The growth trajectory remains strong, with projections indicating an 8.3% CAGR between 2025 and 2035. Importantly, expansion is no longer limited to metropolitan hubs. The rise of Tier II cities is reshaping the landscape. Private equity firms are playing a pivotal role in this shift, driven by a combination of supportive government policies, robust digital infrastructure, lower setup costs, and a growing preference among talent to avoid high-cost urban centers. Simultaneously, global corporations are making bold bets on India’s future. Microsoft’s planned $17.5 billion investment between 2026 and 2029 to expand cloud and AI infrastructure, along with Amazon’s $35 billion commitment by 2030, underscores the strategic importance of India in shaping the next wave of technology and innovation. The signal is unmistakable: India is no longer a participant in the global GCC ecosystem—it is leading it. The New Value Playbook The transformation of GCCs from cost centers to value creators is already underway, and investment patterns reveal this shift. Organizations are increasingly channeling resources into technology transformation (25%) and capability development (23%). Leading GCCs are distinguishing themselves through three key shifts: Owning Outcomes, Not Just Activities The traditional model of execution is giving way to ownership. GCCs are no longer evaluated on the volume of work delivered, but on the business outcomes they influence—whether in engineering innovation, financial optimization, or operational excellence. Turning AI into a Competitive Advantage The rapid adoption of generative AI is accelerating this transformation. Forward-looking GCCs are embedding AI into core business processes—not merely to improve efficiency, but to drive innovation and create differentiated value. Anchoring to Enterprise Strategy Alignment with global headquarters is no longer optional. The most successful GCCs operate as integrated extensions of enterprise strategy, playing a direct role in shaping decision-making and enabling growth. These shifts are redefining GCCs as enterprise nerve centers, rather than support functions. Leadership Transformation: From Managers to Micro-CEOs Perhaps the most significant evolution is happening at the leadership level. The role of GCC leaders is expanding beyond operational management into strategic influence. While they may not always hold final decision-making authority, they increasingly shape critical enterprise outcomes. Influence, therefore, is emerging as a key currency. This shift demands a new leadership mindset—one where GCC heads operate as “micro-CEOs”, balancing execution excellence with strategic vision, stakeholder alignment, and value creation. The Real Shift India’s GCC journey has progressed through multiple phases—from cost efficiency to scale, from scale to co-creation. Today, it is entering its most critical phase yet: value leadership. However, there is an important caveat. If organizations continue to anchor their GCC strategy solely in cost savings and talent availability, they risk relegating these centers to processing units rather than strategic enablers. The opportunity is far greater. GCCs have the potential to evolve into innovation engines, decision hubs, and growth catalysts—but only if organizations fully embrace the shift from cost-centric thinking to value-driven execution. Conclusion This transformation is not merely a shift in geography—it is a shift in identity. From resources to revenue drivers, From execution to influence, From support functions to strategic partners. India is not just keeping pace with this shift—it is setting the direction. As the GCC ecosystem continues to evolve, one thing is clear: The future will not belong to the most cost-efficient centers—it will belong to the most value-driven ones.

A New Era of Trade and Climate Policy The European Union’s Carbon Border Adjustment Mechanism (CBAM) is no longer a distant policy experiment. From 1 January 2026, it became a binding financial obligation for exporters of carbon‑intensive products such as iron and steel, aluminium, cement, fertilisers, hydrogen, and electricity. The EU’s goal is simple but ambitious: prevent carbon leakage, where companies shift production to countries with weaker climate rules, undermining global climate progress. This mechanism is not just about Europe. The EU is the world’s largest single market, and by attaching a carbon price to imports, it is effectively exporting its climate standards worldwide. Any exporter who wants access to Europe must either prove low‑carbon production or pay the difference.  The First Price Signal On 7 April 2026, the European Commission published the first official CBAM certificate price: €75.36 per tonne of CO₂ equivalent Uniform across all sectors Based on the average EU ETS auction clearing prices for Q1 2026 This number is only the starting point. What matters more is the carbon intensity of each product. Steel, for example, is far more carbon‑intensive than aluminium, meaning the same certificate price translates into vastly different burdens. India’s Early Exposure  The impact is already visible even before financial obligations began. During the reporting phase alone: Steel and aluminium exports to the EU fell 24.4% from $7.71 billion in FY24 to $5.82 billion in FY25. Iron and steel exports also saw a sharp contraction during the reporting phase, reflecting the compliance burden and uncertainty faced by EU buyers. This contraction reflects the compliance burden of reporting requirements and the uncertainty EU buyers face when suppliers cannot provide verified emissions data. The financial phase will only amplify this pressure.  The Preparedness Gap  Most Indian manufacturers understand CBAM in theory. Far fewer are prepared in practice. True preparedness requires: Verified plant‑level emissions data aligned with EU standards. GHG accounting systems that meet EU methodology, often requiring 40 to 80 staff hours annually. Without verified data, exporters are forced to rely on EU default values. These are deliberately conservative, often higher than actual emissions, designed to push companies toward verification. Relying on them is not neutral; it inflates costs, weakens negotiations, and erodes competitiveness.  The Investment Reality One misconception needs to be addressed: international carbon credits, offsets, or green certificates do not reduce CBAM liability. The mechanism only recognizes documented reductions at source or domestic carbon pricing formally accepted by the EU. That leaves exporters with two options: Decarbonisation at source: requiring significant capital investment. Absorbing the cost: which erodes already thin margins in price‑sensitive markets. Neither path is easy, but waiting is not an option.  The Expanding Scope  CBAM is not stopping at bulk industrial sectors. From January 2028, the EU plans to extend coverage to nearly 180 additional products, including: Fabricated metal products Auto components Machinery parts Plastics and polymers Chemicals For downstream manufacturers, this is not “someone else’s problem.” It is a ticking clock.  The Signal, Not the Endpoint  CBAM is more than a compliance mechanism. It is a signal that carbon intensity is now a trade variable. Key milestones ahead include: Q2 price publication: July 2026 First declaration deadline: September 2027 Scope expansion: January 2028 The companies that act today by building data infrastructure, verifying emissions, and modelling carbon costs will manage this transition on their own terms. Those that wait will be managed by it. Author - Anshit Dhawan ( Senior)

