Communication of critical concerns
Practical guidance for preparing this disclosure. Use this card to identify datapoints, verify claims and organise supporting evidence. For exact requirements, always refer to the official GRI source.
↗ Share
This disclosure asks an organisation to explain how it communicates any critical concerns to the people who govern it. In practice, it is about whether serious issues are being escalated in a timely and reliable way, who receives them, and through what channels. The focus is on the organisation’s process for making sure important matters do not stay buried in day-to-day management.
The practical emphasis is on coverage and consistency across the organisation, not just at a flagship site or within one business unit. A useful report will show whether the approach applies across operations, how concerns are identified and passed on, and whether the same communication route is available wherever the organisation operates.
* This LRA educational guidance supports disclosure preparation. For the exact requirements, always refer to the official GRI source.
A quick mental checklist before you prepare this disclosure — tick each as you settle it.
| Datapoint | What to capture | Evidence hint | Owner |
|---|---|---|---|
| Escalation to board | Capture whether critical concerns are escalated to the board or equivalent top governance group, and the route used to communicate them during the reporting period. | Board or committee papers, escalation logs, meeting packs, issue trackers, and governance reporting records showing the communication route and timing. | Governance / Company Secretariat |
| Critical concerns count and type | Capture the total number of critical concerns communicated to the board or equivalent top governance group in the period, together with a plain description of what each concern was about. | Governance reporting log, board or committee packs, issue register, and period-end summary that lists each concern and supports the final count. | Governance / Company Secretariat |
Show GRI 2-16 sub-elements (LRA working checklist)
- Set out if, and in what way, serious concerns are passed up to the board and its committees.
- State the overall count and the type of serious concerns passed to the board and its committees during the reporting period.
LRA working checklist - paraphrased; see official source
- Set the reporting boundary first: decide which entity, period and internal channels you will use so the disclosure covers the right organisation and the right year.
- Agree what counts as a critical concern for this disclosure, using a consistent internal definition so the same type of issue is treated the same way across the period.
- Gather the underlying records from the routes used to escalate issues to the board or equivalent top-level group, including logs, meeting papers, emails or case trackers that show what was raised and when.
- Prepare the narrative on communication arrangements: explain whether such concerns are passed up to the top governance group, and if so, how that happens in practice.
- Compile the figures for the period: state the total number of critical concerns escalated and summarise their nature in a way that matches the supporting records.
- Check any omissions, reclassifications or changes in method, then compare the final wording and counts with the official source to confirm the disclosure is complete and aligned.
Translate the disclosure into an internal business question — then adapt it to your organisation's own language.
Use your organisation’s own names first for the board, committees, escalation routes, issue logs, and concern categories, then map them back to the reporting disclosure. Keep the request in internal business language rather than framework wording, and check the source material before sign-off.
Please provide the disclosure data for communication of critical concerns to the highest governance body.
Please pull the board or committee concern log for [reporting period] and show each serious issue that was escalated, the internal category used, when it was taken to [board / committee name], and the reference to the minute, paper, or tracker entry. Please also give the total number of matters counted for the period, using your own internal labels first.
Formal email template
Subject: LRA training request — board concern log and escalation summary for [reporting period] Dear [name/team], Please could you share a short extract or summary from your records covering the period [reporting period] for [reporting boundary]. We need to understand how serious issues were escalated to [board / committee name] and to capture the number and type of matters that were taken up during the period. Please include: - the route used to escalate each matter; - the internal category or issue type; - the date it was first raised with [board / committee name]; - whether it was a new matter or a follow-up on an existing one; - the count of matters in scope for the period; and - any reference to the supporting paper, minute, or log entry. If your team uses different labels, please use those first and we will map them afterwards. This is a possible LRA training template only; please adapt it to your organisation and check the source material before sign-off. Many thanks, [preparer name]
Short Teams / Slack version
Hi [name/team] — could you send a short extract for [reporting period] showing how serious issues were escalated to [board / committee name], plus the count and type of matters covered? Please use your own internal labels and include the supporting reference(s). Thanks, [preparer name]
Financial services
Context. A risk and compliance team tracks conduct, regulatory, and control matters in a central issues register and escalates selected items to the risk committee and board.
