Why Risk and Compliance Professionals Should Care About the Shift To ESG

Aarthi Natarajan

This is the final part of a four-part series. You can give part 1, part 2 and part 3 a read here.

Today’s investors want to know that the companies they invest in support ethical and sustainable practices, and have led the charge for introducing ESG policies. Thanks to their advocacy, as well as demands from customers, regulators, employees, and activists, many businesses today have adopted ESG initiatives to provide transparency and accountability in their actions. Currently, 88% of publicly traded companies have ESG policies in place; followed by 79% of venture and private equity-backed companies, and 67% percent of private companies.

When adopting an ESG policy, however, it’s important to go beyond individual metrics for the initiatives you’re supporting, and focus on genuine organizational change on a holistic level. Your policy can’t just pay lip service to diversity, green initiatives, and other buzzwords—you need a precise system for identifying your benchmarks for success, and then tracking how well you measure up to your goals.

Building a comprehensive ESG policy boils down to ensuring that you’re conducting proper risk management for all of your environmental, social, and governance-related initiatives.

Before launching an initiative, it’s important to do the research and evaluate all possible outcomes. As a cautionary case in point, consider the example of Cheerios’ 2017 #BringBackTheBees promotion. The brand included wildflower seeds in their cereal packaging, encouraging customers to plant the seeds to help bring back the bees, as part of the company’s environmental sustainability initiative. However, it turned out that some of the seeds in the packets were invasive species that would kill native plants in certain regions. By inventorying and analyzing all of the potential risks before launching the promotion, Cheerios could have identified the biological hazards of the action, and made modifications to the promotion prior to launch.

In order to ensure that your ESG initiatives don’t end up reflecting badly on your brand, you need to assess every opportunity through a strategic risk management framework, using integrated risk management (IRM).

How IRM and ESG Fit Together

IRM refers to both the processes and technologies that enable you to take a holistic view of your organizational risk. That means setting up an open, transparent culture in which risk management professionals and business unit managers share data and collaborate on risk and opportunity assessments. It also means using a centralized data platform that lets you gather data from all of your different tools and manual inputs, so that you can assess and report on your ESG risks in real time, and analyze future opportunities through a risk analysis framework.

In terms of your ESG policy, this means that you can use an integrated technology solution to support organization-wide risk assessment, mapping, monitoring, reporting, and analysis of all of your ESG programs. You can gather all of your data within the framework of a broader risk analysis toolset, so that you can put it into any business context necessary for executive decision-making.

With an IRM solution for ESG, you’ll be able to monitor your organization’s broader ecosystem including the entire supply chain, so, for instance, you’ll be aware if a company you purchase materials from has signed an agreement with a contractor that has historically supported sweatshop labor, and can instantly end the business relationship. You’ll be able to get real-time insights into day-to-day changes in how well your company is meeting its goals, so that you can put mitigation measures in place when necessary.

Why ESG Matters To Risk Management

While in years past, companies may have espoused corporate social responsibility (CSR) initiatives, they weren’t monitored or regulated—businesses were free to self-report on their success rates.

But with the rise of formal ESG policies, that’s changed. Corporate stakeholders now realize that environmental, social, and governance issues are integral to their brand’s business reputation and performance, and they’ll lose investors if they don’t prioritize developing clear-cut ESG policies and setting up a strict controls framework to ensure proper compliance. Consumers care about these issues as well, and are likely to turn away from companies that don’t showcase strong corporate values. And, with the challenge of sourcing talent getting more difficult than ever before, many employees are also choosing to work only for employers that demonstrate a commitment to shared values.

By committing to ESG within your risk management framework, your business will see numerous advantages:

  • Better resourcing for sustainability initiatives:  Sustainability isn’t just good for the environment, it’s also a great strategy for reducing operational expenses by building better efficiencies and committing to recycling and re-using materials when possible. By using IRM to assess the viability of your sustainability initiatives, you can conduct in-depth risk-benefit analyses for any potential sustainability investment, enabling you to determine which are the best fit and plan accordingly for them. You’ll also be able to monitor compliance with existing programs, such as assessing employees’ energy usage across all of your office locations to ensure that it’s in line with your benchmarks.
  • An improved brand reputation:  The Natural Marketing Institute found that 58% of consumers research a company’s environmental and social policies prior to making a purchase, and are more likely to purchase from those that have shown a commitment to sustainability. By implementing and publicizing your ESG policy, you’ll gain a competitive advantage over brands that don’t publicly report on ESG initiatives.
  • Better compliance with regulations:  In order to meet the burden of changing environmental regulations, it’s important to stay a step ahead and ensure that your company is in compliance even before new regulations are enacted. By using IRM, you’ll be able to adopt and implement compliance standards that go beyond what’s currently required of you, so that as regulatory bodies adopt new rules, your company will already be meeting their standards. And for existing regulations, you’ll be able to track and monitor your company’s compliance performance within one centralized dashboard, so that you’ll avoid fines or penalties.
  • New business opportunities:  Developing a framework for managing risk enables you to assess different opportunities to clearly understand how each scenario might impact your company. Having clear visibility enables you to confidently take on more risk, knowing that you can manage it efficiently—and provides you more opportunities.
  • A stronger strategic focus:  Better risk management means that you can streamline efficiencies and reduce time spent on enforcing compliance. That enables your risk management team to spend less time on checking boxes, and more time on strategic work that will drive your organization forward.

Bottom line? For risk management teams, a clear framework for building and managing ESG initiatives has gone from a nice-to-have to a necessity. By implementing an ESG policy within the broader context of IRM, you’ll be able to get a comprehensive view of your ESG risks and opportunities, helping you to make smarter business decisions.

Related Insights

The Rising Tide of ESG – Navigating the Road Ahead

video

The Board's Role in Leading and Enabling GRC

article

Board and Executive Collaboration: Components of a Secure Platform for the Evolving Workplace

White Paper