Artificial intelligence is no longer a fringe innovation topic or a limited pilot initiative. It has moved firmly into the enterprise mainstream, and the market conversation has shifted accordingly: from experimentation to scale, governance, operating models, and measurable value creation. That shift matters because adoption is no longer the real test of maturity. Most enterprises today can access leading models, license copilots, launch pilots, and introduce AI-enabled tools into selected functions. Yet the presence of AI in the technology stack does not, by itself, improve business performance. The more important question is whether AI has been embedded in a way that meaningfully improves how work gets done. This is where many enterprise AI programs begin to lose clarity. Attention often centres on model selection, tool comparisons, or the promise of the latest platform release. Those decisions are relevant, but they are not usually what determines long-term value. In practice, the more difficult and more consequential challenge is execution: defining where AI belongs within a business process, where conventional automation is more effective, where human judgment must remain central, and how all of it is governed at scale. Recent enterprise experience has made this distinction increasingly visible. Many of the most instructive AI stories are not about whether the technology works in principle. Instead, they are about cost overruns, unclear returns, weak process fit, inconsistent usage, and the difficulty of scaling tools that were introduced without sufficient operational discipline. That is why enterprise AI strategy should not begin with access to technology. It must begin with the design of work. Shifting the Focus: From Access to Execution A more effective starting point is the business workflow itself. To build a grounded, impactful AI roadmap, leaders must step back from the technology and begin by asking critical diagnostic questions: Process Centrality: Which processes are genuinely central to our operational performance? Friction Points: Where do teams currently lose time to review, rework, handoffs, or fragmented information? Cognitive Demands: Which activities depend most heavily on pattern recognition, contextual interpretation, or complex exception handling? Value Leverage: Where would better support improve quality, consistency, customer experience, or the speed of decision-making? These questions tend to produce a much more grounded roadmap than a technology-first approach. They also lead to an essential realization: not every business problem requires AI, and not every step within an AI-enabled process should be handled by AI. Deconstructing the Workflow Enterprise workflows contain distinct categories of work, and each category demands a different tool. Some steps are deterministic and governed by stable rules. Others are repetitive and process-driven. Some involve ambiguity, unstructured information, or complex contextual interpretation. Others require legal accountability, commercial judgment, or strict compliance oversight. Treating all of these as the same kind of problem is one of the most common errors in enterprise AI design. Strong AI programs are rarely built by maximizing the amount of AI in a process; they are built by assigning the right capability to the right type of task. The vendor invoice process offers a highly practical illustration of this multi-layered framework. Consider a multinational enterprise managing thousands of global suppliers. Seeking a quick win, leadership deploys a generic, off-the-shelf AI co-pilot to automatically read and approve all incoming invoices. In reality, the initiative quickly derails. The generic AI hallucinates on standard tax fields because it does not understand the firm's strict internal data boundaries. It wastes expensive computational power simply routing a PDF from a manager to a VP. Worst of all, it mistakenly approves a disputed, high-value transaction because it lacks the commercial context of an ongoing vendor lawsuit. This failure occurs because the enterprise treats the entire workflow as an "AI problem." In reality, to succeed, the process must be deconstructed into a layered operating model: Rules with Predictable Outcomes: Validating invoice data against purchase orders and tax requirements is entirely rule-based. A classic rules engine is the most cost-effective and reliable tool here. Automating Repetitive Tasks: Procedural steps, including routing approvals and updating ERP systems, are highly repeatable. Standard workflow automation is best suited to these status-based actions. AI Where Context and Judgment Are Required: AI becomes highly valuable during exceptions—unusual charges, incomplete documentation, or subtle inconsistencies. Here, AI can analyze unstructured supporting material, highlight anomalies, and assist a reviewer in narrowing down the issues. Humans When Accountability Counts: Human oversight remains strictly necessary where commercial judgment, regulatory sensitivity, supplier disputes, or high-value decisions require a level of accountability that cannot be delegated to an algorithm. This layered operating model is far more effective than the blanket idea of “AI everywhere.” It respects the unique strengths of rules, automation, AI, and human expertise. Custom Architecture vs. Generic SaaS Because strategic enterprise workflows require this precise, multi-layered coordination, managing the handoffs between strict business rules, standard automation, and cognitive AI assistance requires a cohesive, tailored orchestrator. Generic, off-the-shelf software rarely has the inherent flexibility to stitch these four layers together seamlessly. This