ESG Risks: Why ESG Risks Should Be on Your Radar

ESG Risks: Why ESG Risks Should Be on Your Radar

Environmental, social, and governance (ESG) risks are making waves throughout the corporate world. Recently, J. P. Morgan Chase announced plans to commit $2.5 trillion over ten years to “advance long-term solutions that address climate change and contribute to sustainable development.” Citi Bank has similarly committed $1 trillion for environmental, diversity, equality, and other socially responsible initiatives. Bank of America also set a goal of $1 trillion to push for environmental sustainability. With this much capital on the line, ESG risks must be on every risk management and internal audit professional’s radar.

What Are ESG Risks?

ESG risks include concerns related to environmental, social, and governance topics. In the past, many organizations viewed ESG as a compliance function instead of a socially responsible action. Policies would include references to health and safety regulations like OSHA in the US, which dictates specific areas for health and safety compliance in the workplace. Now organizations realize that ESG is a long-term commitment to their employees, their customers, and the company’s sustainability as a whole. On her first day as CEO, Jane Fraiser of Citi said, “Our commitments to closing the gender pay gap, to advancing racial equity, and to pioneering the green agenda have demonstrated that this is good for business and not at odds with it.” The flip side of this statement is that ignoring these initiatives presents a risk that auditors should investigate as an area for control.

How Can We Assess ESG Risks?

Assessing ESG risks will evolve, especially as risk managers and internal auditors become more familiar with ESG risk impact and socially responsible actions grow. To start, we can split the ESG factors into three categories and break these down into more detailed risks. The actual risks you add to your risk assessment may vary depending on the nature of your organization and industry.

Environmental Risk

Environmental risk is generally seen as a factor that contributes to climate change. Detailed risks would consider how the organization manages or supports others who manage areas like the transition to renewable energy, protection of the oceans, water conservation, waste reduction, and recycling.

Social Risk

Social risk is an ESG factor that includes fairness in recruiting, hiring, promoting, and paying all employees, all of which are factors in diversity and equity. Similar areas include bullying, sexual harassment, and discrimination. Social risks include providing services to economically depressed areas or supporting equality in education efforts for other organizations.

Governance Risk

In the context of ESG risks, corporate governance risk is the oversight and implementation of programs and processes to mitigate the risks discussed above. Without proper corporate governance, the environmental and social programs can lose momentum, and funding can be reallocated. Another risk to the ESG program occurs when policies are written but never fully implemented or enforced. The result of this risk is sometimes called performative activism, where the actions are high-level without substantial work to back up the stated commitments.

Understanding the Significance of ESG Risks

The domain of environmental, social and governance (ESG) risks has gained significant traction across various corporate entities. Notably, prominent financial institutions, including J. P. Morgan Chase, Citi Bank, and Bank of America, have pledged substantial financial commitments towards addressing ESG concerns. As these financial leaders acknowledge the gravity of ESG risks, it becomes imperative for risk management, internal audit professionals, and investors to prioritize the assessment and management of these risks. This article delves into the critical aspects of ESG risks and effective strategies for their inclusion in the audit plan, elucidating the pivotal role played by ESG risk management technology.

What Are ESG Risks and Why Should You Care?

Initially considered as merely a compliance function, ESG risks encompass a wide spectrum of concerns related to environmental, social and governance aspects. While conventional policies often emphasize adherence to regulations like the Occupational Safety and Health Administration (OSHA) in the US, businesses now recognize the profound impact of ESG as a commitment to employees, customers, and the company’s overall sustainability. From an investor’s perspective, understanding and addressing ESG risks have become imperative in evaluating the long-term viability and resilience of investment portfolios. With the increasing integration of ESG factors into corporate strategies and decision-making processes, investors are acknowledging the potential financial implications associated with environmental degradation, social controversies, and governance failures. This paradigm shift in investor sentiment is exemplified by the emphasis placed on ESG performance and transparency in investment evaluations, where companies demonstrating robust ESG practices are often perceived as more attractive investment opportunities. Industry leaders such as Jane Fraiser, CEO of Citi, have underscored the compelling business benefits intertwined with initiatives like gender pay gap closure, racial equity advancement, and environmental sustainability, emphasizing the relevance of ESG considerations not only for sustainable growth but also for enhancing investor confidence and trust in the company’s long-term prospects. A critical observation here is the inherent risk associated with overlooking these initiatives, warranting thorough investigation by auditors as a potential area for control to safeguard the interests of investors and ensure sustainable value creation.

