Implementing an ESG program at your business calls for far-sighted and informed decision-making. But that impulse often lies at odds with short-term fixations on quarterly performance. This and myriad other quagmires lay in store for those who are tasked with ESG compliance.
ESG — the initials that are transforming corporate missions, purposes and structures, fueled by stakeholder and investor demand. It is a significant moment in corporate and stakeholder interactions. Companies recognize the responsibilities — but even more importantly, the opportunities — to build a sustainable and financially profitable organization. But how can and should companies handle the multitude of governance and business implications of the ESG movement and SEC’s expected rulemaking?
This article is republished here with permission from the author, Michael Volkov. It originally appeared on his blog Corruption, Crime & Compliance.
There are significant changes that have to occur along with the ESG objective. I am dubious about the ability or incentives of companies to implement these changes. Right now, shareholders are demanding financial success, not a long-term basis but on a quarterly basis. Executive incentives and senior management objectives have coalesced around a powerful motivator: quarterly financial results.
Call it what you may, but short-termism is antithetical to what every company should be focused on, which is long-term financial growth and sustainable performance. COVID-19 and other significant risk events have demonstrated how dangerous short-term planning can be. I am not so sure that ESG has the power to change this fundamental flaw in corporate business perspective. We shall see what happens, but I am not sure ESG will have a significant impact here. More importantly, however, ESG may be the beginning of a broader movement, led by investors and stakeholders, to demand long-term sustainable planning along with a meaningful commitment to ethics and compliance as an engine of success.
As a first step, ESG is important. However, everyone understands ethical companies that adhere to values are more likely to succeed than unethical or agnostic companies in the marketplace. This is the real movement that needs to occur and that can easily encompass ESG as a fundamental precept of an ethical company. When business decisions are made with proper consideration of ethics, companies perform better and employee satisfaction increases exponentially.
As companies focus more on ESG, it is obvious that they will achieve a significant number of benefits beyond that defined in the ESG acronym. A well-designed and tailored program will bring significant benefits to the overall company’s operations.
There are a number of important issues that design and implementation of an ESG program entail. It is hard to fill in many of the important issues given the SEC’s ongoing rulemaking on ESG disclosure issues. Obviously, SEC regulations will have a significant impact, and everyone is anxiously awaiting those. In the meantime, many companies are moving forward with planning and implementation. That is a good thing because it is unlikely that the SEC will alter the landscape to which many companies are moving.
As I see it, here are the issues at hand:
- Who should conduct oversight of the ESG program? A specific committee or the overall board?
- Who should be responsible for design and implementation of an effective ESG program?
- How should a board or committee charter be drafted to ensure proper oversight and monitoring of ESG functions?
- How should ESG reporting and disclosure occur? How should the talismanic standards of “materiality” be applied in this context?
- How can technology be used to ensure proper oversight and reporting of ESG issues?
ESG Board Responsibilities
In the face of these significant trends, companies are responding quickly to establish ESG programs. As an initial step, corporate boards are tackling the ESG issue. Most companies have assigned responsibility for the oversight of ESG program at the full board level. Some companies have assigned ESG responsibilities to the audit committee, though that raises more questions than answers. Audit committees already are overloaded with financial report and ethics and compliance program oversight. It is problematic to add ESG to the audit committee’s charter.
— Peter (@Pdugas2000) June 18, 2021
As an alternative, companies should split off ethics and compliance to a separate committee and could easily add ESG to the same committee. Audit committees are not the proper place for ESG management, and a strong case can be made that the full board is not nimble enough to manage ESG given all of the risks and issues that may arise in this fast-moving area. Another alternative would be to assign ESG responsibilities to a nominating and governance committee, given the overlap with governance as part of the ESG complement of risks.
ESG Internal Controls
An ESG program has to be tailored to the company’s risk profile. A company has to identify, measure and assess its climate and environmental risks. This, in turn, means understanding the company’s environmental footprint and attendant risks. While everyone may be tempted to assign this to the audit committee, ethics and compliance responsibilities entail a very similar process, requiring risk assessments, design of policies and procedures to mitigate those risks, and implementation, measurement and monitoring of compliance controls. This function translates well into the ESG sphere. Again, merging these operations into a separate E&C/ESG committee or having the governance committee assume responsibilities for these functions makes sense from an operational standpoint.
