The landscape of corporate climate accountability is undergoing a seismic shift as California’s groundbreaking Climate-Related Financial Risk Act, Senate Bill 261, prepares to transform how large businesses disclose and manage climate-related financial risks.
With the January 1, 2026 deadline rapidly approaching, companies with annual revenues of $500 million or more that conduct business in the Golden State must prepare for a new era of transparency and accountability that will extend far beyond California’s borders.
This comprehensive legislation represents more than just another regulatory requirement – it signals a fundamental recognition that climate risk is financial risk, requiring the same level of board oversight, strategic planning, and rigorous disclosure that companies apply to other material business risks.
As the world’s fourth-largest economy, California’s actions typically create ripple effects that influence national and global business practices, making SB 261 compliance essential for companies looking to maintain their competitive edge and access to capital markets.
Understanding SB 261’s Scope and Application
The scope of SB 261 extends to any public or private corporation, partnership, limited liability company, or other business entity formed under U.S. laws that meets two critical criteria:
(1)annual revenues exceeding $500 million and (2) conducting business in California.
This broad applicability means that companies don’t need to be headquartered in California to fall under the law’s requirements—any organization with significant California operations must comply. The California Air Resources Board (CARB) has proposed defining “doing business in California” based on the state’s Revenue and Taxation Code, which includes entities that are actively engaging in transactions for financial gain and meet specific thresholds for sales, property, or payroll compensation. Current threshold amounts suggest that companies with California sales exceeding approximately $735,000, property exceeding $73,500, or payroll exceeding $73,500 would likely qualify. Notably, insurance companies regulated by California’s Department of Insurance are exempt from SB 261 requirements, as they are already subject to separate climate risk disclosure regulations. However, this exemption is narrow, and most other industries—from technology and manufacturing to retail and healthcare—will need to prepare for compliance.
Core Requirements Under SB 261
SB 261 mandates biennial disclosure of climate-related financial risks using the internationally recognized Task Force on Climate-Related Financial Disclosures (TCFD) framework or an equivalent standard. The legislation requires companies to report on two primary categories of information:
Physical and Transition Risk Disclosure: Companies must identify and disclose both physical risks (such as extreme weather events, sea-level rise, and temperature changes) and transition risks (including policy changes, technological shifts, and market transformations related to the low-carbon economy). These disclosures must detail how these risks could materially impact the organization’s operations, supply chains, and financial performance.
Risk Mitigation and Adaptation Measures: Beyond identifying risks, companies must disclose the specific measures they have adopted or plan to implement to reduce and adapt to climate-related financial risks. This includes strategies for building resilience, operational adjustments, and strategic pivots designed to minimize exposure to climate impacts.
The TCFD framework structures these disclosures around four pillars: Governance (board oversight and management roles), Strategy (climate-related risks and opportunities and their business impacts), Risk Management (processes for identifying, assessing, and managing climate risks), and Metrics and Targets (measurements and goals used to assess climate-related risks and opportunities).
Timeline and Implementation Deadlines
The implementation timeline for SB 261 remains firm despite earlier discussions of potential delays.
Key dates include:
- January 1, 2026: First biennial climate-related financial risk reports are due, covering risks and mitigation measures based on 2025 data. Reports must be published on company websites and made publicly available.
- Ongoing Biennial Reporting: Subsequent reports will be required every two years thereafter, ensuring continuous transparency and accountability in climate risk management. CARB has indicated it will launch a public docket from December 1, 2025, through July 1, 2026, where companies can post links to their climate risk disclosures. This centralized repository aims to enhance transparency by providing stakeholders with a single location to review all climate risk reports.
- Unlike SB 253 (the companion greenhouse gas emissions reporting law), SB 261 is largely self-executing and does not require CARB to issue detailed implementing regulations. However, CARB retains authority to specify administrative penalties and may provide additional guidance to help companies comply effectively.
Strategic Preparation Steps for Compliance
- Conduct Comprehensive Gap Analysis: Organizations should begin with a thorough assessment of their current climate data collection capabilities, risk management processes, and governance structures. This analysis should identify gaps between existing practices and TCFD requirements, establishing a roadmap for compliance preparation.
- Establish Cross-Functional Governance: Successful SB 261 compliance requires coordination across multiple departments, including legal, finance, sustainability, operations, and risk management teams. Many organizations are establishing executive-level sustainability committees with representatives from relevant business units to develop and manage compliance strategies.
- Implement Robust Data Collection Systems: Companies must establish systems to gather, validate, and report climate-related financial data consistently. This includes developing processes for scenario analysis, risk quantification, and tracking mitigation measures over time.
- Engage Board-Level Oversight: SB 261 requires disclosure of board oversight processes for climate risks. Organizations should ensure their boards receive appropriate climate risk training and establish clear governance structures for climate-related decision-making.
- Develop TCFD-Aligned Reporting Framework: Companies should familiarize themselves with TCFD recommendations and align their reporting processes accordingly. This includes conducting climate scenario analysis, quantifying financial impacts, and establishing metrics for tracking progress on climate-related goals.
