Carbon accounting audit: why consultant data could fail CSRD & SBTi | Normative
Consultancies can only take your carbon data so far. Here's why, and what you can do about it.
What are the risks of consultant-delivered carbon data?
Consultant-delivered carbon data can fail audits when the calculation trail, emission factors, and methodology documentation cannot be independently verified – something that the consultancy engagement model structurally prevents.
You commissioned a consultancy. You paid for a carbon inventory. You received a number. Now someone is asking you to verify it and you cannot, because the methodology lives in the consultant’s head, the emission factors are unlabelled, and the calculation trail is a PDF. That is not a failure of the consultancy relationship. It is a structural limitation of how consultancy-delivered carbon data works. We think there is a better way.
The trust crisis nobody planned for
Most companies that commissioned a carbon inventory from a consultancy did so for good reasons. The work was outside internal expertise. The deadlines were tight. The consultancy came recommended from someone in their network.
What few of those companies anticipated is what happens after that carbon inventory is created: questions about how they created their carbon inventory. There are several moments that this happens. A CSRD assurance provider. An SBTi validation reviewer. A customer running a procurement audit. The number comes back from the auditor with questions, and the questions cannot be answered without going back to the consultancy who produced the work. The worst case scenario is that the report was created months or years ago and you have to spend time hunting those reports.
Specialized ESG consultancies deliver high-quality reports. However, a consultancy-delivered carbon number fails an audit when the calculation trail, methodology documentation, and emission factor sources cannot be independently verified by your auditor. That is not a hypothetical. It is the operational risk that sits behind most consultancy-managed carbon inventories today.
Why consultancy carbon data breaks at the audit stage
Three structural problems show up consistently when consultancy-delivered carbon work is exposed to external assurance.
1. The knowledge leaves when the engagement ends.
A consultancy delivers outputs. A spreadsheet, a PDF, an emissions summary. What it does not deliver, because it cannot, is the live methodology environment in which those outputs were produced. When the engagement ends, the deliverables stay. The interpretive context that produced them does not. The consultant who chose your spend-based estimation method may not be available six months later when the auditor asks why.
2. There is rarely a calculation trail you can open.
A static deliverable is not the same as a traceable inventory. An auditor reviewing carbon accounting data wants to click into a category, see the underlying data inputs, see the emission factor applied, see the methodology decision recorded. That experience cannot be reproduced by a PDF deliverable. Even a well-prepared consultancy report is not a system of record.
3. Emission factors may be unlabelled or outdated.
Emission factors evolve. DEFRA updates annually. Ecoinvent releases new versions. CSRD assurance standards are increasingly explicit about expecting current factors with documented sources. A consultancy deliverable produced eighteen months ago references the factors that existed eighteen months ago, and there is no automatic mechanism to update them.
A pattern that comes up more than it should
The clearest version of this risk shows up in pre-validation work for the Science Based Targets initiative.
A company engaged a consultancy to build their SBTi journey. The consultancy recommended a methodology. A full year of data was collected against that methodology. Marketing communicated the SBTi commitment to customers. The company moved into the validation phase.
At the point of target submission, the consultancy returned to the client and said: “We have calculated this wrong. The methodology we used will not allow you to set targets this way.”
By that point, the company had already made public commitments. They had told customers they were on track for SBTi validation. They had spent significant fees on the work. They were also told they stood to lose a meaningful share of customer revenue if the validation did not complete on schedule.
The consultancy was not dishonest. They were not negligent. But the methodology had not been validated against SBTi requirements before the work was done, and there was no platform infrastructure in place that would have caught the error earlier or made the calculation independently auditable.
The pattern is not exotic. It is what happens when carbon accounting work is delivered as a project rather than maintained as a system.
The specific things consultants cannot give you
Even an excellent consultancy operates under structural constraints that show up at the audit stage. The following are not failures of effort. They are limits of the engagement model:
- A live, dated calculation trail. The deliverable was current when it was written. It is no longer current the day after.
