What is ESG compliance?
ESG (Environmental, Social and Governance) has certainly taken on an increasingly important role in organisations in recent times, with almost every company now expected to meet the increasing reporting and auditing requirements of investors, boards of directors and governments. Oversight of ESG requires considerable expertise in the management of third-party risk and compliance with relevant and applicable regulations. The complexity of many modern-day supply chains, the need for interactions with more than one national government and the necessity to comply with increasingly significant legislation at a multinational level means that maintaining ESG compliance is complex management process fraught with many pitfalls.
What does failure cost?
The costs involved in failing to comply are heavy and not perhaps immediately obvious. Of course, the clearest and most immediate cost can be seen as financial. Without going into detail here on the actual costs, as these are complex, varied and rising year-on-year, it is clear that operational costs are going to rise if non-compliance penalties are incurred. But, of course, this is not where it ends! There are so many other ‘hidden’ but real, costs to non-compliance:
- The repercussions of non-compliance will be felt by an already tired compliance team, who will now need to rework much of what was originally submitted.
- Other ongoing activity across the wider team will likely be delayed, as compliance needs rise to the top spot.
- Personnel are quite likely to have to put in extra work in the form of considerable overtime. This is expensive in terms of morale and direct and indirect operational costs.
- Other businesses may well be dependent on you completing your compliance – They need your report to stay on time with their own submissions. Delay will do nothing to enhance your relationship with them or their commitment to your business.
Five mistakes that you must beware of
Without seeking to work through the specifics of compliance for each organisation, it is valuable to highlight here some of the hazards that could certainly derail your compliance program.
Not taking compliance seriously
To many companies, compliance has been a ‘nice idea’ for a number of years. In fairness, it WAS – but it certainly is no longer just a nice idea. It would be a very big mistake to ignore compliance, yet some companies seem not to care and consider the risk as a standard business expense. The reality is it is worth doing. It costs less, the business will be the better for it, and it looks seriously better to clients.
Hopefully, for most companies, executives burying their collective heads in the sand has never been on the agenda. Yet, some organisations are still only paying lip-service to the process and leaders are not really getting behind it with their commitment. It is fair to say that when leaders don’t take this seriously, their people won’t either. Executive buy-in will mean devoting time to regular status updates, checking and accountability being evident, and leaders walking their talk. When the organisation all sees ESG compliance as an opportunity for growth and they commit to it, compliance will work in the company’s favour.
Not matching claims to traceable results
It is well and fine to make as many claims as you wish about your compliance levels. You may seek to cross each ‘t’ and dot each ‘i’, however many organisations have found to their distress that they have not created a clear traceable path of results and evidence to back up the claims they have made. It is really important to create a process to match claims to results that can be easily used by those involved in the compliance program and also that it is easy for an ‘outsider’ to be able to check, trace and verify with ease. Some important examples might include:
- clearly associating policy documents, evidence, written explanations and justifications together with each file that you plan to load in your compliance profile
- allocating an individual or team to specifically be responsible to check that the trace is clear and fully operative
- storing and organising all of your evidence and documentation in one place.
Lack of thoroughness
It is relatively easy to work the compliance process through the parts of a cycle or supply chain that are most immediate or new to the business. A good example of this is when businesses consider compliance regulations such as the ‘Anti-Bribery and Anti-Corruption (ABAC) compliance requirements and work carefully to onboard new vendors. This is good practice, however very often it is not continued and monitored through the whole lifecycle of the contract with that vendor.
In a similar way, it is essential that companies do not limit their review and documentation of the supply chain to only a few stages. For example, as and when the European Corporate Due Diligence Draft Directive is adopted, affected organisations will need to perform a thorough review of their current supply chain and create documented processes for eliminating forced labour and environmental degradation throughout the entire extended supply chain.
Not monitoring regularly
Although much ESG compliance has been in the form of a voluntary activity until now, this ‘soft law’ is increasingly becoming ‘hard law’. A great many businesses have found out about the compliance requirements in an ad hoc, fairly informal way. Continuing that approach will potentially be very dangerous going forward. There is a high likelihood that you will not remain up-to-date on legislation, and be late to find out what you need to be complying with.
It is probably important to establish a person or team to keep fully abreast of all the compliance legislation that relates to your business, and to ensure that the information on the pertinent legislative requirements is fully disseminated throughout the organisation and monitored consistently. It is time for a much more proactive approach to managing ESG compliance that is maintained on an ongoing basis and becomes part of the regular task itinerary throughout the year.
Isolating ESG compliance from the rest of the business
There is a tricky balance to be struck here. The growing needs of ESG compliance must be met, but exactly where will responsibility lie? It could fall to the already established compliance department. They may be well equipped to perform the necessary functions and there are clear synergies. But there is a danger in isolating ESG compliance from those involved in the individual elements of environment, social and governance concerns. Conversely, handing the ESG compliance role over to those specialising only directly in the three areas creates the risk of expensive mistakes being made out of inexperience. In reality, the size and complexity of ESG compliance may well lead businesses to opt for multiple stakeholders across the organisation having oversight of the work in partnership. This will ensure that it does not become isolated from the rest of the business.
Non-compliance, intentionally or unintentionally, could result in some very nasty problems further down the track, especially if an element you haven’t worked through derails your otherwise careful compliance record. Check these five areas to keep your business right on the rails when it comes to ESG compliance.