While it’s early days for ESG, it’s an area that has already received exceptional attention — attracting over $330 billion in funding by September 2021 in the U.S. alone. ESG has businesses evaluating their organization and asking: Who’s going to manage ESG initiatives? Who has the expertise? Who has the infrastructure? Which group has the acumen to help the organization develop an ESG strategy and manage due diligence, adherence and reporting?
What we’re seeing is that ESG is landing on the desk of the corporate compliance practice. Compliance professionals are well-prepared to add value to the effort, with their expertise in conducting research, synthesizing large amounts of information, generating insights and providing them to business leadership from a recommendation or decision-support perspective. Much work, however, needs to be done to shape corporate ESG efforts and determine how to effectively integrate them with a company’s compliance and risk management programs.
While ESG initiatives have their roots in the corporate social responsibility (CSR) programs that started decades ago, their more recent precursor is GRC:
GRC frameworks are known to help organizations improve decision-making processes and remove barriers among departments for less fragmented and more streamlined workflows. ESG can be considered the “next step” after GRC.
ESG frameworks address how a company conducts itself in the context of environmental and social governance. It’s not just about a company’s carbon footprint; it’s also about how environmentally and socially conscious a company’s supply chain is. Are your supply chain participants doing business with companies that have subpar reputations for environmental protection in their country of operation, or questionable political ties in their home jurisdictions? Are any third parties in your supply chain potentially exposing your business to reputational damage by doing business with a company owned by unsavory actors who are simultaneously trying to hide their ownership in that company?
These questions about third parties call attention to another important dimension of ESG. By extension, companies need to understand how organizations in their third-party ecosystem conduct themselves. For example:
Third parties usually cover a large portion of responsibility, so third-party risk assessments — such as denied and restricted party screening of business and trading partners at home and abroad; and of new hires, existing staff, contractors and even seemingly innocuous visitors to your offices and other facilities — are part of ensuring ESG compliance.
Developing an ESG Strategy
What’s starting to happen now, particularly in the EU, is that regulatory frameworks and other policy tools are being formalized whereby ESG transparency and compliance will become mandated and not just something an organization “should do.” Leading companies are developing their own strategies in advance of formal regulations. Creating an ESG compliance matrix is an excellent first step. Consider, for example, some of the factors that can contribute to each element:
As corporate compliance grows with the additional accountability associated with ESG programs, it will need to develop new workflows, potentially staff up, and make investments in business infrastructure to scale and operate efficiently. What this means for technology companies is that they’ll need to find new ways to collect, synthesize and deliver content tools to companies to facilitate ESG research, review regulatory content and, ultimately, make the ESG-related decisions that the business requires. In addition, companies will need to consider what data and insights technology providers can enable them to access.
Say, for example, that technology-enabled insights indicate that your tier 1 rubber supplier is located in country X. From a regulatory perspective, there’s nothing to say you can’t do business with them. However, the supplier is based in an area of the country where political corruption is significant, where environmental violations have been reported, or where forced labor is a risk. Helping companies quickly connect the dots by unifying these different types of data sets through technology will become increasingly valuable. For technology providers, the important implication here is helping customers conduct a deeper degree of risk assessment of the various third parties they’re engaged with across their supply chain.
ESG in Action
In North America, two high-profile examples call attention to emerging regulatory efforts to put policy into place around ESG. One is the New York State Fashion Sustainability and Social Accountability Act (Fashion Act). Introduced in January of this year, with a vote expected in late spring 2022, this legislation would compel fashion retailers and manufacturers operating in New York State to map the participants in their supply chain and to disclose the environmental and social impacts of their activities. It proposes imposing a duty on major brands to proactively monitor their supply chains, reviewing worker conditions (such as forced labor), assessing the environmental impact of operations, and taking action to remediate any identified risks. As a growing number of apparel and footwear lines are marketed to consumers as eco-friendly and sustainable, if enacted, the Fashion Act would bring much greater disclosure requirements and transparency to the ESG-related nature of production.
The second comes from the U.S. Securities and Exchange Commission (SEC). In early March 2022, the SEC proposed the formation of a task force on climate- and ESG-related issues to identify misconduct and violations. On March 21, it voted in favor of the legislation, essentially making it much harder for publicly-traded companies to “greenwash.” Instead, corporate ESG performance will have to conform to regulatory requirements, be transparent and be auditable. The legislation also creates rules for company disclosure requirements related to ESG, including climate disclosures. Given that the U.S. regulatory behemoth has stirred to begin shaping ESG rules, it’s only a matter of time before principles become mandatory requirements.
While there will always be companies that “do the right thing,” others will continue to look at compliance violations as the cost of doing business, and the role of compliance as not worth the time because it slows business development or adds headcount. Without regulatory instruments in place, there will always be companies that don’t pay attention to what’s binding, and ESG regulations are no different. Regulatory bodies, however, are recognizing this, and early actions indicate that if we really want to tamp down the risk of human exploitation in modern global economy, and orchestrate a coordinated effort to minimize climate change impacts, we’re going to have to make it against the law for companies to contravene ESG frameworks.
Jackson Wood is director of industry strategy for global trade intelligence at Descartes.
Read more of SupplyChainBrain's 2022 Supply Chain ESG Guide here.
Timely, incisive articles delivered directly to your inbox.