How Do You Determine ESG Risk?

Understanding the intricacies of evaluating ESG risks is pivotal for proactive risk management. An effective approach involves categorizing ESG factors into distinct dimensions and subsequently dissecting them into granular risks tailored to the organization’s specific industry and operational landscape. These dimensions primarily comprise: 

Environmental Risk

ESG environmental risks pertaining to the potential adverse impacts on the natural environment and ecosystems due to business activities. These risks encompass a broad spectrum of challenges, including but not limited to carbon emissions, water and air pollution, deforestation, biodiversity loss, and depletion of natural resources. For corporations, these risks translate into the potential for regulatory penalties, public scrutiny, and damage to the brand’s reputation. Additionally, environmental and climate risks also pose a threat to the sustainability of the business itself, as they can lead to increased operational costs, supply chain disruptions, and a diminished ability to adapt to changing environmental regulations. To mitigate these risks, corporations are increasingly investing in sustainable practices, renewable energy sources, and emissions reductions, thereby demonstrating their commitment to environmental stewardship and resilience in the face of evolving environmental challenges.

Social Risk

Social risk encompasses a range of challenges that relate to a company’s impact on society, its own employee base and stakeholders, encompassing areas such as labor practices, human rights, community engagement, and diversity and inclusion (DEI) metrics. For corporations, social risks can manifest in the form of employee discontent, public backlash, and negative consumer perception, thereby eroding the brand’s reputation and consumer trust. In our socially conscious landscape, businesses are increasingly expected to uphold ethical labor standards, promote DEI, and contribute positively to the communities in which they operate. Failure to address social risks adequately can result in reduced employee morale, higher turnover rates, and diminished consumer loyalty, ultimately impacting the company’s bottom line. Consequently, corporations are actively adopting social responsibility initiatives, implementing fair labor practices, and engaging in philanthropic endeavors to foster a positive social impact and build robust relationships with stakeholders.

Governance Risk

Governance risks revolve around the structures, policies, and practices that dictate how companies are managed and controlled. These risks encompass issues such as board effectiveness, transparency, regulatory compliance, and ethical standards. Inadequate corporate governance can lead to a host of challenges, including internal conflicts, mismanagement of resources, and regulatory non-compliance, all of which can severely undermine the organization’s credibility and long-term viability. Furthermore, weak governance can contribute to a lack of accountability and transparency, resulting in a loss of investor confidence and potential legal repercussions. To mitigate governance risks, corporations are focusing on enhancing board oversight, implementing robust compliance frameworks, and fostering a culture of accountability and ethical decision-making and disclosure. By prioritizing sound governance practices, corporations can instill trust among stakeholders and shareholders, attract responsible investment, and ensure sustainable long-term growth.

Managing ESG Risks: Strategies for Effective Risk Mitigation and Decision-Making

Mitigating ESG risks necessitates an integrated approach that involves leveraging robust risk management capabilities. Incorporating a comprehensive risk management application tailored to the organization’s specific requirements is instrumental in fortifying the resilience of the business and facilitating informed decision-making processes. By adopting a proactive stance towards ESG risk management, businesses cannot only avert potential pitfalls but also harness these challenges as opportunities for driving sustainable growth and bolstering their competitive edge.

How Can We Assess ESG Risks and Incorporate Them into Our Audit Plan?

Incorporating ESG risks into the audit plan requires a meticulous understanding of the evolving nature of these risks and their broader impact on the organization. While some might perceive these risks as part of compliance or reputation concerns, ESG risks transcend these boundaries, demanding a specialized focus. Integrating ESG risk assessment into the audit plan entails strategic planning and a nuanced comprehension of the significance of such risks for sustainable growth and responsible corporate stewardship. A systematic approach and roadmap to incorporating ESG risks into an audit plan can include:

