The Audit Committee Chair Playbook for AASB S2: What...

The audit committee chair signs off on the financial statements. From the FY26-27 reporting cycle, the chair also signs off on the AASB S2 climate statement that now sits alongside them in the annual report. Same Chapter 2M framework, same directors' duties, same assurance regime expectation. New subject matter, new methodology selections, new evidence base.

Group 2 entities start their first reporting financial year on 1 July 2026. That gives audit committees 22 days to land the charter amendment, scope the management report-out cadence, and agree the assurance interface before the period that needs to be reported on actually begins. Group 1 chairs entering their second year of oversight have a different problem: the assurance provider's prior-year management letter, the risk register that now has comparatives, and the forward-looking statements that need to be re-tested for ongoing reasonableness.

This is not a sustainability committee piece. It is written for the chair who has spent two decades in financial report sign-off meetings and now has to extend that discipline to a disclosure where the source evidence is a fuel docket from a remote site rather than a journal entry from the GL.

What changes for the audit committee under AASB S2

Two structural changes drive everything else.

The annual report now contains a separate sustainability report under Chapter 2M Part 2M.3 of the Corporations Act, prepared in accordance with AASB S2. The directors' declaration extends to it. The sustainability report has the same legal status as the financial report for the purposes of the directors' duties framework.

The independent assurance regime under ASSA 5010 sits alongside the financial audit. Limited assurance applies from the first reporting cycle, transitioning to reasonable assurance for Scope 1 and Scope 2 emissions and governance disclosures from financial years beginning on or after 1 July 2030. The assurance provider can be the same firm as the financial auditor or a different one.

Some boards have established a separate sustainability committee. Most have extended the audit committee's remit. ASIC RG 280 is structure-agnostic but explicit on accountability: directors are expected to ensure the integrity of disclosures made under AASB S2, exercise care and due diligence including a critical lens on management's content, and put appropriate systems, internal controls, and oversight mechanisms in place.

The committee that already oversees financial controls, internal audit, and the external audit relationship is the natural home for that work.

The charter amendment

Get the charter amended before the first disclosure is drafted. Doing it after leaves a paper trail showing the oversight framework was retrofitted to the disclosure rather than designed to govern it.

A workable model amendment extends the audit committee's terms of reference to include:

Oversight of climate-related financial disclosures prepared under AASB S1 and S2
Review and approval of the basis of preparation for the sustainability report, including consolidation approach, GWP set, and emission factor source hierarchy
Review of management representations on the accuracy and completeness of climate data
Engagement with the climate assurance provider under ASSA 5010, including private sessions consistent with audit committee practice for the financial audit
Review of the climate risk register and its reconciliation to strategy and risk management disclosures
Oversight of internal controls over sustainability information, including controls over source-document capture, methodology versioning, and disclosure preparation
Review of forward-looking statements relying on the modified liability protection under section 1707D

The charter should also address committee composition. ASX Corporate Governance Principles (4th edition) Recommendation 4 expects audit committee members to have appropriate financial expertise and an understanding of the sectors in which the entity operates. AICD guidance on mandatory climate reporting adds that directors need to understand how climate-related financial disclosures are arrived at and verified. Whether that competency sits in a current member, a new appointment, or a permanent technical adviser to the committee is a judgement call. It is not a question that can be left unanswered.

The first audit committee paper on AASB S2

The first management paper to the committee on AASB S2 is the equivalent of the accounting policies note. It is the document the assurance provider will read first and the document the regulator will ask for if something goes wrong.

A workable agenda for the paper:

Basis of preparation: organisational boundary (operational control, financial control, or equity share), reporting period, GWP set, emission factor sources, methodology selections by scope
Materiality threshold for climate-related risks and metrics, with the rationale tied to user decision-usefulness rather than a percentage rule of thumb
Climate risk register summary: identified risks and opportunities, time horizons, financial impact estimation methodology, link to the strategy disclosure
Scenario analysis: scenarios used, assumptions, qualitative versus quantitative scope, governance over scenario selection
Transition plan: alignment between disclosed actions, the capex pipeline, and the operating plan
Metrics and targets: Scope 1, 2, and 3 measurement methodology, target baselines, treatment of comparatives
Forward-looking statements: which statements rely on section 1707D modified liability, the reasonable grounds documentation supporting them
Assurance interface: provider, scope, timing, preliminary observations

The committee's job in the first session is not to approve content. It is to test that the basis of preparation exists, is internally consistent, and can be defended to the assurance provider.

Three lines of defence for climate data

The three lines of defence model translates directly. First line is operations: sustainability function, site managers, fleet managers producing the underlying emissions records from utility invoices, fuel dockets, refrigerant service reports, waste consignment notes. Second line is risk and compliance: internal audit, group risk, and finance reviewing methodology and controls. Third line is the independent assurance provider under ASSA 5010.

The audit committee oversees the design and operating effectiveness of all three. Where second-line capability is thin, internal audit's annual plan needs an explicit climate data engagement before the disclosure is finalised.

The fitness question

ASX Corporate Governance Principles expect committee members to have the expertise to discharge their oversight role. AICD's A Director's Guide to Mandatory Climate Reporting (Version 2, September 2024) makes the point that directors are expected to engage critically with climate disclosures, not delegate the work to management or assurance providers.

