Under AASB S2, climate disclosures now come with mandatory audit requirements. And the rules are only going to get stricter. It’s forcing teams to rethink their entire verification workflow: the steps, the sequence, and who needs to sign off on what.
As auditors require more documentation and evidence, it’s easy to assume assurance covers everything that needs to be checked. But for most organisations, it doesn’t cover as much as they think.
This guide looks at where assurance ends, where internal verification begins, and what that means for how you structure your disclosure workflow.
Assurance and internal verification are different jobs
External assurance is what your auditor provides. It’s an independent, third-party review of your figures and how they’re calculated, giving regulators and investors confidence that the numbers have been tested by someone outside the organisation. Under AASB S2, that assurance starts at limited and scales to reasonable over the coming years, meaning auditors will go deeper into your processes over time.
But assurance has a specific scope. Auditors focus on numbers and the calculations behind them. They work within a defined brief. When it comes to narrative statements, their role is to check for consistency with the numbers, not to verify accuracy in its own right.
AASB S2 disclosures are only part of what gets published. They sit inside the annual report, alongside financial statements, the remuneration report, governance disclosures, and a significant amount of narrative that makes claims, provides context, and shapes how the whole document reads. Even for figures your auditor has assured, the statements around those figures still need to be right. That’s not a process any external auditor can run for you. And it’s not a gap that more assurance will close.
Internal verification is something different. It’s about the people inside your organisation, sustainability leads, finance teams, risk, legal, the board, being able to look at the final document and know, with confidence, that every statement is accurate, every claim traces back to a source, and everyone who needs to stand behind it does. It also means asking questions an auditor never will: not just ‘is this accurate’ but ‘should we be saying this at all.’
What Atticus does
Atticus is an internal verification tool. It gives sustainability and finance teams a structured, auditable way to work through their disclosures, tracking who has reviewed what, linking every claim back to its source, and creating a clear record that the right people have signed off on the right statements.
For most teams, that means one final pass after the audit, before the report goes to the board. A structured check that every statement has been verified, every claim is traceable, and nothing has slipped through in the design and formatting process. It’s the difference between board confidence that comes from an assurance letter, and board confidence that comes from knowing your own team has done everything it can to get it right.
The transition to Atticus brought consistency, transparency, and efficiency to our verification process. The platform’s ability to track edits and amendments accurately eliminated the need to re-verify the same data and reduced the reliance on manual tools.
Andrew Driscoll
Director Corporate Finance, Fortescue
But a growing number of organisations also use Atticus before the audit. When multiple teams contribute to a disclosure, the people who provided the input need to see and agree on the final language before it goes to an auditor, not after. Skipping that step creates risk. Internal stakeholders can push back at the last minute, or worse, something gets published that misrepresents their area.
We shared reports with our external auditors which saved huge amounts of time from having to respond to their questions on verification. Our external auditors were able to rely on our process and the automated reporting gave them sufficient assurance over the robustness of our process.
Justin Thornton
Director of Internal Risk & Audit, Aston Martin
For CFOs and finance teams absorbing new reporting obligations on top of existing ones, the efficiency gains across both phases are real.
The time we’ve saved in gathering and validating supporting information has been substantial.
James Owens
Chief Financial Officer, FleetPartners
Disclose with confidence
AASB S2 has raised the stakes for disclosure. But the verification challenge it’s brought into focus isn’t new; it’s the same challenge that serious organisations have always faced when publishing documents that carry real weight.
The teams navigating it well aren’t the ones who’ve handed the problem to their auditor. They’re the ones who’ve understood that assurance and verification are different jobs, built internal processes to do both, and arrived at sign-off knowing they’ve done everything they can to get it right.
That’s what it means to disclose with confidence.
