Disclosure LibraryPractitioner guidance for every reporting disclosure
Home Disclosure Library GRI GRI 2 GRI 2-16
GRI 2: General Disclosures
Disclosure GRI 2-16

Communication of critical concerns

Practical guidance for preparing this disclosure. Use this card to identify datapoints, verify claims and organise supporting evidence. For exact requirements, always refer to the official GRI source.

Dr Ross Kurinko, GRI Certified Trainer
Reviewed by Dr Ross Kurinko · GRI Certified Trainer LRA educational guidance · Not issued or endorsed by GRI
To prepare this disclosure
Disclosure focus

This disclosure asks an organisation to explain how it communicates any critical concerns to the people who govern it. In practice, it is about whether serious issues are being escalated in a timely and reliable way, who receives them, and through what channels. The focus is on the organisation’s process for making sure important matters do not stay buried in day-to-day management.

The practical emphasis is on coverage and consistency across the organisation, not just at a flagship site or within one business unit. A useful report will show whether the approach applies across operations, how concerns are identified and passed on, and whether the same communication route is available wherever the organisation operates.

This LRA educational guidance supports disclosure preparation. For the exact requirements, always refer to the official GRI source.

Before you start

A quick mental checklist before you prepare this disclosure — tick each as you settle it.

Preparation

Key datapoints to prepare

Datapoint What to capture Evidence hint Owner
Escalation to board Capture whether critical concerns are escalated to the board or equivalent top governance group, and the route used to communicate them during the reporting period. Board or committee papers, escalation logs, meeting packs, issue trackers, and governance reporting records showing the communication route and timing. Governance / Company Secretariat
Critical concerns count and type Capture the total number of critical concerns communicated to the board or equivalent top governance group in the period, together with a plain description of what each concern was about. Governance reporting log, board or committee packs, issue register, and period-end summary that lists each concern and supports the final count. Governance / Company Secretariat
+ Show GRI 2-16 sub-elements (LRA working checklist)

How to prepare it

1Set the reporting boundary first: decide which entity, period and internal channels you will use so the disclosure covers the right organisation and the right year.
2Agree what counts as a critical concern for this disclosure, using a consistent internal definition so the same type of issue is treated the same way across the period.
3Gather the underlying records from the routes used to escalate issues to the board or equivalent top-level group, including logs, meeting papers, emails or case trackers that show what was raised and when.
4Prepare the narrative on communication arrangements: explain whether such concerns are passed up to the top governance group, and if so, how that happens in practice.
5Compile the figures for the period: state the total number of critical concerns escalated and summarise their nature in a way that matches the supporting records.
6Check any omissions, reclassifications or changes in method, then compare the final wording and counts with the official source to confirm the disclosure is complete and aligned.
Request the data

Request board concern log and escalation summary

Translate the disclosure into an internal business question — then adapt it to your organisation's own language.

How were serious concerns escalated to the board or its committees during the reporting period, and what were the count and type of those concerns?

Use your organisation’s own names first for the board, committees, escalation routes, issue logs, and concern categories, then map them back to the reporting disclosure. Keep the request in internal business language rather than framework wording, and check the source material before sign-off.

Weak request

Please provide the disclosure data for communication of critical concerns to the highest governance body.

Why it fails: This uses framework language that many teams will not recognise internally, and it does not say what record, route, period, or supporting evidence is needed. It is too vague for a preparer to pull the right extract.

Better request

Please pull the board or committee concern log for [reporting period] and show each serious issue that was escalated, the internal category used, when it was taken to [board / committee name], and the reference to the minute, paper, or tracker entry. Please also give the total number of matters counted for the period, using your own internal labels first.

Formal email template
Subject: LRA training request — board concern log and escalation summary for [reporting period]

Dear [name/team],

Please could you share a short extract or summary from your records covering the period [reporting period] for [reporting boundary]. We need to understand how serious issues were escalated to [board / committee name] and to capture the number and type of matters that were taken up during the period.