Measuring ESG Performance
ESG operations entail a cross-section of corporate operations: environmental concerns, social issues and ultimately governance. Companies have to identify those issues falling under its ESG umbrella, tailor an ESG program and select key measures of performance. For example, in the social justice area, companies can craft a robust diversity, equity and inclusion initiative across the entire organization, meaning at the board, senior management, middle management and employee levels. To execute this, a company would have to devote significant resources to addressing DEI issues at every level of the company.
Measurement of DEI performance would require definition of objectives, collection of data and disclosure of results. Regulatory disclosure requirements are likely to extend well beyond the concept of financial materiality. ESG disclosures will open up a whole new set of standards, controls and requirements surrounding proper disclosure of ESG-relevant information and performance.
DEI is just one example. Climate change and environmental issues will raise another interesting constellation of requirements. Companies will have to determine what kids of information shareholders, investors and other stakeholders are focused on for ESG evaluation purposes. The SEC is likely to establish some minimum requirements in this area. Most companies will exceed these basic requirements given the importance of stakeholder disclosures.
The initial steps in this area have occurred already, as many companies are providing robust annual sustainability reports. Companies can build on these existing reports and processes to layer in other ESG issues. Investors and shareholders are demanding even more information. Investor organizations are pushing for a standardized reporting framework. It is unlikely that such a global standard will ever be set. Corporate boards have a variety of disclosure options to pursue and innovation inn this are will definitely occur with time and experience.
Establishing an ESG Committee’s Portfolio
A supervising ESG committee has to resolve several basic questions in order to build out its ESG program:
- What are the company’s ESG risks?
- How is the company’s ESG program tailored to its ESG risk profile?
- What kind of information are investors, shareholders and stakeholders demanding as part of a disclosure framework?
- How will the company collect, assess and monitor relevant data and disclose key metrics to relevant stakeholders and regulators?
If these questions sound somewhat familiar to the ethics and compliance program function, welcome to the world of ESG, a new world that shares many operational principles with ethics and compliance programs. Both ESG and E&C programs involve risk assessments, policies, procedures and controls to mitigate risks, leveraging ESG and E&C requirements across the business, and monitoring, measurement and reporting on performance. What a surprise.
This does not mean that chief ethics and compliance officers should add ESG to their responsibilities. It only means that CECOs should have an important seat at the ESG table at which they can contribute to overall design and implementation of an ESG program.
CECOs also know how to leverage technology, data analytics and other functions that will play an important role in any ESG program. In this area, CECOs can advise ESG officers on how to embrace technology, build data analytics and then ultimately monitor their program through data sampling, monitoring and oversight. Internal audit has much to offer here as well given its responsibilities over SOX reporting and other data collection, monitoring and performance metrics.
ESG programs have to be designed around basic operational issues, including information collection; accuracy and reliability of information; data collection procedures; coordination with disclosure procedures; and testing, audits and monitoring of process to ensure accuracy and effective operations.
ESG Programs Will Impact Organizations, Top to Bottom
Goals and commitments for ESG programs have to be set at the board and senior executive levels. Obviously, they will have a direct and immediate impact on company operations: Investments, resources and business operational planning will all be implicated. The ESG function will be charged with implementation of ESG policies and procedures, data management and program evaluation, monitoring and performance metrics.
This will impact not only the bottom line financial performance, investments and strategic planning but many other aspects of corporate operations, including talent management, resource allocation, information technology, ethics and compliance objectives and operations, and security.
ESG planning has to include program evaluation and independent auditing procedures. Similar to external financial auditors, and risk and compliance program assessments, a new cottage industry will be born surrounding the evaluation of ESG programs. Such assessments will extend way beyond information or disclosure reliability but to program design, risk evaluation, program operations, coordinating with disclosure functions and overall accuracy in reporting.
As the SEC digs into the ESG issue, the agency is likely to adopt a mandatory reporting framework akin to other issues of importance; cybersecurity is just one example. Whatever mandatory requirements are imposed, third-party assessments and audits are going to be necessary.