Adapted request. Please extract the issues register entries for [reporting period] that were taken to the risk committee or board. Include the internal issue type, escalation date, route used, and the reference to the paper or minute. Also provide the total number of unique matters escalated in the period.
Example response. The team returns a table with 7 unique matters: 3 conduct, 2 regulatory, 1 cyber control, and 1 financial reporting control. Each row shows the issue ID, internal category, date escalated, recipient level, and board paper reference.
Manufacturing
Context. An operations and EHS team logs major safety, quality, and site disruption matters and escalates selected items through the executive committee to the board.
Adapted request. Please share the escalation log for [reporting period] covering serious safety, quality, and operational matters that were reported to the executive committee or board. Use your site or group labels, and include the date, route, category, and minute or pack reference for each matter counted.
Example response. The team provides 5 matters: 2 safety, 2 quality, and 1 supply disruption. The extract shows the site, internal category, date first escalated, committee name, and the board pack reference for each item.
The full request pack — response form, data table, evidence metadata and sign-off — is in the Download Centre.
LRA training templates — adapt them to your organisation, and check the official source before sign-off.
State what you count as a serious concern, explain which governance forum you treat as the top decision-making group, and describe the route used to pass issues to it.
Explain what the total and the issue types indicate about the organisation’s oversight of significant matters and the kinds of risks or incidents being escalated.
If the number or mix changes materially, note whether that reflects a real shift in underlying issues, a change in reporting practice, or both.
GRI 2-16 Communication of critical concerns — [location / page] / [notes]
Professional preparation tools and forms for GRI 2-16. Each download includes a concise “How to use” guide.
| Claim | Risk | Evidence to check |
|---|---|---|
| The information reported for this disclosure reconciles to the underlying source records. | What is reported cannot be traced back to the systems or documents it was drawn from, or does not tie out to them. | calculation_workbook reconciling the reported value to source_system_export |
| The information reported for this disclosure is current as at the reporting date. | The disclosure reflects a different period, a cut-off before the reporting date, or stale data carried over from a prior period. | approval_record showing the data cut-off date and the period covered |
| The scope behind the information reported for this disclosure is applied consistently. | Parts of the organisation are silently in or out of scope, or the scope differs from the prior period without that change being explained. | methodology defining the scope and a site_register of what it covers |
| Everything in scope is included in the information reported for this disclosure — nothing material is left out. | Parts of the population that should be reported are omitted, understating or overstating the disclosure. | site_register of the full population vs the calculation_workbook of what was actually included |
- The governing policy or written commitment behind this disclosure
- A methodology / definition note setting out how the disclosure was scoped and prepared
- Source-system exports the figures or facts were drawn from
- The internal approval / sign-off record for the disclosure before publication
- Minutes or records evidencing the relevant engagement or consultation
- The information is presented without a date or as-at point.
- The scope or boundary of the statement is left undefined.
- Key terms are used inconsistently across the report.
- Material changes since the previous period are not disclosed.
- Assertions are made without supporting detail or a source record.
- Boilerplate is used that does not actually answer what is asked.
- Wrong owner asked
The team asks a board secretary, compliance lead, or another proxy instead of the person who actually tracks escalations into the top governance group, so the data comes from the wrong source.
- Framework language used in the request
The request is sent using disclosure jargon rather than the organisation’s own terms for serious issues, which leads staff to search the wrong records or misunderstand what to pull.
- Scope not pinned down
No one states which parts of the business, which entities, or which reporting boundary are in scope, so some concerns are counted while others from the same period are left out.
