Don't reinvent the wheel when managing sustainability-related risks

The International Sustainability Standards Board (ISSB) recently published its first two proposed standards setting out disclosure requirements relating to sustainability and climate risks.  The consultation of these proposed standards is due to close by end of July 2022.  These two upcoming ISSB standards are of significant importance to both corporations and investors.

ISSB was established at COP 26 under IFRS Foundation, with the mandate to deliver a global baseline for sustainability-related disclosure standards to enable capital market participants to make informed investment decisions. The proposals were built upon the Task Force on Climate-Related Financial Disclosures (TCFD) and Sustainability Accounting Standards Board (SASB) Standards.  In addition, IFRS Foundation announced its agreement with Global Reporting Initiative (GRI) to coordinate their standard-setting activities. The consolidation of reporting standards and alignment between IFRS Foundation and GRI will help to streamline the sustainability reporting process and enhance the consistency of the sustainability reporting format across the globe.

Risk management is a key component of the proposals, which requires the reporting entity to elaborate on processes the company has taken to identify, assess and manage “current and anticipated sustainability-related risks and opportunities and whether that process is integrated into its overall risk management processes”. Indeed, sustainability issues need to be integrated as part of the business and risk strategy; otherwise, the sustainability program itself is not going to be sustainable.

It is worth noting that ESG (Environment, Social, and Governance) is not a standalone risk type, but instead a holistic approach for investors to assess how a corporation manages its environmental and societal impacts and dependencies.  Like managing other risks, companies need to clearly articulate what “E”, “S” and “G” mean for their organization, and define the appropriate risk taxonomy.  Some of the risk types are not new to companies - for example, anti-corruption under “S” has been a risk type being managed by companies for many years.

Risks associated with “E”, “S” and “G” are not entirely dissimilar to other non-financial risk types, and the existing risk management toolkit used by risk professionals today is well-positioned to manage the new risk types arising from the sustainability concerns. Similarly, business and risk managers should understand the risks (both qualitative and quantitative) and determine the appropriate mitigation and adaptation strategies.