raises a critical question for enterprise leaders: when is a standard platform sufficient, and when is custom development justified? The most effective standard operating procedure (SOP) relies on a simple distinction: Core versus Context. Context Workflows (Buy/Standard SaaS): These are non-differentiating processes that every company handles similarly—such as standard payroll processing, routine expense categorization, or basic accounts payable routing. For these, standard, off-the-shelf platform tools are completely sufficient. There is no strategic value in reinventing the wheel. Core Workflows (Build/Custom Orchestration): These are the proprietary processes where an enterprise actually wins its market—whether that is an investment bank's proprietary M&A valuation model, an consulting firm’s technical accounting expertise, or a multinational's complex forecasting engine. This challenge has become top-of-mind as adoption timelines compress. Research from the Wharton School and GBK Collective indicates that generative AI is fast-tracking into the core of the enterprise, with decision-makers increasingly shifting budgets from experimentation to integration. Yet, as adoption accelerates, the gap between high-performing and average organizations becomes clearer. McKinsey’s research indicates that while AI use is now widespread, the ability to translate that use into actual business impact remains highly uneven. Crucially, high-performing organizations are far more likely to redesign workflows fundamentally to support this multi-layered reality, rather than simply overlaying AI onto existing, broken activity. Enterprise value is created not when AI is added on top of work, but when work itself is redesigned to use AI appropriately. In specialized, "Core" environments, durable value typically comes not from buying another off-the-shelf license, but from configuring bespoke solutions that align perfectly with the unique operating model of the business. Governance and the Power of Human Augmentation To support this bespoke architecture, an enterprise operating model must prioritize governance and human enablement from day one. Cost control, usage discipline, data boundaries, and security guardrails cannot be added as an afterthought. The growing emphasis in enterprise research on production readiness and ROI measurement reflects exactly this concern. For instance, ISG’s reporting focuses heavily on spending trends, governance, and scaling challenges, while other market research increasingly evaluates AI not by its novelty, but by its deep integration and structural guardrails. Crucially, those guardrails are not just technical—they are human. One of the most persistent misconceptions is that AI's primary value lies in replacing human labor. In reality, the International Monetary Fund’s (IMF) analysis of labor exposure continually emphasizes complementarity—the immense potential of technology to work alongside people, amplifying their capability rather than substituting it. AI does not create enterprise value simply because it is available. It creates value when employees are trained and empowered to co-pilot with it: Understanding precisely where the technology adds cognitive leverage. Knowing exactly where its outputs must be challenged or verified. Recognizing where over-reliance would introduce unnecessary operational risk. This is particularly relevant in high-stakes functions like finance, legal, procurement, and risk, where work constantly balances structured process and contextual judgment. In these environments, staff education is not a secondary HR workstream; it is a core part of the operational control framework and the ultimate engine of productivity. Strategic Execution: The Path to Lasting Value The broader business case for this disciplined approach is becoming impossible to ignore. Recent market research highlights a widening performance gap between organizations that merely acquire tools and those that build the operational infrastructure to support them. Oxford Economics’ work on enterprise AI maturity, for example, demonstrates that sustainable value is tied directly to deep operational integration rather than simple access. This is reinforced by McKinsey’s findings, which establish a direct link between fundamental workflow redesign and actual value capture. Ultimately, this execution gap translates into a financial one: as IMD’s maturity research points out, a significant performance and margin divide is opening up between operationally mature enterprises and those still struggling to scale their pilots. The implication for enterprise leaders is straightforward. The long-term winners in the AI era are unlikely to be the organizations that deployed the greatest number of tools or announced the largest number of pilots. They are more likely to be the ones that: Identified the right strategic workflows. Intelligently combined rules, automation, AI, and human oversight. Built robust governance frameworks from the outset. Trained their workforce to interact with these capabilities with disciplined, empowered skepticism. AI adoption may open the door, but disciplined execution determines whether that investment translates into durable business value. Sources International Monetary Fund (IMF)- sdnea2024001.pdf ISG (Information Services Group)- isg-one.com/docs/default-source/default-document-library/2025-isg-state-of-enterprise-ai-adoption-r… Wharton School / GBK Collective- ai.wharton.upenn.edu/wp-content/uploads/2025/10/2025-Wharton-GBK-AI-Adoption-Report_Full-Report.pdf Impact AI Series | Oxford Economics IMD Business School- Companies leading in AI adoption use it as a catalyst for reinvention - IMD business school for man…

