Report under more than one climate rulebook and you meet the same question in each: which of your assets are at risk? The answer does not travel cleanly between them.
- Report under more than one climate rulebook and you meet the same question in each: which of your assets are at risk from physical climate change, and how much are they worth?
- The instinct to compute one number and reuse it does not work. IFRS S2, AASB S2, ESRS E1 and SB 261 ask for the answer in different units.
- Three of them inherit the same TCFD-descended metric (an amount and percentage of vulnerable assets). ESRS E1 builds its own, more prescriptive version: measured before adaptation, plus a coverage ratio and net revenue at risk. SB 261 sets no test of its own and points to another framework.
- The exposure assessment underneath is the same every time. Do that work once, in enough detail to feed any of them, then package it per framework.
1. One question, four rulebooks
A company that reports climate risk under more than one regime meets the same question in each: which of its assets are at risk from the physical effects of climate change, and how much are they worth? The natural assumption is that you work the number out once and reuse it. You cannot.
The four regimes a global reporter is most likely to face are the international standard (IFRS S2), Australia’s adoption of it (AASB S2), the European Union’s climate standard (ESRS E1), and California’s climate-risk law (SB 261). They ask the same underlying question. They do not ask for the answer in the same unit, and they do not all set their own test for what counts as at risk.
Here is the map before the detail:
| Framework | Where it applies | What it wants for the at-risk number |
|---|---|---|
| IFRS S2 | International | Amount and percentage of assets “vulnerable” to physical risk. The word is left undefined. |
| AASB S2 | Australia | The same wording as IFRS S2, read against two mandated warming scenarios. |
| ESRS E1 | European Union | The same amount and percentage of assets at risk, but measured before adaptation, plus a coverage ratio and revenue at risk. |
| SB 261 | California | No number of its own. It points to other frameworks, so the answer depends on the route you take. |
Two things fall out of that table. Three of the four trace back to a single shared source for this metric. The fourth builds it differently. The rest of this piece walks each one, then explains what to do when you owe more than one.
2. IFRS S2: the canonical version, built on an undefined word
IFRS S2 is the international climate-disclosure standard, issued by the International Sustainability Standards Board (ISSB). Its physical-risk metric sits in paragraph 29(c), the line that asks for the at-risk number. It reads:
“climate-related physical risks—the amount and percentage of assets or business activities vulnerable to climate-related physical risks;”
The whole disclosure turns on one word the standard never defines: vulnerable. The word appears in only two places in the standard, and in neither does it draw the line between an asset that is vulnerable and one that is merely exposed. A warehouse on a coastline is exposed to rising seas. Whether it is vulnerable depends on the scenario you test, the time horizon you look out to, the hazard you have in mind, and the threshold you set.
The reporter draws that line, and a defensible disclosure draws it openly. One worked example: count an asset as vulnerable to flood if it sits inside the one-in-a-hundred-year flood zone under a high-warming scenario by 2050. Using the word with no threshold attached is the version that does not hold up.
Two features matter for a reader comparing frameworks. IFRS S2 asks for two numbers, not one: an absolute amount and a percentage of the total. And the metric carries a relief valve. Where the measurement uncertainty is so high that a number would not be useful, a reporter may scale the figure back. It still has to disclose its method, and the relief narrows for companies that have the exposure and the resources to do the work.
That is four open choices behind a one-line requirement. We walk each of them in detail in our piece on what paragraph 29(c) actually requires.
3. AASB S2: the identical twin with one local twist
AASB S2 is Australia’s adoption of IFRS S2. On this metric there is nothing to translate. The text of paragraph 29(c) is character-for-character the same. An Australian reporter faces the same undefined “vulnerable” and the same two-number ask.
The one difference is not in the words. Australia’s regime requires companies to test their risk against at least two warming futures, a lower-warming case and a higher-warming case. That makes the at-risk count scenario-relative by rule. A reporter has to show how the number moves between the two paths, rather than pick one and stop. So AASB S2 inherits the metric whole and adds a lens the international version leaves optional.
We cover how that two-scenario requirement bites, and how AASB S2 differs from IFRS S2 more broadly, in two companion pieces.
4. Paragraph 29(c) came from the TCFD, then became mandatory
Here is the part that reorganises the picture. Paragraph 29(c) was not invented by the international standard-setters. It is older than that.
The metric comes from the Task Force on Climate-related Financial Disclosures (TCFD), the body whose 2017 recommendations became the template the later standards built on. The TCFD’s 2021 guidance lists, among its cross-industry metric categories under physical risk:
“Amount and extent of assets or business activities vulnerable to physical risks”
with the unit of measure given as “amount or percentage.” That is the direct ancestor of paragraph 29(c), almost word for word. The standard-setters took a recommended TCFD category and promoted it into a numbered, mandatory disclosure. Their own basis for conclusions records that the cross-industry metric categories were drawn from the TCFD’s guidance.