Best Practices for Climate Risk Governance
Effective climate risk governance requires board-level commitment and systematic integration throughout the organization. Leading practices include
- Establishing dedicated board committees or assigning climate oversight to existing risk or audit committees, ensuring at least one director has climate expertise, and incorporating climate considerations into executive compensation structures.
- Organizations should integrate climate risk assessment into their enterprise risk management (ERM) frameworks, treating climate risks with the same rigor applied to other material business risks. This integration helps ensure that climate considerations inform strategic planning, capital allocation, and operational decision-making processes.
- Companies must conduct climate scenario analysis to evaluate their resilience under different climate futures, including scenarios aligned with limiting global warming to 1.5-2°C. This analysis should inform long-term strategic planning and help identify both risks and opportunities across different time horizons.
- Stakeholder Engagement: Effective climate risk management requires ongoing engagement with suppliers, customers, investors, and other stakeholders to understand shared risks and collaborative opportunities. This engagement helps companies develop more comprehensive risk assessments and more effective mitigation strategies.
Enforcement and Penalty Structure
SB 261 authorizes penalties of up to $50,000 per year for companies that fail to submit required reports or provide misleading information. While these penalties are lower than those associated with SB 253’s emissions reporting requirements, they still represent significant compliance risks for non-compliant organizations.
CARB has emphasized that enforcement will consider whether companies demonstrate “good faith efforts” to comply with the requirements. This approach suggests that organizations making genuine attempts to meet the disclosure requirements may receive more lenient treatment during the initial implementation period, particularly given the complexity of climate risk assessment and reporting.
The California Attorney General also has authority to pursue legal action against non-compliant entities, potentially resulting in additional penalties and reputational damage. This dual enforcement mechanism underscores the importance of taking SB 261 compliance seriously and implementing robust reporting processes.
Alignment with Federal and International Standards
SB 261’s alignment with TCFD recommendations positions compliant companies to meet evolving disclosure requirements in other jurisdictions. The International Sustainability Standards Board (ISSB) has developed global sustainability disclosure standards that build upon TCFD foundations, suggesting that SB 261 compliance will help companies prepare for broader international requirements.
The Securities and Exchange Commission’s proposed climate disclosure rules, while still under development, share many similarities with California’s approach, potentially reducing duplicative reporting burdens for companies that establish robust TCFD-aligned processes. This convergence toward standardized climate risk disclosure frameworks suggests that early investment in compliance infrastructure will yield benefits beyond California requirements.
Many organizations are leveraging specialized sustainability platforms and professional services to support their SB 261 compliance efforts. These tools can help automate data collection, conduct scenario analysis, and generate TCFD-aligned reports while ensuring consistency and accuracy in climate risk disclosures. Professional services providers, including environmental consultants, legal advisors, and accounting firms, are developing specialized offerings to support companies through the compliance process. Early engagement with these resources can help organizations avoid common pitfalls and establish more effective reporting processes.
Frequently Asked Questions
1. What determines if my company “does business” in California?
CARB proposes using California Revenue and Taxation Code definitions, which include entities actively engaging in financial transactions and meeting thresholds for sales ($735,000+), property ($73,500+), or payroll ($73,500+) in California. The final definition will be clarified through CARB’s regulatory process.
2. Can subsidiaries rely on parent company reporting?
Yes, SB 261 allows covered entities to rely on consolidated parent company-level climate risk reporting. This can help reduce duplicative reporting burdens for complex corporate structures while ensuring comprehensive risk disclosure.
3. What frameworks besides TCFD are acceptable?
SB 261 requires alignment with TCFD or “an equivalent” framework. CARB has indicated preference for consistency with International Sustainability Standards Board (ISSB) standards, which build upon TCFD foundations.
4. How detailed must scenario analysis be?
Companies must conduct scenario analysis to evaluate resilience under different climate futures, including scenarios consistent with limiting warming to 1.5-2°C. The analysis should be detailed enough to inform strategic planning and risk management decisions.
5. What happens if a company provides incomplete disclosure in 2026?
CARB has indicated it will exercise enforcement discretion for entities demonstrating “good faith efforts” to comply. However, companies should strive for complete and accurate reporting to avoid potential penalties and reputational risks.
6. Are there safe harbors for forward-looking statements?
While SB 261 doesn’t include explicit safe harbors like those in securities law, CARB has suggested that climate risk disclosures “may be based on the best available information” during initial implementation. Companies should ensure disclosures are made in good faith based on available data.
7. How should companies handle data limitations?
Organizations should document data collection efforts, acknowledge limitations transparently, and demonstrate continuous improvement in data quality and completeness over time. Good faith efforts to obtain and report accurate information are key to compliance.
8. What role should boards play in SB 261 compliance?
Boards must provide oversight of climate risk assessment and management processes. This includes ensuring adequate resources for compliance, reviewing risk assessments, and integrating climate considerations into strategic planning and decision-making.
9. How often must reports be updated?
SB 261 requires biennial reporting, with the first report due January 1, 2026, and subsequent reports every two years thereafter. Companies may choose to update reports more frequently as circumstances change or data improves.
10. What enforcement actions might companies face?
Non-compliant companies may face penalties up to $50,000 per year, potential legal action from the California Attorney General, and reputational damage. CARB emphasizes good faith compliance efforts as a key factor in enforcement decisions.