Every year, April 22nd comes around the same way We see the pictures. The recycling infographics. The posts about caring for the planet. And then April 23rd arrives and most of it just goes away. According to reports, an estimated 62% of consumers said they are willing to change their purchasing habits to limit environmental impact, however, only 31% of people reported that their most recent purchase consisted primarily of sustainable or environmentally friendly items. But 2026 feels different. This year's theme is "Our Power, Our Planet." If one were to consider the circumstances, it would be very clear that in 2025, several hundred environmental regulations were repealed globally, including emissions standards and wetlands protection measures, each of which had taken over a decade to formulate. It was not a few isolated instances of policy changes; it was a systematic reversal of decades-old policies while the vast majority of businesses were preoccupied with other issues. It is not a matter of whether businesses have become aware of the problem. It is a matter of what actions will they take to address it. The Gap Has Never Been About Awareness Every leader we talk to knows climate change is real. Every CxOs we work with knows that disclosing how their company affects the environment is coming, whether they are ready or not. The market is not unaware. The problem is that awareness has not been turning into action. As per a new survey conducted by CRM solutions provider  Salesforce, in partnership with insights and advisory consultancy GlobeScan, while 90% of executives viewed sustainability as important to their organizations’ commercial success, including two-thirds who rate it as “very important,” only 37% consider sustainability to be very integrated into their businesses. The report noted the importance of high quality data for meeting new regulatory sustainability reporting requirements, with the survey finding that 59% of executives expect to have difficulty complying with the new EU Corporate Sustainability Reporting Directive (CSRD), and 31% expecting challenges with the reporting requirements from the IFRS’ International Sustainability Standards Board (ISSB). And under that problem is something just as bad, but harder to notice. For example, a truck that stays motionless and burns up fuel every day. The same goes for the expense of not being sustainable. It builds up quietly. The cost of borrowing goes up. Government scrutiny increases. Investors start losing confidence. The people inside the company start asking questions about what it actually stands for. These are not future worries. They are happening right now. They are just not always easy to spot on a report. Most companies still think of sustainability as something that belongs in an annual document. Not in the room where actual business decisions get made. That thinking is exactly what keeps companies stuck. And it is exactly why April 23rd tends to feel like the morning after a party nobody really planned.  Saying It and Doing It Are Not the Same Thing A net-zero commitment without a way to measure it is just words. A diversity goal without a structure behind it is something that gets said in a meeting and forgotten. The difference between companies that are genuinely making progress and those that are just talking about it comes down to whether sustainability is part of how they actually make decisions, not just how they communicate. Following frameworks like BRSR, GRI, CSRD, and IFRS S1/S2 is not about doing what regulators say. It is about being honest and transparent in a way that holds up. And, this is not niche anymore. For example- as per guidelines, India’s top 1,000 listed companies are now mandated to report under BRSR. Similarly, CSRD will expand ESG reporting requirements to ~50,000 companies in the EU. Companies that have built this properly do not just report differently. They operate differently. The way they buy, the way they use energy, the way they work with suppliers, all of it gets informed by a clearer understanding of what sustainability costs and what it is worth. That clarity, built up over time, is what separates companies that are actually performing from those that are just trying to keep up.  What This Actually Requires from All of Us The real change happens after Earth Day. It is about what people and businesses do not just what they say. People need to be careful about what they buy and try to use energy and stuff. They should think about whether the things they buy're good for the Earth. Companies need to ensure that they practice sustainability by setting measurable, achievable goals based on factual information. They must also consider how their actions will impact the earth and act accordingly to “do the right thing.” They also have to measure how well they are doing and be honest about it. Businesses must be open about what they're doing to help the Earth and sustainability of Earth is very important, for businesses and people. Awareness without measurable actions and accountable actions cannot produce results. "Our Power, Our Planet" Is Not an Invitation. It Is a Question. Climate urgency is intensifying, marked by rising global temperatures, record-breaking warm years, and an increasing frequency of climate-related disasters. It is asking companies what they are doing with the power they already have. The supply chains. The capital. The energy decisions made every single day without a sustainability lens. The people being developed, or not. Each one of those is an opportunity. Most of them are still being left alone. April 22nd is a reminder. But the work does not start or stop on that day. It lives in the decisions companies make every other day of the year. The answer and the work start now. Author - Anshit Dhawan (Senior)

