How-to guide: How to use AI to develop ESG disclosures (USA)

Introduction

This guide will assist in-house counsel, private practice lawyers, and compliance personnel in understanding how to use artificial intelligence (AI) when developing environmental, social, and governance (ESG) disclosures.

This guide covers:

Overview of AI and ESG disclosures
Specific use cases for AI in ESG disclosures
Developing an AI system to assist with ESG disclosures
Monitoring AI systems and ESG performance

This guide can be used in conjunction with How-to guide: Risks and liabilities of AI algorithmic bias, Checklist: Steps to mitigate risks associated with AI use in business and Quick Views: Key AI terms, Overview of AI in business and Environmental, Social, and Governance (ESG) regulation in the USA.

Section 1 – Overview of AI and ESG disclosures

In the United States, ESG disclosures have traditionally resulted from voluntary initiatives driven by the market and investor demand. However, the ESG space in the United States has recently undergone significant change, marked by a series of new initiatives and proposals related to environmental and social issues. These efforts are spearheaded by the US Securities and Exchange Commission (SEC), with involvement from other federal bodies such as the Federal Trade Commission (FTC) and the Treasury Department. There have also been various new regulations introduced at the state level. For further information, see Quick View: Environmental, Social, and Governance (ESG) regulation in the USA.

Developing ESG disclosures with the help of AI can help organizations enhance accuracy, efficiency, and transparency when reporting their environmental, social, and governance data. When implemented and used properly, AI can lead to better decision-making, foster sustainability, and help build stakeholder trust.

1.1 Definitions

1.1.1 AI

AI is technology that enables computers and machines to simulate human intelligence and problem-solving capabilities. This imitation of human behavior ranges in complexity, from the ability to perform simple tasks to mimicking complex problem-solving skills. For further information about different types of AI and how they may be used by organizations, see Quick view: Overview of AI in business (USA).

1.1.2 Environmental

‘Environmental’ in the ESG context refers to the responsibility organizations have to protect physical environmental resources. This includes tracking and reporting on areas such as energy use during operations, what the organization produces as pollution and waste, and the impact of the organization on nature.

1.1.3 Social

‘Social’ in ESG refers to the considerations that encompass a broad range of issues, from internal employee treatment to wider societal impacts. In the context of the internal management of an organization, ‘social’ includes factors such as employee safety, gender equity, and fair wages. On a national or transnational scale, it extends to human rights, labor rights, and persistent issues such as gender and racial equality. Social aspects also mandate an examination of the broader consequences of an organization’s products and services on the community.

1.1.4 Governance

‘Governance’ in ESG refers to the way an organization is operated and how decisions are made, ranging from the influence of the outside political landscape, to transparent reporting to stakeholders.

1.1.5 ESG disclosures

‘ESG disclosures’ are publicly available reports about an organization’s performance on ESG issues. ESG disclosures involve compiling large amounts of data and are intended to promote sustainable corporate practices.

1.2 The legal landscape

Not all ESG disclosures are mandatory in the United States. At the federal level, the SEC has recently created mandatory disclosures for publicly held companies that are registered with the SEC (see 1.2.1 below). There are a handful of states that currently have their own standards for mandatory ESG disclosures. There is also a wave of ESG disclosure requirements that are currently developing in different jurisdictions across the world, which may impact upon organizations based in the United States if they supply goods and services into, or have supply chains operating in, the relevant jurisdictions.

1.2.1 Climate disclosure rules

The landscape of climate disclosure is in a state of flux. The Trump Administration is signaling a potential rollback of the SEC's federal climate disclosure rule (see below), while California is moving forward with its own stringent climate disclosure laws, in turn prompting other states to consider similar legislation of their own. This state of flux creates a complex regulatory environment for US businesses, who must navigate significant federal changes while staying abreast of continuously evolving state-level requirements, all while considering international standards and voluntary reporting frameworks. To manage this complexity in an effective manner, organizations must make it a priority to establish robust internal processes to ensure consistency and accuracy in reporting across all applicable frameworks. Companies must also be prepared to invest in data collection and reporting systems, and must take steps to stay informed about the latest regulatory developments.

The climate disclosure rules issued by the SEC in March of 2024 were intended to standardize climate-related reporting rules for publicly traded companies. Those rules faced immediate legal challenges that alleged regulatory overreach, arbitrary decision-making, and insufficient consideration of the costs involved.

