Successful organisations view Environmental Social Governance (ESG) as a critical function of business strategy. This signals a paradigm shift from the past’s view that social projects were a cost not worth incurring. ESG is about building a sustainable business model prepared for an unpredictable landscape. Effective ESG empowers stakeholders throughout an organisation driving sustainable policies and practices that improve business efficiency while serving the community charting the course toward ambitious goals that enrich the world.
Develop an Effective Strategy
In Michael Porter’s Harvard Business Review article titled “What is a Strategy,” Porter argues organisations must outperform rivals by (1) serving few needs of many customers; (2) serving the broad needs of few customers; (3) serving the broad needs of many customers in a narrow market. To do this, organisations must define a strategy that creates a uniquely valuable position based on sustainable growth driven by the principles of ESG.
Six Elements for Effective ESG
1. Environmental Focus
The first word in ESG stands for environmental. Making operational changes that combat the climate crises must be an urgent priority for any socially responsible organisation. A new report by European researchers found the last seven hottest years on record have been the last seven years. Many forward-thinking organisations have already signed the Science Based Targets Initiative committing to cut emissions in half by 2030 and to net zero by 2050. The railroad authority for the state of Bad-Württemberg in Germany is rolling out an emissions-free commuter train that cuts reliance on diesel power using electricity and batteries.
Organisations implementing ESG strategy must consider the environmental impact of their products and services. Cutting an organisation’s carbon footprint can start with small initiatives like digitising services or considering how much travel is necessary with many companies adopting teleconferencing. Another option might be choosing a supplier with a strong reputation on protecting the environment. Whatever organisations do, they must make a sincere effort. Customers have shown a willingness to put their money into organisations who have practices geared toward the environmental well-being of the planet.
2. Ethics Governance
An organisations ethics is an outgrowth of corporate culture. ESG ethics encourage innovation and growth emphasising sustainability. Corporate Culture comes with buy-in from the board and its employees. ESG measures include transparent business operations, a focus on data privacy, and a commitment to human rights.
Transparency is key to building trust with clients, customers, and employees. One way to do this is ensuring a supply chain and workplace that respects human dignity and diversity. A part of human dignity involves protecting the fundamental human right of privacy. A lesson learned from the GDPR is this is more than a box-ticking exercise. Protecting data means embedding privacy by design into products and services, placing an emphasis on security and responsible data use. Ethics is also about respecting broader human rights like the right to a safe workplace and paying a fair wage. How an organisation treats its employees says a lot about the ethics of an organisation.
3. Board Buy-in
Building products and services that makes ESG a priority requires buy-in from an organisation’s directing board. A 2019 PwC survey shockingly found that of the more than 700 public-company directors surveyed, 56% thought boards were spending too much time on sustainability. Many directors came of age professionally at a time when the link between ESG factors and corporate performance was poorly understood. Boards should change beginning with recruiting ESG-savvy board members with the lived experience to understand the material issues of today and tomorrow.
A keyway the board drives the organisation’s direction is by setting the corporate mission. An ESG mission emphasises a sustainable corporate strategy. An organisation’s duty is to take an intergenerational perspective that extends beyond the tenure of any management team. A strong statement of purpose signed and issued by all the directors with the aim to create value by fulfilling unmet needs in society. Organisations should also acknowledge the negative impacts of their operations while noting the ways they are making it better.
Once the purpose is articulated, it must be connected to strategy and resource allocation. Connecting purpose to strategy gives C-level executives the necessary foundation to prioritise long-term goals. Instilling ownership throughout the organisation is next. This requires employees be consulted and engaged in the ways to deliver an organisation’s stated purpose. Metrics and key performance indicators should be designed to promote ESG. Evaluating ESG is increasingly become a part of an organisation’s financial health.
4. Sustainable Supply Chain
In June, Germany passed the Supply Chain Due Diligence Act (SCDDA). This signals a growing trend in regulation of organisational processes that go beyond normal jurisdictional borders. German companies will be responsible for assessing and mitigating risks throughout their supply chain. The SCDDA goes into enforcement on 1 January 2023 for large corporations over 3,000 employees. From 2024, German companies with over 1,000 employees will be required to comply.
The SCDDA will put some regulatory teeth behind ESG initiatives. The SCDDA intends to prevent human and environmental rights violations through the core elements of a risk management system that identifies, prevents, and minimises risks. This derives from an organisation’s culture premised on compliance with laws, transparency in the supply chain, avoiding conflicts of interest, and respecting and empowering the basic human rights of employees.
5. Risk-Management (IRM)
Preparing for the future means managing unforeseen risks. Risk management is about evaluating and scoring risk having processes in place to mitigate those risks. To do so, organisations must take stock of the effect their products and services have on society. At this point, responsibility for internal processes is a given. Organisations must also be able to manage their supply chain and evaluate vendor risk involving key stakeholders such as employees, trade unions, and local residents.
Factors to Consider in Evaluating Risk
I. The nature and extent of an organisations business activities;
II. The ability to influence suppliers directly responsible for risks to human environmental rights;
III. The severity of potential violations;
IV. The causal contribution of risk.
Risk Scoring
Risk scoring is about making sense of complex data. There are three types of risk scoring: inherent risk, residual risk, and calculated risk.
Inherent Risk measures the level of risk without controls or mitigating activities
Residual Risk measures leftover risk after the implementation of controls and mitigating activities
Calculated Risk measures a score that balances the risks against the quality of the controls and mitigating activities. The calculated risk will evaluate the impact of the risk if realised, the likelihood of the risk, and the controls reducing the risk.
Mitigation
Managing risk is about identifying and evaluating high risk situations. Mitigation is the processes organisations have in place to respond to potential risks. A good example is the ways that organisations respond and report a data breach. Under the GDPR, organisations have 72 hours to report a data breach to the supervisory authority making streamlined reporting and response vital.
6. Human Rights and Data Protection
Part of an organisation’s public expression of its commitment to ESG is adhering to international human rights standards. Developing a human rights policy provides a basis for embedding respect for human rights through all business functions. The approach should be cross-functional drawing on personnel through an organisation (human resources, operations, legal, security, accounting, etc.) to map existing processes identifying human rights coverage and gaps. The policy should be an explicit commitment to respect human rights standards stipulating an organisation’s expectations concerning employees, business partners, and other relevant parties.
A key human right and component of ESG is data protection. Considering the vast amount of personal, confidential, and business critical information across digital platforms, the need to maintain robust cyber security and data privacy infrastructure is critical. There are two distinct risks to operating in a digital environment. The first is regulation. Since the enforcement of the GDPR in 2018, the number of privacy regulations have proliferated. The second factor is the threat of cyberattacks. Innovative uses of personal data can be a competitive advantage, but it can also create risk. The more data an organisation collects, the bigger the target becomes on their data hoard.
Conclusion
Organisations are becoming increasingly privy to pertinent environmental, social, and governance factors that directly affect long-term profitability. The focus on ESG signals a paradigm shift from the outdated tendency to maximise short-term value. A significant portion of an organisation’s value is tied to reputation. Management of ESG issues can negatively or positively affect public perception. A great place to start is defining a corporate mission statement that prioritises ESG. Organisations should next look to evaluate and manage risks related to human rights abuses, privacy violations, and environmental harms. This approach should extend beyond internal practices to include vendor risk management and evaluation of the entire supply chain. Consumers are increasingly nuanced and savvy about where they put their money favouring organisations that make social well-being a priority.