Please include:
- the route used to escalate each matter;
- the internal category or issue type;
- the date it was first raised with [board / committee name];
- whether it was a new matter or a follow-up on an existing one;
- the count of matters in scope for the period; and
- any reference to the supporting paper, minute, or log entry.

If your team uses different labels, please use those first and we will map them afterwards. This is a possible LRA training template only; please adapt it to your organisation and check the source material before sign-off.

Many thanks,
[preparer name]
Short Teams / Slack version
Hi [name/team] — could you send a short extract for [reporting period] showing how serious issues were escalated to [board / committee name], plus the count and type of matters covered? Please use your own internal labels and include the supporting reference(s). Thanks, [preparer name]
Industry examples
Financial services

Context. A risk and compliance team tracks conduct, regulatory, and control matters in a central issues register and escalates selected items to the risk committee and board.

Adapted request. Please extract the issues register entries for [reporting period] that were taken to the risk committee or board. Include the internal issue type, escalation date, route used, and the reference to the paper or minute. Also provide the total number of unique matters escalated in the period.

Example response. The team returns a table with 7 unique matters: 3 conduct, 2 regulatory, 1 cyber control, and 1 financial reporting control. Each row shows the issue ID, internal category, date escalated, recipient level, and board paper reference.

Manufacturing

Context. An operations and EHS team logs major safety, quality, and site disruption matters and escalates selected items through the executive committee to the board.

Adapted request. Please share the escalation log for [reporting period] covering serious safety, quality, and operational matters that were reported to the executive committee or board. Use your site or group labels, and include the date, route, category, and minute or pack reference for each matter counted.

Example response. The team provides 5 matters: 2 safety, 2 quality, and 1 supply disruption. The extract shows the site, internal category, date first escalated, committee name, and the board pack reference for each item.

Draft your disclosure

Notes that turn data into a disclosure

LRA training templates — adapt them to your organisation, and check the official source before sign-off.

Method note

State what you count as a serious concern, explain which governance forum you treat as the top decision-making group, and describe the route used to pass issues to it.

Context note

Explain what the total and the issue types indicate about the organisation’s oversight of significant matters and the kinds of risks or incidents being escalated.

Fluctuation statement

If the number or mix changes materially, note whether that reflects a real shift in underlying issues, a change in reporting practice, or both.

Content index entry
GRI 2-16 Communication of critical concerns — [location / page] / [notes]
Download Centre

Preparation tools & forms

Professional preparation tools for GRI 2-16 — free with an LRA Community membership. Register once (it's free) and every download unlocks, together with the Disclosure Library, templates and the LRA AI-assistant.

Free · Community members
Assurance readiness

For each claim, check the evidence

ClaimRiskEvidence to check
The information reported for this disclosure reconciles to the underlying source records.What is reported cannot be traced back to the systems or documents it was drawn from, or does not tie out to them.calculation_workbook reconciling the reported value to source_system_export
The information reported for this disclosure is current as at the reporting date.The disclosure reflects a different period, a cut-off before the reporting date, or stale data carried over from a prior period.approval_record showing the data cut-off date and the period covered
The scope behind the information reported for this disclosure is applied consistently.Parts of the organisation are silently in or out of scope, or the scope differs from the prior period without that change being explained.methodology defining the scope and a site_register of what it covers
Everything in scope is included in the information reported for this disclosure — nothing material is left out.Parts of the population that should be reported are omitted, understating or overstating the disclosure.site_register of the full population vs the calculation_workbook of what was actually included

Evidence pack to prepare

Common reporting gaps

The information is presented without a date or as-at point.The scope or boundary of the statement is left undefined.Key terms are used inconsistently across the report.Material changes since the previous period are not disclosed.Assertions are made without supporting detail or a source record.Boilerplate is used that does not actually answer what is asked.
Common gaps

