European institutions are increasing their focus on sustainability in order to deliver on the Green Deal1 towards making Europe the first climate neutral continent in the world. For example the EBA (European Banking Authority) thereto has published its action plan towards sustainable finance. At a national level we see this increased focus in for example the AFM performing supervisory reviews on sustainability regulation. Given the increased attention on multiple levels and the unique challenges for financial institutions of ESG related risks there is a pressing need for the Compliance function to (re)define its role in order to ensure compliance with ESG regulation and manage ESG risks effectively. This article will therefore focus on specific actions the Compliance function can take to tackle the main challenges financial institutions are currently facing.
While the implementation of mitigating measures towards ESG risks comes with several challenges, it also creates opportunities for Compliance to (re)define its role. The first and largest challenge for Compliance however is deciding how and where to begin. The first steps to be taken should at least include a shift towards operating at a strategic level, enhancement of the compliance framework by including ESG risks, developing a data strategy and assist the organization in preparing for the upcoming supervisory reviews.
In order to reach the goals set above and meet the deadlines, this practically includes performing an ESG risk and materiality assessment and Compliance maturity analyses. The outlined actions that Compliance should undertake in order to tackle the major challenges in this article can serve as guidance to create a roadmap that implements the role of Compliance to support the organization in their journey towards ESG maturity.
ESG considerations and related risks are becoming increasingly important to investors, and financial regulators around the world as they look to promote sustainable economic growth and ensure the stability of the financial system. So, what are ESG risks? The definition of ESG risks refers to environmental, social and governance events or conditions, however, there is no regulatory definition for these events and conditions. The EBA refers to ESG risks as follows2 :
News in the past has shown that ESG risks should be perceived as material risk for organizations. ESG risks are dominantly connected to the existing Risk Taxonomy or Risk Library of an organization and are seen as drivers for existing risks including:
This in turn requires supervisory authorities to take a closer look at how companies are managing ESG risks and whether they comply with regulations. We will highlight the main challenges:
Being familiar with non-financial risks that need to be managed, the Compliance function is also traditionally well positioned to play an important role in regulatory change management. The compliance function is often equipped with a compliance charter capturing roles and responsibilities as well as the scope thereof. Because ESG risks are seen as a driver of existing risks it is in the line of expectation that ESG will be integrated in the risk domains that are currently already under the responsibility of Compliance. Traditionally these are at least integrity and reputational risks. Therefore, Compliance could for example already integrate ESG risks in their monitoring and advisory role. This section will focus on what the Compliance function can do to support or even lead the way regarding overcoming the ESG challenges.
1. Support the business to achieve effective compliance
The Compliance function is expected to play a significant role as supervisors will focus more and more on compliancy with ESG regulation (e.g., SFDR/CSRD/EU Taxonomy) since last year3, such as the supervisory review started on the SFDR by the AFM in 20234 . Compliance should collaborate closely with the business (first line of defense) and support them to achieve effective compliance. An example of a challenge where compliance can play a role is on the SFDR level requirement. 14 Mandatory indicators are stipulated where Compliance could support in defining clear requirements in order to determine an entity’s negative impact on environmental and social issues. One of the environmental indicators is the share of investment in the fossil fuel sector. Compliance could support to define the requirement for determining when a company is considered to be ‘active’ in this specific sector. A second challenge lies within the disclosure regulations. Compliance could assist with setting up a clear framework for the entity and product level website disclosures.
2. Update the Compliance framework
In light of rapidly evolving stakeholder expectations as well as deeper embedding in corporate culture and awareness with regard to ESG, regular review of policies and procedures is required more than ever in order to timely identify gaps. In order to close these gaps and manage ESG risks, Compliance should significantly enhance the existing compliance framework by integrating ESG risks and controls in order to mitigate the associated risks as also advised by the EBA.
