The Institute of Enterprise Risk Practitioners (IERP®) is the world’s first and leading certification institute for Enterprise Risk Management (ERM).

Image Alt

IERP® International Institute of Enterprise Risk Practitioners

  /  Thought Leadership   /  The Risk Manager’s Quick Guide to ESG

The Risk Manager’s Quick Guide to ESG

What do risk managers need to understand about ESG?In today’s business world, organisations can only get by if they have the full support of stakeholders, not just shareholders. “In the old days, people had this belief – an understanding that it was all about building shareholder value because they bought and sold shares,” said presenter Ramesh Pillai. “As they bought and sold their shares, it gave rise to the valuation of the company based on the price of the shares transacted. But in today’s modern environment, there is a greater understanding that it is not the shareholders who determine the value of a company at the end of the day, but essentially the stakeholders. There is a large intangible component to the valuation of any company.”

Stakeholders want to know how the organisation is affecting the environment, how it treats its employees, clients and communities, and if the firm is conducting its business ethically. These environmental, socioeconomic and governance variables, which are likely to affect its financial situation or operating performance, are collectively referred to as ESG risks, concerns or issues. ESG variables are diverse but they can significantly impact the long-term sustainability and profitability of the firm. Not all ESG issues affect firms in the same way; hence each individual organisation needs to identify, manage and mitigate the ESG risks which are peculiar to its situation.

The talk covered basic ESG concepts, ESG scores and ratings, and why firms need ESG risk management. An ESG programme is a form of risk management, he explained, as it encompasses the examination of the firm’s environmental, social and governance practices, the impact of these on the company, as well as benchmarking its progress. A wide range of stakeholders – investors, lenders, regulators, customers, employees and the communities where the company operates –is looking atcorporate ESG performance.“Investors and lenders may look to ESG data, including ESG scores or ratings, to assess a firm’s risk exposure as well as its possible future financial performance,” he said.

Communities and customers, on the other hand, may want to know about a company’s environmental and social practices, to inform their advocacy and purchase decisions. Environmental issues may, for instance, include climate change, deforestation, pollution and GHG emissions. Stakeholders may be concerned with social issues such as employee relations, human rights, occupational health & safety, customer or community relations. Governance matters like board management practices, succession planning, compensation, diversity, regulatory compliance, corruption and fraud are also of interest to stakeholders.

Many firms already have Corporate Social Responsibility (CSR) programmes in place but these differ from ESG programmes. For instance, CSR initiatives are usually voluntary, and aimed atimproving the company’s relationship with its external constituencies; CSR managers may oversee corporate philanthropy or community partnership efforts. ESG programmes, on the other hand, are broader corporate strategies which address the demands of investors or the regulatory authorities. Also, ESG practice is rigorously measured and reported because it concerns environmental, social and corporate governance matters which have risks and impacts that must be properly understood.

ESG risks need to be taken into account regardless of the size of the business, and the varying levels of scrutiny they are subjected to by their various stakeholders. Businesses need to address ESG no matter the nature of the business, as well. ESG-related issues can quickly snowball and impact negatively on the organisation if they are not identified and appropriately dealt with. It is critical therefore for the firm to be able to recognise and mitigate the ESG risks which confront it. Besides, proper ESG mitigation lessens the volatility the company may be subject to, and is likely to strengthen investor confidence.

“When you are looking at governance risks, you are basically talking about good governance practices,” Ramesh continued. “Companies need to navigate industry-specific compliance and regulations. You need to consider the role of the board of directors and how they oversee risk management policies. All of this has a big bearing on governance.” Managing ESG risks is not easy because of their complex, interconnected nature; impacts can thus be extensive. Organisations may also become exposed to physical and transitional risks.

While physical risks, for example, are risks arising from the physical impact of climate change. Transitional risks, on the other hand, would arise from the transition to a lower-carbon economy, and can include increases in the cost of raw materials and supply chain disruption, compliance with carbon tax requirements, expanding emissions reporting, and the cost of lower emissions technology.This makes risk management and reporting even more important. “Your contribution as an effective management team member becomes more critical in trying to get people to understand why all these things are important.”Better, updated data and disclosures about good governance practices are therefore required to manage climate change-related risks more effectively.

There are currently ESG frameworks which can assist firms in assessing their susceptibility to ESG risks such as those recommended by the Value Reporting Foundation’s SASB Standards; the Global Reporting Initiative (GRI); and the Task Force on Climate-related Financial Disclosure (TCFD). Having frameworks in place can help businesses be more proactive with their risk-reduction strategies. Even with such frameworks in place, ESG reporting is not yet standardised – but ESG scores and ratings are still useful because they can be used by investors to evaluate the firm’s ESG performance and risk management processes.

Companies should build on existing risk management practices in their efforts to strengthen their mitigation of ESG risks. Research has found that companies which have experienced ESG incidents could lose as much as 6% of their market capitalisation, on average. It’s not just large corporations that could be affected; SMEs are just as vulnerable because ESG risks are material risks. If they are not addressed in a timely, appropriate manner, they can be detrimental to the company’s sustainability and erode its value. “ESG risk management is, very simply, normal, regular risk management,” Ramesh concluded. “Any company which neglects ESG issues is at increased risk of experiencing ESG-related incidents or controversy that could affect its value and reputation.”

User registration

Reset Password