- Wrong time basis used
The collector uses the date the issue was first raised, or the date it was closed, instead of the period in which it was actually passed up to the top governance group.
- Counting basis gets mixed
One source counts every message sent, while another counts each distinct concern, and the two are blended together so the final number is not on one consistent basis.
- Original labels are lost
The team rewrites the source descriptions into generic categories and drops the wording used by the business, making it hard to trace what each concern was in the original record.
- Different populations are merged
Concerns sent through different routes, such as formal escalation and routine reporting, are combined even though they should stay separate for collection and review.
- Evidence details are not captured
The file holds the numbers but not the supporting metadata, such as source, date, owner, or reference ID, so the figures cannot be checked back to the underlying record.
- No sign-off trail kept
The draft data is circulated without a clear review and approval record, so nobody can show who checked the figures before they were used in the disclosure.
- What counts as a critical concern in our own reporting language
Set a clear internal threshold for which escalations are treated as board-level concerns, then explain that threshold and apply it consistently across the period.
- Which governance forum is treated as the top recipient
If concerns go to the board, a board committee, or another senior forum first, state the route used and make clear which body you are counting for the disclosure.
- How to handle concerns that move between entities after a deal
When acquisitions, disposals, or reorganisations change the reporting perimeter, decide whether to include only the period under your control and explain the cut-off you used.
- Whether local labels mean the same thing in every country
If different countries use different terms or thresholds for escalation, map them to one internal definition for reporting and disclose any material differences in how they are treated.
- Where a concern sits partly inside and partly outside the reporting scope
For issues spanning joint ventures, outsourced operations, or other shared arrangements, explain the basis used to include or exclude them and keep that basis consistent.
- Counting repeated updates on the same issue
Choose whether one issue with several updates is counted once or as multiple communications, then describe the counting rule so the total is understandable.
- Using estimates where the log is incomplete
If records are not complete enough for a full count, use a documented estimate, say how it was derived, and identify which parts are estimated rather than directly recorded.
- Protecting confidentiality when the number is small
If naming the nature of a concern could expose sensitive information, group similar items or broaden the description, and explain the privacy-driven aggregation used.
- Rounding and presentation of the total
State the counting basis before rounding, keep the rounding rule stable from year to year, and make sure the narrative still matches the reported total.
Synthetic, written by LRA — not from a company report, not text from any standard.
We use a formal route for serious matters to reach the board and the relevant committees, with urgent items escalated within 24 hours and routine items summarised in the next scheduled pack. During the year, 5 serious matters were raised with directors: 2 related to health and safety, 2 to supply chain conduct, and 1 to anti-bribery controls.
Our group channels serious concerns to the board, usually through the audit and risk committees first, unless immediate escalation is needed; the process includes written updates and follow-up until closure. In the reporting period, 3 serious matters reached directors: 1 concerning customer treatment, 1 concerning data security, and 1 concerning conduct in a third-party relationship.
How to turn the collected data into a draft disclosure. Suggested visuals and a GRI content-index line generated from this disclosure's datapoints.
Suggested visuals
- How concerns reach the board — table: A simple process view of whether there is a formal route for serious issues to be escalated to the board or its committees, and a short note on how that route works in practice.
- Number of serious issues raised — bar: A count of the serious matters passed to the board-level group during the period, so readers can see the volume at a glance.
- Types of serious issues reported — stacked bar: A breakdown of the serious matters by nature or category, showing the mix of issues that were escalated.
- Reporting route by governance level — table: Which governance tier received the concerns and whether they were handled through the board, a committee, or another formal channel.
- Trend in serious concerns over time — line: How the number of serious matters communicated to the board-level group changes across reporting periods, if prior-period data is available.
What separates a figure from a disclosure.
We told the board about 4 serious concerns this year.
We escalated 4 serious concerns to the board this year, covering safety, conduct and data issues.
