VVB Requirements

VVB accreditation

All Validation and Verification Bodies (VVBs) must undergo accreditation by Rainbow in order to audit projects for validation and verification under the Rainbow Standard Rules and Rainbow methodologies.

General requirements

VVBs shall have a valid accreditation from either:

ISO 14065 or EN ISO 14065
ISO 17029 or EN ISO/IEC 17029

The VVB company shall prove more than 5 years of auditing experience, including at least 2 years in environmental/sustainability auditing (refer to Structure and qualification of VVB audit teams section).

VVBs shall adhere to the Rainbow Conflict of Interest Policy and confirm their independence from the market and carbon credit transactions. VVBs shall submit a declaration of conflict of interest form at each validation or verification audit they perform.

VVBs shall demonstrate knowledge of and experience on the sector it seeks accreditation for by providing CVs of the lead auditors, and proof of work on at least 2 projects within the sector within the 2 previous years.

Upon initial accreditation review, and on a yearly basis in the annual Activity Report, the VVB shall:

Prove that the company is financially sound
Disclose to Rainbow any negative media coverage
Disclose any legal/juridical proceedings

Sectors for accreditation

The VVB must demonstrate its knowledge of and experience related to a specific sector on which it can conduct the VVB tasks. Relevant sectors include but are not limited to:

Circular/industrial solutions
Bioenergy & biomass processing
Construction sector
Geochemistry: Enhanced Rock Weathering, Mineralization, Ocean Alkalinity Enhancement
Land based mitigation activity: forest, soil carbon or carbon farming

Accreditation process

To initiate the accreditation application, the VVB submits the VVB application form to Rainbow. Upon receipt of the application, the Rainbow Secretariat reviews the information provided and rejects or approves the application.

Rejection: Rainbow rejects applications where it determines that the applicant does not possess the required competencies, specified in the section above.
Approval: Rainbow approves the application and sends the documents listed below to be signed.

If approved, the VVB shall:

submit a signed copy of the Rainbow Conflict of Interest Policy, and
submit a signed copy of the present Procedures Manual section on VVBs, and
attend a training session for VVBs on the Rainbow Standard, relevant methodologies, and the Certification Platform, organized by the Rainbow Secretariat and the Certification team.

Upon satisfactorily completing these steps, the Rainbow Secretariat delivers an accreditation to the VVB, allowing them to audit projects seeking validation and/or verification under the Rainbow program.

The VVB organization is added as an approved VVB, and is publicly disclosed on Rainbow’s website.

VVB Oversight

VVB rotation

A single VVB shall conduct validation/verification audits for a specific project for a maximum of three sequential years. Upon reaching this limit, the Project Developer shall engage a different VVB for subsequent verifications. The Project Developer is granted a transition period of six months to engage a new VVB for the subsequent verification.

Project Developers shall maintain comprehensive records of all verifications, including the VVBs involved, to demonstrate compliance with this rule.

The Rainbow certification platform coordinates and tracks VVB audits, flagging and preventing VVBs from surpassing the sequential audit limit for a single project.

VVB training

All must attend a training on the Rainbow Standard and the relevant methodology before conducting any audits. Additionally, Audit Leaders shall undergo a training any time there is a major Standard or methodology release.

Rainbow shall record the presence of all individual auditors and their affiliated VVB at training events. This shall be reported in the VVB annual Activity Report, and assessed in the VVB's performance review.

VVB oversight

Rainbow shall oversee VVB performance annually, resulting in sanctions (detailed below) or approved continued use of the VVB for the Rainbow standard.

To facilitate this review, VVBs shall submit an annual Activity Report to Rainbow that details its activities (including number of validation and verification audits), challenges, trainings undertaken, and areas of improvement relating to its work with the Rainbow certification process.

Project Developers are asked to provide feedback on the VVB's performance after each validation and verification process, as part of the Rainbow satisfaction survey.

The performance review uses this feedback from Project Developers, Rainbow's feedback on audit activities, and the Activity Report to evaluate each VVB. Rainbow will report significant and/or repeated VVB performance concerns to the relevant VVB which may result in sanctions.

If Rainbow receives a request from the national competent authorities, the VVB shall cooperate with the authorities, including granting access to the premises or provide the information needed by the authorities (especially for VVBs operating under EU Regulation 2024/3012).

