A recent online IERP® Tea Talk turned the spotlight on Environmental, Social and Governance (ESG) practices and how these are related to Enterprise Risk Management (ERM). There were many reasons for the heightened profile of ESG in the past few years, said speaker Ramesh Pillai, Chairman of the IERP®’s Board of Governors, pointing out that although it may not have been considered a core business objective before, it was now a hot board topic because it was increasingly becoming a requirements demanded by investors, employees, regulators and customers who want the organisations they were associated with, to be responsible corporate citizens.
It is becoming especially critical to the reputation of the business as well as its financial performance. “Shareholders and stakeholders today want to know what is being earned for them, and how it is being earned,” he said. “We need to actively promote and embody the values that underlie ESG as corporations, and not just as sustainable investors.” Advocating the integration of ESG into ERM programmes, he said that for risk professionals, this means improving sustainability in the long term. A changing risk landscape has resulted in more complex risk factors, prompting demands from stakeholders and regulators that companies reconsider how they conduct their business.
Substantive changes have to be made, with an emphasis on instilling accountability, transparency and sustainability at all levels of operations; the emphasis needs to be on instituting environmental, social and governance programmes that focus on needs, and the benefits that accrue from this. But there was still a lack of clarity about how to implement changes and initiatives, Ramesh added. “Most frameworks tell us how to disclose and maintain but not how to implement,” he said. “Risk professionals should therefore use an ERM programme to create a systematic, holistic approach to manage ESG risk as part of the broader risk portfolio.”
They will need to revisit their risk approaches and strategies to ensure that ESG standards and frameworks are integrated into all the organisation’s operational plans and strategies. Collaboration with stakeholders is essential, as are the settings in place of proper risk controls. “Companies which do this will stand a better chance of increasing their ESG ratings and also ensure that their businesses will be able to withstand long-term risk and take a forward-looking approach to value creation,” he said. “It is all about ensuring organisational agility, resilience and sustainability.” Risk management, when properly implemented, will strategically drive performance and function as a performance management tool.
ESG is critical because it is about sustainable development, the kind which will ensure that what is done today does not impact or impinge on the ability of future generations to do what they want to do on the sustainable development front, when they want or need to do it. Risk management is about achieving an organisation’s aims and objectives, and protecting and creating value. But one major risk confronting all businesses is that they will not have a place – a planet – where they can conduct their business. “If we don’t protect our planet, there will be no planet left,” Ramesh stated. “No planet, no business.”
However, risk management can present both risks and opportunities; ESG strategies and initiatives should be implemented in a way that creates opportunities which can be identified and grasped, and implemented for long-term value. “At the end of the day, both ESG and ERM are trying to achieve the same thing but are coming at it from different perspectives,” he explained. “ERM has structured processes. ESG implementation can piggyback on ERM structured processes to try and get to where you want to go. ERM is about how to manage all risks in the business – and ESG is just one of these risks.”
There are several advantages to managing ESG within an ERM framework. Ramesh presented five:
- ESG can use ERM’s structure and processes
- ESG can leverage ERM’s organisational support
- Aligning and integrating ESG with ERM programmes pools resources and reduces duplication
- Reframing ESG objectives as risks will help improve the attainment of ESG goals
- ESG can invigorate and accelerate ERM programmes
Businesses that are forward-thinking when it comes to ESG risks can gain the upper hand in competitive markets because of the increasing demand by stakeholders for organisations to be accountable and transparent. Industry regulations surrounding ESG have increased, and regulations have accelerated. “Businesses have to report on all ESG issues,” Ramesh said. “Incorporating ESG risk management as part of ERM strategy will be much more straightforward and also help reduce legal intervention. If a business is responsive about mitigating risks that might otherwise impact its bottom line or reputation, it is in a much better position to be profitable.”
Also, any ESG-conscious organisation is more likely to be a safer investment, and more attractive to investors, consumers and top talent who are becoming increasingly knowledgeable about the goods and services they buy and who they work for. Companies will be more able to tap into new markets or expand into existing ones, besides being able to entice socially-conscious investors, who will be keener to incorporate ESG values like responding to climate change into their portfolios; such investors are likely to invest in organisations that manage their ESG risks well and demonstrate a more altruistic approach.Investors will feel good about where they are putting their money, and the stocks they own.
ESG-conscious organisations are also more likely to see greater employee productivity and enhanced employee motivation as employees start to feel more engaged and instilled with a sense of purpose as they visualise the prospect of being able to give back to society through their work. Improved employee experience leads to greater output. To be able to attain all this, sound business intelligence tools are crucial, as environmental issues are vast, complex and urgent, and even as companies are spurred to take meaningful action, they have to be aware of the dynamics of their situation. Ramesh cautioned that businesses faced exponential growth amid climate impacts and associated volatility and disruption.
There was, however, a great opportunity for the public and private sectors to be more sustainable and create lasting social impact in the communities where they operate while they deliver genuine financial value. “ESG is more than just a compliance exercise,” he said. “More companies are embracing it as a strategic business imperative particularly as companies pursue Net Zero by 2050. ESG has the potential to build long-term competitive advantage, enhance resilience, accelerate sustainability risks and attract socially and environmentally conscious investors, talent and customers.
ESG risk management is just regular risk management regardless of size of the company or industry.”