We briefed the board and its committees on 4 serious concerns during the year, all raised through our escalation route; 2 related to safety, 1 to conduct and 1 to data handling, and the mix shifted because we had more employee reports and a new internal reporting channel.
Real reports where this topic is disclosed. The confidence label shows how closely each match maps to GRI 2-16 — these are report practice, not exact disclosure examples.
| Company | Sector · Country | Year | Match | Page | Report | Assurance | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Interconexión Eléctrica S.A. E.S.P. | Electric Utilities / IPP / Energy Traders · Colombia | 2024 | Partial | p. 136 →p. 50 →p. 51 → | ISA Integrated Management Report 2024 → | ey | ||||||||||
Evidence in Interconexión Eléctrica S.A. E.S.P.’s reportWhat the report shows Interconexión Eléctrica S.A. E.S.P.'s 2024 Integrated Management Report partially addresses narrative item (a) by mentioning critical concerns reported to the highest governance body during the reporting period, though no headline value is provided (p.136). The report covers narrative item (b) with a specified reporting period and frequency of sustainability reports detailed on page 130. However, the report lacks clear headline values for some narrative items, limiting the completeness of the disclosure.
Evidence-based summary of this company’s own report — not a disclosure template to copy, and not a compliance verdict. Datapoint coverage
Source trail
|
||||||||||||||||
| Sands China Ltd. | Hotels, Restaurants, Leisure, Tourism Services · Macao | 2025 | Exact | p. 51 →p. 49 →p. 23 → | 2025 ESG Report → | EY | ||||||||||
Evidence in Sands China Ltd.’s reportWhat the report shows Sands China Ltd.'s 2025 ESG Report provides specific data on supplier sourcing, noting that critical services are sourced at high volumes or have particular ESG risk factors (p.49). The report also details compliance rates, indicating a 94% compliance level with laws and regulations and mentioning significant instances of noncompliance (p.47). However, the report does not clearly specify the total number of suppliers covered or provide detailed information on the nature of critical concerns communicated to governance bodies beyond a brief mention (p.51).
Evidence-based summary of this company’s own report — not a disclosure template to copy, and not a compliance verdict. Datapoint coverage
Source trail
|
||||||||||||||||
| Thai Beverage Public Company Limited | Food and Beverage Processing · Thailand | 2024 | Partial | p. 164 →p. 182 →p. 142 → | Sustainability Report 2024 → | LRQA | ||||||||||
Evidence in Thai Beverage Public Company Limited’s reportWhat the report shows Thai Beverage Public Company Limited’s Sustainability Report 2024 includes coverage of the highest governance body, specifically mentioning the chair of this body on page 182. The report also addresses governance topics such as corporate governance, business ethics, risk management, and supply chain management across pages 3, 139, 140, 144, 146, and 152. However, there is no found evidence related to narrative item (b), indicating a gap or lack of disclosure on that specific aspect.
Evidence-based summary of this company’s own report — not a disclosure template to copy, and not a compliance verdict. Datapoint coverage
Source trail
|
||||||||||||||||
During the year, the audit committee received three escalations: one about a major control failure, one about a serious whistleblowing allegation, and one about a cyber incident with possible financial impact. The board pack also notes that urgent matters were sent to directors by email between meetings.How should you decide what to describe in the disclosure, and what count should you include?
A subsidiary raised several operational issues with management, but only one was escalated to the board because it could affect the group’s licence to operate. The draft report currently lists all subsidiary complaints as if they were board-level matters.Should every serious internal issue be counted, or only those that were actually passed up to the board level?
The company had a standing process where the risk team sent a monthly summary to the board, but in practice the summary contained only routine updates and no serious concerns for most months. One month it included a single urgent matter about a product safety failure.How do you explain the communication process without overstating the amount of serious information sent to directors?
At year-end, the draft says that ‘critical concerns were communicated to the board as needed’, but it gives no number and no description of what those concerns were. The underlying log shows two matters: a legal investigation and a major health and safety incident.What extra information is needed before the disclosure is ready for sign-off?