Compliance management today requires visibility and proactive planning. With numerous regulatory deadlines across Income Tax, GST, FEMA, MCA, SEZ, and STPI, staying organized is essential for businesses to operate smoothly. We have put together the Compliance Calendar for FY 2026–27, designed to help organizations track key due dates and integrate reminders directly into Outlook calendars for better compliance management. Sharing this resource with the hope that it helps teams stay ahead of deadlines and focused on what matters most, building resilient and responsible businesses.

The Shift from Mitigation to Adaptation In the last decade, the main concern of corporate climate strategies has been the reduction of greenhouse emissions and the achievement of the target of net-zero emissions. Although the prevention of global warming is the key, the increasing effects of climate change have made climate adaptation an important concern. The severe weather changes, increase in temperature, water scarcity, and sea level rise are now being witnessed globally, which are negatively affecting supply chains, infrastructure, and commercial operations globally. Businesses are realizing that cutting carbon emission reduction is not enough. In spite of all the mitigation efforts, there are some unavoidable effects of climate change, and enterprises need to start preparing for the new risks. Climate adaptation is shifting from a niche sustainability issue to a critical part of an enterprise’s overall ESG strategy. This shift is illustrated by the financial investment required to address the issue of climate resilience. The Adaptation Gap Report 2024 by the United Nations Environment Programme indicated that developing countries will require between $215 billion and $387 billion annually starting from 2030 to address the issue of climate change. The financial impact of the issue is already apparent. In 2024, the financial losses due to natural disasters across the globe are estimated at $320 billion. Therefore, the financial impact of the issue is already apparent. In this case, adapting to the issue of climate change is no longer only a matter of environmental protection but is becoming a matter of strategic business, as companies must now consider the financial implications of climate-related disruptions on their operations and long-term viability. Understanding Physical Climate Risks for Businesses Physical climate risks, as the name suggests, refer to the direct impacts of climate change on assets, operations, and supply chains. These risks are generally categorized as acute and chronic. Extreme weather events, floods, hurricanes, wildfires, and heatwaves are examples of acute risks that can cause problems with operations. On the other hand, chronic risks involve longer-term climate shifts and may include changes in sea levels, droughts, and increased temperatures. With the rising cases of weather-related disasters, the importance of adaptation to these changes cannot be overemphasized. From 1985 to 2025, losses of around US $7.2 trillion are observed from natural disasters. This, therefore, highlights the rising risk to businesses as a result of these changes. These dangers are not exclusive to any certain industry. Manufacturing facilities situated in flood-prone regions may be compelled to cease operations, while agricultural endeavors may see diminished productivity as a result of climatic alterations. These alterations may be experienced across multiple sectors, including energy and retail. Financial institutions and investors are progressively evaluating physical climate concerns. Financial institutions, including lenders and insurance providers, are evaluating companies' vulnerability to climate-related risks. This has compelled businesses to incorporate risk analysis into their strategy planning. Why Climate Adaptation Is Becoming a Business Priority The importance of putting more emphasis on climate adaptation in corporate ESG agendas has been heightened by multiple factors, including the growing frequency and severity of climate-related disasters and ongoing real-world financial consequences for businesses such as supply chain disruptions, damage to physical infrastructure, and operational delays. There is also greater expectation from regulators and global frameworks regarding the disclosure of climate risk. The Task Force on Climate-related Financial Disclosures suggests that companies should identify both transitional and physical risks and disclose how their strategies will remain resilient to the risks they may face based on the different climate scenarios. There is increasing demand for more transparency from investors about how businesses will manage long-term climate risk. Climate resilience is being viewed by institutional investors as an important indicator of a company’s financial stability. Companies unprepared for the effects of climate may experience more expensive insurance coverage, decreased asset valuation, and/or limited access to funding sources. The case for the economics of adaptation is beginning to come into view as well. As a 2024 analysis by the Boston Consulting Group revealed, there was more than $1 trillion of worldwide climate damage between 2020 and 2024, and so the financial impact of extreme weather events is rising. As a result, climate adaptation is being seen as the new frontier for ESG leadership. Climate-Resilient Business Strategies To address physical climate risks, proactive approaches to adapting to the situation have to be developed. Organizations have to conduct exhaustive assessments of the risks that might be caused by the climatic conditions. In this case, the impact that the climatic conditions might have on the business is analyzed. This is where the use of scenario analysis is important. Another key aspect that has to be addressed is the issue of infrastructure. In this case, the business might have to invest in the construction of facilities that are able to protect the business from the effects of extreme climatic conditions. In this case, the business might have to invest in the construction of facilities that protect the business from floods. In addition, the business might have to invest in the installation of technologies that help to conserve water. In this case, the business might have to invest in the installation of air conditioning units. However, corporate preparedness remains low despite acknowledging the risks that may be caused by climatic conditions. Research done on more than 1,000 publicly listed firms revealed that only 23% of these firms have put in place mechanisms to address this problem. Therefore, investments in infrastructure that is resistant to climate change, sustainable water management, and natural solutions can help to mitigate risks to operation in the long term as well as environmental objectives. This may require collaboration with other actors because risks are often beyond an organization. Governance and ESG Integration Effective climate adaptation practices require robust climate adaptation governance practices and oversight by the board of directors. Climate risk management is an essential part of enterprise risk management practices, ensuring that adaptation practices are consistent with overall corporate governance practices. The board plays an essential part in overseeing the assessment of climate risks, developing resilience goals, and monitoring progress. The transparent communication of risks and adaptation techniques is becoming increasingly expected by various stakeholders and regulatory bodies in firms. The importance of ESG reporting frameworks in prioritizing resilience in overall sustainability reporting is becoming prominent. The transparent communication of adaptation techniques by firms is likely to increase investor trust and readiness for the long-term effects of climate change. Next Step: Climate Resilience in Corporate Strategy As much as the climate risks are rising, adaptation is turning out to be a key component of the sustainability strategy for many firms. Companies that focus only on cutting down emissions and ignore the physical climate dangers may face a shock that threatens their sustainability. According to the World Meteorological Organization, the period between 2015 and 2024 has been the warmest decade on record. This implies that extreme weather occurrences and climate upsets might worsen in the coming future. As a way of countering the effects of climate change, many organizations are going a step further than their net-zero targets and attempting to make their operations more climate-resilient. Companies can better prepare for environmental shocks and keep their operations going by including climate adaptation in their governance structures, risk management frameworks, and investment decisions. In this context, it can be said that the question is no longer whether businesses should prepare for climate impacts but how effectively they can adapt. Companies that treat climate resilience as a strategic priority will be better positioned to navigate climate uncertainty while creating sustainable long-term value. Author - Ayushika Saraswat (Consultant)