As part of a continuous risk assessment process focus should be brought on the systemic integrity risk analysis (SIRA). Here a foundation can be built for embedding ESG risks into the Compliance framework by developing scenario’s and identifying ESG risks and mitigating measures. The outcome of the SIRA could also provide the required input for the risk appetite statement if ESG is not already included. In order to become in control Compliance should subsequently provide guidance to the first line of defense to contribute to a solid understanding of these risks throughout the company.
Secondly, the rapidly evolving regulatory landscape also require Compliance to identify key processes and stakeholders that may be impacted by changing expectations of the regulators and supervisory authorities. Timely identification can assist Compliance to draft plans to ensure conduct outcomes will not be negatively impacted. Financial institutions should be pro-active in ensuring that they can adhere to rules and regulations. This means taking monitoring regulatory developments a step further by not only being aware of the rules and regulations but also being intrinsically inspired to be one step ahead when it comes to implementation and find ways to efficiently and rapidly respond to these developments.
3. Advisory Function on ESG Data strategy
ESG data quality is a crucial aspect of sustainable and responsible business practices. Compliance monitors and advises so that the business adheres to the standards of ESG reporting, which helps to build trust with stakeholders and contributing to a more sustainable and ethical business landscape. The compliance function should focus on the following regarding this topic:
4. Pro-active advisory function
To enable the company to expand its focus from short to long term it is important that the Compliance function holds ongoing oversight on changes in regulatory as well as conduct expectations.
The unique nature of ESG risks and the rapid pace in which changes evolve enables the Compliance function to position itself as a more pro-active strategy advisor at C-level.
Compliance’s interpretation of expectations should contribute to solidify definitions within ESG, which in turn helps to identify gaps in ownership of responsibilities, the inclusion of stakeholders and capabilities required within the company to manage risks linked with ESG.
Operating at a more strategic level enables the Compliance function to monitor reputational, conduct and regulatory risk and provides input for a more strategic approach to embed the company’s strategy on all levels.
5. Transition from short term focus to long term strategy
A transition from managing ESG risks and compliance at the product/transactional level towards engagement at the board/enterprise level is required in order to shift the focus from short-term, tactical decisions to long-term, strategic planning. By taking the following steps, a company can ensure that it is successfully engaging at the board/enterprise level.
It is important to understand that board/enterprise-level engagement is not only about meeting regulatory requirements, but also about creating value for the company. In order to do this, it is important to develop a comprehensive ESG strategy that takes into account the company’s current and future risks, opportunities, and goals. When an ESG strategy is set in the right way, it can also have a positive effect on recruitment and retention and allow for greater innovation and brand differentiation besides the positive effects on the company’s financial performance.
Secondly, it is essential to create a culture of accountability and openness around ESG, and to ensure that the company’s ESG strategy is regularly reviewed and updated.
This transition can be a challenging prospect for companies. We believe that one of the keys to successfully navigating this transition is held by the Compliance function in (re)defining its role and taking the lead to support companies in their quest to find solutions to the main challenges.
While the implementation of mitigating measures towards ESG risks comes with several challenges, it also creates opportunities for Compliance to (re)define its role. The first and largest challenge for Compliance however is deciding how and where to begin. The first steps to be taken should at least include a shift towards operating at a strategic level, enhancement of the compliance framework by including ESG risks, developing a data strategy and assist the organization in preparing for the supervisory reviews.
In order to reach the goals set above and meet the deadlines, this practically includes performing an ESG risk and materiality assessment and Compliance maturity analyses. The outlined actions that Compliance should undertake in order to tackle the major challenges in this article can serve as guidance to create a roadmap that implements the role of Compliance to support the organization in their journey towards ESG maturity.
1. Delivering the European Green Deal (europa.eu)
2. EBA - ESG risks management and supervision factsheet
3. ‘Op weg naar een duurzame balans’, dnb.nl, ‘Position paper AFM en duurzaamheid’, afm.nl
4. ‘AFM doet nader onderzoek naar naleving SFDR en Taxonomie door beheerders’, afm.nl.