Creating a more ESG-compliant business: Here’s what you should know
Effective ESG implementation in a company’s framework is more than just conceiving a vision and aligning it with their goals.
When environmental, social, and corporate governance (ESG) started to gain its foothold in the early 20s, many companies saw it as an optional alternative to creating a more wholesome public image. Others even saw it as a threat and viewed it as an added expense with not enough leverage to sustain itself.
Nevertheless, as enterprises began to see the need to integrate its precepts into their strategy and decision-making, one thing became certain: merging ESG with an organisation’s game plan doesn’t just benefit people and the environment, it benefits the business as well.
Today, organizations are focused on tracking, measuring, and reporting their ESG efforts to meet their investors' environmentally- and ethically-conscious demands. Many are also deliberately taking steps to assure like-minded consumers of their alignment with ESG standards.
One good example is a company's use of satellites to give real-time data on deforestation occurrences when implementing their projects. This assures their investors—and the public—that their actions are safe for the environment.
Understanding ESG
ESG comprises issues about business continuity, environmental matters, ethical business practices, employee health and safety, human capital management, diversity, and risk management.
Measuring these efforts requires accurate tracking and reporting. In the past, ESG disclosures were limited to research findings and linear ratings. Today, advanced technology has allowed more quantitative and qualitative disclosures to be measured accurately, which allowed the World Economic Forum to publish a core set of common metrics and disclosures that help align organisations in reporting their performance against ESG indicators.
These factors, which are broken down into governance, planet, people, and prosperity categories, require not just data points, but also an additional context to ensure the accuracy of the metrics. As the Securities and Exchange Commission (SEC) stipulates, organisations should provide additional context so that investors can understand the metric that is being presented. For example:
- They should provide reasons why the metric is useful to investors
- Organisations should explain how management uses the metrics
- They should benchmark their ESG metrics against other similar industries to provide greater insight and understanding
Challenges in achieving ESG compliance
The examples above show a key limitation when companies support metrics with added context: they require the use of data from all parts of the organisation.
"The bottom line is that ESG data is in demand. But not just any data—your data needs to be sound, clean, accurate, consistent, and near-real-time," says Galvanize, a Diligent brand and global leader in SaaS governance, risk, and compliance (GRC) software.
“Otherwise, you get silos, lack of data, misaligned visions and objectives, and poor reporting. The way to achieve viable data is to connect it in a central, purpose-built tool so it can be aggregated from anywhere and fed into real-time reports and dashboards. Organisations must invest in these types of solutions if they plan on thriving on the other side of the 21st century’s first sustainability crisis,” they added.
Taking a proactive approach in implementing ESG
Incorporating ESG in decision-making strategies requires businesses to set clear boundaries and roles every step of the way.
Step1: Identify & gather the right functions
ESG issues are regulated by many different functions, such as finance, legal, HR, risk, compliance, etc. Therefore, the first step is to clearly identify which areas of the company will directly influence those functions within your organisation.
Step 2: Define roles & ownership
“Who should lead the charge on ESG issues? The honest answer is that it depends. Each organisation needs to find whatever oversight and leadership model works best. But regardless of who owns it, the board’s role is to set the tone at the top,” says Galvanize.
Boards often comprise the typical structure of audit, compensation, nominating, and governance committees. ESG can traverse all these areas, so clearly defining which functions correlate with an issue is important.
For example, environmental, health, and safety (EHS) risks would fall under the “E” of ESG, and could go to the audit committee. Pay equity is part of the “S” and goes to the compensation committee. Diversity on the board falls under “G” and goes to the governance committee.
The business functions that touch ESG issues could include:
- Procurement—working to find ethical and reliable suppliers
- Legal—reviewing contracts with suppliers and customers
- Human resources—monitoring pay equity, workforce diversity, and workplace bullying
- Compliance—implementing uniform ESG policies, and investigating allegations of misconduct
- Audit—measuring an organisation’s ESG posture on everything from climate change to fair labor standards to workforce diversity
- PR or investor relations—monitoring stakeholders’ attitudes or statements about the company’s performance
By defining the roles and ownership within each function, the board can provide support and leadership (e.g., a new public policy or risk committee that oversees ESG), and management can provide structure—like an executive-level ESG committee, with members from all relevant business functions.
Step 3: Set objectives & adopt frameworks
It's important to give clearly defined and established objectives. For environmental goals, examples include:
- Reducing the company’s consumption of water, fossil fuels, or toxic chemicals
- Using more recycled materials in production, or making final products more recyclable
- Ensuring ethical sourcing in the supply chain, including investigating allegations of forced labor
- Achieving pay and promotion equity across racial or gender lines in the workforce
Step 4: Track, report on, & improve ESG strategy
Aside from having quality data, organisations need the help of technology to coordinate all of those moving parts and report back to the board on the progress and achievement of objectives. Without technology, this effort will fail.
“For example, say the company wants to crack down on human trafficking in its supply chain to comply with the anti-slavery statutes cropping up worldwide. That might involve collaboration across the legal department, to review contract language used with suppliers; the procurement team, to confirm that all suppliers have accepted the language and certified their compliance; the compliance team, to manage whistle-blower hotlines that receive allegations of human trafficking; and the legal team again, to confirm that necessary disclosures meet regulatory requirements,” says Galvanize.
“To coordinate so many moving pieces, business areas need a specialized governance, risk, and compliance (GRC) platform that can deliver several capabilities and allow for easy, real-time reporting back to the board.”
Galvanize’s HighBond platform brings all organisational data together under one roof and seamlessly connects disparate data sources and integrates, analyses, and contextualizes all metrics in real-time. With instant insights, companies can strategically manage risk and compliance across the entire organisation—and never have to leave the platform.
It also reduces workloads, increases visibility, and enables more informed decision-making in a collaborative environment, thanks to a unified platform that allows teams to work from, reference, and report on shared data.
“The HighBond platform creates stronger security, risk management, compliance, and assurance. It connects governance, risk, and compliance (GRC) professionals with the answers that drive change—so they can work better together and protect the organisation.”
Galvanize, a Diligent brand, is the leading provider of GRC software for security, risk management, compliance, and audit professionals. The integrated HighBond platform provides visibility into risk, makes it easy to demonstrate compliance, and helps grow audit, risk, and compliance programs without incurring extra costs. To learn more about Galvanize, you can visit www.wegalvanize.com.