BRSR Core Is Not Optional Anymore
Back to Insights
Policy & Regulation 18 min read

BRSR Core Is Not Optional Anymore

What India's top listed companies must disclose and what happens when they can't

May 5, 2026·Sylithe Policy

Essential Findings

  1. 1.BRSR Core Has Shifted ESG From Reporting to Assurance Companies are no longer being asked to disclose sustainability data; they are being asked to prove it.
  2. 2.Reasonable Assurance Is Comparable to Financial Audit Standards ESG metrics now require evidence, traceability, and documented internal controls.
  3. 3.Data Quality Has Become the Biggest Compliance Risk Most reporting failures arise from unverifiable or fragmented data rather than incorrect calculations.
  4. 4.Scope 3 Emissions Create the Largest Assurance Challenge Many companies depend on suppliers that lack mature ESG reporting systems.
  5. 5.Value Chain Reporting Extends Compliance Beyond Corporate Boundaries The auditability of a listed company increasingly depends on the quality of supplier data.
  6. 6.ESG Data Infrastructure Is Becoming a Strategic Asset Companies with strong controls, digital monitoring, and verification systems will adapt faster to future regulations.
Share

A reporting error in your emissions data is now treated with the same severity as an error in your balance sheet.

That is the practical consequence of SEBI's BRSR Core mandate. For the top 150 listed Indian companies, ESG disclosure has moved from narrative reporting to audited fact.

BRSR Core requires reasonable assurance the same standard as a financial audits on 9 specific ESG attributes. Most organizations are not ready. Their data collection is manual, their audit trails are incomplete, and their supplier data is missing.

BRSR vs BRSR Core: What’s Changed?

Traditional BRSR focused primarily on disclosure. Companies reported sustainability information, but verification requirements remained limited.

BRSR Core introduces a defined set of material indicators that require reasonable assurance. The shift moves ESG reporting closer to financial reporting, where data must be supported by evidence, controls, and independent verification.

In practical terms, BRSR asks companies to disclose. BRSR Core asks companies to prove.

BRSR vs BRSR Core: Key Differences

FeatureTraditional BRSRBRSR Core
ApplicabilityTop 1000 listed companiesTop 150 listed companies
VerificationSelf-reported / limitedReasonable assurance required
Audit StandardVoluntary / narrativeComparable to financial audit
Data TraceabilityNot mandatedMandatory audit trail
Supplier DataEncouragedTop 75% of value chain required

Why SEBI Escalated From Voluntary ESG to Audit-Level Assurance

India’s ESG reporting transition did not happen in isolation. Global capital markets are rapidly moving toward mandatory climate and sustainability disclosures, and SEBI’s BRSR Core framework reflects that broader shift.

For many years, ESG reporting operated largely on disclosure. Companies collected sustainability information, published annual reports, and investors evaluated those disclosures with limited independent verification.

BRSR Core changes this model. Companies must now demonstrate that ESG metrics can be traced back to source records, reviewed through internal controls, and independently verified by assurance providers. The focus is no longer on publishing sustainability claims. The focus is on proving that every reported metric can withstand audit-level scrutiny.

In practical terms, ESG reporting is beginning to resemble financial reporting. Data quality, evidence trails, approval workflows, and assurance processes are becoming just as important as the sustainability metrics themselves.

Old ESG Reporting vs BRSR Core model

This changed as institutional investors and sovereign funds began treating sustainability data as financially material information. In sectors such as energy, chemicals, and manufacturing, environmental performance now directly affects access to capital and export competitiveness.

SEBI’s introduction of BRSR Core effectively acknowledges that sustainability data now influence enterprise valuation in the same way financial disclosures do. The regulator is no longer asking whether a claim is directionally believable; it is asking whether the claim can survive forensic verification.

Reasonable Assurance vs Limited Assurance: What’s the Real Difference?

In auditing, there is a fundamental gap between limited and reasonable assurance that most ESG teams do not fully appreciate until they face an audit.

Limited Assurance vs Reasonable Assurance

FeatureLimited AssuranceReasonable Assurance
Conclusion TypeNegative assurancePositive assurance
Auditor Statement"Nothing appears wrong""We verified it is accurate"
Testing DepthInquiry and analytical reviewSite visits, data tracing, control review
Evidence RequiredLowHigh — comparable to financial audit
BRSR applicabilityTraditional BRSRBRSR Core mandate

Limited assurance is often described as a negative conclusion. The auditor is essentially saying: we looked at this data and nothing came to our attention that suggests it is materially wrong. This standard does not require the auditor to independently verify every data point. It is based primarily on inquiry and analytical review.