The risks that organizations once monitored from a distance are now actively reshaping business models, capital decisions, and strategic priorities. Below are the five risks that every leader should focus on: 1. Cybersecurity – Cyber incidents are no longer just an IT problem. They disrupt operations, delay customer interactions, and attract regulatory scrutiny. 2. Digital Disruption & AI – AI adoption is accelerating faster than governance frameworks can keep up. The question is no longer whether to adopt, it's who is accountable when things go wrong. 3. Business Resilience – Resilience today isn't about recovering after a disruption. It's about sustaining performance while disruption is still underway. 4. Geopolitical Uncertainty – Trade disputes, policy shifts, and regulatory changes are happening without warning. Organizations must embed these into strategic planning, not treat them as external noise. 5. Human Capital – 40% of organizations worldwide identify talent as a key risk. Having a strategy means little without the people ready to execute it. What makes these risks truly complex is how deeply interconnected they are. A cyber incident amplifies operational fragility. Geopolitical shifts strain already-stretched supply chains. Talent gaps slow down an organization's ability to respond to any of it. In this environment, Internal Audit is shifting from process reviewer to risk interpreter. Download & Read our full Point of View below.

ESG Perspective – March 2026 Edition presents a curated overview of key global developments shaping the evolving ESG and sustainability landscape. The edition highlights important regulatory updates, emerging global standards, and market trends across areas such as carbon markets, sustainability reporting and disclosure frameworks, climate policy, circular economy regulations, and sustainable finance. As governments, regulators, and investors continue to strengthen expectations around transparency, accountability, and climate action, businesses are increasingly required to navigate a complex and rapidly evolving ESG environment. This edition distills significant policy announcements, regulatory reforms, and standard-setting initiatives from across jurisdictions into clear, decision-relevant insights. By bringing together these developments in one place, the report aims to help organizations stay informed, anticipate regulatory shifts, and better prepare for the transition toward more sustainable and responsible business practices. Read the full edition for a deeper look at the latest global ESG developments and regulatory insights.

Standard Setters’ Updates – H2 2025 This edition provides a concise and practical overview of the most significant accounting, regulatory, and sustainability reporting developments from the second half of 2025, helping organizations prepare for upcoming changes in 2026 and beyond. Key Highlights: Major Accounting Standards Updates (ASUs) issued in H2 2025, covering credit losses, internal-use software, derivatives and hedging, purchased loans, government grants, interim reporting, and codification improvements. Simplification and consistency initiatives by FASB, aimed at reducing complexity, improving comparability, and better aligning accounting outcomes with economic substance. Snapshot of FASB current projects, including debt exchanges, environmental credit programs, crypto asset transfers, equity method improvements, and cash flow statement refinements. Regulatory developments from the SEC, including leadership changes, crypto asset guidance, AI and fraud task forces, financial reporting manual updates, and implications of major U.S. fiscal legislation. Sustainability reporting developments, highlighting ISSB exposure drafts and significant simplification of European Sustainability Reporting Standards (ESRS), with reduced reporting burden and enhanced interoperability. Practical effective-date guidance, with appendices outlining ASUs effective in 2025 and 2026 to support timely implementation planning.

