Managing ESG risks: align compliance, risk and corporate sustainability
August 2022 | SPOTLIGHT | BOARDROOM INTELLIGENCE
Financier Worldwide Magazine
August 2022 Issue
Compliance, risk management and corporate sustainability have traditionally been viewed as three distinct disciplines. But as the importance of environmental, social and governance (ESG) issues grows, there is a need for greater alignment for these areas. Recent events such as the resignation of the chief executive of the DWS Group, one of Germany’s top asset management firms, following a police raid spurred by greenwashing claims, and BNY Mellon’ $1.5m penalty following charges brought by the US Securities and Exchange Commission (SEC) for misstatements and omissions about its ESG considerations, have only underscored this trend.
Indeed, many of today’s key ESG challenges are top issues for these functions. Traditionally, compliance has been prescriptive, focused on adherence, and seen as a foundational ‘must-have’ for legal and regulatory purposes. Risk management is predictive and focuses on uncertainty. Corporate sustainability, meanwhile, includes elements of both compliance and risk management, but focuses primarily on the long-term welfare of the company, its shareholders and other stakeholders, society at large and the natural environment – thereby considering both risks and opportunities.
For companies to address these issues effectively, the three functions cannot operate in silos, but need to be brought into the same conversation. But while aligning a firm’s compliance, risk management and corporate sustainability programmes can provide greater consistency and cohesion across all three areas, it is important to recognise that these programmes are not – and should not – be fully consolidated. Being aware of the divergent priorities and distinctive attributes of each area and where they overlap is more important than full-blown integration. For example, as compliance becomes more involved with corporate sustainability, it is important that it does not sacrifice its independent control function. This applies to risk management as well.
Corporate sustainability is now more connected than ever with compliance and risk management. It has moved from being a topic of interest to those in the environment, health & safety community affairs to becoming a mainstream strategic issue for companies and their stakeholders. And as companies’ focus on sustainability has increased, so has convergence among the three areas.
Getting involved with corporate sustainability allows the risk and compliance function to address broader issues and focus not only on mitigating risks, but on opportunities as well. At the same time, sustainability executives are seeking to have their concerns incorporated into the firm’s risk management processes. If an ESG issue is captured in a company’s risk assessment, it requires mitigation measures, which requires buy-in, ownership and accountability on the issue from senior leadership, which turns it into a business imperative. Furthermore, with the shift toward stakeholder capitalism, leaders are increasingly playing multiple roles and need to become fluent in areas outside their core expertise.
While all three areas can be strengthened by increased collaboration, corporate sustainability could benefit the most. This makes sense: each area brings specific processes and expertise to the table from which the other areas can benefit. Moreover, corporate sustainability is generally considered the ‘newest’ function, so can learn the most from the other (more mature) functions.
For example, compliance can foster a culture of follow-through. Rules are worth nothing if they are not followed by everyone. This is equally true for corporate sustainability, where there needs to be follow-through on environmental and social commitments. Risk management can bring a mindset of the ‘risk of inaction’. This mindset can be applied to corporate sustainability, for example by anchoring the belief that sustainability is not about saving money, but rather about the risk to the company’s long-term viability.
But corporate sustainability can bring a multistakeholder awareness and approach, a forward-looking perspective, and a focus on opportunities, not just risk. Corporate sustainability focuses on certain processes that other functions do not often utilise to such an extent. It encourages materiality analyses, for example, whereby it looks at issues that are important to the company and stakeholders – instead of just focusing on complying with the law. The growing list of ESG issues is forcing the corporate sustainability function to always be looking around the corner.
This mindset can help compliance become more forward-thinking. Corporate sustainability does not just report on the downside risk, but also looks at the competitive advantages that can come from seizing opportunities and differentiation. There are several ways to augment coordination and collaboration among the three functions. Ideally, alignment would grow organically and synergistically over the years, but organisations do not have the luxury of time.
So, it is important for companies to expediently identify areas where there already is a natural fit, listen to investors and other stakeholders, and engage leaders who are passionate about greater alignment and let them champion the collaboration. Companies can also facilitate coordination between compliance, risk management and corporate sustainability by organising to increase harmonisation – for example the three areas could fall under the purview of one executive who oversees risk and reputation (e.g., the general counsel, chief reputation officer or chief integrity officer).
This could include compliance and risk management personnel on sustainability steering committees either as permanent members and represent sustainability in the annual risk management process or in the internal compliance review committee. Companies can also engage the internal audit team to review not only compliance and risk management, but also other corporate and business unit functions, such as sustainability. Staff can make recommendations to management and the audit committee on best practices among the three areas.
Companies could benefit from conducting a cross-functional mapping exercise of their material issues to look for potential areas of convergence and divergence – and seeing where collaboration between functions is (or is not) required. Climate is one such example where convergence can help optimise what a company seeks to achieve in that space. The compliance function focuses on compliance with laws that regulate the company’s impact on climate. Risk management is focused on the risks that climate change poses to the company. And corporate sustainability focuses both on the climate’s impact on the company and the company’s impact on climate. Each function brings expertise and processes from which the other areas can benefit. Companies may therefore want to focus not on full-blown integration, but on analysing the priorities of each area and where they intersect.
Adjusting the company’s organisational structure, providing cross-training and adopting new governance policies can facilitate alignment between areas. The upshot will have to be a new alignment, one which maintains compliance, risk and corporate sustainability as independent functions while also acknowledging how connected they have necessarily become. The enterprises which most quickly find this balance will be best positioned to succeed going forward.
Anuj Saush is the European Governance & Sustainability Center leader and Merel Spierings is an ESG researcher at The Conference Board. Mr Saush can be contacted on +32 (2) 675 5405 or by email: anuj.saush@tcb.org. Ms Spierings can be contacted on +1 (212) 339 0403 or by email: merel.spierings@tcb.org.
© Financier Worldwide
BY
Anuj Saush and Merel Spierings
The Conference Board