The COVID-19 pandemic has undoubtedly caused the largest economic and societal shock the world and risk management have experienced this century. Yet it was not unforeseen. As far back as 2006, the annual Global Risks Report from the World Economic Forum warned that a pandemic was an ‘acute threat’ across all industries globally. This year’s WEF report expands into new dimensions of risk, such as the consequences of digital inequality and cybersecurity failure. Meanwhile, the 2021 report from the Intergovernmental Panel on Climate Change sounded a ‘code red for humanity’ – setting out in the starkest terms that the risks of inaction on climate change are now irrefutable.
What all of these risks have in common is that they threaten or disrupt not only economies but, more importantly, the wellbeing and sustainability of humanity and the planet. It’s logical, therefore, to conclude that they are challenges that demand global cooperation and societal cohesion to overcome.
Getting to grips with sustainability impacts
At the corporate-level, effective, pre-emptive, and dynamic enterprise risk management is more relevant than ever. That is why the role of risk manager is no longer confined to traditional financial risks and regulatory expectations but progressively is contributing more into how to support a sustainable business model. The GRI Standards – the world’s most widely used and comprehensive sustainability reporting standards – enable organizations to assess and communicate their impacts, which is increasingly relevant from the perspective of risk management. The revised Universal Standards – launched this month – re-emphasized the scope of impact needs to be inclusive of potential risk.
The World Business Council for Sustainable Development (WBCSD) describes sustainability risks as uncertain social or environmental conditions that could cause significant negative impacts on the company. As the pandemic has proven, these risks can pose existential threats to companies. Or, as former US Secretary of State Condoleeza Rice put it: “sustainability is a multiplier of risk”, exponentially increasing volatility and uncertainty.
What this means is that, to be successful over the long-term, businesses must not lose sight of their sustainability risks. Against this backdrop, a recent GRI webinar, Aligning Sustainability and Risk Management, explored the ways that the integration of sustainability was shaping the role of risk managers, increasingly their relevance to the organizational transformation process. Here we share some of the insights from the session, which was the second in our Building Leadership for Sustainable Business Expert Series.
Incentivizing risk analysis
Constant Van Aerschot, Director of WBCSD Asia Pacific, pointed out that many companies tend to treat sustainability issues separately from risk issues. A recent WBCSD report on integrating sustainability and enterprise risk revealed that companies recognize that the material topics in their sustainability reports have a financial impact – yet these same companies often fail to address ESG-related risks in their annual risk filings.
Priya Bellino, Ernst and Young’s ASEAN Head of Sustainability and ESG for Financial Services Consulting, emphasized the role of financial institutions in encouraging companies to manage sustainability risks. The example she shared was in the real estate sector. Climate change and extreme weather events are exposing physical assets to a much higher risk, which affects the value of real estate portfolios. As a consequence we are seeing more incentivization through green building financing and the adoption of green certifications.
To access new opportunities, companies need to measure and monitor “investment-grade sustainability performance”. That cannot be achieved without reliable and comparable disclosure – with Priya acknowledging that GRI reporting helps the company to deliver the required ESG data.
Yet – as Tony Rooke, Director of Climate Transition Risk at Willis Towers Watson, set out – determining the right ESG data points is a crucial step on the journey to understanding risks and achieving sustainable business outcomes. Tony went on to share that, for companies to begin to understand their role in tackling global risks, such as climate change, the market needs to further develop or create a reward system for those who transition to zero carbon business models.
The future of risk management
According to the 2020 State of Risk Oversight report, from the Enterprise Risk Management Initiative, 54% of large organizations and 58% of public companies have appointed a Chief Risk Officer (CRO). With the growth of the role, we have also seen increases in scope – helping organizations identify, analyze and mitigate their risk exposure. So, it is clear that many organizations are recognizing effective risk management as a key ingredient to the long-term wellbeing of the business.
Where the CRO evolution can and must deepen is in the correlation between enterprise risk and sustainability risk. Having a CRO that leads on sustainability is a good sign that a company is resolute in its sustainability commitment. The CRO does not have to be a know-it-all; more important is that they have the competencies to lead and build a team, collaborate with external stakeholders such as investors and regulators, bringing the ESG and conventional risks strands together into a single, meaningful narrative.
As Ricardo Nicanor N. Jacinto, Trustee of the Institute of Corporate Directors Philippines, articulated, the CRO is fast becoming “both the risk culture custodian and champion”. That is increasingly significant as the challenges of COVID-19 underline that we live in a volatile, uncertain and complex world. Therefore, whatever is up next on the risk forecast – be it this pandemic, the climate crisis or a yet to be defined new threat – having the expertise to assess the multiple and concurrent sustainability risks facing the business is more essential than ever before.
Lany Harijanti, ASEAN Regional Program Manager, GRI