- Automatic emission factor updates. When DEFRA refreshes its emission factors, the PDF on your hard drive does not update.
- CSRD assurance-compatible documentation. Assurance providers expect to access methodology documentation in a structured, queryable form — not a methodology appendix at the back of a report.
- An audit access group for your assurance provider. A consultancy cannot grant your auditor controlled access to a system, because there is no system to grant access to.
- Continuity. When the senior methodologist who built your inventory leaves the consultancy, your audit defence leaves with them.
These limits are not arguments against consultancies. They are arguments for being clear about what a consultancy engagement is and is not.
When consultancy work is still the right choice
It would be unfair, and untrue, to suggest that consultancies are the wrong answer to every carbon accounting problem.
Consultancies are well-matched to:
- One-off strategic projects (life-cycle assessments, decarbonisation roadmaps, materiality assessments)
- Regulatory interpretation in unfamiliar jurisdictions
- Supplier engagement strategy design
- Stakeholder communication and report drafting
Where consultancies are systemically the wrong choice is as the sole infrastructure for an annual, repeatable, audit-grade carbon inventory. Carbon accounting at scale is a system problem. Systems need to live somewhere durable, traceable, and accessible to multiple people across multiple years.
The most useful framing is not consultancy versus software. It is expert advice versus system of record. A platform-managed inventory with a named expert advisor combines both. A consultancy-only inventory provides expert advice but no durable system of record. That gap is where the audit risk lives.
Five questions to ask to test your carbon audit readiness
Whether your existing carbon data was produced by a consultancy, an internal team, or both, the same five questions apply. If you can answer all five with confidence, your carbon accounting audit risk is low. If you cannot, that is the gap to close before the next assurance review.
- Can I trace every number to a specific emission factor and data source?
- When were those emission factors last updated?
- Is the methodology documented in a format an auditor can access without reconstruction?
- Can I reproduce prior-year calculations if an auditor requests them?
- Does the calculation trail exist independently of whoever did the original work?
See what a defendable carbon report looks like, here.
FAQs
Carbon accounting data fails an audit when the calculation trail, methodology decisions, and emission factor sources cannot be independently verified by the auditor. The most common failures are unlabelled emission factors, undocumented methodology choices, missing data quality flags on Scope 3 estimates, and an inability to reproduce prior-year calculations.
A consultancy can produce CSRD-aligned carbon data, but compliance is not the same as audit-readiness. CSRD limited assurance requires that the underlying methodology and calculations be accessible to the assurance provider in a verifiable form. A static deliverable from a consultancy can support CSRD reporting only if the calculation trail and methodology documentation are also delivered and maintained.
A carbon accounting consultancy delivers outputs (calculations, reports, recommendations) on a project basis. Carbon accounting software is a system of record that holds your live inventory, emission factors, methodology, and calculation trail in a queryable form. The two are not mutually exclusive. The strongest setup combines a platform with named expert support.
A platform onboarding typically begins by mapping prior-year inventory data into the platform’s category structure, validating the emission factors used historically, and rebuilding the calculation trail in a traceable form. A dedicated climate strategist works with you through that migration so that historical data carries forward with documented methodology, rather than being recreated from scratch.
A carbon accounting audit is a structured review of a company’s greenhouse gas inventory by an independent third party, verifying that emissions data is complete, accurate, and calculated in accordance with a recognized methodology such as the GHG Protocol. The auditor, typically an accredited assurance provider, examines the calculation trail, data sources, emission factors applied, and methodology decisions behind each reported figure. Carbon accounting audits are required under CSRD limited assurance, triggered during SBTi target validation, and increasingly requested by enterprise customers in procurement processes. Passing one depends not on the quality of the original carbon report, but on whether the underlying evidence is still accessible and independently verifiable.
Get audit-ready carbon data
If your current carbon inventory is consultancy-managed and you are unsure whether it would survive a CSRD assurance review, an SBTi validation, or a customer procurement audit, that uncertainty is the issue to address now.
