Best Practices for Integrating ESG into Your TPRM Programs
January 13th, 2022
This article originally appeared in the inaugural issue of Risk & Resilience Magazine, the theme of which focused on Environmental, Social, Governance (ESG).
As consumers turn attention to companies’ sustainability, the need for ethical practices in production and distribution is no longer an option. In addition to the consumer and reputational considerations, regulators are focusing on ethical practices and are developing new Environment, Social and Governance (ESG) legislation. With these factors in mind, companies must closely examine their supply chains, recognize unethical practices within their production and distribution networks, and bridge any gaps between ESG and TPRM.
A More Socially-Conscious Consumer Landscape
Ethical consumption, a type of consumer-based activism through supporting companies with ethical practices, is on the rise. In a 2020 study by professional services firm, Accenture, data showed that 60% of participants were making more sustainable, ethical, or environmentally-friendly purchases since the start of the COVID-19 pandemic.
“As companies move forward, they must have the capabilities to understand and deliver on consumers’ wants and needs and strive to outmaneuver uncertainty in this new era.”
Consumers are basing their purchases on the ethical practices of the businesses. And this information is easy to access as companies become more transparent due to increased consumer focus and demand. Such transparency, while necessary, can also expose reputational vulnerabilities. If a company’s third party does not meet sustainability expectations of customers, regulators, or the local community, the company can face reputational damage. An example of this could be negative news coverage due to harmful environmental or human rights practices within your supply chain.
The SEC’s Key Steps for Boards to Maximize ESG Opportunities
Embracing new initiatives is not always easy, and must come from the top down. In a speech presented on June 28, 2021, the U.S. Securities and Exchange Commission’s (SEC) Commissioner, Allison Herren Lee, emphasized the importance of board buy-in for ESG initiatives.
“These developments place even greater responsibility on companies, and therefore boards, to integrate climate and ESG into their decision-making, risk management, compensation, and corporate transparency initiatives.”
Commissioner Allison Herren Lee
In her speech, Commissioner Lee provided recommendations for boards to begin embracing and enacting ESG programs:
Increase Board Diversity:
A 2019 report stated that only 6% of corporate directors in the US identified climate change as a primary area of focus for the upcoming year and 56% of directors thought attention on sustainability issues was overdramatized. Partly because of this, investors expect companies to diversify their boards. This presents opportunities through bringing in new ways of thinking, allowing for “more current and proactive approaches to climate and ESG governance.”
Increase Expertise of the Board:
To keep up with the demand for these types of programs, boards must broaden their knowledge on ESG and sustainability measures. This can be done by including ESG considerations when nominating new board members and directors, providing ESG training to increase board knowledge, and engaging outside experts to offer guidance.
Promote Management Success:
Providing executive compensation for embracing ESG efforts can be a powerful tool for executing new company goals. Compensation can be tied to reducing carbon emission and embracing workplace diversity, but also through committing to new strategic priorities that matter to customers and investors.
Bridging Gaps Between ESG and TPRM Programs
Despite the increased focus on ESG as seen in Commissioner Herron’s speech, Dun & Bradstreet has reported that 43% of companies struggle to identify ESG factors as part of their due diligence processes. Examining your supply chains, processes, and activities of your vendors is the first step towards eliminating unethical practices.
Steps for structuring ESG into an existing TPRM program include:
Identify the scope of the ESG program:
The needs of each company are different and each has special considerations in terms of manufacturing, distribution, and supply chains. Your ESG program should be structured around current risk profiles, how third parties are utilized and managed, which regulations apply, and your company’s ESG policies.
Identify ESG risks for each third party:
To manage ESG risk as a whole, first identify ESG vulnerabilities within each of your suppliers. Pre-contract, examine how each supplier operates, the risks it presents to your company, and any fourth or nth parties they engage with that can affect your supply chains. A short initial risk questionnaire can help expose areas of risk that you want covered by enhanced due diligence. It’s often a good practice to run potential suppliers through an ABAC screening at this stage, to ensure they are not on any watch or sanctions lists.
Perform initial and ongoing due diligence:
When it comes to onboarding new suppliers, make sure all processes are documented, and that the potential relationship is validated with ESG assessments. This is not a one-time activity, and continuous due diligence should be performed utilizing inspections, assessments, and questionnaires.
Use a combination of risk assessments and risk intelligence data to assess:
Bribery and corruption: Run the supplier through ABAC screening at the entity level, and for beneficial owners. Negative news feeds and corruption ratings can also provide data points to supplement your risk assessments.
Data protection and privacy: ESG includes an organization’s approach to how personal information is protected and used. This is an area of regulatory focus, and one of ongoing social focus and activism. Learn how your suppliers address the privacy and data protection of individuals.
Environmental practices: Gain understanding into your suppliers’ policies and commitment to environmental matters beyond just climate change. Leveraging sustainability ratings, like those from Ecovadis and Refinitiv, and risk ratings from Supply Wisdom, can provide extra layers of intelligence to assess and score your suppliers.
Ethics: Organizations are being judged by the company they keep, which means your supply chain must be ethical. Identify third parties’ code of conduct (and likewise they should attest to upholding yours). These need to be aligned. If not, you should question whether it makes sense to work with them.
Human Rights and Labor: Take appropriate measures to ensure your supply chain is free of modern slavery and human trafficking (MSHT). Increasingly, regulators are expecting more risk-based supply chain due diligence and actions taken to eliminate it. In addition to MSHT, suppliers’ work practices (safety, conditions, diversity, equity, and inclusion) should not only be compliant with regulations but aligned to your values as well.
Ongoing monitoring of third, fourth, and nth parties is important – it’s not a one-and-done exercise. Data feeds from ratings services can be used to support ongoing monitoring and trigger issue management and remediation activity if the rating of your supplier changes or if there’s an adverse incident.
Build up your ESG reporting:
Make sure that ESG-related processes, practices, and procedures for all vendors are documented and provide a transparent view into all activities. This will not only complement third-party lifecycle management but also provide the needed documentation and audit trail for reporting purposes.
Foster an ESG culture:
Promote ESG initiatives both internally and externally and make sure this is reiterated to suppliers and internal employees. Encourage employees to feel empowered to embrace ESG, and provide new ideas and processes.
“Most companies have existing risk professionals that are dying to talk to board members about ESG risks. Giving these people a voice is a huge part of ESG culture and maintaining an awareness of potential risks is critical to making necessary changes.”
Eric Hensley, Chief Technology Officer at Aravo Solutions
Collaborate with your suppliers:
When accessible, share data and ratings with your suppliers. Highlight areas where they can improve, and why these improvements are important in order to do business with you. Transparency and collaboration can push suppliers in the right direction, and the risk that you (and others in the business ecosystem) will not do business with them can be a highly motivating factor for them to improve.
ESG is a greater good that we should all play a part in. A rising tide lifts all boats, and organizations should embrace ESG as part of their TPRM program, rather than view it as a burden.
To read more about best practices for implementing and managing ESG programs, subscribe to Risk & Resilience Magazine and read our ESG issue!
Get in touch for a better approach to third-party risk management
The Definition of Better Business
Better business is built on acting with integrity. It commands better performance, delivering better efficiency, collaboration, and financial outcomes. It inspires trust. But better business is more than that – it’s about lifting the ethical standard of an entire business ecosystem to build a better world.