How Aligning Sustainability and Risk Can Overcome Organizational Blind Spots

How Aligning Sustainability and Risk Can Overcome Organizational Blind Spots

One of the most striking trends in sustainability over the last few years has been the demand from companies to help them align sustainability and enterprise risk management (ERM) frameworks. This work has proved to be highly effective in helping our BSR member companies integrate sustainability, address blind spots, and develop more robust strategies. As one of our member companies commented in a recent interview: “Companies that have a well-developed ERM process are far better at managing sustainability issues.”

While practitioners of risk and sustainability have reason to be skeptical of each other, the current approach fosters institutional blindness and narrow thinking. On reading a corporation’s annual report and then perusing its sustainability report, they might as well be different companies. Risk disclosures are biased toward the selection of only the issues on which the company can take direct action to mitigate; its sustainability disclosures risk coming off as marketing exercises that feature happy children and questionable data. The current divide is in no one’s interest, and changes in the world are forcing both parties and organizational management to rethink.

The Current Approach

Until recently, sustainability practitioners tended to dismiss risk-led approaches as regressive. Early corporate social responsibility efforts focused on philanthropism divorced from the core business; this evolved into compliance-driven risk-reduction work focused on the supply chain. Both approaches were eclipsed by concepts of “shared value,” which hold that companies should pursue sustainability initiatives that simultaneously create business value and address societal concerns. Growth and innovation, not risk reduction, is the goal of this approach to sustainability. Inspired by the chance to build a more just, equitable world, corporate sustainability leaders want to alert senior leaders to sustainability’s transformational opportunities, not focus exclusively on narrow risk-reduction efforts in energy use, recycling, and health and safety. 

For their part, risk management professionals tend to regard sustainability as vague and grandiose. ERM categorizes business risks and then measures their impact and likelihood before and after mitigation efforts. The focus in sustainability on “material priorities” does not slot easily into these frameworks. Materiality assessments consider the overall relevance of issues to a business and to society according to a variety of qualitative and quantitative approaches. While they do seek to determine an issue’s impact on the business—distinct from the issue’s impact on stakeholders—they do not translate these issues into plausible events or evaluate their likelihood. These limitations can make it difficult to differentiate between strategic sustainability opportunities and “table stakes” compliance issues. Indeed, assigning internal ownership of such issues as climate change or economic inequality lies somewhere between challenging and impossible. The effects of these risks are broad and unpredictable, with mitigation responsibilities crossing several departments. No company can address these risks solely through its own actions. It is far easier to leave them off the list.

If priority sustainability issues can be evaluated using risk management tools, goals, actions, and programs will become much more rigorous and robust.

A Path Forward

In the 2019 World Economic Forum list of global risks, the primary items are not economic or geopolitical. Mounting investor interest in climate change is driving broader consideration of the financial consequences attending systemic environmental and social risks, which have eclipsed governance issues as focal issues for activist investors in the past several years. The new chief executive officer of the Sustainability Accounting Standards Board recently declared that “sustainability isn’t new; it is the new face of risk.”

The World Business Council for Sustainable Development (WBCSD) and the Committee of Sponsoring Organizations of the Treadway Commission (COSO) have published a wealth of innovative thinking on how best to practically align sustainability and risk concepts. These approaches will help integrate sustainability into core business decisions, driving a more robust, differentiated understanding of risk. This will help focus proper consideration of a company’s impact on its environment and on potential consequences for the company’s reputation—itself an ever-tighter feedback loop.

If priority sustainability issues can be evaluated using risk management tools, goals, actions, and programs will become much more rigorous and robust. BSR has conducted gap analysis between the materiality “long list” and the risk taxonomy to ensure that there is a clear understanding of where there is overlap. We have also evaluated priority risk material issues using ERM criteria, notably analysis of likelihood and reputational risk. By using these tools, we have sparked hugely productive discussions between the risk and sustainability function that have driven clearer approaches to strategic priorities and supported traction with senior leadership. We have also brought risk, sustainability, and other functional teams together in scenario planning workshops to drive creative thinking about the longer term future.