Rainbow shall conduct spot checks to ensure VVB compliance with the present VVB requirements. These spot checks shall cover a representative sample of projects, and assess VVB documentation (including audit plans, audit trail, collected evidences and conflict of interest disclosures), and project documentation.

VVB sanctions

VVBs may be sanctioned and suspended at any time, upon annual review or upon a single project audit, at the discretion of the Rainbow Standard Secretariat, due to:

non-compliance with the VVB requirements presented in this section, or
other red flags such as fraud, negligence, COIs, loss of team members with required technical competence, or revoked accreditations listed in the General requirement section.

Depending on the gravity of the breach, and the corrective measures taken the VVB, the Secretariat shall determine the duration of the VVB suspension. VVBs may be reinstated upon taking corrective measures, clarifying and proving compliance, or where no resolution is available, may reapply as a Rainbow accredited VVB two years after suspension.

Rainbow shall report to the relevant accreditation body (e.g. IAF, COFRAC, ANAB, etc) the identified breach.

VVBs that are no longer entitled to conduct auditing under Rainbow shall be listed for at least 24 months on Rainbow’s website after the last audit with an indication to that effect.

The Secretariat shall publish a publicly-available summary of the reason for sanctions, the potentially affected projects and audits, any corrective measures to these audits, corrective measures and/or clarification from the VVB to regain accreditation, and final status and next steps.

Validation and Verification process

All Projects must undergo an initial Validation audit, carried out by an accredited VVB, to assess conformity with the Rainbow Standard, and with the applied methodology. Once a project has been Validated, the Project Developer follows the Monitoring Plan, submits the parameters in the Monitoring Report, which undergoes a Verification audit in order to to issue RCCs.

To conduct the Validation Audit, the Project Developer and VVB team shall follow the procedures outlined in the Project validation section of the Rainbow Procedures Manual.

To conduct the Verification Audit, the Project Developer and VVB team shall follow the procedures outlined in the Monitoring and verification section of the Rainbow Procedures Manual.

The level of assurance for Validation and Verification Audits must be reasonable. VVBs are responsible for ensuring the audits they conduct meet this level of assurance.

The methodology shall define whether the site audit must be based on an on-site visit or a remote audit. The VVB may, based on an independent risk assessment:

mandate an on-site visit for the site audit where a remote audit would otherwise be acceptable, and/or
require an on-site visit for subsequent verification audits, even when site audits would otherwise not be necessary.

The Validation and Verification audits shall be conducted by VVB in accordance ISO 14064-3 and ISO 14065, and in compliance with the requirements of EN ISO/IEC 17021-1 in conjunction with EN ISO/IEC 19011 (or equivalent standards).

Validation and verification audits shall cover at least the following elements:

identification of the activity undertaken by the Project Developer which is relevant for the methodology
identification of the relevant methodology and Rainbow Standard Rules requirements of the project and the Project Developer's organisation, and check its effective implementation;
analysis of the risks which could lead to a material misstatement, based on the auditor’s professional knowledge and the information submitted by the Project Developer. The analysis of risks shall take into consideration the overall risk profile of the activity, depending on the level of risk of the operator. The audit intensity or scope, or both, shall be adapted to the level of overall risk items.
an audit plan which corresponds to the risk analysis and the scope and complexity of the Project Developer’s activity, and which defines the sampling methods to be used with respect to that operator’s activity;
implementation of the audit plan by gathering evidence in accordance with the defined sampling methods, plus all relevant additional evidence, upon which the auditor’s conclusion will be based;
a request by the auditor to the Project Developer to provide any missing elements of audit trails, an explanation of variations, or the revision of claims or quantification, before reaching a final audit conclusion;
Internal Review by an auditor who is not the Audit Leader, in the same VVB organization, to perform a final QA/QC review (Quality Assurance/Quality Control), attesting to accuracy of data and of the Audit Leader's findings.

A Conflict of Interest (COI) form shall submitted to Rainbow’s Certification team for the audit team for each validation and verification audit.

Audit teams

The VVB shall select and appoint the audit team in accordance with EN ISO/IEC 17021-1 in conjunction with EN ISO/IEC 19011, taking into account the competence needed to achieve the objectives of the audit.

The VVB must employ a minimum of two auditors for each audit: one Audit Leader and one internal reviewer. The audit team may also include additional auditors, local experts, content experts, and/or translators. The Audit Leader is the main contact person for project verification.

