This disclosure asks an organisation to explain the actions it is taking, and the resources it is putting behind them, to address material impacts, risks and opportunities connected with affected communities. In practice, that means describing what is being done, how far those actions have progressed, and what support is being committed, rather than only stating broad intentions or policies.
The practical focus is on whether the response is real, targeted and sufficiently broad in scope. Reporters should make clear if actions cover the whole business, specific sites, projects or geographies, and whether resources are matched to where the impacts actually arise. The aim is to show how the organisation is responding in a way that is proportionate to the issue, not just highlighting a few flagship initiatives.
This LRA educational guidance supports disclosure preparation. For the exact requirements, always refer to the official EFRAG source.
A quick mental checklist before you prepare this disclosure — tick each as you settle it.
Key datapoints to prepare
How to prepare it
Request the actions, controls and incident log from the relevant owners
Translate the disclosure into an internal business question — then adapt it to your organisation's own language.
Use your organisation’s own names first, then map them to the reporting categories. For example, ask for the product safety, privacy, content, customer trust, complaints, incident or control logs that your teams already use, rather than using framework labels in the request.
Please provide the ESRS S4 actions and resources evidence for the disclosure, including the actions implemented, product safety measures, data protection measures, responsible marketing actions, impact type, actions taken, trade-offs, KPIs, performance indicators, monitoring frequency, number of incidents, type and severity.
Why it fails: This uses framework language that many teams do not use day to day, so the owner may not know which records to pull. It also bundles too many labels without saying which internal logs, systems or teams hold the evidence. That makes it harder to respond quickly and increases the risk of incomplete or inconsistent data.
Please send the latest logs, trackers or dashboards your team uses for product safety, privacy, content, customer trust and related incidents for [period]. Include the actions taken, controls in place, what you monitor, how often you review it, and any incidents with type and severity. If there were decisions where one priority had to be balanced against another, note that too. Use your own team wording first, and we will map it for the reporting pack.
Notes that turn data into a disclosure
LRA training templates — adapt them to your organisation, and check the official source before sign-off.
Describe the basis used to group the data, including how issue categories, response actions, performance measures and incident seriousness were defined and counted.
Explain what the figures show in practice: the kinds of issues being managed, the actions taken to address them, the indicators used to track delivery, and the scale and seriousness of recorded incidents.
If any figures moved materially, explain the operational reason for the change, such as a shift in the mix of issues, a change in monitoring approach, or a different level of response activity.
Preparation tools & forms
Professional preparation tools for S4-3 — free with an LRA Community membership. Register once (it's free) and every download unlocks, together with the Disclosure Library, templates and the LRA AI-assistant.
For each claim, check the evidence
Evidence pack to prepare
Common reporting gaps
Mistakes to avoid when collecting the data
Where judgement is often needed
Illustrative examples
Synthetic, written by LRA — not from a company report, not text from any standard.
We tightened our controls around customer-facing data and product claims, while also tracking the effect on sales conversion and complaint volumes. - We refreshed our product-safety checks, added extra review steps for customer data handling, and required a pre-publication sign-off for promotional content that could be misleading or overly aggressive. - For privacy, safety and misinformation risks, we logged the action taken, noted where we had to balance stronger customer protection against faster campaign delivery, and reviewed the measures monthly through our compliance dashboard. - In the year, we recorded 3 incidents in total: 2 privacy breaches and 1 product safety issue; all were classed as low severity, with no high-severity cases.
This synthetic example shows how a retailer might describe practical controls, the main risk themes addressed, the trade-off between commercial speed and customer protection, the way performance is tracked, and the incident picture for the period.