Imagine a future where the most valuable currency isn’t gold, dollars, or even Bitcoin—but carbon credits. In a world racing against time to curb climate change, these tradable certificates, each representing the removal or reduction of one metric ton of CO₂, are emerging as the “climate coin” that could redefine global wealth and economic power. The Birth of a Climate Currency Carbon credits were born out of necessity. The Kyoto Protocol in 1997 introduced the concept, allowing developed nations to fund emission-reduction projects in developing countries. This laid the foundation for a global carbon market, a space where environmental responsibility meets economic opportunity. Fast forward to the Paris Agreement in 2015, and the game changed: every nation now sets its own climate targets, and Article 6 created a framework for cross-border carbon trading, making carbon credits a universal language of climate action. Why Carbon Credits Matter Today The urgency is undeniable. The Intergovernmental Panel on Climate Change warns that limiting global warming to 1.5°C requires deep emission cuts. Yet, industries cannot eliminate all emissions overnight. Enter carbon credits—a bridge between ambition and reality. Tech giants like Amazon pledge carbon neutrality by 2040, banking on credits to offset unavoidable emissions. For businesses, these credits are more than compliance tools—they’re strategic assets signaling climate leadership. Global standards are tightening. The EU Emissions Trading System (EU ETS), launched in 2005 as the world’s first major carbon market, now pairs with the Carbon Border Adjustment Mechanism (CBAM), moving to full implementation in 2026, ensuring imported carbon-intensive goods carry a price comparable to the EU’s. In India, the Carbon Credit Trading Scheme (CCTS) and the Indian Carbon Market (ICM), were notified in 2023, laying the groundwork for a structured national carbon credit market. As emission intensity targets are rolled out in 2025, this scheme positions Indian industry to compete in a world where carbon cost will increasingly determine market access. Leading Indian companies, including Mahindra & Mahindra, Tata Steel, Infosys, Hindustan Zinc, and Reliance Industries, are already active participants in carbon markets, signalling how corporate India is integrating carbon credits into business strategy and long-term decarbonisation plans. The Market Behind the Movement Unlike traditional currencies, carbon credits don’t have a fixed global price. Their value depends on project type, certification, and market dynamics. Credits from reforestation or renewable energy projects often fetch premium prices because they deliver biodiversity and community benefits. Verified standards like VCS and Gold Standard ensure integrity, making these credits highly sought after. Today, the carbon market is no longer a niche policy tool—it’s one of the fastest-growing economic systems. In 2025, the global carbon credit sector is estimated to be worth USD 838–933 billion, and projections suggest it could surge to USD 10–17 trillion by 2034, driven by corporate net-zero pledges and rising demand for high-integrity offsets. Compliance carbon trading systems now operate across multiple jurisdictions, covering up to 28% of global emissions and generating more than USD 100 billion in public revenues by late 2024. Momentum is accelerating: companies retired a record 95 million credits in the first half of 2025. Looking ahead, supply could expand 20–35 times by 2050, reaching 4.8 billion tonnes of CO₂e annually in high-quality scenarios, with credit prices expected to climb to USD 60–104 per ton as technologies like direct air capture and nature-based solutions mature. From Paper to Digital: Tokenized Carbon Credits Blockchain technology is transforming carbon credits into digital tokens—secure, traceable, and tradable like cryptocurrency. Each token represents a verified credit, creating transparency and eliminating double-counting. Imagine logging into your digital wallet and seeing not just Bitcoin but climate coins backed by real-world impact. These tokenized credits could soon dominate decentralized finance platforms, merging sustainability with fintech innovation. Challenges on the Horizon Yet, the rise of carbon credits as a “climate coin” comes with real challenges. A major meta-study covering nearly 1 billion tonnes of CO₂ equivalents found that less than 16% of issued credits truly cut emissions. Price swings across project types add uncertainty, and greenwashing remains a major risk. Investigations show that 78% of the top 50 offset projects may be “likely junk,” raising doubts about their integrity. Weak verification and flawed third-party audits deepen these concerns, turning many credits into claims rather than real climate action. The Road Ahead Carbon pricing mechanisms like Sweden’s $130 per ton carbon tax and the EU ETS are pushing companies to rethink emissions as liabilities. Meanwhile, voluntary markets are booming as corporations race toward net-zero commitments. Stricter verification protocols from bodies like the Integrity Council for the Voluntary Carbon Market promise to weed out greenwashing, ensuring every credit delivers genuine climate impact. Could Carbon Credits Rule the Economy? If trends continue, carbon credits might become the most influential economic instrument of the century. They represent survival, responsibility, and opportunity all rolled into one. In a world where climate risk dictates financial stability, the “climate coin” could very well become the currency that matters most.

India’s IT landscape has experienced a dramatic shift over recent decades, moving away from traditional, paper-dependent bookkeeping methods to a vibrant, tech-powered ecosystem. Today, organizations depend on — ranging from enterprise resource planning (ERP) tools to cloud platforms — not only to boost efficiency but also to safeguard compliance, security, and data accuracy of financial reporting. This change entails additional responsibility since keeping thorough records helps to prove financial integrity and responsibility. An audit trail acts as the "black box" of an organization—a kind of financial journal that captures every activity. It records who did what, when, and how within the financial system. This creates a straightforward way to verify the accuracy and accountability of financial records. Think of it as holding a backstage pass that lets you peek behind the curtain—offering complete visibility into every transaction for transparency, tracking access to sensitive data to bolster security, and capturing system changes to ensure compliance. With their growing importance, audit trails are now a legal must-have in India, following regulatory mandates that came into effect on April 1, 2023. The push for audit trail comes straight from the Companies (Accounts) Rules, 2014, where Rule 3(1) says any organization using accounting software—whether it's ERP systems or even web portals—must have a permanent audit trail that can't be turned off. It’s got to automatically track every change, stamp it with a timestamp, and keep those records on hand for audits. Meanwhile, auditors, under Rule 11(g) of the Companies (Audit and Auditors) Rules, 2014, must double-check that this feature was running all year, and wasn't tampered with. This rule isn't just for large organizations—it applies to every Indian organization. Whether it's nonprofits under Section 8 or foreign entities, it covers everything from standalone to consolidated financial statements.

Welcome to our Standard Setters' Updates of FASB & SEC. In this publication, we present a concise overview of the latest developments in financial reporting and highlight key considerations as we move through 2025. The Accounting Updates summarize FASB's new guidance issued in the first half of the current year and highlight the accounting standards that are effective in 2025. The FASB Current Projects section provides an overview and status of the items that FASB is actively working on. The Regulatory Updates section brings you noteworthy updates from the SEC. The Sustainability Reporting Developments section outlines the changes to ISSB’s Disclosure and European Union’s Reporting requirements. The Financial Accounting Standards Board (FASB), in November 2024, issued ASU 2024-03 which requires public business entities to disaggregate expenses in the income statement into specific categories and reconcile those to the totals reported in the financial statements. Subsequently, the Board realized a clarification was needed to avoid confusion regarding when the standard applies, particularly in interim periods. Therefore, the Board issued ASU 2025-01 clarifying the effective date to be the first annual reporting period beginning after December 15, 2026, and interim reporting periods within annual reporting periods beginning after December 15, 2027. In 2022, the Securities and Exchange Commission (SEC) published interpretive guidance as Staff Accounting Bulletin (SAB) No. 121 on Topic 5.FF, Accounting for Obligations to Safeguard Crypto-Assets an Entity Holds for its Platform Users. SAB No. 121 required entities safeguarding crypto-assets to record a liability and a corresponding asset at fair value. However, this guidance created practical challenges and accounting complexities. To address these concerns, the SEC later issued SAB No. 122, rescinding the interpretive guidance published as SAB No. 121. The amendment removes the obligation to recognize a safeguarding liability and corresponding asset, instead directing entities to apply traditional loss contingency guidance under ASC 450-20: Loss Contingencies when accounting for obligations to safeguard crypto-assets. Therefore, the Board issued ASU 2025-02 to inform about SAB No. 122 rescinding the interpretive guidance in SAB No. 121. Entities should apply the rescission of Topic 5.FF on a fully retrospective basis in annual periods beginning after December 15, 2024.

