ESG as a Risk Mitigation Framework

What Creates Value?

Risk management is a critical aspect of business operations. It involves identifying, assessing, and mitigating risks that may impact an organization's ability to achieve its objectives. Effective risk management can help entities:

1. Protect their assets, avoid financial loss
2. Maintain their reputation

ESG issues such as emissions, human rights, data privacy, etc. are imperative for businesses and must be reflected in their short and long-term strategy-making and risk profiling. The intelligent investors are cognizant of these emerging dynamics and are seeking to understand how organizations are identifying and responding to their material ESG factors. However, there seems to be a disconnect between (ESG) Risk and Enterprise Risk Management (ERM) for the larger corporate community. As discussed further in this article, the case for ERM-ESG integration is established instead of looking at each in silos.

The Global Risk Landscape:

A decade back, economic reasons were identified as the primary risks faced globally. Fast forward to today, ESG factors occupy the top spots that pose a threat to ensuring a stable world order. The latest report from the World Economic Forum (WEF) highlights the changing nature of risks that we can anticipate going forward.

Impact on Corporates:

Companies have faced severe repercussions for failing to adapt to the fluctuating risk landscape, particularly the ESG-related ones. These incidents have been on the rise and resulted in serious financial erosion and reputational damage. A glimpse of the major ones has been depicted in the timeline below:

Following a Framework:

To help organizations implement effective risk management practices, the World Business Council for Sustainable Development (WBCSD) and the Committee of Sponsoring Organizations of the Treadway Commission (COSO) have jointly developed the WBCSD-COSO Framework on Risk Management. The framework provides a comprehensive approach to risk management that is designed to align with an organization's overall strategy and support sustainable development. 

The framework consists of 5 key components: 

• Governance and Culture focuses on the importance of strong governance and a risk-aware culture. This includes guidance on the role of the board of directors and senior management in overseeing risk management, as well as the need for clear communication and accountability. In addition, this component emphasizes the importance of creating a culture that values risk management and encourages employees to identify and report risks.
• Strategy and Objective Setting, emphasizes the importance of aligning risk management with an organization's overall strategy and objectives. This includes guidance on how to identify and prioritize risks based on their potential impact on the organization's ability to achieve its goals. By aligning risk management with the organization's strategy, the framework helps ensure that risk management activities are focused on the most critical risks.
• Performance focuses on the need for effective risk assessment and management processes. This includes guidance on how to identify, assess, and respond to risks, as well as the importance of monitoring and reporting on risk management performance. By implementing effective risk assessment and management processes, organizations can better understand and manage their risks, which can lead to improved decision-making and reduced risk exposure.
• Review and Revision, emphasize the need for ongoing review and revision of an organization's risk management processes. This includes guidance on how to evaluate the effectiveness of risk management processes and make adjustments as necessary. By continuously reviewing and revising risk management processes, organizations can ensure that their risk management practices remain effective and aligned with their overall strategy.
• Information, Communication & Reporting includes applying ERM to ESG-related risks by consulting with risk owners to identify the most appropriate information to be communicated and reported internally and externally to support risk-informed decision-making.

In conclusion, effective risk management is critical for organizations of all sizes and industries and can be ensured by closely embedding ESG issues within it.