No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe
Jump to a Section
  • At the Office
    • Ethics
    • HR Compliance
    • Leadership & Career
    • Well-Being at Work
  • Compliance & Risk
    • Compliance
    • FCPA
    • Fraud
    • Risk
  • Finserv & Audit
    • Financial Services
    • Internal Audit
  • Governance
    • ESG
    • Getting Governance Right
  • Infosec
    • Cybersecurity
    • Data Privacy
  • Opinion
    • Adam Balfour
    • Jim DeLoach
    • Mary Shirley
    • Yan Tougas
No Result
View All Result
Corporate Compliance Insights
Home Compliance

Integrating ESG, ERM & Compliance Reporting Can Be Done; Start Where You Are

Using existing structures makes much more sense than building from nothing

by Ximena Restrepo and Nakis Urfi
January 31, 2024
in Compliance, Risk
integration concept

Despite looming federal reporting requirements for publicly traded companies in the U.S. (and newly released requirements in the EU), many companies still fail to incorporate ESG fully into their risk management frameworks. Compliance professionals Ximena Restrepo and Nakis Urfi offer tips to break down silos.

While some U.S. organizations have taken a proactive approach assessing ESG risks, many still struggle to incorporate these risks into their existing compliance, legal and enterprise risk management (ERM) programs while breaking down siloed communications among their leaders. 

Compliance professionals have an opportunity to transform and create a unified risk management approach without imposing additional operational burden by leveraging their current compliance program function.

Getting started & who owns ESG

Start with existing activities that are already taking place in your organization. But ensure you have a good grasp of each of the ESG factors relevant to your organization and industry to avoid missed opportunities. Create an inventory of activities and risks, begin identifying owners of the metrics and then start collecting data.

The following are some example ESG activities and metrics:

  • Green building and sustainability efforts: Carbon emissions, natural resources use, waste management, landscape choices, electric vehicle usage, product circularity
  • Diversity, equity and inclusion (DEI): Employee and resource group diversity, supplier diversity
  • OSHA, safety management program and emergency preparedness plans: Workplace violence preventionProgram, safety improvements
  • Cybersecurity and data privacy: Breach notifications, breach costs, cybersecurity and privacy-related policies and procedures
  • Human resources: New hires, retention rates, flexible work options, employee benefits
  • Workplace health and well-being: Food safety, tobacco use, alcohol use, vaccinations, charity care services efforts
  • Board composition: Percentage of female, male and underrepresented populations, independent directors
  • Governance: Compliance program updates, integrated risk management program, new or strengthened policies

There is no single right or wrong answer to the question of who owns ESG; this is completely dependent on the organization and its structure. 

Consider which framework these activities will best align with. If there is an existing ERM governance structure at your organization in addition to a compliance program, there is an opportunity to integrate the identified ESG activities to avoid duplication of efforts. 

Over time, as communication and engagement strategies mature, you may develop an all-inclusive report or data dashboard to showcase metrics, risks and trends across the programs. 

ai risk concept
Risk

Risk Leaders Must Understand What AI Is — and What It’s Not

by Gaurav Kapoor
January 23, 2024

AI tools can streamline risk identification and scoring

Read moreDetails

The role of compliance officers

Compliance officers play a critical role in strategizing with leaders and the board about the organization’s mission and values, their commitment to integrity, fiduciary duty and corporate responsibility. Regulations, including upcoming ESG disclosures, are not what should drive organizations to demonstrate commitment to regulatory requirements and ethical business practices. Additionally, ESG is not only a risk management and compliance activity but also a branding outlet with ways to capitalize on opportunities that can bring additional funding and capital and also create competitive advantages. 

Consider including an ESG commitment statement into the compliance program plan, the code of conduct and ethics and/or in a separate ESG policy to set expectations from stakeholders — employees, third-party vendors, customers, investors and the community at large. Organizations faltering on their ESG initiatives will put their corporate reputations on the line and can potentially negatively impact stakeholders’ trust.

Compliance officers are uniquely positioned to facilitate cross-functional collaboration and ensure the organization is meeting its ESG priority areas as compliance programs were specifically designed to manage risks. The most practical way to incorporate ESG risks into the compliance framework is through the annual compliance risk assessment survey. 

Instead of having separate processes for risk assessment and ESG materiality assessments with stakeholders, combine the activities to streamline the process. Consider asking key culture questions to assess employees’ perception of ESG strategies like:

  • How do you believe the organization promotes ESG sustainability?
  • What activities or efforts you believe would foster greater focus on ESG in the organization?
  • What initiatives are taking place in your department that could qualify as an ESG activity?