  1. Risk Identification: Conduct a thorough assessment to identify and categorize pertinent ESG risks to the organization’s industry and operations, including ESG issues, climate change, and supply chain risks.
  2. Prioritization: Once the ESG risks have been identified, it is crucial to quantify and prioritize these risks based on their potential impact and likelihood of occurrence, including financial performance and sustainability considerations.
  3. Integration into Audit Framework: Incorporate ESG risks seamlessly into the existing audit framework by aligning them with the organization’s overall risk management strategy and objectives, integrating ESG data and reporting.
  4. Stakeholder Engagement: Engage with key stakeholders, including employees, investors, customers, and regulatory bodies, to gather insights and perspectives on the identified ESG risks, sustainability, and profitability potential.
  5. Monitoring and Reporting: Establish a robust monitoring and reporting mechanism to track the effectiveness of the integrated ESG risk management framework, including ESG reporting and board of directors oversight.
  6. Continuous Improvement and Intentional Adaptation: Embrace a culture of continuous improvement by fostering a dynamic and adaptable approach to ESG risk management, including the implementation of ESG frameworks, transparent disclosures, and climate change considerations.

Embracing ESG Risks as Catalysts for Sustainable Growth

The escalating significance of ESG risks necessitates a paradigm shift in the approach towards risk management and corporate governance. With investors increasingly recognizing the material impact of ESG factors on the financial performance, profitability, and long-term viability of companies, businesses are compelled to embrace ESG considerations as fundamental drivers of sustainable growth and value creation. Integrating ESG metrics and targets into the core fabric of the business not only ensures regulatory compliance but also enhances the company’s resilience to market volatilities and socio-environmental challenges, thereby safeguarding investors’ interests and fostering investor confidence. By prioritizing ESG issues, companies can foster a culture of accountability and ethical stewardship, demonstrating a proactive commitment to mitigating risks and leveraging opportunities associated with environmental stewardship, social responsibility, and robust governance practices. This strategic alignment with ESG principles not only serves as a safeguard against potential financial risks but also positions the company as a responsible and forward-thinking investment option, attracting a growing base of ESG-conscious investors who prioritize sustainable and ethical investment opportunities, along with long-term profit. Moreover, by embedding ESG practices into their business strategies, such as ESG benchmarking, sustainability reporting, transparent ESG disclosures, and acquiring ESG scores, companies can proactively adapt to evolving regulatory landscapes and consumer preferences, ensuring enduring success and sustainable growth in an increasingly competitive and socially conscious market environment.

ESG Risk Management Technology: Leveraging Innovation for Enhanced Performance

Harnessing technological solutions for ESG risk management is pivotal for streamlining operations and enhancing performance. Building a repository of tailored risks and controls specific to the organization within a comprehensive risk management application enables efficient risk mitigation and fosters the maturity and growth of the risk management team. Exploring advanced solutions such as AuditBoard’s modern connected risk platform amplifies your capabilities, offering seamless management, automation, and streamlining of the risk management program. With AuditBoard’s intelligent and collaborative platform, businesses can transform ESG risks into strategic opportunities for sustainable development and heightened competitiveness, ensuring a proactive approach to addressing the multifaceted challenges of the modern ESG landscape.

Explore AuditBoard’s Modern Connected Risk Platform

Elevate your risk management capabilities and drive sustainable growth with AuditBoard’s intelligent, collaborative, and connected risk management platform. With AuditBoard, you can:

  • Access Connected Insights: Gain a comprehensive view of audit, risk, IT security, and ESG data, enabling informed decision-making and proactive risk mitigation strategies.
  • Foster Collaborative Teams: Empower your teams with a user-centric experience and seamless collaboration capabilities, ensuring alignment and efficient coordination across all lines of defense.
  • Automate Workflows: Streamline your audit, risk, IT security, and ESG programs with a purpose-built automation system, enabling efficient content generation, intelligent insights, and streamlined interactions for enhanced operational efficiency.
  • Gain Holistic Risk Visibility: Leverage AuditBoard’s single system of record, providing real-time reporting and a holistic view of risk across solutions and teams, ensuring that no critical insights or data points go unnoticed.

Join the ranks of the Fortune 500 companies leveraging AuditBoard to propel their businesses forward with greater clarity and agility. Elevate your risk management and ESG strategies today with AuditBoard’s transformative cloud-based platform, designed to meet the evolving challenges of the modern business landscape. Schedule a demo of our ESG software now to experience the power of AuditBoard’s integrated risk management solutions and take your ESG program to new heights.


Wole Segun was Senior Manager of Solutions Advisory Services at AuditBoard. Wole joined AuditBoard from EY, where he spent 10 years providing business consulting services around Internal Audit, SOX compliance, and Enterprise Risk Management to clients across multiple industry segments. Connect with Wole on LinkedIn.