For much of the past decade, companies’ fears about an ESG misstep have largely concerned consumer and investor impacts – for example, reputational damage and the subsequent potential loss of business.

However, ESG should not only be seen as a risk. It can be the basis for substantial organizational opportunity, building improved internal resilience, fostering better bonds between customers and suppliers, and catalyzing the development of differentiated, innovative goods and services with premium economics.

The pressure to monitor and measure is rising

It has never been more important for businesses to be able to monitor and measure ESG risk throughout their value chain, yet it has also never been more difficult for them to do so in a way that satisfies the expectations and demands of consumers, investors, and regulators.

Now, across the globe, businesses must respond to increasing scrutiny from regulators. The UK’s Modern Slavery Act, Germany’s Supply Chain Act, and new proposals in the EU and US for stricter climate change and sustainability disclosure requirements are among numerous policy developments that are upping the ante on ESG risk.

The reporting requirements for Scope 3 emissions is a prime example. In several markets, there have been tentative (and in some cases, not so tentative) steps towards mandatory reporting of Scope 3 emissions, including the UK where large quoted companies and LLPs are already required to report on some of their Scope 3 emissions under the Streamlined Energy and Carbon Reporting (SECR) scheme. As of April 2022, mandatory reporting requirements now extend to a wider range of companies.

In the US, the Securities and Exchange Commission (SEC) has recently announced its intention to introduce wide-ranging climate-related disclosure requirements, including Scope 3 emissions, which would apply to all but the smallest companies. In California, the state Senate passed the Climate Corporate Accountability Act, requiring corporations with more than $1 billion in revenue to disclose all scopes of their greenhouse gas emissions beginning in 2024.

It is clear that tracking Scope 3 emissions will place a considerable strain on many businesses, especially as in many industries a majority of emissions fall under Scope 3. On top of this, there is no clear consensus on what regulators will consider an acceptable way of tracking Scope 3 emissions. For example, should emissions be measured on an absolute basis (total emissions) or on an intensity basis (volume of emissions per unit of economic output)?

Truly walking the ESG talk requires an enterprise-wide commitment 

Environmental factors often garner the greatest attention, yet Social and Governance risks must also be measured before they can be managed. For example, it is one thing to have a modern slavery policy in place, but how do you actually track the level of risk posed by different suppliers in different countries? What would you actually do if a political situation suddenly deteriorated in a key market? How must you integrate social and governance issues when prioritizing environmental issues?

The Russia-Ukraine conflict has brought many of these issues to the fore. But it has also highlighted something else quite fundamental about ESG – the need to walk the talk. While some companies have appeared to focus solely on protecting their own business interests, others – the likes of Airbnb, for example – have demonstrated clear intent to do what they can to help those caught up in the conflict.

This has shown that, in order to successfully manage ESG risk, you must address it holistically and live and breathe it. For many organizations, this will require a huge cultural shift to address all ESG components and recognize that it is no longer enough to simply talk a good game.

ESG imperatives, business recovery efforts from COVID, and continued geopolitical turmoil should not necessarily be viewed as three distinct cannibalizing disruptions in terms of leadership time and focus. The need to reimagine business operations and transform accordingly actually presents a huge opportunity to tackle all of these aspects in a universally integrated way, but to do so requires huge commitment and collaboration from an entire organization.

Companies at this time are trying to quantify the level of investment in ESG that can realize a measurable impact aligned with regulatory requirements and investors’ and consumers’ expectations. However, businesses must develop their own standards and aspirations in relation to ESG matters that they can apply to every element of how they do business.

It is not sufficient to only build on regulatory requirements and public opinion. This focuses too explicitly upon the past and/or present, rather than developing new benchmarks and value sets that will guide the enterprise-wide behavior that can be sustained in the future. “Risk measurement” can then – at least in parts – measure the deviation from those standards moving forward.

The time has come to turn good ESG intentions into demonstrable, measurable and enduring actions. For the companies that can effectively manage the associated risk, the business opportunities will abound.


Key considerations for Risk Management in ESG: 

  1. Robust ESG risk and opportunity identification: Align efforts to clarify and systematically identify ESG risks across the organization, including strategic, financial, operational, legal, regulatory, and people. Integrate them into the existing risk assessment and register structures, considering cross-cutting likelihoods and impacts. Identify action plans and opportunities to increase impact and economic value and drive metrics to results. Once ESG risks are considered a part of the enterprise risk register, holistic risk assessments should be conducted and maintained annually.

  2. A rubric for developing inherent and residual risk calculations and controls: Develop a consistent approach for assessing and calculating ESG risk scoring that is aligned and comparable to the assessment of other risk types. Build a holistic picture of all risk types to re-balance prioritization and design an effective monitoring program. Clearly differentiate between inherent risks and residual risks after mitigation measures are taken into consideration. Where necessary, develop new controls to manage ESG risks and prioritize their inherent risk to adequately mitigate the potential for issues.

  3. Design proactive measures to catch issues efficiently: Considering the dynamic nature of the field, remain vigilant for emerging ESG risks. For example, continuously scan competitor behavior and social media discussions, and integrate an ESG risk assessment into new product development and marketing processes. Rigorously review regulatory developments as a minimum threshold for standards frameworks, but also consider “softer” stakeholder requests and be highly cautious of the perception of greenwashing approaches.