Hkex Climate Disclosure Go Live

Hong Kong Exchanges and Clearing Limited (HKEX) will require every Main Board and GEM issuer to adopt the improved climate-related disclosure framework for financial years starting on or after 1 January 2025. The Listing Rules now embed IFRS S2-aligned governance statements, transition planning narratives, Scope 1-3 metrics, and scenario analysis commentary. Boards must evidence how they supervise climate topics, delegate to management, and integrate oversight into risk and remuneration structures. Cross-functional teams should design universal opt-out mechanisms that respect stakeholder data choices when aggregating climate inputs, while still supplying audit-ready evidence packs that withstand HKEX and Financial Reporting Council scrutiny.

Regulatory countdown and scope

HKEX confirmed in its November 2023 consultation conclusions that the new climate requirements apply to annual ESG reports covering financial years that begin on or after 1 January 2025. Early adoption is encouraged, yet the regulator expects issuers to use the 2024 financial year to road-test data flows, update board charters, and schedule assurance procedures.

The framework applies to all issuers, regardless of industry or market capitalization. Category-based phase-ins exist only for the quantitative greenhouse gas disclosures, where certain Scope 3 categories may be deferred by one year if immaterial or data is demonstrably unavailable. The governance, risk management, and strategy sections, however, have no transition relief: they must be fully addressed in the first reporting cycle.

Issuers must align climate reporting with the same reporting boundary as the financial statements and ESG report. Subsidiaries, joint ventures, and supply-chain impacts must be included where material.

HKEX also emphasizes that issuers should disclose how climate risks intersect with other regulatory obligations, including the Securities and Futures Commission’s circulars on asset manager climate reporting, Hong Kong Monetary Authority expectations, and cross-border disclosure regimes for dual-listed companies. Governance teams therefore need a consolidated regulatory mapping and a documented rationale when selecting reporting frameworks beyond IFRS S2, such as sectoral metrics under the Global Industry Classification Standard.

Board and management governance requirements

The Listing Rules require boards to describe their oversight structure in granular detail. This includes the cadence of climate discussions, standing agenda items, how management escalates incidents, and the competence framework used to refresh director knowledge.

HKEX expects issuers to publish the specific committees involved, such as sustainability, audit, or risk committees, and the board’s approach to allocating climate responsibilities when there is no dedicated sustainability committee. The consultation conclusions referenced international best practice that boards should perform climate scenario reviews at least annually and whenever significant transactions occur. To comply, issuers should maintain documented board calendars, training registers, and director self-assessments that can be shared with auditors or regulators on request.

Management is obligated to show the execution structure beneath the board. HKEX’s guidance calls for disclosure of the functions tasked with climate data collection, internal control testing, and integration into enterprise risk management.

Companies should publish an organizational chart that links business units, finance, risk, and sustainability roles, and shows how cross-border operations report into headquarters. This governance mapping must also show how universal opt-out signals are captured from employees, suppliers, and customers whose data feeds emissions calculations or scenario models. For example, where travel data providers or employee commute surveys are used to estimate Scope 3 emissions, individuals must have a single opt-out channel that propagates across all systems, with clear documentation about how opt-outs affect data completeness and what proxy data is substituted.

Universal opt-out orchestration for climate data

Although the HKEX climate framework does not create new privacy rights, issuers must reconcile the requirement for granular emissions data with obligations under the Personal Data (Privacy) Ordinance (PDPO), Mainland China’s Personal Information Protection Law (PIPL), and other applicable regimes. A universal opt-out design ensures teams can withdraw consent or object to non-essential processing without undermining mandatory reporting.

Governance teams should maintain a register of data sources for climate metrics, identify which ones rely on personal data, and map them to existing consent or contract bases. When a stakeholder exercises an opt-out, the organization should route the request through a central preference center that updates travel booking tools, procurement systems, supplier portals, and sustainability data lakes. System owners then substitute aggregated or anonymized datasets to preserve reporting integrity while respecting the opt-out.

To evidence compliance, issuers should log every opt-out request with timestamps, identity verification steps, decision outcomes, and compensating controls. This log should integrate with the broader PDPO response management toolset, enabling auditors to review whether opt-outs were honored within the statutory timeframes.

