The types of risks facing organizations have evolved tremendously over the past decade. Ten years ago, economic risks dominated the Global Risk Report by the World Economic Forum (WEF), which identifies the top threats facing our world by likelihood and extent of impact. In the 2020 report, seven of the top 10 risks by likelihood and eight of the top 10 risks by impact are related to environmental, social or governance (ESG) issues.
Topics such as climate change and social inequity are transforming the business environment and driving the evolution of ESG risks and opportunities for organizations. Stakeholders — including investors, regulators, customers and employees — increasingly expect organizations to manage the impacts of these issues.
Audit committees have a key contribution to make. An organization's strategy to manage and report on ESG performance links to essential functions of the audit committee, including governance, reporting and disclosure, risk management and internal controls.
COVID-19 has significantly influenced how stakeholders and organizations approach ESG. While climate risk has remained front and centre, the impacts of the pandemic have been well documented and now place social risks on an equal footing in their ESG priorities. In KPMG's 2020 Canadian CEO Outlook report, 76 percent of Canadian CEOs agree that they need to take a lead role in driving change on societal issues, and 64 percent say the pandemic has shifted their focus to the social component of ESG.
Despite the recognized importance of ESG performance and reporting, many organizations are overwhelmed and challenged by the array of existing ESG standards and frameworks – there remains an overall lack of a universally accepted approach. Regulators, investors and third-party ESG ratings providers often request different disclosures or data, leading to a lack of consistency and comparability. Audit committees need to stay attuned to what's happening in this rapidly evolving and overcrowded space.
The drive to standardize
Important developments occurred in September 2020, all aimed at tackling the patchwork approach to reporting. The International Business Council of WEF, working closely with KPMG and other accounting firms, recommended a universal set of material ESG metrics and disclosures for companies. Further, the International Federation of Accountants called for the creation of an International Sustainability Standards Board alongside the International Accounting Standards Board under the IFRS Foundation. Finally, five of the organizations which have created ESG-related standards and frameworks announced a shared vision for a comprehensive corporate reporting system and a commitment to collaborate to achieve it.
While momentum continues to build for a common set of consistent and comparable social and environmental metrics, audit committees can't afford to wait for a global consensus. Institutional investors already expect organizations to follow best practices and industry-specific guidelines set out by such organizations as the Sustainability Accounting Standards Board and the Financial Stability Board's Task Force on Climate-related Financial Disclosures.
Audit committees play a critical role in ensuring that companies understand the growing investor attention on ESG and how these issues affect business risk, performance and access to capital.
Investors care about ESG
An increasingly significant stakeholder group is the institutional investor who is steadily adopting sustainable investing strategies and, in some cases, moving towards investor activism. The United Nations Principles for Responsible Investment, representing 2,300 institutional investors with more than $85 trillion in assets under management, states that many are now calling for a more human-centric model, or perhaps a "new social contract" for business, that addresses the economic and health impacts, as well as the inequalities of current systems.
As access to capital is becoming more reliant upon the approach taken by these institutional investors, audit committees need to ensure that the organization is identifying, managing and responding to ESG risks and opportunities, both within the organization and within the broader value chain. Audit committees should play a role in ensuring that management conducts a prioritization assessment to identify which ESG topics matter most to both stakeholders and the organization, and uses these to guide their reporting and disclosure strategy.
The role of audit committees
The audit committee's deep understanding of internal controls, policies and reporting puts it in a good position to challenge management, including the finance function, to develop systems and processes for ESG risk and opportunity identification, create resilient strategies to manage these risks and seize these opportunities, and develop metrics and reporting to monitor these topics.
What should audit committees be asking?
- What are the ESG frameworks, management standards and reporting standards most commonly adopted in our industry and jurisdiction?
- What are the ESG disclosure requirements of our providers of capital and are we adequately responding to their needs?
- Are material ESG risks and opportunities sufficiently integrated in our strategy, and are we staying up to speed on how management is progressing toward achieving related targets?
- Are material ESG risks sufficiently integrated in our ERM framework, and do all three lines of defence sufficiently understand these non-traditional risks?
- Do we obtain any assurance over ESG data? Are we aware of what is being assured and by whom?
- Do we understand how emerging ESG issues may be transforming our business environment, and what the impact could be on our strategy and business model?