Mistakes to avoid when collecting the data

Wrong owner asked
The team asks a board secretary, compliance lead, or another proxy instead of the person who actually tracks escalations into the top governance group, so the data comes from the wrong source.
Framework language used in the request
The request is sent using disclosure jargon rather than the organisation’s own terms for serious issues, which leads staff to search the wrong records or misunderstand what to pull.
Scope not pinned down
No one states which parts of the business, which entities, or which reporting boundary are in scope, so some concerns are counted while others from the same period are left out.
Wrong time basis used
The collector uses the date the issue was first raised, or the date it was closed, instead of the period in which it was actually passed up to the top governance group.
Counting basis gets mixed
One source counts every message sent, while another counts each distinct concern, and the two are blended together so the final number is not on one consistent basis.
Original labels are lost
The team rewrites the source descriptions into generic categories and drops the wording used by the business, making it hard to trace what each concern was in the original record.
Different populations are merged
Concerns sent through different routes, such as formal escalation and routine reporting, are combined even though they should stay separate for collection and review.
Evidence details are not captured
The file holds the numbers but not the supporting metadata, such as source, date, owner, or reference ID, so the figures cannot be checked back to the underlying record.
No sign-off trail kept
The draft data is circulated without a clear review and approval record, so nobody can show who checked the figures before they were used in the disclosure.

Where judgement is often needed

What counts as a critical concern in our own reporting language
Set a clear internal threshold for which escalations are treated as board-level concerns, then explain that threshold and apply it consistently across the period.
Which governance forum is treated as the top recipient
If concerns go to the board, a board committee, or another senior forum first, state the route used and make clear which body you are counting for the disclosure.
How to handle concerns that move between entities after a deal
When acquisitions, disposals, or reorganisations change the reporting perimeter, decide whether to include only the period under your control and explain the cut-off you used.
Whether local labels mean the same thing in every country
If different countries use different terms or thresholds for escalation, map them to one internal definition for reporting and disclose any material differences in how they are treated.
Where a concern sits partly inside and partly outside the reporting scope
For issues spanning joint ventures, outsourced operations, or other shared arrangements, explain the basis used to include or exclude them and keep that basis consistent.
Counting repeated updates on the same issue
Choose whether one issue with several updates is counted once or as multiple communications, then describe the counting rule so the total is understandable.
Using estimates where the log is incomplete
If records are not complete enough for a full count, use a documented estimate, say how it was derived, and identify which parts are estimated rather than directly recorded.
Protecting confidentiality when the number is small
If naming the nature of a concern could expose sensitive information, group similar items or broaden the description, and explain the privacy-driven aggregation used.
Rounding and presentation of the total
State the counting basis before rounding, keep the rounding rule stable from year to year, and make sure the narrative still matches the reported total.
Examples

Illustrative examples

Synthetic, written by LRA — not from a company report, not text from any standard.

Illustrative (synthetic) example — manufacturing

We use a formal route for serious matters to reach the board and the relevant committees, with urgent items escalated within 24 hours and routine items summarised in the next scheduled pack. During the year, 5 serious matters were raised with directors: 2 related to health and safety, 2 to supply chain conduct, and 1 to anti-bribery controls.

Synthetic illustration only. This example shows one way a company might explain how serious issues are escalated to the board and how many such matters were reported, with a simple breakdown by topic.

Illustrative (synthetic) example — financial services

Our group channels serious concerns to the board, usually through the audit and risk committees first, unless immediate escalation is needed; the process includes written updates and follow-up until closure. In the reporting period, 3 serious matters reached directors: 1 concerning customer treatment, 1 concerning data security, and 1 concerning conduct in a third-party relationship.

Synthetic illustration only. This example shows a different reporting style for the same disclosure, covering both the escalation route and the number and nature of serious matters shared with the board.

Company reports

How companies report GRI 2-16

Real reports where this topic is disclosed. These are report practice, not exact disclosure templates to copy.

