Key things to know about building an ESG-conscious business

For decades after Milton Friedman’s seminal essay was published, people believed that profits were the only real goal of business. But today, it’s the purpose behind the profits that’s in focus.

“Society is demanding that companies, both public and private, serve a social purpose,” wrote BlackRock Founder, Chairman, CEO, Larry Fink, in his 2018 letter to CEOs. “To prosper over time, every company must not only deliver financial performance, but also show how it makes a positive contribution to society.”

That “contribution” is arguably best exemplified in a company’s environmental, social, and governance (ESG) practices. Ranging from carbon footprint reduction to pay parity, ESG practices enable sustainable and purpose-driven business growth.

The International Finance Corporation (IFC) found that out of 656 companies in its portfolio, those with good environmental and social practices outperformed clients with worse practices by 210 basis points on return on equity and by 110 basis points on return on assets.

Similarly, Morningstar found that sustainable funds attracted a record $51.1 billion in net new money from investors in 2020, more than double the previous record set in 2019.

In other words, ESG isn’t just the right thing to do. It also impacts business performance positively.

But What Is ESG?

The E in ESG refers to a company’s environmental impact and practices, including energy consumption, waste management, carbon emissions, and use of natural resources.

The S refers to a business’s social impact on employees and other stakeholders, as well as its ripple effects on the larger community. It covers issues like labor practices, working conditions, diversity, inclusiveness, pay equity, employee engagement, and data protection and privacy.

The G stands for governance, or the internal controls and procedures that a company adopts to ensure integrity and transparency in business activities and decisions. It encompasses issues like boardroom diversity, executive compensation, anti-corruption, and whistleblowing.

Together, E, S, and G seek to encourage more socially responsible behavior in businesses, boardrooms, and investor communities.

What Does ESG Have to Do with GRC?

GRC is no longer just about monitoring regulatory compliance or managing known risks. It’s about sustaining an organization’s license to operate—ensuring that business practices, operating procedures, and corporate behaviors are acceptable to employees, stakeholders, and the public at large. ESG is integral to that effort.

How a business manages its environmental footprint, gender diversity, or transparency in reporting impacts the company’s license to operate and therefore its GRC mission.

The link between ESG and GRC is even more evident when you look at the World Economic Forum’s (WEF’s) Global Risk Reports. Back in 2010, fiscal crises and underinvestment in infrastructure dominated the risk report. But in 2021, all the top 5 risks by likelihood and four of the top 5 risks by impact are related to ESG issues, including climate action failure, infectious diseases, and biodiversity loss.

GRC professionals have a significant role to play in mitigating these risks and building trust with stakeholders through robust ESG measures. In fact, at MetricStream, we believe that ESGRC will be the future of GRC.

Why Is ESG So Important?

The focus on ESG has intensified in recent years for several reasons:

5 Benefits of Building a Strong ESG Profile

It’s never too early to incorporate ESG propositions into your GRC and business strategies. By embracing ESG practices, you gain multiple benefits, including:

What Are the Challenges of ESG Compliance?

ESG, while important, can often be a challenge to implement. For starters, it’s a very broad discipline that covers a range of issues – from carbon footprint and biodiversity loss, to labor practices and corruption. Many of these issues can be hard to quantify in terms of their magnitude as well as their impact on financial risks.

But perhaps the biggest obstacle is the lack of a universally accepted ESG framework to assess and report ESG progress. Without it, companies end up using multiple different standards and metrics, which leads to inconsistencies and confusion. Stakeholders often find it difficult to compare ESG data or determine how it links to financial performance.

However, steps are being taken to standardize ESG reporting. For instance, the WEF, in association with the Big 4 accounting firms and Bank of America, have released a set of universal ESG metrics and disclosures. These “stakeholder capitalism metrics” are organized around the principles of governance, planet, people and prosperity.

Further, the International Financial Reporting Standards (IFRS) Foundation is actively engaging with authorities like the International Organization of Securities Commissions (IOSCO) to develop a common set of global sustainability standards. These initiatives will help make ESG reporting more consistent, comparable, and reliable.

