As evidenced by last month’s United Nations Climate Change Conference (a/k/a “COP26”) in Glasgow, Scotland, global leaders are keenly focused on climate-change and the environment. As a result, companies across all industries are rightly targeting the “E” branch of the ESG (Environmental, Social, and Governance) tree. Specifically, companies large and small are pledging their commitment to, among other environmental principles, renewable energy infrastructure and carbon footprint reduction. But they should not ignore the social and governance principles that are also a target of global regulators. Indeed, companies that fail to address human capital, data privacy, and Diversity, Equity, and Inclusion (DEI) issues may expose themselves to significant financial, reputational, and other regulatory risks. In this article, we focus on the “S” and “G” in ESG and how companies may become industry leaders in all three of these branches.

Defining S and G

In order to provide ESG best-practices to companies, we should first define the acronym. The environmental branch of ESG is relatively self-explanatory and includes climate change, greenhouse gas emissions, air and water pollution, energy consumption, water usage, waste and recycling, and environmental justice. As detailed in our prior ESG Risk and Compliance article – Mandatory ESG Disclosure Rules are Coming – the components of the social and governance branches, on the other hand, are less obvious and oft-defined as follows:

The Social Branch: This includes workplace and product safety, employee DEI, fair pay and benefits, training, collective bargaining, human rights, charitable contributions, community programs, cybersecurity and data privacy, and supply chain management.

The Governance Branch: This includes board diversity and independence, corporate culture and values, executive compensation, and political contributions and lobbying.

Focusing on S and G

The increased focus on ESG, including the social and governance branches, is readily apparent. Accenture’s 2021 Global Risk Management Study found that 77% of risk leaders believe that complex, interconnected new risks are emerging at a more rapid pace than ever before. We specifically highlighted “S” and “G” risks such as “supply-chain disruptions, impacts of cyber-attacks, data and privacy breaches, challenges of virtual working, consumer expectations and behaviors.” We also found that 26% of risk leaders mention that “improving governance, risk and compliance capabilities is a top priority.”

And it’s not only internal company stakeholders who are prioritizing ESG. Additional data reported in The Wall Street Journal suggests that shareholders and customers are also pressuring companies on “S” and “G” issues, including the diversity, or lack thereof, on companies’ boards of directors. Although this data indicates that boards of public companies are more diverse than ever, the increase in diversity is uneven, with smaller companies lagging behind their larger counterparts and half of companies adding no new diversity to their boards.

Regulating S and G

As the attention to social and governance issues grows, we should be clear about the U.S. and global regulators shining a spotlight on ESG. Among U.S. financial regulators, the U.S. Securities and Exchange Commission (SEC) is at the forefront of ESG compliance. In particular, the SEC is currently working on public company disclosure requirements for ESG. Just last month, the Chair of the SEC, Gary Gensler, highlighted in a fireside chat with New York University that companies may need to disclose “human capital” and DEI data with “more specificity.” Gensler indicated that he is inclined to require that these disclosures be included in companies’ annual reports, rather than simply on their websites, and that the disclosures be mandatory, rather than merely voluntary. Further, the SEC’s new Director of Enforcement Gurbir Grewal discussed corporate responsibility and gatekeeper accountability during SEC Speaks 2021, including the impact that deceptive practices and misconduct have on customer and investor trust as well as the overall wellbeing of the economy. Specifically, Grewal cited the possibility of “charging public companies for misleading disclosures about cybersecurity events, or for inadequate controls related to such disclosures,” which as noted above is a factor in the “S” branch of ESG.

Notably, several U.S. federal and state regulators have already taken action on the “G” branch. For example, on August 6, 2021, the SEC approved rules submitted by The Nasdaq Stock Market LLC (“Nasdaq”) to advance diversity among boards of directors through a “comply or disclose” framework. Under this Nasdaq rule, parts of which will go into effect in 2022, certain Nasdaq-listed companies will be required to (1) annually disclose statistical information about their boards’ voluntary self-identified gender and racial characteristics and LGBTQ+ status; and (2) either include on their boards, or publicly disclose why their boards do not include, a certain number of “diverse” directors. Similarly, California now requires public companies headquartered in the state to have at least one board member from an underrepresented community by the end of 2021 and at least two or three – depending on the board’s size – by the end of 2022.

Additionally, the European Union, which is universally viewed as a leader in ESG regulations, has issued the Sustainable Finance Disclosure Regulation (SFDR) and the Corporate Sustainability Reporting Directive (CSRD). As evident from their titles, these regulations/directives also target “S” and “G” reporting and disclosures requirements. The SFDR lists the requirements for assessing risks with accurate/complete data around sustainability initiatives versus risks, as well as the targeted actions that demonstrate how companies are committing to social objectives. The CSRD requires specific information to be disclosed around social matters, employee treatment, respect for human rights, anti-corruption/bribery, and board diversity (e.g., age, gender, education, and professional background).

Balancing E with S and G

It is axiomatic that no company is perfect from an ESG standpoint and that there is always room for improvement. Indeed, large multinational companies, conglomerates, and especially financial

institutions and BigTechs, are being intensely scrutinized for, among many “S” and “G” criteria, their socially responsible behaviors, data/consumer protection, alleged antitrust/monopolistic practices, workplace safety and DEI, the independence of their boards of directors, and the quality of their public disclosures involving these and other issues.

As a result, companies should assess their business operations with respect to all of the above-enumerated social and governance principles. Business transformation coupled with fast evolving regulatory and societal expectations necessitate highly effective “S” and “G” risk monitoring. As companies seek to improve their approaches to ESG, it is critical that they be:

  • Transparent about ESG efforts as supported by auditable data.
  • Proactive in identifying ESG priorities and leadership commitment to same.
  • Aligned on enterprise and department-level operational, policy, and cultural changes.
  • Active in prioritizing and embedding ESG initiatives in business strategy and growth.
  • Consistent in assessing annual ESG maturity goal progressions and, as necessary, re-aligning where the E, S, or G branches are falling short.

In sum, while the “E” branch of ESG is more easily quantifiable – e.g., data on GHG emissions, water usage, and recycling may be readily accessible and calculated – it is more difficult to measure the soft qualitative aspects of the “S” and “G” branches, such as social responsibility, corporate governance, and related issues.  That said, one glass half full does not compensate for two glasses empty.  Simply put, a company may not be excused for its failings vis-à-vis the “S” and “G” by its relative successes vis-à-vis the “E”.  The lesson here is clear: as U.S. and global ESG regulations increase exponentially, companies should comply with all three branches of the ESG tree.  If companies ignore any of these branches, they and we will suffer the inevitable consequences.

In our next blog post in this series, we will discuss how to collect, aggregate, and measure the “S” and “G” data.

Aaron Mendelsohn

Aaron Mendelsohn

Principal Director, Risk & Compliance

View Profile

Aisha Kafati

Aisha Kafati

Senior Manager – Strategy & Consulting

View Profile


Submit a Comment

Your email address will not be published.