Regulatory risk related to ESG disclosures has rapidly risen to the second overall position, said Gartner recently when releasing its Emerging Risks Monitor Report.
The report is based on results of a survey of 153 senior executives in the second quarter of 2021.
“The survey data partly reflect a global inflection point as ESG disclosures move from voluntary to required,” said Matt Shinkman, vice president with the Gartner Risk and Audit Practice. “The major move towards the top of executives’ concerns suggests many organisations might be playing catch-up to this incoming reality.”
ESG regulatory requirements landed in the second position in 2Q21 after not previously registering in the top five risks in 1Q21, which still mostly reflected pandemic-related concerns, Shinkman pointed out.
Cybersecurity control failures, last quarter’s top risk, remained as the top risk reported in 2Q21, survey results indicate.
Investor pressure related to ESG disclosures is not a new concern for executives, but established regulatory frameworks are only just beginning to become effective in some jurisdictions, Gartner noted.
The UK has become the first country to require companies to report on climate change, with the EU adopting a universal classification system, the advisory firm pointed out.
Major Australian banks and insurers are publishing the first comprehensive climate change reporting framework, Gartner added.
Organisations will likely be faced with a patchwork of requirements until clear global standards emerge, the firm predicted .
A slower moving risk
While ESG regulatory requirements present a challenge to executives and their organisations this year, unlike many other “high velocity” risks, such as cybersecurity control failures, ESG is a slower moving risk, said Gartner
This presents proactive organisations and their enterprise risk management (ERM) teams with the ability to turn this area of risk into an organisational opportunity, the firm added.
The senior executives polled in the latest survey agreed with this sentiment, ranking ESG regulatory risk as the second most viable risk to be seen as an opportunity, behind diversity, equity and inclusion (DEI) responsiveness, a risk that contributes to an organisation’s overall ESG posture, survey results indicate.
“ESG can be a challenging and amorphous area for ERM teams to fully engage with,” said Shinkman. “With so much of the regulatory landscape yet to be written, ESG can present organizations and their ERM teams with opportunities related to being an early adopter in this space, potentially attracting new investors and ultimately reducing the cost of capital.”
Shinkman recommends that ERM teams coordinate across assurance functions and with the Investor Relations team to identify gaps in ESG-related risk management activities.
Recent Gartner research highlighted one such example of a potential gap, showing that only 8% of referenced ESG metrics among S&P 500 companies related to governance concerns.
“Organisations should seek opportunities to become early adopters of measures such as sustainability reporting and other established frameworks that are likely to be codified within a future global regulatory framework,” Shinkman advised.