Reporting alignment

Integrated reporting of ESG, ERM and compliance metrics will streamline and strengthen an organization’s grasp of its major risks and issues. After building a framework to integrate ESG into ERM, the organization should keep the momentum up with relevant stakeholders.

This includes reporting out on findings and recommendations from risk owners. Additionally, building accountability of the risk owners by transparency of the reporting, highlighting that certain risks get communicated to leadership and the board and demonstrating ongoing progress reports will all emphasize that the risks metrics captured are important.

Creating a sustainability budget

Delineating a specific budget for ESG or sustainability activities is essential. ESG activities can share budget with compliance and/or risk management, or any other key business areas that make sense to your organization’s governance structure. This demonstrates true commitment to compliance but also to your organization’s vision and mission, and that is the ultimate goal.

Should your organization be limited in budget and resources, here are ways to prioritize your activities: focus on activities with the biggest impact in the community and business return on investment and activities with the highest levels of risk in terms of regulations, financial impact and reputational impact. For example, tracking carbon emissions is one ESG area that needs a dedicated lead that manages a budget to capture the full process of activities required to successfully measure carbon emissions. There are compliance, risk management and audit aspects for tracking and disclosing carbon emissions adequately.

Download a whitepaper with KPI trackers and self-assessments

Risk

ESG & Integrated Compliance Reporting

January 26, 2024

The goal: Sustainability maturity

As mentioned earlier, begin your journey with existing efforts and continue to build a stronger foundation and collaboration with leadership and key stakeholders. It can be overwhelming to address all aspects of the ESG at once having limited data and knowledge. Utilize the compliance program’s first three elements to focus on initial work.

  • Develop a written policy and procedure
  • Engage an ESG leader in your compliance related committee(s) or initiate a new ESG committee one
  • Tie ESG topics into the annual general compliance trainings or into its own informational material

Over time, as the program matures and evolves, you may determine how to deepen your efforts to the next level by incorporating ESG identified risks into your internal auditing and monitoring plan.

ESG expectations and programs are evolving rapidly, and your organization may fall behind quickly should it not be agile enough to adapt to the current climate. Organizations that didn’t embrace the internet era failed to innovate while their competition evolved into the new era with a more sustainable business framework; organizations that fail to take ESG seriously risk doing the same. 

Now is the time to cultivate a strategic sustainability mindset by making leadership and other stakeholders aware of opportunities and risks that can drive the next era of sustainable and ethical business excellence.

This is the emerging era for demonstrating ethical business practices, and corporate and social responsibility. The role of compliance officers continues to present opportunities for higher levels of elevation, through further empowerment and the ever-growing need to protect and guide organizations to an ethical culture, improving business performance, streamlining reporting functions, reducing risks and promoting business reputation.


Tags: Enterprise Risk Management (ERM)ESG
Previous Post

Is Your Data Ready for ESG Reporting Requirements?

Next Post

As a Corporate Concept, ESG Is 20 Years Old, But Many Companies’ Programs Still Fall Short

Ximena Restrepo and Nakis Urfi

Ximena Restrepo and Nakis Urfi

Ximena Restrepo MJ, CHC, CHPC is a compliance practitioner in the healthcare industry.
Nakis Urfi JD, MPH, is a compliance officer and ESG leader. His experience spans Fortune 500 companies, high-growth tech startups, mid-market companies and top-tier consulting firms.

Related Posts

news roundup new

Few Business Leaders Feel Fully Prepared for Challenges of 2025

by Staff and Wire Reports
June 20, 2025

Data center operators not using full slate of available sustainability tactics; companies continue to use AI without policies

polluted water

PFAS Reporting Window Delayed, but Waiting to Act on ‘Forever Chemicals’ Could Be Risky

by Cally Edgren
June 9, 2025

Technical issues on government portal give companies short reprieve

green sprint racers on a track

‘Green Sprint’ Your Way Past ESG Backlash

by Marga Hoek
May 21, 2025

As ESG programs face growing critique, organizations need practical approaches that deliver measurable results. Business sustainability expert Marga Hoek introduces...

eu flags brussels

EU’s Regulatory Retreat? The Omnibus Package’s Impact on Sustainability Reporting

by Jon Solorzano, Kelly Rondinelli and Jacob Baltzegar
April 28, 2025

Extended timelines and reduced requirements offer relief as substantial reforms remain under consideration

Next Post
pollution on beach overhead view

As a Corporate Concept, ESG Is 20 Years Old, But Many Companies’ Programs Still Fall Short

No Result
View All Result

Privacy Policy | AI Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Research
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2025 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT
No Result
View All Result
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe

© 2025 Corporate Compliance Insights