According to the rule, companies will have to provide the following disclosures on their financial statements:

the financial effects of severe weather;
the company’s carbon offsets and renewable energy certificates; and
any material impacts on financial estimates due to natural weather conditions or the company’s own climate-related goals.

Companies will also be required to disclose information on topics including the oversight plan for climate-related risks and the company’s process for risk management.

The rule was initially stayed by the Fifth Circuit, however, the cases filed over the rule were consolidated in the Eighth Circuit. Subsequently, the SEC itself stayed implementation pending judicial review. However, in February 2025, Acting SEC Chair Mark Uyeda signaled a potential reversal, directing staff to delay oral arguments to allow reassessment of the rules by the SEC the rules. Mr. Uyeda cited inherent flaws in the rules, a shift in Commission composition, and President Trump's regulatory freeze memorandum as catalysts for this reassessment. On March 27, 2025, the SEC voted to end its defense of the rules in the ongoing litigation in the Eighth Circuit. Consequently, the SEC will likely rescind or revise significantly the 2024 rules, potentially necessitating a new notice-and-comment rulemaking process. However, the rules still remain in effect unless the court overturns them, or they are officially rescinded or amended by the SEC. Several states, such as Massachusetts and New York, have intervened in the litigation defending the rules.

1.2.2 European Union Corporate Sustainability Reporting Directive

Directive (EU) 2022/2464 – the Corporate Sustainability Reporting Directive (CSRD) - requires in scope companies to report on both:

how their operations affect people and the planet; and
how sustainability issues impact the financial health of the company.

The CSRD may impact companies based in the United States, as it applies to certain companies that are registered with the EU-regulated market exchange and some non-EU parent companies. In scope companies must report on the 12 European Sustainability Reporting Standards (ESRS). Topics include the company’s sustainability policies, target metrics and how the company will achieve them, and the sustainability risks involved in their operations.

1.2.3 California disclosure requirements

Any business entity that has operations in California will need to comply with two new pieces of legislation that will take effect in January 2026:

the Climate Corporate Data Accountability Act (CCDAA) (SB 253 (2023)); and
the Climate-Related Financial Risk Act (CRFRA) (SB 261 (2023)).

The CCDAA will require affected organizations (defined as business entities with total annual revenues in excess of $1 billion that do business in California) to provide assurances on the accuracy of their scope 1 and 2 emissions. This requirement will encompass assurances of scope 3 emissions in 2030. Organizations that are in violation of this law can be sued for civil liability by the state.

The CRFRA will require in scope organizations to create and provide publicly available climate-related financial risk reports.

California's SB 253, despite amendments signed by Governor Newsom in September 2024 that extended the California Air Resources Board's (CARB) rulemaking deadline to July 1, 2025, maintains the original compliance dates for covered entities. Businesses must still prepare to report Scope 1 and 2 emissions in 2026, based on 2025 data, even with the ongoing uncertainties regarding the details of reporting. In acknowledgement of this ambiguity, CARB issued an Enforcement Notice in December 2024, that promised leniency for entities demonstrating ‘good faith’ compliance efforts and that allowed the use of existing data for the initial reporting year. CARB subsequently initiated a public comment period to address implementation challenges, including the crucial definition of ‘doing business in California.’ A new definition would clarify which entities fall under SB 253 and SB 261's reporting mandates. CARB plans to have draft regulations published by the end of 2025; however, the implementation rules might not be finalized until late 2026.

1.2.4 Other international ESG disclosure requirements

A source of guidance that many countries and companies use for ESG disclosures is the International Sustainability Standards Board (ISSB), a division of the IFRS (International Financial Reporting Standards) Foundation, which develops international accounting standards. The ISSB is responsible for establishing the IFRS sustainability disclosure standards which have been adopted by, or will likely be adopted by, numerous jurisdictions across the world. As of August 2025, twenty-two jurisdictions have adopted the standards (Australia, Bangladesh, Bolivia, Brazil, Chile, Costa Rica, Ghana, Hong Kong, Jordan, Kenya, Malaysia, Mexico, Nepal, Nigeria, Pakistan, the Philippines, Rwanda, Singapore, Sri Lanka, Taiwan, Thailand, Tanzania, and Türkiye), and several others, including Australia, Canada, Japan, South Korea and the United Kingdom, are in the process of adoption or consultation. Other organizations within the IFRS, such as the Sustainability Accounting Standards Board, have provided guidance for companies and lawmakers to help them meet the baseline requirements of the ISSB. See S&P Global, Where does the world stand on ISSB adoption? for further information.

