More and more, ESG issues are becoming part of a compliance department’s daily activities and concerns. Yet the recent Navigating Deep Waters survey by global law firm Hogan Lovells indicates that many teams struggle to integrate ESG into their compliance programs.
Around 8 out of every 10 survey respondents (82%) cited ESG risk as a current and future strategic priority. But similar percentages said that ESG was not embedded in existing risk practices (82%) and that their team lacked ESG knowledge and skills (78%). A full 57% reported a lack of engagement with the issue.
How can compliance professionals build ESG into their operations, while navigating headwinds along the way?
ESG’s Expanding Scope
The first step is recognizing the importance of this mission — and its ever-expanding scope. A range of rulings are coming up that will affect companies worldwide.
In November 2022, the European Parliament voted to pass the Corporate Sustainability Reporting Directive (CSRD), which represents an overhaul and expansion of the sustainability reporting required by organizations doing business in the European Union. Under the directive, which will be implemented in January 2024, impacted companies will need to have their sustainability reports independently audited each year.
CSRD dovetails with many aspects of the Sustainable Finance Disclosure Regulation (SFDR). The SFDR extends the principle of sustainability beyond environmental impacts to include anti-corruption, anti-bribery, human rights and equality impacts. January 1, 2023 marks the end of the SFDR’s transition period, when, in the words of international law firm Foley & Lardner, “the full weight of SFDR will be felt by asset allocators, fund managers and portfolio companies.”
Meanwhile, privacy and data protection standards are emerging from the German Supply Chain Act to the U.S. Department of Justice's major overhaul of corporate enforcement policies.
Given this current set of regulations, while not yet clearly defined, it is clear that ESG issues are moving from a mainly voluntary disclosure-oriented dimension to a regulatory one with significant
implications for how ESG information is collected, verified, and acted upon within an organization,” wrote Ingo Steinhaeuser with Thomson Reuters.
For ESG and compliance teams, this means a growing umbrella of issues to monitor and track, including:
- Scope 3 greenhouse gas emissions, or a company’s carbon footprint related to its purchased goods and services
- The many facets of corruption, from the bribery of public officials to embezzlement to nepotism to lax or absent control structures
- Reputational and corruption risk through third parties
- Human rights in the supply chain
Why the Compliance Team Is a Natural ESG Fit
“It can be difficult to navigate the complex maze of new legal requirements and reputational risks, particularly when it comes to how supply chain and human rights obligations interplay with existing ethical obligations such as anti-corruption,” said Liam Naidoo, a partner with Hogan Lovells’ Investigations, White Collar and Fraud practice in London.
Here’s where a compliance officer’s deep knowledge of policies and procedures and existing functions in oversight, training, testing, measurement and surveillance come in handy.
“After all, governance issues are what compliance and related functions such as risk, legal, internal audit, accounting, and human resources (HR) are accustomed to, and generally pretty good at,” writes Todd Ehret, Senior Regulatory Intelligence Expert for Thomson Reuters Regulatory Intelligence.
A compliance department’s existing processes and infrastructure also make it “the natural place for ESG to reside,” according to David Curran, Chief Sustainability and ESG Officer at the law firm Paul Weiss. “Compliance has systems-process software, GRC platforms and the like to deal with such obligations and commitments. The best place to track, measure, monitor, and report it is compliance, as it’s the only function within organizations that has enterprise-wide visibility and processes in place.”
What Collaboration Between ESG and Compliance Looks Like
Ehret recommends building out governance and an overall plan first. Anticipate more precise standards and benchmarks coming from regulators. Make sure there’s a policy or procedure in place and that the organization can track, measure, monitor and report on progress.
One place to start is anti-bribery and corruption (ABAC). “Companies with strong anti-bribery and corruption policies and controls have a strong framework on which to build the governance limb on an ESG program,” said Crispin Rapinet, who works in Hogan Lovells’ Investigations, White Collar and Fraud practice in London.
Recent legislation such as the German Supply Chain Act encourages collaboration around ABAC as well as third-party ESG risk.
“Companies can use existing AB&C compliance measures to assist ESG risk management,” according to Stephanie Yonekura, Global Head of Hogan Lovells’ Investigations, White Collar and Fraud practice. “The two issues are inextricably linked and companies do not need to — and should not — prioritize one to the detriment of the other.”
But compliance-ESG collaboration shouldn’t stop there. While ESG-related issues, including diversity, equity, and inclusion have historically been handled by HR departments, David Curran, with Paul Weiss, points out the need for a new approach. “Firms realize that it now needs to be overseen by the GC and the compliance departments because the risks of getting it wrong now are so significant.”
Working Together for a More Integrated and Prepared Future
As the regulatory landscape continues to evolve and investors and regulators alike move environmental and social disclosures from “nice to haves” to “must haves,” ESG and compliance teams will become increasingly intertwined.
Compliance officers can get ahead of the trends — and the accompanying risk — by:
- Incorporating ESG into strategic and operational decision-making, including AB&C programs
- Optimizing communications and collaboration between ESG and compliance teams
- Integrating ESG reporting into traditional financial reporting Using technology to optimize visibility and reporting across the organization
- Most importantly, linking compliance and ESG initiatives with business value
Learn more about Diligent's tools for tracking ESG performance and staying ahead of evolving regulations.