ESG risks: What today’s boards need to know

In today's complex and rapidly changing business world, environmental, social and governance (ESG) risks are manifold and increasing. For example, ESG issues include climate change, diversity, cybersecurity risk, reputational risk and the list goes on. Meanwhile, pressure is intensifying from investors and other stakeholders to identify and mitigate ESG risks in a timely, effective fashion.

Boards, in their oversight role, need to be leaders in ESG and risk management, yet they often struggle to get their arms around this subject. Read on for reasons why and for guidance on the next steps, including navigation of ESG frameworks and development of an ESG risk management policy.

What Are ESG Risks?

ESG looks beyond the balance sheet to consider a company's impact on its employees, customers and the communities in which it operates — as well as current and future risks and opportunities. To tackle this multifaceted and evolving area, it's helpful to examine each of the acronym's three parts.

An ESG Risk Definition

• Environmental risk includes mitigation and compliance efforts in areas like climate change, conservation and environmental protection. For example, what is a company's carbon footprint, and how does it make sure waste doesn't contaminate the soil, air and groundwater?
• Social criteria encompass a company's business relationships with employees, suppliers, partners, shareholders and the overall community. This could involve wage and labor issues, philanthropy, workplace safety, and diversity, equity and inclusion.
• Governance involves how a company is run: from board practices to transparency in shareholder communications to the ethics of its leadership.

Examples of ESG Risks

How are ESG risk areas playing out in today's world?

Environmental Risks

In the 'E' part of ESG, droughts, food insecurity and rising temperatures are having a domino effect on the environment, resulting in new regulations and new risk factors for investors. Over the long term, displacement from climate crises will change the demographic makeup of regions and nations, not to mention how consumers and employees live their lives.

Social Risks

Meanwhile, in the social aspect of ESG, issues like health care costs, resource scarcity, human rights and income inequality have all surged in importance, according to PwC's Annual Corporate Directors Survey.

Governance Risk

Risks have become increasingly interconnected. For example, the current COVID-19 pandemic has shown how life as usual can be suddenly upended across the globe, and entire industries disrupted or transformed in mere weeks, making ESG risk management even more critical.

Additionally, risks are transcending traditional 'ESG' categories. Take data privacy and security for example. As technology advances and becomes more widely available, more companies have been forced to tighten their security protocols and put cyber breaches and response on their radar like never before.

Within this changing landscape, boards must focus on material ESG issues: the issues that impact their specific company most in terms of cost, risk and growth. Boards also should keep in mind that different aspects of ESG may be more relevant to their industry than others. For example, a mining company may pay more attention to environmental issues than an app development company would.

Why ESG Risk Management Matters

Investors are paying attention, and you need to respond. - John Truzzolino, Director of Business Solutions, DFIN Solutions

The ESG risk premium is real ' and something every board should be aware of. As issues like race, social equity and climate change drive consumers to ESG-focused brands, investors have been prioritizing ESG as well.

It's a smart strategy. According to a study by MSCI Research, companies with higher ESG ratings showed:

• Higher dividend payments, returns, competitiveness and overall profitability
• Fewer risk events like major drawdowns
• Lower systematic risk, evidenced in less volatile earnings and lower costs of capital

'Finance executives are finally beginning to see ESG risk as financial risk,' according to Donnelly Financial Solutions (DFIN). 'Addressing ESG issues is no longer something that can be done at every fifth board meeting or within a greenwashing report that merely ticks the box for addressing environmental or social issues.'

Your Board's Plan for ESG and Risk

To help your company identify, manage and mitigate ESG risk, John Truzzolino with DFIN Solutions recommends the following four-step process:

1. 1. Assemble a multidisciplinary team of stakeholders, including existing ESG players like human resources, communications, and sustainability and others from finance and procurement not yet involved in that process.
   2. Do a gap analysis of material ESG items, looking at the data your company collects and ways to improve your ESG story.
   3. Look at the available frameworks for measuring and reporting ESG initiatives. This will provide a foundation for building out a concise set of key performance indicators. Start, or expand, your efforts to tell your company's ESG story.

You can hear more from Truzzolino talking on A Roadmap for Outlining ESG Risks & Opportunities within the Inside America's Boardrooms episode below.

Structuring Your Board's Approach To Environmental, Social and Governance Risk Management

Boards are still defining their approach to ESG oversight, specific roles and responsibilities, and relationships with ESG issues. For example, on many boards, the nominating and governance committee spearheads discussions about governance. In a Diligent Institute survey of 447 governance professionals:

1. 1. 1. • 50% indicated some form of board-level oversight of environmental issues, either by the full board or a committee
         • 19% indicated that oversight lived within the organization
         • 35% percent indicated that environmental issues are 'not overseen' by the company or that they 'don't know'

For determining the best approach to your board's ESG oversight, factors like your industry, company type, global footprint, and existing committee structure will play a role. For instance, the ESG risks for banks and how companies in the financial services reduce ESG risks may vary from those seen in healthcare or manufacturing. As such, your approach to mitigate these risks should be adjusted accordingly.

There is no one-size-fits-all solution. That being said, every board member should have a thorough understanding of how ESG risks impact your organization and the kinds of disclosures that are important to investors.

No one board has the same journey around sustainability or ESG. - John Truzzolino, Director of Business Solutions, DFIN Solutions

Navigating ESG Frameworks and Standards

Amid the plethora of emerging ESG frameworks, boards and investors lacked a standard set of guidelines ' until recently.

Fortunately, investors have been pushing for more standardization, and the World Economic Forum has moved the ball forward. In September 2020, the organization released a report detailing a new set of ESG standards. Metrics draw from existing frameworks where possible. For example:

1. 1. 1. • SASB 101, the GHG Protocol, and the Science-Based Targets Initiative for the Climate Change theme are reflected under the new standards' 'planet' pillar
         • The MIT Living Wage Tool and the Equal Pay International Coalition for the Dignity and Equality theme are reflected under the 'people' pillar
         • Chief Executives for Corporate Purpose Valuation Guidelines for the Community and Social Vitality theme are reflected under the 'prosperity' pillar
         • Various GRI standards are reflected under the 'governance' pillar

Becoming familiar with these 21 core and 34 expanded metrics and disclosures is an important first step in helping your company identify, manage and mitigate its ESG risk.

Conducting an ESG Risk Assessment

The next step in effective ESG management: putting the right information at your board's fingertips.

Tools like those created by Diligent provide quick access to information that helps board members identify governance red flags raised by shareholders and activists, including board composition, missing skill sets, and conflicts of interest. This knowledge can provide the foundation for an ESG risk matrix and ultimately an ESG risk management policy for managing and mitigating these issues.

Risks and opportunities are the two sides of the same coin. - John Truzzolino, Director of Business Solutions, DFIN Solutions

Prioritizing ESG Reporting and Stakeholder Communications

Once you've identified and addressed your organization's issues, it's time to tell your ESG story. Boards should insist on adding ESG reporting to their agenda because this is essential information deserving transparency. Chances are, stakeholders already know the facts, thanks to publicly available tools like Sustainalytics' ESG Risk Ratings.

Boards have several channels for presenting their ESG risk and activities, including the proxy statement, the 10K and the CSR sustainability report. Aside from reporting, communication should remain a two-way, ongoing process that engages investors, employees, customers and other stakeholders.

Nobody's expecting it to happen tomorrow, but they want to see the effort. They want to see that you understand ESG risk and that you have to do these things. - TK Kerstetter, host of Inside America's Boardrooms

Ready to help your organization identify, manage and mitigate ESG issues? Download an ESG roadmap from Diligent today.