1.2.5 Efforts to limit ESG

There are numerous anti-ESG bills in the United States pending in both Congress and state legislatures. These laws are designed to restrict the reporting requirements of ESG laws with the stated intent to promote corporate growth within the American financial system. For example, several states have pecuniary factor laws that require fiduciaries of state pensions to make investment decisions based on financial motivations and not environmental motivations.

Section 2 – Specific use cases for AI in ESG disclosures

Some of the specific use cases for, and benefits of, using AI to assist with ESG disclosures are set out below.

2.1 Enhanced accuracy

The accuracy of the data an organization uses to analyze the impact of its ESG initiatives is affected in several ways, including scalability, analytics, diversity of data, ability to predict, and consistency. AI can help optimize and achieve excellent results at every one of those points.

2.1.1 Scalability

AI can analyze more data than humans are able to, allowing organizations to set a large scale of data for use in reports. When more data is gathered, reporting is more accurate because it is capturing more of the source.

2.1.2 Advanced analytics

Different types of analytics require different types of computations. For example, reading an employee satisfaction survey does not require any computation. AI can be used to enhance such an exercise, by averaging together all employee satisfaction surveys through calculating averages of numerical input and summarizing common praises and complaints.

2.1.3 Data collection and diversity of data

AI can be used in places that cannot always be reached by people, allowing organizations to gather data that is more diverse and comprehensive. For example, AI can be used to gather information on the number of pollutants being emitted at different points on a pipeline or through different distribution sites. These hard-to-reach places can capture data on pollutant emissions that would otherwise be unreachable.

2.1.4 Predictive modeling

AI can be used to predict certain outcomes based on prior data entries using technology such as machine learning. Organizations can use AI in this way to help forecast their future ESG issues and preemptively work to mitigate any damage or problems. For example, AI can be used to calculate the risk associated with hazardous weather conditions or natural disasters, by looking at meteorology and surrounding natural weather patterns to calculate the actual risk posed to the organization based on its specific needs.

2.1.5 Consistent reporting

When reporting is automated using AI, the reports generated can all follow the same format without any issues of fatigue, bias, or outside influence that can occur when humans generate reports. As reports are being made over a period of time, consistency is key to being able to accurately compare data trends and take action based on those trends. Compared to manual labor which could vary in quality and style, AI allows companies to take advantage of its neutrality and consistency.

2.1.6 Transparency and security of data

One of the ways organizations can improve their ESG reporting efforts is by maintaining transparency and accuracy in their operations and accounting. AI can be used in this effort by using blockchain technology to ensure a unique level of security over the ESG data that is collected. Because blockchain is a form of isolated technology, it is less likely the data could be tampered with or altered.

2.2 Time efficiency

Because so much data is used in ESG initiatives and is therefore analyzed for ESG disclosures, the process can take vast amounts of time if done manually. The data needs to be gathered from multiple sources and turned into something that is accurate and readable. Using AI in the analysis of data significantly reduces the time needed to create reports and understand the progress of ESG initiatives.

2.3 Tracking carbon emissions

One of the most important ESG responsibilities for organizations is to track carbon emissions. Emissions can be either scope 1, 2 or 3:

scope 1 emissions are those that the organization directly produces, such as running boilers;
scope 2 emissions are those that the organization indirectly produces through its operations, such as the acquired electricity needed to run the business; and
scope 3 emissions are those that the organization is indirectly responsible for due to its role in the supply chain, such as the emissions consumers create when using an organization’s product or service.

These different scopes are tracked and recorded to create a GHG (greenhouse gas) inventory, which can be used to identify ways to reduce emissions and to participate in GHG markets and programs.

AI can be used at every step of creating a GHG inventory. An organization can create their own GHG inventory process using AI, by establishing the metrics and methods they will use to measure emissions, collect data and calculate the quantity of emissions. Organizations can use AI to create a management plan and to search for ways to reduce emissions based on data gathered.

AI can use the emissions data gathered to generate reports automatically that can be used in disclosures.

2.4 Monitoring supply chains

AI can be used to rapidly transform reporting procedures by monitoring supply chains and generating informative data about their ESG impacts, using the principles outlined at 2.1 to 2.3 above in the wider supply chain.

2.5 Performing impact assessments

AI can learn continuously by taking in new data and creating a feedback loop. If the AI is creating impact assessments, it can tell an organization how its operations will affect the local and global community. For example, an organization that is emitting large amounts of greenhouse gases will have a large impact on the local community. AI can forecast those impacts and create assessments that the organization can use to see the damage it will cause, comply with disclosure requirements, and motivate its ESG efforts to reducing those emissions.