As businesses prepare for the 2020s, they must prepare for the consequences of climate change, the onset of disruptive technologies and new business models, and huge demands for transparency from stakeholders—from investors to employees. 

These approaches do not mean reverting to a narrow concept of sustainability as risk reduction. They mean that sustainability practitioners must become much clearer as to what constitutes a true business risk, as opposed to a reputational concern or strategic sustainability opportunity. Clarity will help ensure more robust implementation plans, goals, and issue accountability. As a BSR member puts it: “Sustainability needs to be part of the ERM process, and we need to clearly distinguish between what is a business risk and what is not. We need to act decisively on material sustainability risks, but people will get tired if we claim all sustainability issues are also business risks.”

For their part, risk teams will maintain a core focus on short-term, quantifiable risks. However, better alignment can provide language and concepts to evaluate emerging concerns and better anticipate large societal shifts that have too often been dismissed as unpredictable “black swans.”

As businesses prepare for the 2020s, they must prepare for the consequences of climate change, the onset of disruptive technologies and new business models, and huge demands for transparency from stakeholders—from investors to employees. A new collaborative approach between sustainability functions and ERM can help to drive stronger, more sustainable strategies to make business more resilient for the changes to come.

This blog originally appeared on BSR here: https://www.bsr.org/en/our-insights/blog-view/how-aligning-sustainability-and-risk-can-overcome-organizational-blind-spot



Love the way you're connecting these ideas.. I decided to do my MS in Risk Management out of the belief that risk is the best vocabulary to communicate social responsibility to the boardroom. Appreciate the added nuance here. Thanks Alison!

Robert (Bob) Pojasek, Ph.D.

Harvard Lecturer Emeritus | Uncertainty Risk Management | Pollution Prevention | Process Improvement | ESG | Organizational Sustainability | Author

5y

ERM has been updated with the publication of COSO ERM:2017.  It does not rely on traditional risk (focus on threats and losses).  COSO ERM:2017 looks at the 'effect of uncertainty' on the ability of the company to meet its strategy and objectives.  We need to get the companies and their internal auditors to make the change.  There are two kinds of risk:  the risks we know about and the risks that we do not know about. We divide them between certainty and uncertainty.  Most of the risks that affect our ability to move to sustainable development are the kinds of risk found in COSO ERM:2017 and ISO 31000:2018.  You can learn more about these risks https://bit.ly/2K41o44  This will help get rid of those pesky "blind spots."

Like
Reply
J. Ashley Nixon

Photographer, filmmaker, writer, university teacher

5y

Well said. Juxtaposing risk and opportunity management is right for business. Sustainability has to be there. Somewhere.

Robert (Bob) Pojasek, Ph.D.

Harvard Lecturer Emeritus | Uncertainty Risk Management | Pollution Prevention | Process Improvement | ESG | Organizational Sustainability | Author

5y

Companies need to make sure that they are using COSO ERM:2017 Enterprise Risk Management.  This recent version is very similar to ISO 31000:2018 risk management standard.  Now both standards use context risk with opportunities and threats instead of limiting their work to traditional (pure) risk and controls.  Evidently, may companies have not made the transition to the NEW Risk Management found  in the 2017 version.  In the April 2019 version of Internal Auditor Magazine, there is a great article about how the 2017 version helps companies create value in uncertain times by using context (PESTLE tool) risk instead of "threats-only" risk management.

John Regas

Principal Strategist

5y

Good piece. Though I continue to be surprised that that strategic threat analysis is not making a main-stage appearance in approaches to "risk" in the Fortune 500 and the Business Roundtable (My briefing to one of the committees several years back failed to resonate.) Public-private partnerships are helpful avenues to address "risk" but need to see more strategic approaches within organizations.  

Like
Reply

To view or add a comment, sign in

Insights from the community

Others also viewed

Explore topics