Best Practices for Managing ESG in the Boardroom

Investors and stakeholders increasingly understand that long-term success is directly affected by how a company and its Board of Directors (the “Board”) manage environmental, social, and governance (“ESG”) factors. Best practices require that a Board establish and implement a framework for managing ESG concerns to avoid potential issues that may negatively impact the company or its stakeholders. For example, the failure of a Board to adequately address an ESG issue may result in poor market performance, a decline in company share price, and regulatory or legal action. A Board needs to ensure that its company stays up-to-date on mandatory ESG-related disclosure requirements. Regulatory authorities such as the U.S. Securities and Exchange Commission, European Commission, and Canadian Securities Administrators, including the Ontario Securities Commission, are frequently publishing updates and notices of changes to the disclosure regime. When tackling ESG concerns such as climate change impacts and Board diversity, how can a corporate director avoid facing peril?

ESG Risk Oversight

This article will outline the director’s obligations concerning ESG oversight and provide a framework that Boards can utilize to identify and evaluate ESG risks.

ESG Risk Management Framework

To effectively address ESG, a Board must have mechanisms in place to ensure that it understands how ESG issues may impact the company. This does not mean that directors and Boards must be involved in day-to-day risk management, but rather that directors must fulfill their role in risk oversight. Proper risk oversight of a company requires directors to be accustomed to the company’s ESG risk management policies and procedures. If directors do not disclose material ESG risk and maintain proper oversight, they may face discontent among shareholders, potential litigation, damage to their reputation, or regulatory investigation.

In developing ESG risk management policies and procedures, the company and the Board should establish an appropriate governance structure and allocate the roles and responsibilities of directors and different Board committees. The designation of specific roles ensures that each party knows who is responsible for certain tasks. To determine if ESG risk oversight should be allocated to the full Board or a committee, the Board should consider the nature of the ESG issues, the level of expertise required, the time commitments to achieve meaningful oversight, and the mandates of existing Board committees, if any.

A robust ESG risk management framework within a company is integral to the overall culture and success of business operations. ESG procedures and policies will look different for each company depending on its industry and the type of business, but generally, an ESG risk management system should:

1. identify material ESG risks promptly;
2. implement appropriate ESG risk management strategies that align with the company’s business strategies and ESG risk profile;
3. integrate ESG risk and risk management into corporate strategy and business decision-making; and
4. properly document and communicate necessary information on ESG risks to applicable parties such as employees, shareholders, and senior executives.

To properly manage ESG risk, the risk must first be identified; to identify risks, companies must develop reporting procedures to gather high-quality ESG data. To maintain consistency among different data sets, companies should aim to have a standard process and create central repositories or reference sets for recording ESG data. Ideally, having automatic processes to record data as opposed to manually adding data would minimize errors in data sets.

Given the wide-ranging nature of ESG, a Board should focus on risks and opportunities that are material to its business. Companies may consult an established ESG framework to ensure that all ESG risks are identified or consider whether their stakeholders have a preference for a specific disclosure regime. A Board should also know what is expected of the company in terms of ESG disclosure based on the standards specific to its industry.

Once ESG risks are identified and risk management strategies are implemented, these should be integrated into the company’s corporate strategy and business decision-making. The ESG risks should be assessed and evaluated by the proper parties to determine which actions would best address or mitigate potential issues. Boards should look to establish ESG metrics and targets to track progress and measure and improve their companies’ ESG performance. When establishing ESG metrics, Boards should not only leverage metrics established by various governmental bodies and industry associations but also establish ESG metrics that are specific to the operations of the business and the industry in which it operates.

Once the ESG policies and procedures, including setting ESG metrics and targets, are established and implemented, directors should then ensure that they are functioning in the way the Board and executives intended. To be effective, employees of the company must not only be aware of the ESG policies and procedures, but they must also follow the framework to properly recognize and appropriately escalate ESG risks. The Board must be aware of and align the company’s ESG risk profile and the principal ESG risks on an ongoing basis. To achieve this, the Board should continuously engage in discussions with management regarding potential ESG risks. The Board should also consider incentivizing senior management to meet the company’s ESG targets through ESG metrics in their executive compensation plans. ESG policies should also include procedures designed to ensure that any information required to be disclosed by the company, whether in its annual filings or other reports, is communicated to senior management as appropriate to allow timely decisions regarding disclosure. For public companies, certain ESG disclosure obligations may be dictated by regulatory authorities that have established mandatory ESG reporting requirements. In addition, stakeholders of the company, such as shareholders or lenders, may require the company to provide non-regulatory reports on ESG matters. The Board must be aware of what is required to be disclosed in each instance and whether an ESG concern meets the materiality threshold that means it must be disclosed. Determining materiality in ESG can be complex; public companies can engage third parties to assist with materiality assessments to assist in determining whether a matter should be included in an ESG disclosure the company may make.

ESG Expertise of Board Members

According to PwC’s 2021 Annual Corporate Director Survey, when directors and executives were both asked how well their Board understood ESG matters, 80% of directors felt that their Board understood ESG matters very or somewhat well. In contrast, when executives were asked the same question, only 47% of executives felt that their Board had a good handle on ESG matters. A Board and the company’s directors should perform ongoing evaluations of whether its members possess the requisite expertise to understand and advise the company on ESG issues. This includes understanding best practices and nuances specific to their market and assessing performance standards when comparing their company to similar companies in the same industry. Therefore, determining the expertise of each board member with respect to ESG matters is essential when assigning roles and assessing ESG risk. As ESG is continuously evolving, directors should consider ongoing training to ensure they have the knowledge to address complex issues relating to ESG.

Conclusion

As a best practice, directors should ensure that the company has an ESG risk management policy that is aligned with the company’s values and is observed by all of its employees and suppliers. Once ESG risks are identified and communicated, directors must then evaluate the ESG risk and implement an appropriate strategy to address the risk. The chosen strategy should then be monitored, reviewed, and appropriately then documented and communicated.