Section 3 – Developing an AI system to assist with ESG disclosures

There are a number of key steps for organizations to take when using AI in their ESG disclosures.

3.1 Assess status of internal ESG plan

Organizations should assess the status of their ESG plans or initiatives to ensure compliance with laws and regulations requiring accurate disclosures, and also to ensure accurate tracking of progress that results from ESG initiatives.

3.2 Review and plan goals and requirements

Depending on where the organization conducts business, there could be multiple laws or regulations that require ESG reporting. Because these laws are currently still in development in many places, organizations can begin by planning for ESG goals that fit the standards set out by the ISSB (see 1.2.4 above), which is being used by several global jurisdictions. Organizations must also stay aware of the various pending legislation (state, federal and global) that may create reporting or wider obligations, or restrict ESG efforts.

3.3 Develop an AI system

When creating an AI system or program to assist with ESG disclosures, the AI should be programmed to meet the specific needs of the organization. An organization could use AI in multiple ESG areas, such as to measure greenhouse emissions, and also to review job applications. The AI model should be narrowly tailored to analyze only the data necessary to generate accurate and productive reports for the intended purpose.

3.4 Ethical considerations and bias mitigation

Organizations must be aware of the risks of using AI, such as ethical considerations and biases. One of the goals of using AI for ESG programs is to gather data and generate documents and paperwork efficiently and accurately. However, flaws such as ‘hallucinations’ expose the AI to errors. ‘Hallucinations’ are data pieces and statements that the AI perceives as true and are therefore included in its output, when in fact those data pieces and statements are not accurate. Information based on hallucinations may damage an entire data set if it is not caught and if it is reintroduced into the AI programming.

AI also presents the risk of perpetuating bias. For further information, see How-to guide: Risks and liabilities of AI algorithmic bias.

3.5 Deployment and go-live

3.5.1 AI model training

ESG programs will require very specific results from AI, and the AI programming needs to fit these specific purposes. Many types of machine learning are able to gather large amounts of data and then put that data back into its own programming, in doing so ‘learning’ from the data it has gathered. This makes it essential for the initial programming to be correct and, particularly in the early stages of using the AI, checks to be carried out to ensure that the data produced makes sense for the ESG issue it is monitoring. For example, if an AI model is tracking how much waste an organization is producing by monitoring the materials that are leaving a building, the AI should be programmed to only include materials from production and not from employee food consumption.

3.5.2 Model testing and validation

AI models need to be tested before use. To test and validate data, techniques such as cross-validation can be used, where data is separated before being entered into the AI programming and then compared to data that has been run through the AI model.

3.5.3 Legal and compliance reviews

As noted above, the legal landscape surrounding both AI and ESG is in flux. One of the risks of these rapidly changing areas is that AI use could result in liabilities, data restrictions, or impacts on intellectual property that are unknown at present. Organizations should therefore carry out regular reviews and update their AI systems as needed in compliance with developing legislation.

3.5.4 User training and support

AI systems require constant observation and adjustment to ensure the results from the AI are accurate and helpful. Organizations must provide training to employees and stakeholders to ensure they understand how the AI system works and how to read the data and reports.

3.5.5 Feedback loop and iterative improvement

Once an AI model goes live, machine learning capabilities allow the AI to constantly improve. However, because of this feedback loop that is created, it is imperative that the organization monitors the data as it is produced so that no errors are fed back into the AI. Because the feedback loop exists, it also allows the AI to incorporate new data without reprogramming the entire model. Organizations can take advantage of this by adding in more data about new ESG boundaries or risks without having to completely retrain the AI.

Section 4 – Monitoring AI systems and ESG performance

Monitoring an AI system designed for developing ESG disclosures is crucial to ensure the AI’s accuracy, consistency, and reliability over time. If an AI model is allowed to run itself without any monitoring, the organization is at risk of relying on inaccurate data and submitting incorrect documents and reports to governmental entities.

4.1 Establish KPIs

Most organizations have key performance indicators (KPIs) that are used to track performance. When creating ESG initiatives, organizations should set KPIs to keep track of progress and stay on top of ESG goals. Establishing and monitoring KPIs will also help organizations understand areas needing improvement, including the need to improve the design of AI systems used for the purposes of ESG.