The auditors chosen by the VVB to audit a specific project shall meet the following requirements:

be independent of the activity being audited;
be free from conflict of interest, for instance not being involved simultaneously
in consultancy and audit with the same Project Developer over the past three years
previous to the audit;
have the knowledge, experience and skills necessary for conducting the audit
related to the Rainbow Standard and applicable methodology’s scope, including:
- The Rainbow Standard Rules, methodologies, and relevant procedures, as well as specific expertise in the project type/activity;
- The GHG emission avoidance/removal accounting methodology(ies) applied by the project, including activity data and emissions factors;
- Data sampling techniques, including risk weighting and statistical significance calculation;
- Project baselines, removals, and sequestration;
- Concepts such as additionality, leakage and permanence;
- Risk assessment techniques;
- Data monitoring, auditing, and assurance;
- Desk-based reviews of documents, data, and records;
- Validation and verification techniques, to assess accuracy and appropriateness of gathered evidence; and
- Preparation of validation and verification reports.

The site audit team must demonstrate knowledge and expertise in:

Country-specific knowledge and language skills;
Interviewing, listening, and observing; and
Sensitivity towards socio-economic matters and environmental and social safeguards.

Materiality Threshold

The threshold for Materiality in audits, considering the totality of all omissions, errors and mis-statements, is 5% for all projects. To accept a Verification Audit Report, any discrepancy between the GHG reductions/removals estimated by the Project Developer and by the VVB for a given Monitoring Period shall be less than the Materiality threshold.

Qualitative materiality issues may also be identified and documented, and flagged as project non-conformities where necessary, such as:

control issues that erode the auditor’s confidence in the reported data;
poorly managed documented information;
difficulty in locating requested information;
noncompliance with regulations indirectly related to GHG emissions, removals or storage.

Audit plan

Prior to a Validation/Verification audit, the VVB must prepare a Validation/Verification Audit plan that details the activities and schedules related to the audit. The plan may be revised as necessary during the process. The plan must be communicated with the Project Developer and must include, at minimum:

the audit scope and objectives;
identification of the Audit team and their roles;
client/responsible party contact;
schedule of activities;
level of assurance (at least reasonable level of assurance required);
verification criteria;
materiality; and
schedule for any site visits.

Audit Report

The VVB shall produce an Audit Report that documents the activities, results, findings, and conclusion of each Validation and Verification audit. The Audit Report shall reflect the findings and work of all members of the audit team (i.e. Audit Lead, internal reviewers, and if applicable, local experts, content experts, and/or translators). The Audit Report must be made publicly available on the registry for each Validation and Verification audit, and contain at least the following content.

Minimum requirements for Audit Reports

Summary of the Audit Report

Project Developer information:

Contact information (name and address);
Geographical locations of the activity, including longitude and latitude coordinates;
Scope of the certification and relevant certification methodology applied;
Reference number of the PDD and Monitoring Plan.
a statement that the Project Developer is responsible for the fair presentation of the PDD in accordance with the criteria;

Project information:

Expected (for validation audit), verified (for verification audit) total amounts of carbon removals, and of associated greenhouse gas emissions resulting from the project;
Expected (for validation audit), verified (for verification audit) amount of RCCs with the relevant vintage and durability resulting from the project;
Sustainability co-benefits associated with the project.

VVB information

Contact information (name and address) and logo;
Composition of the audit team;
National accreditation body and scope and date of accreditation, or national recognition authority and scope and date of recognition.
a statement that the Auditor is responsible for expressing an opinion on the PDD based on the Validation/Verification;
the Auditor’s location;

Information on the audit process

Date/s of the audit;
Audit itinerary and duration (split by duration spent on-site and remotely – where relevant);
Standard Rules version and Methodology version used for the audit;
Sites audited;
Audit method (risk assessment and sampling basis, stakeholder consultation);
a description of the evidence-gathering procedures used to assess the PDD;
Certification of other voluntary schemes or standards;
reference to the Monitoring Plan and verification scope;
GHG data type.

Information on audit results

Place and date of issuance of the audit report;
One of the following outcomes of the audit:
- confirmation of compliance to a reasonable Level of Assurance with Regulation (EU) 2024/3012 and applicable certification methodology;
- list of non-conformities identified with applicable timeline for their remediation.
the Lead Auditor’s signature.

PreviousRainbow Carbon Credits NextAppendix

Last updated 4 days ago