7 Common ESG Frameworks and Standards

  • The Global Reporting Initiative’s (GRI’s) sustainability reporting standards are widely used by companies to understand and disclose their impact on the economy, environment, and people. The GRI Universal Standards apply to all organizations; the GRI Sector Standards cover sector-specific impacts; and the Topic Standards list disclosures relevant to a particular topic.

  • The Sustainability Accounting Standards Board (SASB) has created a set of 77 industry-specific sustainability metrics that help companies and investors analyze how ESG issues impact financial performance.

  • The International Integrated Reporting Council (IIRC) developed the International Framework to improve disclosures about value creation, preservation, and erosion. It encourages reporting around six broad capitals, including natural capital, human capital, and social and relationship capital.

  • The Climate Disclosure Standards Board (CDSB) offers companies a framework to report environmental information with the same rigor as financial information. This approach benefits a range of stakeholders, including investors, analysts, companies, regulators and stock exchanges.

  • CDP runs a global disclosure system that enables thousands of companies to measure and manage their risks and opportunities on climate change, water security, and deforestation.

  • The Task Force on Climate-related Financial Disclosures (TCFD) has developed a framework to help public companies and other organizations effectively disclose climate-related risks and opportunities. The TFCD recommendations are designed to solicit decision-useful, forward-looking information that can be included in mainstream financial filings.

  • The UN Sustainable Development Goals has set out 17 broad objectives for companies to achieve. They range from responsible consumption and production, to climate action and gender equality. These goals provide a foundation for companies to shape and prioritize their business strategy and reporting.

How to Integrate ESG into Your Business

While there isn’t a one-size fits all approach to ESG, here are a few best practices that can help:

  • Establish a strong foundation
    • Define clear roles and responsibilities to oversee ESG risks and issues.

    • Ensure you have sufficient staff with the required skills, knowledge, and expertise to manage ESG effectively.

    • Remember, ESG encompasses a wide range of requirements that can’t always be managed by a single department or person. Consider creating a cross-functional ESG team, including stakeholders from compliance, risk management, HR, investor relations, legal, and senior management.

    • Conduct a materiality assessment to identify and prioritize the ESG issues that could most affect the business. Use it to inform company strategy, targets, and reporting.

  • Adopt a systematic approach to ESG risk management

    • Identify and document your ESG risks. Determine how they might impact the achievement of business objectives and strategy.

    • Embed ESG risks into your risk appetite statement and ERM frameworks. Define specific KRIs.

    • Assess ESG risks periodically to understand their impact and probability at various levels of the business. Incorporate scenario analysis tools to measure the financial implications of ESG risks like high carbon taxes.

    • Extend your ESG risk assessments to third parties, including vendors, suppliers, service providers, contractors, consultants, and partners. Understand what they’re doing to improve sustainability and ESG ratings.

    • Document and investigate ESG-related issues stemming from risk assessments.

  • Embed ESG into compliance programs

    • Capture ESG related regulations and disclosure requirements in a central database. Map them to controls, policies, and risks to identify compliance gaps.

    • Establish specific policies and procedures around ESG. Review and reassess these policies regularly.

    • Provide periodic training and communication on ESG goals and issues. Share ESG wins with the enterprise.

    • Establish hotlines and other reporting mechanisms for employees to report ESG violations, risks, and incidents. Provide incentives and rewards for risk-appropriate behaviors.

  • Measure and audit ESG performance

    • Establish quantitative and qualitative KPIs to track and evaluate ESG performance.

    • Engage independent auditors to provide assurance around the accuracy of ESG reports and data.

  • Communicate and report progress towards ESG goals

    • Keep the board and senior management updated on ESG performance. Demonstrate how ESG activities align with business strategy, financial performance, and value creation.

    • Create an effective communication strategy to disclose your ESG vision, mission, and performance to investors and other external stakeholders.

    • Ensure that your reporting is credible, consistent, and authentic. Be transparent about where you are in your ESG journey.

    • Find an ESG technology solution that can help you streamline and automate ESG measurement, monitoring, and reporting


Ready to get started?

Speak to our experts