Here’s What Makes a Proven Approach Crucial in Managing ESG Risk

Managers have now begun to address Environmental Social and Governance (ESG) risk in their offerings, operations, and supply chains, as ESG gives major impact on businesses and is urged by customers, investors and regulators. With the rise of ESG, business leaders also need to better understand and address ESG-related priorities with proven approaches for risk management.

ESG Risk Assessment

Apparently, ESG risk covers a wide series of risks that look like a range of contradictory things, such as climate change, human rights and labor standards, diversity and inclusion, and cybersecurity. A closer look into these risks may shed some light, since some risks can be perceived as global threats with extensive impacts, while others are only considered organization-wide. 

Still, one thing for sure about ESG risks is that they all support a sustainable approach to development that promotes the well-being of the natural environment and its inhabitants. On top of that, investors are also paying more attention in understanding the environmental and social impacts of an asset or organization before investing.

What investors are focusing on when they make pricing decisions is not merely whether or not a company provides an ESG program. It is more of how companies have the ability to manage ESG well, as a means to offer better transparency into their risk exposure. ESG transparency can significantly increase a business’s access to capital, as ESG-focused funds now account for 10% of worldwide fund assets with recorded inflows of $641B in 2021.

Not Everything about ESG Risk Trend is New

The practices and standards (or lack of) of a business’ suppliers may contribute to some ESG risks. Hence, third-party risk management (TPRM) deals with the potential risks that come from relying on suppliers or other outside parties that perform services or activities on behalf of a business.

Under TPRM, there are also potential risks that have been part of responsible supply-chain operations for decades for some sectors, such as human rights and labour standards, conflict-minerals management, and product safety and quality testing. In particular, many countries including Australia, the UK and the US also have laws regarding how businesses are liable to identify, assess, and address the risks of modern slavery in their operations and supply chains.

The Reason Behind a Risk-Based Approach Requirement in ESG Management

Risk, including ESG risk, can be classified into three categories:

  • Preventable risks
    Classified as internal risk, this type of risk can be managed effectively with rules. For example, managers can specify policies and ensure compliance for suppliers who are required to comply with site inspections for a safe and fair working environment.
  • Strategy risks
    Considered a type of risk that is voluntarily accepted as a means to an end, strategy risk can happen, among others, when an energy-services company has to accept the risk of sourcing content from local suppliers to meet the regional government’s requirements. Managers need to minimize the risk impact, while the energy-services provider has to prepare for added costs.
  • External risks
    Coming from outside an organization and beyond its control or influence, an example of this risk is a natural disaster or a new political regime. When this happens, managers must identify potential risks and mitigate the impacts.

What’s Important for Best Practice ESG Risk Management

Although there has been solid proof of risk management techniques for each risk type, there are still additional capabilities for the best practice approach to ESG risk:

  • Data management
    The data needed for effective risk management can help companies gain a complete picture of risks. The data include databases and a range of internal systems, such as enterprise resource management (ERP), contract management, purchasing systems, and human resources.
  • Risk sensing
    Many important risk signals may come from outside companies as a means to fully understand a rapidly evolving risk landscape, for example, from “social listening” and digital technologies that analyze millions of data to identify issues and trends that impact risks.
  • Connected risks
    One event can impact multiple risks. Thus, it is also important to gain insight into the relationship between related risks in order to gain a comprehensive understanding of risks and part of the best practice approach to risk management.


It is worth remembering that ESG risk is basically a combination of threats and opportunities in a complex and dynamic environment. Implementing a proven approach and appropriate technology can be the keys in managing the risk.