Integrating ESG factors into corporate decision-making is, therefore, just good risk management, he added. ESG risk is regular, old-fashioned business risk; managing ESG risk is good for everyone because, for business to succeed, all risks need to be managed. “It may look like a trendy, cool buzzword but most companies have likely been managing such environmental, social and governance risks for years, only without the ESG labelling of these risks,” he pointed out, but stressed that companies were now under a lot of pressure to formally identify, report and disclose these risks, set clear risk reduction targets, measure progress effectively, and report in a transparent manner.
Urging participants to be careful about things like ‘greenwashing’ he cautioned that companies which manage ESG risks need to ensure that it is properly done because it can be very damaging to the company if it is perceived otherwise. But the benefits of action inevitably outweigh the cost of inaction. “ESG programmes offer them the rare opportunity of being identified and recognised as good corporate citizens, which adds to their branding,” he said. “ESG can use ERM’s structure and process as outlined in ISO 31000 – the objective-centric approach.ESG frameworks have been designed to make them more impact-focused and add value to organisations.”
They are also closely aligned with ERM frameworks, and generally follow the same kind of approach as ERM. From an ERM perspective, it is more advantageous if the two are merged as it could result in savings in costs besides reducing the duplication of processes. ERM and ESG are both functional areas so funding will always be an issue, he said, but it was wrong to assume that ESG was a cost without any financial benefit. Studies have shown that there is a strong positive correlation between ESG investments and financial returns, and increased ESG investments, specifically, were associated with superior returns in a great percentage of studies reviewed.
“If the best-performing organisations consistently prioritise ESG and ERM, it is unlikely to be a coincidence,” Ramesh remarked. “ERM provides structured tools to better understand outcomes and impacts of strategic decision-making. These tools help managers better identify and demonstrate benefits from their ESG programmes. Reframing ESG objectives as risks will therefore help in ESG goal attainment.”ESG objectives may come across as aspirational because they are not well defined, which may lead to them not being taken seriously. Making ESG objectives a part of the firm’s overall objectives increases realisation that like other organisational objectives, ESG objectives must be met.
But ESG can invigorate and accelerate an ERM programme as well; both ESG and ERM can reinforce each other in a cycle that creates more value for the organisation overall than either practice on their own. “Integrating ESG and ERM can give new life and enthusiasm to established ERM programmes which most people may see as boring and tedious,” Ramesh continued. “When you talk about ESG, many staff members get excited about the prospect of making a positive impact through ESG. This new energy will help propel any joint ESG-ERM approach throughout the business. Those who may have been bored previously will now refamiliarize themselves with ERM processes.”
If the company does not have a formal ERM programme, ESG can be a catalyst to help launch a properly-designed, objective-centric risk programme right from the beginning. Rather than having two separate risk management frameworks for ESG and ERM, these two can be merged into a single risk management framework, to cut costs and improve efficiency. The surge in sustainable investing and evolving investors’ stewardship practices are encouraging companies to see ESG value in accessing capital and addressing matters that could attract activist investors or hedge funds; managing ESG risk is now a top priority for amplifying growth.
Ramesh put forward six crucial questions for boards and executives to consider when establishing relevant programmes:
- How are the company’s strategy and risk management functions meeting the needs of stakeholders, addressing financially material and environmental factors, and how are you driving this to your competitive advantage?
- How is the board learning about ESG trends and developments that could impact shareholder support of the board and management?
- How would a sustainability materiality assessment help inform the company’s strategy and strengthen relationships with stakeholders?
- Would assigning ESG oversight responsibilities to board committees enhance the board’s governance?
- How will company communications increase the brand value of ESG initiatives and meet investor needs for decision-useful ESG information?
- Is the company taking the same approach to non-financial data as it is to financial data in terms of disclosure processes and controls, and obtaining external assurance?
A critical consideration for companies is how to do their ESG reporting, he said, stressing that there was a need for robust disclosure, processes and controls – things that risk management is already involved with. As ESG continues to influence the overall risk posture of an organisation, it will require the same level of attention and focus as any other risk. “ERM provides a holistic and systematic approach to managing the overall portfolio of risks and may offer particular value in the context of complex, long-term issues,” he said. “It can enable organisations to systematically identify, assess and monitor potential, actual and emerging risk exposures.”
When integrating an ESG programme with ERM, the organisation should engage ESG leads early, ensuring that open channels of communication enable those concerned to talk to each other early and determine how things are going to be coordinated. “Derive ESG risks from the ESG strategy, and determine the organisation’s position,” Ramesh advised. “Adopt a holistic approach to managing ESG risks, and leverage data assets to assess ESG risks. Risk exposures and their associated treatment and mitigation plans will inform enterprise-wide planning and decision-making, and help provide insight into key business activities such as strategy, operations and audit.
Using an ERM approach to address ESG risks as part of the broader risk portfolio will allow organisations to engage manpower and focus on appropriate management of ESG risks and make improvements to risk culture, risk insights, resource allocation, risk acumen and risk integration.ESG risk is business risk that has a potentially significant impact on the business; managing it is no different from normal risk management practice but organisations need to go beyond the rhetoric and address the real issues. “ESG is about being a good corporate citizen, not about what you do today (but) about supporting sustainable development,” Ramesh concluded. “It’s about meeting our developmental needs today without impacting the ability of future generations to meet their developmental needs.”
