You can’t manage what you don’t measure, as the adage says. Many businesses today are considering how to measure the progress and impact of their environmental, social and governance (ESG) strategies, but do they truly understand how?

According to Thomson Reuters, almost two-thirds of corporate board members have strategies tied to ESG concerns. However, only a quarter say board members understand ESG risks well, demonstrating there is a significant learning curve to overcome.

In one sense, that is unsurprising, given that ESG is broad and ill-defined, in addition to practice and requirements varying across regions. One way or another, however, that is going to change.

Pieces of the climate regulation puzzle

For a start, there are increasing moves towards standardisation with international frameworks. In June 2022, the Basel Committee on Banking Supervision (BCBS), the primary global standard setter for the prudential regulation of banks, set out its final principles to support the effective management and supervision of climate-related financial risks by large, globally active banks. 

The BCBS’s principles address such areas as how bank-related principles should incorporate climate-related financial risk in their overall risk framework, including corporate governance, internal controls, and capital and liquidity adequacy. This is expected to have a knock-on effect to the wider corporate community. 

There is also the GRI (Global Reporting Initiative) standards or those of the Sustainability Accounting Standards Board (SASB). Alongside voluntary initiatives, regulatory edicts are bringing consistency and common reporting requirements. For example, the UK’s Task Force on Climate-related Financial Disclosures (TCFD) released the first annual reports and included mandatory TCFD disclosures. The EU taxonomy for sustainable economic activities is another obvious example. 

Furthermore, regulators are stepping up their scrutiny of corporate ESG-related claims and as a result, enforcing compliance. In May 2022 for example, German police raided Deutsche Bank’s DWS unit on the suspicion of the fraudulent advertising of sustainable investment funds.  Most recently, the U.S. Securities and Exchange Commission inspected Goldman Sachs' mutual-funds division in June 2022 due to doubts over its ESG fund claims. 

Under the eagle eye of the regulator, you may assume that the days of “greenwashing” in investment management, at least, are over, however the issue is far more widespread to justify any complacency on the matter. With these cases exposed and in the public domain, it suggests that we may not have even scratched the surface.

In early June, French President Emmanuel Macron and the UN Special Climate Envoy Michael Bloomberg announced a new committee focused on creating an open data platform to enhance transparency around business efforts to combat climate change.

“The lack of standardised, accessible data is limiting the power of markets and the public to fight climate change,” a statement from the French presidency read.

Above and beyond

In bringing standardisation, regulation should be welcomed by businesses; developing, monitoring and managing ESG strategies will be easier with a common language and structure to benchmark, evaluate and enhance activity. It would, however, be a mistake to let regulation drive ESG strategies. 

For a start, ESG regulation will be no guarantee of behaviour. The governance part of ESG, after all, has long been subject to regulatory requirements, yet these have failed to eliminate corporate scandals. Compliance without cultural change is usually unsuccessful.

Related to this, regulatory requirements may not go far enough in satisfying investors, customers, suppliers or the wider public. Already investors and others are increasingly examining not just businesses’ ESG credentials but those of companies in their supply chains, for instance. Similarly, reports that meet regulatory requirements may fail to address the needs or demands of key stakeholders. Businesses need to ask why they are reporting and who to? 

Finally, if tick-box compliance is unlikely to pass muster with external stakeholders, it is even less likely to meet internal needs. This is the key reason businesses should not allow ESG to be driven by regulation - because, otherwise, they will miss out on the benefits. 

Take it from the top

Of course, embedding ESG concerns into the culture of a business will minimise regulatory risks, and will reduce the chances of compliance failures and fines. But it enables firms to go further than a purely compliance-driven strategy allows – protecting against reputational harm from activity not proscribed by regulation but of which stakeholders would nevertheless disapprove. 

I recently participated in the 20th Annual Regional Audit Conference, which focused on the theme of ‘Revolution and Transformation’ in the UAE, and from the conversations during the conference it was clear that governing bodies, and entrusted advisors be it chief audit executives, and other assurance providers within organisations, could be doing more to address ESG and embed it into their culture. 

For instance, it is all too common for boards or their committees to not ask the right questions about ESG, how it impacts their organisation and those they engage with, and what needs to be done. Similarly internal auditors should be addressing the same considerations as part of their external and internal context analysis as an input to the overall risk assessment approach. 

In short, assurance providers within organisations must better their understanding of ESG so that they can ask these important questions and raise awareness of ESG across the entire organisation. There is a lot to do, and the mindset needs to change.

It may also enable businesses to identify and address emerging risks, and avoid stranded assets, suffering write-downs or devaluation due to the continuing evolution of regulatory constraints or public attitudes. 

Properly approached, however, ESG is not simply about risks but also about value. A greater understanding of ESG issues affecting the business can not just avoid stranded assets, but optimise asset allocation, improve operational efficiency (crucial in a period of high energy costs), and win new business – as other companies and consumers seek partners and suppliers with solid ESG credentials, which we are seeing time and time again in tendering situations. 

Finally, in a tight labour market, it can bring significant benefits to productivity, recruitment and retention. Surveys have shown that almost two-thirds of millennials, who are now the largest adult cohort in the world, say they consider a company’s social and environmental commitments when deciding where to work. The same proportion will not take a job with a company that doesn’t have strong corporate social responsibility values.

The generation following is likely to prove no less discriminating; a recent survey by Bupa shows generation Z is more anxious about environmental and social issues than any preceding it. Six in ten said they would stay longer with a company with strong ESG commitments.

Creating a culture that attracts and retains talents requires a commitment from the top of the organisation to embed ESG issues in their operations. That may start with compliance, but it must ultimately be about culture. From our experience, conducting an entity-wide culture assessment is a good starting point, followed by a completely fresh visit to the risk identification process within the organisation.

Only in that way can businesses not just manage the risks around ESG issues but secure the benefits. Because building a better world can also mean building a better business.


Rami Wadie
Rami Wadie
Risk Advisory Leader for the Middle East and North Africa