As voluntary frameworks evolve into governmental mandates surrounding ESG reporting, it’s likely that compliance leaders will need to add ESG investigations to their scope. A trio of experts from Deloitte offer guidance on how to do this.
As companies await new climate rules from the SEC, employees and other stakeholders are demanding greater social accountability from companies. Today’s compliance and ethics leaders — e.g., chief compliance officers (CCOs) and chief ethics and compliance officers (CECOs) — are being challenged to apply assessment, monitoring and investigative processes to a host of new and evolving risks.
This may soon also include overseeing, and in some instances conducting, internal and external investigations with HR or procurement involving violations of new policies based on emerging ESG requirements, such as potential greenwashing and forced labor. To navigate this evolving landscape, many compliance leaders will need to explore what their role should be when it comes to ESG.
One of a compliance leader’s mandates is to implement proactive risk testing and monitoring to ensure compliance with documented policies and procedures and, as needed or mandated, investigate appropriately when indications of non-compliance are identified or elevated to compliance by another part of the business such as HR.
While investigations into hostile work environment or sexual harassment complaints are typically handled by HR or legal, ethics and compliance leaders increasingly also have an obligation to investigate ESG concerns affecting personnel, such as pay parity, privacy, supplier diversity, AI bias in talent management and human rights violations.
Here are three practices compliance leaders should consider when monitoring ESG risks and conducting workplace investigations of suspected violations.
Be prepared to navigate a varied, global ESG regulatory landscape
As corporate ESG policies continue to evolve from local, regional, national and international bodies, compliance leaders will be faced with a growing number of policies that require monitoring — and that may result in more investigations.
Those at organizations with significant multi-jurisdiction operations are likely accustomed to operationalizing an array of corporate and regulatory-driven policies, but decisions will still need to be made related to these new areas of regulatory involvement.
Some leaders may need to expand their function’s monitoring efforts to additional areas of the business and design additional risk assessments to identify non-compliance with new ESG-related policies. Additionally, compliance functions will need to determine whether related violations will be escalated or referred for investigation consistently across international operations or if each region will have its own set of escalation policies based on that region’s relevant regulations or requirements.
Reduce bias in the investigations process
Bias can enter the investigative process through technology (such as analytics and algorithms used in compliance monitoring or insider threat programs/software), during investigative interviews and remediation decisions. Tiger teams composed of cross-functional expertise from compliance, HR and other areas of the business can be formed specifically to identify and mitigate bias risks and ensure equity and fairness in workplace investigations. These teams should regularly review a diverse sampling of investigations and outcomes for indications of bias.
Alternatively, compliance functions or the relevant functions mandated to identify bias may consider incorporating analytics-driven bias detection capabilities into their existing compliance risk assessments, investigations and monitoring efforts. At a minimum, compliance leaders should collaborate with HR and other relevant functions to ensure that policy violations are elevated equitably per regulatory requirements and that consequences are applied consistently.
Know when and how to work across silos
Compliance is an important first line of defense in monitoring and routing workplace investigations to HR and ensuring they are properly investigated, leveraging compliance monitoring systems, hotline tips and other information sources to do so. But, as ESG-linked personnel management issues become more regulated and gain more publicity, compliance officers are increasingly also obligated to investigate related violations alongside HR counterparts and to mitigate enterprise-wide risks. Depending on the type, extent and scope of a violation, HR and compliance — including internal audit, analytics and legal teams, etc. — often need to partner up to execute a formal investigation properly.
It is critical that compliance, with input from HR and other business leaders, define ESG mandates and establish clear processes for conducting and assigning leadership of workplace investigations, inclusive of when and how compliance should play an active role. This means utilizing existing programs to identify instances of non-compliance and then working collaboratively to triage them, elevating them up the chain (for example, by leveraging an investigations playbook) and ultimately resolving them effectively and expeditiously.
As potential ESG regulatory frameworks are being contemplated in the U.S. and elsewhere, it’s possible that voluntary corporate policies could become regulatory requirements in the not-too-distant future. Whether juggling a vast, international array of voluntarily adopted or mandated policies, compliance leaders can get ahead of the curve by considering how their roles and their functions are expanding related to ESG and social investigations and adopting leading practices. Taking a proactive approach to reduce the overall volume of ESG policy violations and time-consuming investigations, if handled well, may help minimize future litigation costs, reputational damage, financial losses and more.