ESG compliance is growing in importance as ESG takes up increasing C-suite headspace. Articles and books on the topic proliferate. Google searches for “ESG” have skyrocketed since 2019, and it has been identified as one of the top risks facing businesses in 2022.
For corporate leaders across sectors and geographies, ESG has shifted from afterthought to strategic imperative.
But with ESG such a vast topic, being confident that you are ESG compliant isn’t straightforward. We tackle some of the most asked questions when getting started, including:
- What is ESG compliance?
- What is its scope?
- What is the extent of regulation across different areas of ESG?
- What should compliance teams be prioritizing?
- What risks do organizations face as a result of ESG non-compliance?
How Can Companies Be ESG Compliant?
It’s common — yet reductive — to think about ESG just in terms of environmental concerns. But ESG is so much bigger than that.
One of the challenges with ESG compliance is the breadth of areas covered under the environmental, social and governance umbrella. ESG covers business considerations ranging from carbon footprints and greenhouse gas emissions to remuneration and broader social issues like modern slavery.
How can organizations ensure compliance across such a wide range of issues? What ESG policies do you need to implement, and what controls need to be in place to govern them?
What Does ESG Compliance Mean — Regulations, Best Practices and Expectations
Even once you have solved the conundrum of defining ESG, working out what ESG compliance means remains a challenge.
ESG compliance operates on a sliding scale, from voluntary best practice to mandated requirements.
In some areas, regulation governs ESG performance. The Clean Air Act, for instance, regulates emissions in the US, while the Equal Pay Act prevents discrimination in pay and compensation.
In others, although there is no active regulation, growing levels of expectation are pushing companies to adopt best practices. ESG disclosures are becoming prevalent as ESG ratings and risk scores, although not mandated in many countries, increasingly inform decisions for investors, consumers and potential employees.
And even in areas where publicly-published ESG reporting isn’t the norm, businesses’ growing desire to “do the right thing” on ESG matters is driving organizations to act with greater integrity.
Up to now, many areas of ESG compliance have been largely self-policed. Still, there is rapid growth in legislation across all strands of ESG, like the Sustainable Finance Disclosure Regulation (SFDR) coming into effect in the EU.
Whether you are meeting self-imposed ESG standards, acting out of a sense of obligation, or complying with regulatory requirements, there can be no doubt that ESG compliance is a non-negotiable aspect of good governance in 2022.
What Should Compliance Teams Be Considering?
Having established that ESG needs to form part of every organization’s governance, risk and compliance (GRC) strategy, what are the issues you need to include in your ESG compliance strategy and policies?
- Scope. What do your ESG compliance efforts need to cover? Consider the “E,” “S,” and “G” in turn; make a checklist of all the areas your policies need to address.
- Prioritization. In what order should you tackle these challenges? This might be driven by corporate strategy and business-specific concerns. You might prioritize based on the degree of regulation involved, tackling mandated requirements first and “nice to haves” later.
This process may include creating an ESG compliance checklist to ensure you capture all areas for focus and measurement and build strategies to monitor and improve them.
- Objectives. Understanding your obligations, industry best practice and regulatory imperatives will enable you to set necessary and achievable goals for each area of focus.
- Context. There are a number of external standards for ESG compliance. Familiarizing yourselves with the frameworks set out by SASB, GRI, TCFD, CDP and the WEF, among others, will enable you to map your ESG goals and data against recognized benchmarks. 5.
- Practicalities. How will you collect the ESG data you need to measure and drive your compliance program? Manual data capture brings a risk of errors and omissions (as well as being labor-intensive and time-consuming). You need to ensure that all your entities and operations are included in your ESG strategies, captured in monitoring, and represented in reporting.
Equally important, how will you mandate compliance with the processes that make up your ESG initiatives? Can you make “doing the right thing” the default? Many organizations are realizing that automation can help, not just with measuring and monitoring ESG compliance but with ensuring compliant approaches in the first place.
- Responsibility. Who should be responsible for implementing and overseeing the progress of your ESG compliance strategies? Not all businesses have a dedicated ESG compliance officer, but if ESG is a priority, someone within the compliance team should have accountability for achieving ESG objectives.
What Are the Risks of Not Being ESG Compliant?
As legislative imperatives around ESG grow, there are increased penalties for non-compliance with ESG principles. These may be financial, reputational or commercial. With ESG ratings and scores used more than ever to assess businesses, the potential impacts here shouldn’t be underestimated.
There’s also the risk of litigation if ESG disclosures are found to be wilfully misleading or inaccurate.
Organizations that fall short on ESG yardsticks or have poor ESG reputations may find themselves unable to attract the talent they need; for instance, just 44% of STEM millennials are interested in careers in oil and gas, compared to 77% in the tech sector.
These organizations may also find themselves falling behind their competitors as consumers vote with their wallets; 64% of US consumers take a company’s ethical performance into account in purchasing decisions.
How Can Robotic Process Automation Empower Compliance Teams?
Robotic process automation (RPA) is a form of business process automation technology based on artificial intelligence (AI). It has the capability to aggregate data from multiple sources, which enhances reporting by reducing the time and work taken to collect, compile and present large amounts of data. RPA can also help mandate compliance by managing workflows and issuing automated reminders for required actions.
Having a single ESG platform will simplify ESG data collection, measurement and reporting, and enable you to benchmark your progress on ESG compliance against your peers and competitors. You can learn more about how automating governance, risk and compliance can help you achieve your ESG compliance goals here.