In a dynamic and fast-paced global environment, organizations are navigating ever-increasing challenges driven by technological advancements, environmental demands, and changing societal expectations. These changes blur traditional risk boundaries and create a complex, interconnected risk landscape. As a result, it has become imperative for internal audit functions and organizations as a whole to develop the ability to identify, understand, and mitigate risks, enabling them to achieve resilient and sustainable growth. These emerging threats also provide internal audit teams with an opportunity to demonstrate agility, prudence, and strategic insights, thereby reinforcing their role in enhancing organizational resilience and long-term value creation. Business continuity risks are probable disruptions that hinder an organization's ability to operate effectively and deliver essential services. The disruptions may arise from multiple sources such as natural calamities, technological disruption, cybersecurity incidents, geopolitical conflicts, and supply chain disruptions. The COVID-19 pandemic or Suez Canal blockage were recent and powerful examples of how such risks can severely impact global operations. Continuity risks are highly interconnected and interdependent. A minor disruption in one part of the chain can trigger a domino effect, leading to operational and financial consequences globally. Thus, strengthening operational resilience is essential for maintaining stakeholder trust and sustaining long-term value delivery. Human capital risk is the vulnerability organizations encounter in attracting, retaining, and developing their talent. Employees are the most valuable assets and vital pillars of any organization. Failure to manage talent effectively can significantly impact business continuity, innovation, and competitive edge.

The importance of transparent financial reporting cannot be overstated in today's complex business environment. Investors, lenders, and other capital providers rely heavily on financial statements to evaluate an entity's performance, assess its prospects for future cash flows, and benchmark it against peers. A critical component of this evaluation is understanding the composition of expenses, as they often reveal key insights into cost structures, operational efficiencies, and long-term sustainability. Historically, U.S. GAAP has not required consistent disaggregation of income statement expenses, leading to diversity in reporting practices. This lack of standardization has posed challenges for users in comparing financial results across entities and industries. Recognizing this gap, the Financial Accounting Standards Board (FASB) introduced the proposed Accounting Standards Update (ASU) Income Statement - Reporting Comprehensive Income - Expense Disaggregation Disclosures (Subtopic 220-40): Disaggregation of Income Statement Expenses in July 2023. After gathering extensive feedback through public comments and roundtable discussions, the FASB finalized the amendments in November 2024. These changes aim to enhance the decision-usefulness of financial reporting by requiring disaggregated expense disclosures within the footnotes of financial statements. In January 2025, FASB issued Accounting Standard Updates No. 2025-01, Income Statement-Reporting Comprehensive Income - Expense Disaggregation Disclosures (Subtopic 220-40): Clarifying the Effective Date. The updates apply to all public business entities and shall be effective for annual reporting periods beginning after December 15, 2026, and interim reporting periods within annual reporting periods beginning after December 15, 2027, with early adoption permitted.

The Securities and Exchange Board of India (SEBI) has introduced a new Industry Standard on "Minimum Information to be Provided for Review by the Audit Committee and Shareholders for Approval of Related Party Transactions (RPTs)." This standard, effective from April 1, 2025, applies to all listed entities in India and aims to standardize reporting and disclosure requirements, thereby elevating governance, transparency, and oversight of related party transactions (RPTs). The key requirements include ensuring accurate identification of all related parties as per Regulation 2(1)(zb) of SEBI’s LODR Regulations, 2015. Transactions must be classified based on materiality, distinguishing between material RPTs, transactions involving promoters or promoter groups exceeding prescribed thresholds, and residual RPTs outside the above categories. Internal auditors must verify that adequate documentation is maintained for each related party transaction (RPT), capturing all relevant details as applicable. This includes basic details of the related party, relationship and ownership of the related party, financial performance of the related party, details of previous transactions with the related party, amount of the proposed transactions, and basic details of the proposed transaction. Additional details must also be maintained for proposed transactions relating to the sale, purchase, or supply of goods or services, or any other similar business transaction; loans, inter-corporate deposits, or advances given by the listed entity or its subsidiary; investments made by the listed entity or its subsidiary; and guarantee (excluding performance guarantee), surety, indemnity, or comfort letter made or given by the listed entity or its subsidiary.

Explore how audits empower healthcare providers to tackle AI risks, policy shifts, and pricing reforms with confidence.