Reasonable assurance is a positive conclusion. The auditor actively confirms that the data is accurate based on sufficient audit evidence. This requires site visits to operational facilities, tracing data back to source documents such as utility bills and waste manifests, reviewing internal controls around data collection and approval, and testing whether numbers are consistent across reporting periods and subsidiaries.

The move to reasonable assurance means companies can no longer rely on 'good faith' estimates. Every metric must have a clear, verifiable audit trail traceable back to its source a utility bill, a waste manifest, or a satellite-verified map.

Why ESG Data Fails During Audits

Many organizations assume their ESG systems are mature because they already publish sustainability reports. However, the transition from disclosure to assurance exposes major weaknesses.

The most common issue is fragmented environmental data architecture. In many enterprises, energy data exists in utility invoices, water records in plant spreadsheets, and waste manifests are maintained by third-party vendors. During a reasonable assurance audit, these fragmented systems create traceability failures.

The problem is not necessarily incorrect data. The problem is unverifiable data. Under BRSR Core, unverifiable data increasingly becomes equivalent to unreliable data.

The 9 ESG attributes and where each creates problems

BRSR Core focuses on 9 attributes that SEBI has identified as most material. Each has specific technical definitions that create real compliance challenges.

  1. 1.
    GHG emissionsMust be reported as absolute tonnes and per rupee of revenue adjusted for inflation.
  2. 2.
    Energy consumptionRequires separation of renewable vs. non-renewable sources at facility level.
  3. 3.
    Water withdrawalMust distinguish between sources with separate reporting by water-stressed locations.
  4. 4.
    Water discharge qualityQuality parameters and discharge destinations must be tracked and verified.
  5. 5.
    Waste generationCircularity metrics required proof of destination, not just intent.
  6. 6.
    Women in workforcePercentage at board and management level with consistent definitions across subsidiaries.
  7. 7.
    LTIFRCovers employees and contract workers separately; fatalities require specific disclosure.
  8. 8.
    Employee well-beingHealth insurance and welfare coverage rates with underlying data records.
  9. 9.
    Business conductAnti-corruption training and complaints resolution with documented evidence.

The Rise of ESG Internal Controls

One of the least discussed consequences of BRSR Core is the emergence of ESG internal controls as a board-level governance function. Responsibility is shifting from CSR teams to finance, risk, and compliance functions.

Just as companies built internal financial control systems for accounting, they are now being forced to build equivalent systems for sustainability metrics, including approval workflows, audit logging, and role-based access control.

The value chain challenge: BRSR pulls SMEs into reporting

SEBI's value chain disclosure requirement is the most operationally complex aspect. Top listed companies must obtain ESG data from suppliers representing their top 75% of business by value.

This creates a data gap that directly affects the listed company's ability to achieve reasonable assurance. The audit reliability of a listed company now depends on organizations outside its direct operational control.

Scope 3 Is Becoming the Biggest Risk Area

For most large enterprises, Scope 3 emissions represent the majority of total climate impact often exceeding 70 to 90 percent of the total footprint. Yet Scope 3 is also the most difficult category to measure with any degree of audit-grade accuracy.

The first challenge is supplier data unavailability. Most companies depend on hundreds or thousands of suppliers, many of whom are small and medium enterprises without any formal emissions tracking system. Without supplier-level data, the listed company must rely on spend-based emission factors, which are widely considered too imprecise for reasonable assurance.

The second challenge is methodological inconsistency. Different Scope 3 categories use different calculation approaches. Category 1 purchased goods uses supplier-specific data or industry averages. Category 11 use-of-sold-products requires lifecycle modelling. Category 15 investments requires emissions data from investees. When a single report spans multiple methodologies, an auditor must assess each one independently.

The third challenge is missing emission factors. India-specific emission factors for many industrial processes, raw materials, and logistics routes are either unavailable or outdated. Companies are often forced to use global averages that may not accurately reflect local conditions, introducing systematic uncertainty into their Scope 3 estimates.

Finally, the lack of third-party verification at the supplier level creates a fundamental traceability gap. Even if a supplier provides data, that data may itself be unverified. Under BRSR Core, the listed company ultimately bears responsibility for the quality of data it includes in its assured report, making supplier engagement and capacity building a strategic compliance priority.