See how companies actually report GRI 2-16 — drawn from their own published reports, with the exact pages, and an LRA AI-assistant that works through it with you. Available to LRA Community members and to students throughout their platform access.
How this disclosure maps across the major reporting frameworks.
For GRI 2-16, what data do I need to gather before I start drafting the disclosure?
The page says to prepare two datapoints: escalation to board, and the count and type of critical concerns. Use the step-by-step preparation section to turn those into a clear data request and draft input. ↑ section
How should I define the scope for GRI 2-16 so the disclosure is consistent year to year?
The page is designed to help you set up the disclosure in a practical way, so use the plain-language explainer and the preparation steps to agree what is in scope before collecting data. Keep the scope aligned to the two datapoints the page highlights. ↑ section
Who should own the GRI 2-16 data collection in practice?
The page is aimed at sustainability/ESG managers, HR or data owners, and assurance reviewers, so ownership should sit with the person or team that can evidence the escalation process and the critical-concerns data. Use the workbook to assign tasks and track who provides each input. ↑ section
What evidence should I keep for GRI 2-16 to make the disclosure assurance-ready?
The page includes an evidence pack with five items and four assurance claims to verify, each framed around claim, risk and evidence. Build your file so the underlying records support both the board escalation information and the critical-concerns count and type. ↑ section
What are the four assurance claims on the GRI 2-16 page and how do I use them?
The page says there are four assurance claims to verify, each linked to a claim, risk and evidence. Use them as a checklist to test whether your draft is backed by records before it goes to review. ↑ section
What are the common mistakes people make when reporting GRI 2-16?
The page lists common reporting gaps and mistakes, so it is useful for a pre-submission check. Use it to spot missing data, weak evidence, or a draft that does not match the preparation steps. ↑ section
How do I turn the GRI 2-16 data into a draft disclosure?
The page includes a draft-output section with visualisation ideas, narrative starters and a GRI content-index line. Use those to convert the prepared data into a short narrative and a clean index entry. ↑ section
Is there a worked example for GRI 2-16 that I can use as a drafting guide?
Yes. The page includes synthetic illustrative example disclosures, including a quantitative table, which you can use as a formatting and drafting reference rather than as a real-company benchmark. ↑ section
How do I use the Prep & Assurance workbook for GRI 2-16?
The Download Centre includes a Prep & Assurance workbook in .xlsx format. Use it to organise the preparation steps, track the evidence pack, and keep the disclosure ready for assurance review. ↑ section
What is the printable Library Card for GRI 2-16 and when should I use it?
The Download Centre also includes a printable Library Card in .pdf format. It is useful as a quick reference while you gather data, check the common gaps, and draft the disclosure. ↑ section
- GRI 2-16 disclosure checklist: what should I confirm before I send the draft for review?
- How do I evidence escalation to board for GRI 2-16 in a way that is easy to assure?
- What should the critical concerns count and type data look like for GRI 2-16?
- How do I avoid the most common GRI 2-16 reporting gaps?
- Where can I find a synthetic example of a GRI 2-16 disclosure on the page?
- How do I use the GRI 2-16 content-index line in the draft output section?
- What should I put in the evidence pack for GRI 2-16 assurance readiness?
- How do I assign ownership for GRI 2-16 between ESG, HR and data owners?
- What does the step-by-step how to prepare section cover for GRI 2-16?
- Can I use the from company reports table to see how others disclose GRI 2-16?
Get a practical answer for your reporting context. Your first answer is free — create a free account to continue the conversation.
Sources, status and disclaimer
This LRA assistance tool is designed for educational and internal data-collection purposes. It is not an official interpretation of the GRI Standards, IFRS Sustainability Disclosure Standards or EU CSRD/ESRS requirements. When applying these frameworks in professional practice, users should consult and double-check the official standards, guidance and applicable regulatory sources.