ESG has become like a huge wave growing rapidly as it comes into shallow waters. The challenge for increasing numbers of companies across the world – and particularly for markets where ESG reporting is in its infancy – is to learn how to surf the wave.
ESG, originally conceived as a framework for responsible investment, is rapidly being adopted as a more universal catch-all for corporate sustainability and social responsibility. The underlying issues are essentially the same, though. The step change ESG is likely to bring, for better or worse, is in the area of performance reporting. Various international initiatives are busily developing, piloting and promoting reporting frameworks, encompassing large numbers of performance indicators across the whole spectrum of ESG issues.
This still-evolving maze of reporting frameworks and standards can be likened to a surfer not knowing how exactly he or she will be judged in a future competition. For most companies, particularly smaller ones and many in Asia and other emerging markets, the most important priority will be simply to learn to surf – practicing specific maneuvers to impress judges can come later.
Most ESG ratings and indices are derived from hundreds – if not thousands – of metrics, based largely on self-disclosed, annual average corporate data, reported to meet the requirements of one or more frameworks.
But InvestAssure’s corporate ESG monitoring system, NIMBUS, records web allegations, incidents and other third-party information about corporate performance and behavior across the Asia-Pacific region. With more than 18,000 risk alerts recorded since 2009, the NIMBUS database provides a valuable source of data for ‘groundtruthing’ corporate ESG performance.
NIMBUS allows us to ask the question: what’s under the ESG bonnet? We have documented many cases where the operational reality of a company’s ESG performance, as exposed on the web, does not live up to its ‘official’ ESG rating, as published by most formal ratings agencies.
This can happen, for example, where a company’s operational impacts on local environments and communities, such as from chemical spills and accidents, is not reflected in the formal ESG reporting data. Or it may be where a company has repeated prosecutions for failure to get environmental permits, allegations of failure to consult prior to construction or deforestation, or where there have been regular product recalls relating to sub-standard quality control.
Conflicting scores
For example, for a major international mining company we find the following variation in ESG rating trends:
• The company’s S&P ESG score was level between 2018 and 2020. Its ESG score is based on its responses to S&P’s Corporate Sustainability Assessment and on information available in the public domain
• The company’s MSCI ESG rating went up from BBB to AAA during 2018 and was then level until mid-2020. This rates the company relative to its peers in the mining sector as part-way between average and leader
• But its NIMBUS ESG risk score increased from 18 to 75 between 2018 and 2020 – something that places this company in the highest-risk group of companies in the NIMBUS database.
This company’s higher S&P scores and MSCI ratings indicate better overall performance, based in large part on self-disclosed data from the company, whereas a higher NIMBUS score reflects poorer operational performance and thus a higher risk.
Analysis of the NIMBUS monitoring score for this company reveals that around 35 percent of risk alerts relate to environmental impacts, 25 percent to community conflicts, and 15 percent both to occupational health & safety incidents and labor conditions, though an alert can be associated with multiple risk categories.
Poor governance or unethical business practices were identified as contributory factors in about 40 percent of recorded alerts. The increase in risk score from 2018 to 2020 was primarily associated with community conflicts (36 percent), environmental impacts (32 percent) and poor social responsibility (23 percent).
The real-world disconnect
It’s not only in manufacturing, extractive, construction and process industries where we see this. NIMBUS records numerous incidents of bribery and corruption in banks, poor data security in internet service companies (resulting in confidential customer details being stolen), human rights abuses in the agriculture and fishing industries, and sexual, racial and religious discrimination in the professional services, entertainment and airline sectors.
This is a problem because it reflects a potential disconnect between a company’s ESG rating in the financial world and its operational reputation with other, still very important, stakeholder groups. Ultimately, this disconnect presents a risk to the core business.
In short, there is a danger that focusing too much on formal ESG reporting frameworks may distract a company from effectively managing all of the material ESG aspects of its business.
So this should be the priority: to undertake regular, systematic reviews of the company’s operations, to identify where it has material ESG aspects of concern to its key stakeholders and then to integrate these aspects into an operational management system. These aspects should ultimately be the focus of public reporting, too, even if presented in the format required by an ESG reporting standard.
The company will, of course, need to establish a system for monitoring and internally reporting its performance across these aspects of the business. If this is done properly, it should be relatively easy to adapt it subsequently to meet the needs of an external standard.
For many companies in the early stages of ESG materiality assessment, involving regular stakeholder engagement, this will be relatively new and may represent a shift in corporate culture: away from a compliance mindset towards a more inclusive, participatory, shared-value mindset.
But those who grasp its value early on and embed it into strategic planning and operational systems are likely to gain more lasting business benefits from ESG than those focusing primarily on formal reporting standards.
Paul Wenman is owner and CEO of UK-headquartered InvestAssure
