Short summary
A carbon credit without verifiable provenance, an unbroken ownership chain, and a documented approval history is not an offset — it is an unverified claim that an auditor or regulator can challenge. This guide explains what documentation is required and how to build it.
- Why credits without audit trails expose organisations to regulatory challenge
- The five elements of a defensible credit record
- How greenwashing enforcement is raising the documentation bar
- What a governed credit ledger must contain
The voluntary carbon market has a documentation problem. Organisations buy credits, retire them against their targets, and include the offset in their annual report — often without maintaining the evidence chain that would allow an auditor to verify the claim is valid. Under CSRD, that gap is becoming a material audit risk. Under the EU Green Claims Directive and national greenwashing enforcement, it is becoming a regulatory one.
A credit without a traceable audit trail is not an asset you can rely on. It is a claim that may not survive scrutiny.
The Credit Provenance Problem
Carbon credits originate from projects — reforestation, renewable energy, methane capture, cookstove distribution. Each project is validated by a registry (Verra, Gold Standard, ACR), issued a unique serial number, and listed in a public registry. When a buyer purchases the credit, it is transferred to their account. When they use it as an offset, it is retired — removed from circulation permanently.
In theory, this chain is fully traceable. In practice, many organisations maintain their carbon credit information in a spreadsheet or a line in their sustainability report, without retaining the registry transaction records, the broker documentation, the project validation report, or the retirement certificate. The credit number is recorded; the evidence is not.
The CSRD Assurance Standard
CSRD requires limited assurance for sustainability reports from 2025 and reasonable assurance from 2028. For carbon credits to be recognised as offsets under the European Sustainability Reporting Standards (ESRS E1), they must be "high quality" — verified, additional, permanent, and not double-counted. An assurance provider will request the underlying documentation. A spreadsheet entry is not sufficient.
What Auditors and Regulators Actually Check
When an assurance provider reviews carbon credit claims, they typically request: the original purchase documentation (contract or broker confirmation), the registry transfer record showing the credit moving to the buyer's account, the retirement certificate with the specific serial numbers retired, and the project documentation confirming the credit's methodology and vintage year.
When greenwashing enforcement agencies investigate, they look for whether the claimed offset matches the stated activity, whether the project actually delivered the reductions claimed, and whether the credit has been double-counted — used by more than one party. The EU Green Claims Directive (expected to enter force in 2026) will require that environmental claims are substantiated with verifiable evidence before they are made, not reconstructed afterward.
Five Elements of a Defensible Credit Record
Source documentation
The original purchase agreement or broker confirmation, with price, quantity, vintage year, project ID, and registry name. This establishes that the credit was purchased, not self-generated.
Registry transfer record
Proof that the credit serial numbers were transferred from the seller's registry account to your account. Without this, you cannot demonstrate ownership at the point of retirement.
Retirement certificate
The registry-issued certificate confirming that the specific serial numbers have been permanently retired and cannot be resold or transferred. This is the definitive proof of use as an offset.
Project validation report
The third-party validation showing that the underlying project meets the methodology requirements of the standard (Verra VCS, Gold Standard, etc.) and that the reductions are additional, measurable, and permanent.
Internal approval record
Who authorised the purchase, against which emission category the credit is applied, and the policy basis for the offset decision. This closes the governance chain and demonstrates that the credit was used intentionally, not accidentally.
Undocumented Credits and Greenwashing Risk
Greenwashing enforcement has moved from reputational risk to regulatory and legal risk. The European Commission's Green Claims Directive requires pre-substantiation of environmental marketing claims. The UK Competition and Markets Authority's Green Claims Code is already in effect. Several national regulators have issued fines for unsupported offset claims.
The risk profile of undocumented credits has changed. A credit that cannot be traced to its retirement certificate, that has a project validation report showing the methodology was not met, or that appears in more than one organisation's retirement account is no longer just an accounting error — it is a potential basis for enforcement action and, in some jurisdictions, civil liability.
Organisations that include carbon credit offsets in their public sustainability communications — whether in annual reports, marketing materials, or product-level claims — need to be able to substantiate those claims on request. The documentation that substantiates them is the audit trail.
Building a Governed Credit Ledger
A governed credit ledger is a system of record for carbon credits that maintains, for each credit or batch of credits: the source documentation, the ownership chain, the retirement evidence, the project validation, and the internal approval record — all linked to a single credit entry with a unique identifier.
The ledger should be queryable by period, by category (which emission source the credit offsets), by project, and by retirement date. It should generate an audit pack — a structured export of all the documentation for a given set of credits — on demand, without requiring someone to search email archives and shared drives.
This is not a complex system in principle. It is a structured document store with workflow, approval routing, and a clear data model for credit records. What makes it difficult is that most organisations do not have a workspace that connects the procurement workflow (where credits are bought), the sustainability function (where they are allocated), and the finance team (where they are accounted for) — and that connects them to the document repository where the evidence lives.
HubSecure's credit ledger module provides this connection. Credits are entered with their source documentation, routed through an approval workflow, linked to the registry retirement record, and searchable by any of the key dimensions. The audit pack generates in seconds.
Climate Execution Platform
HubSecure captures climate evidence at the point of work — every action, approval, and supplier declaration becomes part of a continuous, verifiable audit trail. No annual scramble. No evidence gaps.