Interconexión Eléctrica S.A. E.S.P.
Electric Utilities / IPP / Energy Traders · Colombia · 2024
Open report →
Interconexión Eléctrica S.A. E.S.P.'s 2024 Integrated Management Report partially addresses narrative item (a) by mentioning critical concerns reported to the highest governance body during the reporting period, though no headline value is provided (p.136). The report covers narrative item (b) with a specified reporting period and frequency of sustainability reports detailed on page 130. However, the report lacks clear headline values for some narrative items, limiting the completeness of the disclosure.
Sands China Ltd.
Hotels, Restaurants, Leisure, Tourism Services · Macao · 2025
Open report →
Sands China Ltd.'s 2025 ESG Report provides specific data on supplier sourcing, noting that critical services are sourced at high volumes or have particular ESG risk factors (p.49). The report also details compliance rates, indicating a 94% compliance level with laws and regulations and mentioning significant instances of noncompliance (p.47). However, the report does not clearly specify the total number of suppliers covered or provide detailed information on the nature of critical concerns communicated to governance bodies beyond a brief mention (p.51).
Thai Beverage Public Company Limited
Food and Beverage Processing · Thailand · 2024
Open report →
Thai Beverage Public Company Limited’s Sustainability Report 2024 includes coverage of the highest governance body, specifically mentioning the chair of this body on page 182. The report also addresses governance topics such as corporate governance, business ethics, risk management, and supply chain management across pages 3, 139, 140, 144, 146, and 152. However, there is no found evidence related to narrative item (b), indicating a gap or lack of disclosure on that specific aspect.
✓ LRA AI Assistant · Human-in-the-loop
Dr Ross Kurinko
Ask Study Studio AI assistant about this disclosure
Get a practical answer for your reporting context. Your first answer is free — create a free account to continue the conversation.
TryHow do I prepare GRI 2-16?What data do I need to collect?Where can I see a real-report example?What mistakes should I avoid?
1 free answer
Check your understanding

Scenarios to work through

During the year, the audit committee received three escalations: one about a major control failure, one about a serious whistleblowing allegation, and one about a cyber incident with possible financial impact. The board pack also notes that urgent matters were sent to directors by email between meetings.

QHow should you decide what to describe in the disclosure, and what count should you include?
Reveal model answer →

A subsidiary raised several operational issues with management, but only one was escalated to the board because it could affect the group’s licence to operate. The draft report currently lists all subsidiary complaints as if they were board-level matters.

QShould every serious internal issue be counted, or only those that were actually passed up to the board level?
Reveal model answer →

The company had a standing process where the risk team sent a monthly summary to the board, but in practice the summary contained only routine updates and no serious concerns for most months. One month it included a single urgent matter about a product safety failure.

QHow do you explain the communication process without overstating the amount of serious information sent to directors?
Reveal model answer →

At year-end, the draft says that ‘critical concerns were communicated to the board as needed’, but it gives no number and no description of what those concerns were. The underlying log shows two matters: a legal investigation and a major health and safety incident.

QWhat extra information is needed before the disclosure is ready for sign-off?
Reveal model answer →
Framework references

Related framework references

How this disclosure maps across the major reporting frameworks.

GRI
GRI 2-16
within GRI 2: General Disclosures
Open official source →
Primary
Related & explore
FAQ

Questions this page answers

For GRI 2-16, what data do I need to gather before I start drafting the disclosure?+
How should I define the scope for GRI 2-16 so the disclosure is consistent year to year?+
Who should own the GRI 2-16 data collection in practice?+
What evidence should I keep for GRI 2-16 to make the disclosure assurance-ready?+
What are the four assurance claims on the GRI 2-16 page and how do I use them?+
What are the common mistakes people make when reporting GRI 2-16?+
How do I turn the GRI 2-16 data into a draft disclosure?+
Is there a worked example for GRI 2-16 that I can use as a drafting guide?+
How do I use the Prep & Assurance workbook for GRI 2-16?+
What is the printable Library Card for GRI 2-16 and when should I use it?+
More questions this page can help with