4.1.1 Define indicators in terms of ESG goals

When creating KPIs, the organization should make defined goals that are easy to measure. For example, if an ESG goal is to improve employee satisfaction, the organization should consider how it is going to evaluate that (percent satisfaction, would an employee recommend working there, etc), what type of information is going to be used, and when and how the data will be gathered.

4.1.2 Set up real-time monitoring dashboards

Any KPI that an organization establishes to monitor its ESG progress will require data sets and reactions to those data sets. Monitoring dashboards that allow data to be viewed in real time allows organizations to take immediate measures and improve their chances of reaching ESG goals sooner. For example, if an organization is measuring the amount of water used during the day, and that output is suddenly larger than normal or increasing rapidly, it can be used to show that there is a leak somewhere in the building.

4.2 Monitoring procedures

4.2.1 Schedule regular system audits

As a part of monitoring AI systems for issues and areas of improvement, organizations should regularly audit the system by conducting an overview of the entire process – from the creation of the initial ESG goals, to the development of the AI systems used for ESG, to a review of the data provided by such AI systems. Organizations can also conduct audits of specific parts of the system, such as a specific area of data collection. These processes allow the organization to ensure the AI is operating as it should be and is benefiting the organization appropriately.

4.2.2 Implement alert systems for anomalies

The accuracy rate of AI tools depends on the programming of the AI and the evolution of the data feedback loop. As a result, organizations should verify both the input and output data to make sure that what is being included is appropriate for the use and that what is being produced is accurate. To help monitor for this type of issue, organizations should program the AI to alert employees when there is data that is an anomaly for the whole set, before that data is reintroduced into the feedback loop.

4.2.3 Conduct periodic model retraining

There are two reasons why an organization needs periodic model retraining of its AI system. The first is that over time, the feedback loop of information may sway the AI away from its original purpose and collection of relevant data. The organization will need to ensure that the AI’s narrow purpose is still operating within the parameters needed and nothing more. The second is that new laws and regulations will apply. Because human oversight is ultimately responsible for corporate operations, there are no legal excuses in saying the AI generated the data for inaccurate reporting because that data could have been caught by a human.

4.3 Monitor regulatory changes

As the legal landscape surrounding AI is constantly changing, AI itself can be set to create alerts about new laws and regulations that are passed which impact the types of ESG monitoring and reporting required. Once an individual has considered any developments that have been flagged, they can decide if the AI models the organization is using need to be modified and retrained to become compliant with the new laws.

4.4 Prepare for challenges

Organizations must prepare and have plans in place for challenges that are unexpected. Unexpected challenges, while not susceptible to prediction, are nonetheless foreseeable. These challenges include challenges such as technological failures or legal or regulatory issues.

4.4.1 Plan for contingency and recovery

Organizations should prepare for technological errors that may occur when relying on AI to produce documentation. For example, if an organization were to experience a cyberattack, they could lose large amounts of data and AI-generated reports. To mitigate this risk, organizations should have plans in place allowing them to file reports on time or recover documents required. One example of such a plan would be to have any AI-generated reports automatically backed up on a cloud database system so that it is removed from any hardware malware attacks.

4.4.2 Report and communicate findings

Organizations should be prepared to deal with a response from an authoritative body suggesting that a report filed is inaccurate or requires adjustment. Organizations should understand how to manually change a report and update elements of the report as needed. For example, if the SEC were to return to a company their yearly filing because the note on climate-related risk mitigation was inaccurate for their geographic location, the company will need to know how to fix that mistake without generating an entirely new report.

Additional resources

Jennifer Laidlaw, Where does the world stand on ISSB adoption?, S&P Global
Burt Mayer and Jessica Matthys, How AI is Turning ESG into a Business Opportunity, C3.ai
Deloitte, Overview of the structure of the IFRS Foundation, IASB, and ISSB
Financial Services Press Release, Committee Republicans Introduce Measures to Combat the Influence of ESG Initiatives in America’s Financial System
FigBytes Guide, Preparing for California’s Climate Disclosure Laws
Somdip Dey, How AI Can Promote ESG, Forbes
IBM Guide, What is the Corporate Sustainability Reporting Directive (CSRD)?
Bruce White, Potential Opportunities and Risks AI Poses for ESG Performance, National Law Review
IFRS Foundation, The jurisdictional journey towards globally comparable information for capital markets
SASB Standards, SASB Standards and other ESG Frameworks
Securities Exchange Commission Ruling, The Enhancement and Standardization of Climate-Related Disclosures for Investors
United State Environmental Protection Agency, Scopes 1,2 and 3 Emissions