For supply-chain data, issuers should extend universal opt-out clauses to vendor contracts, explaining how data will be used for climate reporting and providing standardized API endpoints for preference updates. HKEX has highlighted the importance of value chain readiness; issuers therefore need to show regulators that opt-out choices do not derail emissions completeness by documenting fallback emission factors, industry averages, or regional datasets used when individual-level data is unavailable.

Risk management and scenario analysis expectations

IFRS S2 requires issuers to disclose processes for identifying, assessing, and managing climate-related risks and opportunities. HKEX expects the disclosure to link directly to the enterprise risk management (ERM) framework, including risk taxonomy, thresholds, and board reporting.

Issuers should publish how climate risk inputs flow into the risk register, how heatmaps are updated, and which internal control owners are accountable for monitoring. Scenario analysis should cover multiple time horizons, with at least one 1.5 °C pathway and a higher-emissions scenario, and must explain the assumptions, models, and data sources used. Evidence packages should include scenario workbooks, vendor model contracts, and management challenge logs that prove board engagement.

Because climate scenario work often leverages geospatial, energy usage, and supplier data, universal opt-out orchestration must ensure that individuals who withdraw consent are either excluded or represented with anonymized data. Companies should maintain auditable data transformation scripts, aggregation logic, and data quality checks that flag when opt-outs reduce dataset coverage below acceptable thresholds. Risk owners should also document mitigation plans, such as procuring third-party datasets or using engineering estimates to backfill gaps, and include these plans in climate risk appetite statements reviewed by the board.

Metrics, targets, and assurance

HKEX requires issuers to disclose absolute and intensity-based greenhouse gas metrics, disaggregated by Scope 1, Scope 2 (market- and location-based), and material Scope 3 categories. Companies must explain methodologies, including the use of the GHG Protocol, sector-specific calculation tools, and any estimation techniques.

Targets must be stated with baselines, interim milestones, and governance oversight. To maintain credibility, issuers should implement internal controls akin to financial reporting: segregation of duties for data entry, automated reconciliation against utility bills or fuel invoices, and variance analysis reviews. The Financial Reporting Council has emphasized that ESG assurance engagements will evaluate these controls, so issuers should build evidence folders that store raw data, calculation scripts, management review notes, and approval records.

Universal opt-out mechanisms intersect with metrics when personal data informs emissions factors, such as employee commute surveys, customer usage analytics, or telematics. Governance teams should define which metrics depend on personal data, track the number of opt-outs affecting each metric, and document how this influences accuracy. Disclosure controls should require management sign-off whenever opt-out volumes exceed predefined thresholds, with explanations of mitigation steps. External assurance providers should receive access to opt-out logs, anonymization methodologies, and control narratives demonstrating that data subject rights were respected throughout the reporting cycle.

Evidence management and audit readiness

HKEX expects issuers to maintain records sufficient to substantiate every disclosure. Companies should implement a central evidence repository—ideally a governed document management system with role-based access—that stores climate policies, board minutes, scenario models, control testing results, opt-out logs, and assurance reports.

Each document should be tagged with metadata describing the disclosure requirement it supports, retention schedules aligned with Listing Rules, and sensitivity labels reflecting PDPO classifications. Governance teams must schedule quarterly evidence reviews to ensure documents remain current, approvals are captured, and obsolete files are archived according to policy.

Audit trails are critical. Issuers should configure workflow tools to capture when data is uploaded, who approved it, and any subsequent edits. Change control logs for greenhouse gas calculation templates, scenario assumptions, and climate risk registers should be exported to PDF ahead of board meetings and kept in the evidence repository. Because HKEX may request supporting materials during thematic reviews, teams should practice retrieval drills that confirm evidence can be produced within regulatory timelines. Linking evidence metadata to the universal opt-out register shows that data subject rights were considered when assembling supporting documentation.

Cross-functional operating model

Delivering compliant disclosures requires a permanent operating model. Boards should approve a climate governance charter that defines decision rights, escalation paths, and reporting formats.

Management should set up a climate disclosure steering committee chaired by the CFO or CRO, with members from sustainability, finance, risk, legal, procurement, HR, and IT. The committee should meet monthly in 2024 and quarterly thereafter, maintaining action trackers for data quality remediation, opt-out handling, and supplier engagement. Integrating the committee’s work with the company’s data governance council ensures universal opt-out logic aligns with enterprise data policies and privacy engineering standards.