We strengthened our booking-platform safeguards, tightened how personal information is handled, and added clearer checks on promotional messages sent to customers. - The work covered safer account access, better data-handling controls, and review of marketing content where there was a risk of pressure-selling or inaccurate claims; the same actions were used to address privacy, safety and misinformation concerns. - We tracked the related indicators each quarter, including complaint rates, blocked risky content, and the share of staff completing refresher training, and we recorded the practical tension between higher conversion and stronger customer protection. - During the year we noted 4 incidents in total: 3 privacy-related events and 1 safety-related event; 3 were low severity and 1 was medium severity, with none assessed as severe.
This synthetic example shows how a service business might explain the measures it put in place, the risk themes they were meant to address, the operational indicators it follows, and the incident profile for the reporting period.
How companies report S4-3 in practice
Real reports where this topic is disclosed. These are report practice, not exact disclosure templates to copy.

Scenarios to work through
A consumer app team has fixed a privacy setting issue and added extra checks before new releases. The team also changed its ad review process after a complaint about misleading claims, but the draft report only mentions the privacy fix.
A retailer has introduced extra product testing, clearer warning labels, and a staff training refresh after a safety complaint. The draft narrative lists the measures, but it does not explain which harm they are meant to reduce or how the business balanced sales pressure against tighter controls.
A platform team tracks the number of privacy complaints, the number of safety-related reports, and the time taken to close each case. The team reviews the dashboard every month, but the report only says that monitoring happens without naming the measures used or how often they are checked.
A company had two incidents during the year: one privacy breach affecting 120 customers and one product safety issue affecting 8 customers. The draft report says there were incidents, but it does not separate the counts, the type of incident, or how serious each one was.
Related framework references
How this disclosure maps across the major reporting frameworks.
Questions this page answers
Start with the plain-language explainer, then work through the page’s step-by-step preparation section to identify the datapoints you need, the evidence pack items, and the draft-output options. Use the workbook and Library Card to organise the work and keep the disclosure consistent from data collection through to drafting.
The page lists the datapoints to prepare, including implemented actions, safety controls, privacy controls, marketing safeguards, impact category, response actions, balancing choices, key measures, tracking measures, review cadence, incident count, incident type, and incident seriousness. Use that list as the starting point for scoping your data request and evidence pack.
Use the page’s preparation section to decide which actions, controls, incidents, and measures are in scope, then align the methodology to the datapoints listed on the page. The guidance is designed to help you turn those inputs into a consistent draft rather than leaving scope decisions implicit.
The page is set up for use by a sustainability or ESG manager, HR or data owner, and an assurance reviewer, so ownership should sit with the person who can gather the relevant controls, incident data, and evidence. The workbook and evidence pack help you assign tasks and track what is needed for review.
The page includes five assurance claims to verify, each with a claim, risk, and evidence prompt, plus an evidence pack with five items for assurance readiness. Use those two sections together to build a file that shows how the disclosure was prepared and supported.
The page has a section on common reporting gaps and mistakes, which is there to help you spot weak points before drafting. A practical use is to check that your data, evidence, and narrative all line up with the datapoints and assurance claims on the page.
The Download Centre includes a Prep & Assurance workbook in .xlsx format, which you can use to organise the datapoints, evidence, and assurance checks. It is intended to support preparation rather than replace your own source records.
The Download Centre also provides a printable Library Card in PDF format, which is useful as a quick reference while you gather data and draft the disclosure. It can help you keep the page’s key points in view during review meetings or evidence checks.
The page includes synthetic illustrative example disclosures, including a quantitative table, to show how the datapoints can be turned into a draft. Treat the example as a formatting and drafting aid only, not as a template for your own numbers or conclusions.
Use the draft-output section, which gives visualisation ideas, narrative starters, and a content-index line. That section is designed to help you move from collected data to a readable disclosure without inventing extra content.
Get your S4-3 tools — free
Your preparation tools are free for LRA Community members and students. Register once (it's free) and your download starts right away — plus the Disclosure Library, templates and the LRA AI-assistant.
You're in — your download is starting
Your file is downloading now. Your Community Cabinet — with the Disclosure Library, templates and the LRA AI-assistant — is ready too.
Open your Cabinet →