Three responses we see boards adopting:

Appoint a non-executive director with sustainability or climate background to the audit committee
Engage a standing climate adviser to the committee with sector-specific experience
Document a structured upskilling programme for current members, with attendance and content recorded in the committee minutes

The third option is the one most boards default to. It is also the one most likely to be found wanting if the disclosure is later challenged. A two-hour briefing in March is not a defence to a finding under section 180 if the disclosed metrics turn out to be materially wrong and the audit committee minutes show no substantive engagement with the methodology.

Surveillance and personal accountability

ASIC has flagged climate disclosure as a surveillance priority under its 2025-26 Corporate Plan. The pattern from the Mercer, Vanguard, and Active Super matters is consistent: unsubstantiated environmental claims attract regulator action, and the regulator is willing to pursue both the entity and individuals where the evidence supports it.

The directors' duties framework under sections 180 to 184 of the Corporations Act applies to the sustainability report the same way it applies to the financial report. Duty of care and diligence, good faith in the best interests of the company, no improper use of position, no improper use of information. The modified liability shield under section 1707D protects the entity from civil action on forward-looking statements about scenario analysis, transition plans, and climate-related financial risks for the first three years of reporting. It does not exempt directors from their statutory duties.

In practical terms, the audit committee chair should expect the first AASB S2 disclosure to be read by ASIC, by short sellers, by climate-focused investors, by the assurance provider's national technical panel, and by the financial press. The defensibility test is whether the basis of preparation, the controls map, and the evidence base would hold up if the disclosure were challenged within 12 months of release.

The assurance interface

ASSA 5010 establishes the sustainability assurance framework. Limited assurance applies from the first cycle, with reasonable assurance over Scope 1 and Scope 2 emissions and governance disclosures from financial years beginning on or after 1 July 2030.

The interface mirrors the financial audit. The provider presents an assurance plan, identifying scope, materiality, key risk areas, and reliance on internal controls. The provider issues an assurance report at year end, with the conclusion feeding into the directors' declaration. The committee should hold a private session with the provider without management present, consistent with audit committee practice. Management produces a representation letter on climate matters covering completeness, methodology, and forward-looking statement reasonable grounds. Any modified opinion needs to be resolved before the directors' declaration is signed.

In the first cycle, the committee should ask whether the assurance scope covers governance disclosures, the basis of preparation, Scope 1 and Scope 2 measurement, and the controls supporting Scope 3 estimates. ASSA 5010 limited assurance is narrower than full audit assurance, and the boundary needs to be understood by the committee, not assumed.

The questions every chair should ask management

A five-question diagnostic that can be put to the CFO and sustainability lead in a single committee session:

Show me the basis of preparation document. If it has not been drafted, that is a finding.
Show me the climate risk register and the reconciliation between identified risks and the strategy disclosure narrative.
Show me the methodology note for each material metric, including the emission factor source and the version locked for the reporting period.
Show me the controls map for emissions data, from the source document to the disclosed number, including the sign-off trail.
Show me the planned use of forward-looking statements and the reasonable grounds documentation supporting each one.

If any of those five cannot be produced inside the session, the committee has its agenda for the next meeting.

The Year 2 oversight question

Group 1 audit committee chairs entering second-year oversight have a different agenda. The first year is mostly about getting the disclosure out. The second year is about whether the disclosure was right.

The Year 2 questions:

What did the prior-year assurance provider flag in the management letter, and what has been remediated?
What internal control deficiencies were identified, and what is the closure status?
Are the prior-year forward-looking statements still reasonable in light of what has happened since release? If not, what is the restatement path?
What comparatives need to be restated, and how will the restatement be disclosed?
Has the climate risk register changed, and does the change need to be explained in the narrative?

The restatement question catches Year 2 reporters out. NGER restatement triggers can flow through to AASB S2 comparatives. A correction submitted to the Clean Energy Regulator after the AASB S2 sign-off needs to be reflected in the next year's disclosure with a note explaining the change. The committee needs a process to identify those triggers, not just receive them when management surfaces them. See our piece on restating NGER and AASB S2 figures after an error has been submitted.

The audit trail dimension

A defensible AASB S2 disclosure rests on the same source-document audit trail that supports the financial statements. The assurance provider will sample disclosed numbers and trace them back to source. If the trace breaks at any point, the assurance scope contracts.

The infrastructure needed is unglamorous. Period locking so reported numbers cannot be silently changed after sign-off. Role-based access with a sign-off trail so the committee can see who approved what. Methodology versioning so the emission factor and consolidation approach in force at the reporting date can be reconstructed. Retention long enough to survive the regulator's look-back window, which for Corporations Act records is seven years.

This is the question the committee should put to management: when the assurance provider asks for the source document behind a disclosed Scope 1 figure from three months ago, can you produce it inside an hour, with the methodology version, the approver, and the audit trail intact?

If the answer is no, the disclosure infrastructure is the priority before the disclosure content.

Carbonly was built around exactly that audit trail problem. The document AI engine ingests the source records, the material library handles the emission factor versioning, period locking and role-based sign-off enforce the controls layer, and the report generators produce the AASB S2 and NGER outputs from the same evidence base. The committee question we want chairs asking is the right one: can management produce the audit trail under pressure?

What to do in the next 60 days

If your entity is in Group 2 with a 1 July 2026 reporting year start, the practical sequence is charter amendment first, basis of preparation paper to the committee second, controls map and assurance scope discussion third. The companion piece written for the CFO who sits opposite you in those meetings is the CFO playbook for the first AASB S2 disclosure. Walk through it with your CFO before the next committee session.