Training is equally important. Directors need tailored sessions on IFRS S2, HKEX guidance, and industry-specific climate risks. Management and operational teams require training on emissions methodologies, data privacy obligations, and how to document evidence properly. Training records should sit alongside competence matrices in the evidence repository, allowing auditors to verify coverage. Companies should also conduct tabletop exercises simulating climate data incidents—such as a supplier refusing data or a mass opt-out event—to test response playbooks and confirm that universal opt-out processes do not compromise mandatory reporting.

Immediate next steps

• Complete a governance gap assessment. Map current board and management disclosures against HKEX’s IFRS S2-aligned requirements, flagging missing committee charters, delegated authorities, or documentation.
• Design universal opt-out workflows. Inventory every dataset used in climate reporting, document the lawful basis, and integrate opt-out signals with privacy response platforms and sustainability data lakes.
• Strengthen evidence controls. Build a central repository with retention, access, and metadata standards that link to each disclosure item and include opt-out log references.
• Run scenario and metrics rehearsals. Pilot FY2024 data collection, scenario analysis, and assurance walkthroughs, recording issues and remediation owners so that FY2025 reporting is audit-ready.
• Engage suppliers and subsidiaries. Issue updated climate data requests with opt-out clauses, provide training, and test API or portal integrations that feed universal opt-out updates directly into reporting systems.

This brief supports HKEX issuers by building governance frameworks that withstand regulatory inspection, engineering universal opt-out orchestration across climate data pipelines, and assembling evidence dossiers ready for assurance.

See also

Selected articles on related subjects.

Governance · Credibility 86/100 · January 1, 2025

Hkex Climate Ifrs S2

Hong Kong's IFRS S2-aligned climate disclosure requirements went effective in 2025. The phased implementation means larger issuers face requirements first. Ensure your climate reporting meets the enhanced standards.

Governance · Credibility 86/100 · January 1, 2025

Sgx Transport Climate Reporting

Singapore Exchange transport sector climate reporting requirements align with ISSB standards. If you are a transport company listed on SGX, climate disclosures are now mandatory. Check the specific requirements for your…

Governance · Credibility 86/100 · February 14, 2025

Governance — Hong Kong

Hong Kong-listed companies face their first full reporting cycle under HKEX board diversity rules. If you have still got a single-gender board, you are out of compliance—and investors are watching.

Governance · Credibility 73/100 · November 8, 2023

OECD and State-owned enterprises

OECD released the 2023 edition of the Guidelines on Corporate Governance of State-Owned Enterprises, emphasizing climate, integrity, and stakeholder accountability for public sector boards.

Governance · Credibility 96/100 · July 28, 2023

Singapore mandatory climate reporting for listed issuers

Singapore Exchange's climate reporting requirements aligned with ISSB standards went effective January 2025 for some issuers. If you are listed on SGX, check which phase you fall into and ensure your climate disclosures…

Continue in the Governance pillar

Return to the hub for curated research and deep-dive guides.

Visit pillar hub

Latest guides

• Board Oversight Governance Blueprint

  Unify Basel Committee, PRA, SEC, and ISSB oversight mandates into an auditable board governance operating model with data lineage, assurance cadences, and regulatory source packs.

• Third-Party Governance Control Blueprint

  Deliver OCC, Federal Reserve, PRA, EBA, DORA, MAS, and OSFI third-party governance requirements through board reporting, lifecycle controls, and resilience evidence.

• Public-Sector Governance Alignment Playbook

  Align OMB Circular A-123, GAO Green Book, OMB M-24-10 AI guidance, EU public sector directives, and UK Orange Book with digital accountability, risk management, and service…

Coverage intelligence

Published

January 1, 2025

Coverage pillar

Governance

Source credibility

86/100 — high confidence

Topics

Hong Kong · Climate governance · ISSB · Disclosure requirements

Sources cited

3 sources (hkex.com.hk, iso.org)

Reading time

9 min

Cited sources

1. HKEX climate-related disclosures consultation conclusions — Hong Kong Exchanges and Clearing Limited
2. HKEX conclusion paper on climate-related disclosures — Hong Kong Exchanges and Clearing Limited
3. ISO 37000:2021 — Governance of Organizations — International Organization for Standardization