Compliance

The Future of ESG Risk Management

Your business may perform fairly well by exclusively focusing on the bottom line. For instance, you can double down on efficiency and make it the springboard of your success.  However, it can only go so far. 

This is because profits cannot be viewed in isolation, and you cannot ignore the ecosystem in which you operate. That’s why business leaders increasingly recognize the importance of ESG in risk management. 

If anything, a 2023 IBM IBV study reveals that companies seen as ESG leaders are 43% more likely to outperform their peers on profitability.

What Is ESG in Risk Management?

ESG is an acronym for environmental, social, and governance. ESG in risk management relies on intentionally integrating environmental, social, and governance issues into an organization’s risk management framework. 

The term ESG first became widespread in 2004 through collaborative initiatives by the United Nations and financial leaders exploring the need to do business more sustainably. 

Today, ESG is part of the official business vocabulary and has evolved to become a key factor in risk management.

This is anchored on the understanding that every business is vulnerable to risks associated with its social arrangements, the environments, and the tone and texture of its corporate governance structures.

What Is the Objective of ESG Risk Management?

ESG risk management aims to address a wide range of non-financial risk factors related to environmental, social, and corporate governance practices. And then, make predictions about the impact of these three factors on the business and formulate credible mitigating strategies, either to lessen the impact of the risks when they do eventually occur or to eliminate the likelihood of their occurrence.

ESG Risk Examples

Examples of ESG risks are likely to play out as follows.

• Environmental risks: These include how your business uses water and energy, disposes of waste, and controls greenhouse gas emissions into the atmosphere.
• Social risks: Examples include how your business prevents or responds to human rights violations, ensures workplace safety, and promotes fair labor practices.
• Governance risks: These are risks associated with both the integrity and competence of your board and top management. A key factor here will be your organization’s adherence to regulatory requirements and whether it has a sound system of compliance management.

For real-life examples of ESG risk, you don’t need to look too hard. 

BP had to part with about $65 billion because it failed to manage environmental risk when its Deepwater Horizon oil rig exploded in the Gulf of Mexico in 2010.

Pacific Gas and Electricity Company had to fork out nearly $10 billion due to its role in multiple California wildfires.  

When it comes to social risk, the case of British sportswear retailer Sports Direct offers a cautionary tale of companies that put profits first at the expense of everything else, including ensuring adequate and healthy working conditions. It ended with the company’s CEO, Mike Ashley, being dragged to testify in Parliament and the company enduring a reputation-shattering litany of legal issues. 

On governance risk, where the integrity of the board and top management is a major factor, Patisserie Holdings, a UK-based restaurant chain, had to suspend its trading when a £20m difference was identified in its accounts and suspend its chief financial officer.

And don’t forget about the governance failures closer to home. Looking at you, Enron and Waste Management.

Emerging Trends in ESG Risk Management

In 2023, investors and stakeholders are increasingly demanding that companies incorporate meaningful ESG risk control practices. 

According to KPMG’s Survey of Sustainability Reporting published in October 2022, 96% of the world’s leading 250 companies have adopted sustainability reporting. 

Several reporting frameworks continue to define the ESG reporting landscape. These include 

• the Task Force on Climate-Related Financial Disclosures (TCFD), 
• the Carbon Disclosure Project (CDP), 
• the Global Reporting Initiative (GRI), and 
• the International Integrated Reporting Council (IIRC)

Other ESG reporting standards include the Sustainability Accounting Standards Board (SASB) and other local stock exchange guidelines. 

The GRI remains the most preferred standard of all the major reporting frameworks. TCFD, however, registered the highest growth from 2021 to 2022.

Also, while more and more companies are willing to report climate risk, unfortunately, the same cannot be said of social and governance risks.

In the United States, the SEC has proposed new ESG rules in response to its 2021 request for input on climate risk disclosure. Going forward, the SEC will require companies to disclose, among other things, how climate-related risks have shaped or are likely to affect the company’s strategy, business model, and outlook.

The European Commission is considering adopting the first draft of European Sustainability Reporting Standards (ESRSs) in Europe. The European Financial Reporting Advisory Group (EFRAG) prepared and published the standards in November 2022.

But it has yet to be smooth sailing, especially in the United States. Conservative legislators, who view ESG factors as pesky political agendas, are passing laws that will curtail (sometimes even punish) ESG adoption.

Best Practices for Implementing an ESG Risk Management Strategy

While every situation will differ, the following are some best practices for implementing ESG risk management.

• Perform continuous monitoring of ESG risks.
  • ESG is not a one-off thing. Companies must continuously scan the business and operating environment and evaluate their values and practices to align them with ESG ideals.
• Prioritize resource allocation on ESG risks that directly affect core business activities.
  • The ESG landscape is broad. Therefore, a best practice is to put money, attention, and time into controlling ESG risks that can directly impact your company’s core operations.
• Emphasize staff training.
  • ESG in risk management will only be effective when leaders and employees know what to do. Provide regular training for employees to learn how to manage these risks and how the risks impact the company.
• Incorporate ESG into existing risk management frameworks and due-diligence processes.
  • ESG activities may not achieve much if done in isolation. Instead, companies have found that the outcomes are better when they integrate ESG into their enterprise risk management systems and due diligence processes.

Conclusion 

Since a company does not operate in a vacuum, those that pay attention to their environmental, social, and governance risks are more likely to be successful and sustainable. And with more and more investors looking to make sustainable investments, you cannot afford to put ESG 0n the back burner.

Stefan van Duyvendijk

Stefan van Duyvendijk is the Accounting Operations Evangelist at FloQast. Previously, Stefan served as the Corporate Controller for Kodiak Cakes, a private equity owned, leading consumer packaged food company, and as a Controller for Skullcandy, a multinational headphone CPG. These positions followed his five years at KPMG. His experience includes ASC 606 implementation, reduction of financial close timelines, accounting operational improvements, business combinations, financial statement audits, SOX audits and implementation, management reporting, debt, treasury, and systems integrations/implementation.