What Companies Need Before a BRSR Core Audit

Audit readiness for BRSR Core is not a last-minute exercise. Companies that begin preparation only when an auditor is scheduled typically discover data gaps that cannot be resolved quickly. The following five capabilities are prerequisites for a successful reasonable assurance engagement.

  1. 1.
    Centralized ESG Data PlatformAll environmental, social, and governance data must flow into a single, timestamped repository. Spreadsheets distributed across departments cannot produce the traceability that auditors require.
  2. 2.
    Internal ControlsApproval workflows, role-based access controls, and data validation rules must be documented. Auditors will request evidence that the right people reviewed the right data at the right time.
  3. 3.
    Supplier Engagement ProcessA defined process for collecting, validating, and escalating supplier ESG data is essential. This includes supplier training, data templates, and a review mechanism for received submissions.
  4. 4.
    Evidence RepositorySource documents, utility invoices, waste manifests, and third-party certifications must be accessible and linked to the reported metrics. Each data point must trace back to an original record.
  5. 5.
    Assurance Readiness AssessmentBefore engaging an auditor, companies should conduct an internal gap assessment to identify weak controls, missing data, or unsupported calculations. Resolving these in advance significantly reduces audit risk.

What's actually blocking compliance

  • Data collection infrastructure: Manual spreadsheets cannot produce the timestamped records that reasonable assurance requires.
  • Supplier data gaps: The audit trail breaks at the supplier boundary where verified emissions data is missing.
  • Environmental attribute verification: Traditional reporting lacks the spatial verification that auditors now expect. Satellite-verified data is becoming the standard.

Why Satellite Verification Is Gaining Importance

Traditional ESG audits rely on documentation, but environmental disclosures increasingly involve physical conditions that can be independently verified using geospatial intelligence.

Satellite-based monitoring is becoming critical for land-use verification, forestry, and water stress analysis. It allows auditors to independently validate whether physical claims align with observed environmental conditions.

The Investor Perspective

The investment community is a primary driver. Institutional investors integrate sustainability metrics into credit analysis and portfolio construction. Weak ESG controls introduce uncertainty into transition risk pricing.

Investors increasingly prefer companies whose disclosures are independently assured, traceable, and digitally verifiable, as this governance reduces financing costs and reputational risk.

What Happens If Companies Fail?

The risks extend beyond regulatory penalties to investor distrust, forced restatements, and procurement exclusion. As sustainability-linked finance expands, inconsistent reporting may eventually influence lending rates and institutional capital access.

The Global Direction of ESG Regulation

India’s BRSR Core framework aligns with global trends like Europe's CSRD and ISSB standards. Indian companies operating globally will face overlapping disclosure expectations, and early investors in scalable data systems will adapt more efficiently.

The market is moving toward an environment where sustainability claims are no longer trusted simply because they are published. They must be measurable, traceable, and independently verifiable.

BRSR Core represents the beginning of that transition in India. The organizations that succeed will be those capable of building reliable environmental data infrastructure across operations, suppliers, and value chains.

In that sense, ESG compliance is no longer just a reporting challenge. It is becoming a systems architecture challenge.

Building for reasonable assurance

Sylithe is working with top-100 listed companies to build the satellite-backed verification infrastructure that makes BRSR Core attributes auditable at the reasonable assurance standard. Contact our policy team to audit your data architecture for the 2026 cycles.

Key Takeaways & Metrics

A summary of the core concepts discussed in this article.

ConceptRelevanceImpact LevelStatus
MethodologyCore to accurate MRVHighActive
IntegrityEssential for credit valueCriticalMandatory
TechnologyEnables scaleHighGrowing
#BRSR#SEBI#ESG#Compliance#India#Sustainability Reporting#Assurance

Frequently Asked Questions

What is BRSR Core and who does it apply to?+
BRSR Core is a mandatory subset of India's Business Responsibility and Sustainability Report, introduced by SEBI. It applies to the top 150 listed companies by market capitalization and requires disclosure of 9 specific ESG attributes with independent reasonable assurance.
What is the difference between limited and reasonable assurance?+
Limited assurance is a negative conclusion ('nothing came to our attention'). Reasonable assurance is a positive conclusion where the auditor actively verifies the data is accurate through forensic testing, site visits, and internal control review.
What happens if a company cannot meet BRSR Core requirements?+
Companies face regulatory scrutiny, reputational damage with institutional investors, and disadvantages in ESG-linked financing. Inconsistent reporting can lead to increased cost of capital and exclusion from global supply chains.

Ready to verify your impact?

Join enterprise leaders using Sylithe to build trust and transparency in the carbon economy.