This matters because it explains the next framework. Once you know paragraph 29(c) is the TCFD metric made mandatory, California’s law stops looking like the odd one out and starts looking like a cousin.
5. SB 261: a pointer, not a test
SB 261 is California’s climate-risk disclosure law. Read quickly, it looks like the qualitative regime with no at-risk number. The truth is more useful: SB 261 sets no test of its own. It points at someone else’s.
The statute tells a covered company to disclose its climate-related financial risk:
“in accordance with the recommended framework and disclosures contained in the Final Report of Recommendations of the Task Force on Climate-related Financial Disclosures (June 2017) … or any successor thereto, or pursuant to an equivalent reporting requirement as described in paragraph (3).”
So what SB 261 asks for the at-risk question depends entirely on which framework you follow when you answer it. Follow the 2017 TCFD report alone, and there is no mandated at-risk metric. The answer is qualitative. Follow TCFD’s own later guidance, and the metric is there as a recommended category, the same ancestor from section 4, though still not compulsory. And SB 261 expressly lets a company comply by reporting under the international standard instead, in which case the company is producing the paragraph 29(c) number as its California compliance.
So SB 261 is qualitative by default and quantitative by election. Its at-risk threshold is inherited, never native. California’s regulator has added no number of its own, and the law frames risk at the level of the company’s financial outcomes, which span both physical and transition risk. The asset-level metric only appears one layer down, inside the framework the law points to.
A note on the first wave: most early filers appear to have taken the TCFD route rather than the international-standard route, so an explicit amount-and-percentage figure was rarely present. Treat that as a directional read of the first cycle, not a settled count.
6. ESRS E1: the one that rebuilt the metric
ESRS E1 is the European Union’s climate standard (European Sustainability Reporting Standard E1). It is the framework that does not inherit the metric. It rebuilds it.
Where paragraph 29(c) leaves the method to the reporter, ESRS pins it down. It asks for the amount and percentage of assets at material physical risk, like the international metric, but measured before any adaptation is taken into account. The core of the binding text reads:
“the monetary amount and proportion (percentage) of assets at material physical risk over the short-, medium- and long-term before considering climate change adaptation actions; with the monetary amounts of these assets disaggregated by acute and chronic physical risk;”
It then adds two things the international metric does not: a coverage ratio, meaning the share of those exposed assets that adaptation actions address, and the net revenue at risk. It also asks for the location of significant exposed assets.
The right way to describe the difference is not “stricter.” ESRS pins what paragraph 29(c) leaves to judgment. The international standard is silent on whether the figure is measured before or after adaptation; ESRS requires before. That is a specified basis, not a higher bar on the same number. ESRS also routes the “which assets count” question through a formal materiality test, rather than the bare word “vulnerable.” The result is a different unit of answer, not a tougher version of the same one.
The European metric is built to a different, more prescriptive template: its physical-risk datapoints are aligned with the EU’s own Climate Benchmark Regulation and the EBA’s banking-book physical-risk template.
One caution for anyone quoting ESRS: it exists in two versions. The binding text in force today (disclosure requirement E1-9) and an amended draft (E1-11) differ on exactly the datapoints a comparison would cite. From the asset line, the amended draft drops both the at-risk percentage and the split between sudden-event and slow-onset risk, leaving a single carrying-amount figure. The percentage that survives is the separate adaptation-coverage share, not the at-risk percentage. Quote the one you mean. We walk the full ESRS metric, both versions, in a companion piece, and compare it head-to-head with IFRS S2 in another.
| IFRS S2 | AASB S2 | ESRS E1 | SB 261 | |
|---|---|---|---|---|
| Who sets the “at-risk” test | The reporter (“vulnerable” is undefined) | The reporter, on identical text | A formal materiality test | Inherited from the framework you elect |
| Measurement basis | Left open (before or after adaptation) | Open, read across two warming scenarios | Gross, before adaptation (mandated) | Whichever basis you elect |
| Beyond the shared metric | A relief valve for high uncertainty | Two-scenario testing | Coverage ratio, net revenue at risk, asset location | Qualitative by default; quantitative by election |
7. You cannot reuse one number; satisfy each framework on its own terms
If you owe more than one of these, the instinct is to compute the strictest version and let it cover the rest. That does not work here, because the frameworks do not measure the same thing in the same unit.
The international and Australian standards want an amount and percentage of assets vulnerable, on a threshold you set. The European Union wants the same amount and percentage, but measured before adaptation, plus a coverage ratio whose denominator is different again (adaptation-covered divided by exposed, not exposed divided by total), plus revenue at risk. Even the shared figure is not the same number: the international basis is left open, while the European one must be measured gross. California wants whichever of those you elect. A European figure is not a higher version of the international one. It is a different measurement. So the honest rule is not “satisfy the strictest.” It is satisfy each on its own terms.
A subtlety worth one sentence: the international metric bundles “assets or business activities” into one line, while the European standard splits them, putting assets in the value figure and business activities in the revenue-at-risk figure. If you map one to the other, the “business activities” half of paragraph 29(c) lines up with the European revenue-at-risk datapoint, not its asset figure.
And a caveat that keeps the comparison honest. On paper the gap between the quantitative regimes and the qualitative ones is wide. In the first reporting cycle it was narrower, because the relief valve in the international standard, plus a high rate of reporters leaving the metric out, meant many disclosures that were quantitative on paper arrived as narrative anyway. That gap closes as assurance tightens. Cohort reviews of the first wave of international- and Australian-standard reporters converge on that omission pattern.
Continuuiti’s location-level physical-risk screen returns exposure by hazard, scenario and time horizon for every asset in a portfolio. That is the raw material each of these frameworks asks you to express differently: an amount and percentage, a money value before adaptation, a coverage ratio, a revenue figure, or a narrative.
8. Do the asset-level exposure work once, package it per framework
The practical position is that the at-risk question has one answer underneath and several required forms on top. The work that does not change between frameworks is the exposure assessment itself: identifying which assets sit in harm’s way, for which hazard, under which scenario and time horizon. What changes is the unit each regime wants that exposure expressed in: a percentage of assets, a money value before adaptation, a coverage ratio, a revenue figure, or a qualitative narrative.
That is the case for doing the underlying asset-level work once, in a form detailed enough to feed any of them, rather than building to one framework’s output and reworking it for the next. A location-level physical-risk screen that returns exposure by hazard, scenario and horizon gives you the raw material every one of these frameworks then asks you to package differently.
One honest limit applies across all four. The science is stronger for some hazards than others. Flood exposure and damage can be quantified with established methods; damage estimation for wind, wildfire and drought remains a gap across the industry, not any one provider’s. A disclosure that names where its numbers are firm and where they are still maturing reads as more credible under any of these regimes, not less.
The IFRS metric in detail: what paragraph 29(c) actually requires, and the four choices hidden in one sentence.
The ESRS metric in detail: ESRS E1-9, both versions, and why it is measured before adaptation.
Frequently asked questions
Is the IFRS S2 at-risk metric the same as the EU one?
No. They share a heritage but not a unit. ESRS E1 pins what paragraph 29(c) leaves to judgment: it measures the figure before adaptation, routes the ‘which assets count’ question through a formal materiality test, and adds a coverage ratio and net revenue at risk. That is a different unit of answer, not a stricter version of the same number.
Does SB 261 require an at-risk number?
Not natively. SB 261 sets no test of its own; it points a covered company to the TCFD framework or a successor. So it is qualitative by default and quantitative only by election. If a company elects to report under the international standard instead, it produces the paragraph 29(c) number as its California compliance.
Where did paragraph 29(c) come from?
From the Task Force on Climate-related Financial Disclosures. Its 2021 guidance lists, as a cross-industry category, the ‘amount and extent of assets or business activities vulnerable to physical risks,’ with the unit given as ‘amount or percentage.’ The standard-setters took that recommended TCFD category and promoted it into a numbered, mandatory disclosure.
If I report under two frameworks, can I reuse one number?
No. The honest rule is to satisfy each on its own terms, because the frameworks do not measure the same thing in the same unit. What is reusable is the underlying exposure work: identifying which assets sit in harm’s way, for which hazard, under which scenario and time horizon. The packaging changes; the exposure assessment does not.
9. Sources
- IFRS S2 Climate-related Disclosures, paragraph 29(c); Basis for Conclusions (cross-industry metric categories derived from TCFD guidance).
- AASB S2 Climate-related Disclosures (September 2024), paragraph 29(c); Corporations Act 2001 (Cth), Chapter 2M sustainability-reporting provisions (scenario-analysis requirement).
- ESRS E1 Climate Change: Disclosure Requirement E1-9 paragraph 66 (Commission Delegated Regulation (EU) 2023/2772); amended Disclosure Requirement E1-11 paragraph 38 (EFRAG exposure draft, November 2025). Datapoints aligned with: Commission Delegated Regulation (EU) 2020/1818 (EU Climate Benchmark Regulation) and Commission Implementing Regulation (EU) 2022/2453, Template 5.
- Task Force on Climate-related Financial Disclosures, Guidance on Metrics, Targets, and Transition Plans (2021), Table A2.1.
- California Health & Safety Code § 38533 (SB 261).
