By Patrick McConville
For organizations wanting to stay ahead of the curve with regulatory compliance, getting a handle on your risk exposure through the environmental, social and governance-related business decisions — your ESG risks — is a critical step.
As investors, shareholders, and key stakeholders continue to prioritize ESG as a measure of corporate conscientiousness in their investment decisions, it’s essential to understand how it can help your business maintain a competitive edge and increase your firm’s profitability.
In this article, we’ll look at how ESG risks inform the decision-making processes in your vendor risk management strategy. We’ll also explore how to evaluate ESG compliance for vendors, the benefits of ESG risk management, and the potential challenges associated with integrating ESG into your vendor risk management process.
Understanding ESG Risk Factors in Your Supply Chain
For effective vendor risk management, don't limit your supplier analysis to financial and operational criteria. When you consider the impact of your vendors' activities on the environment, their practices around social issues, and their strategies for corporate governance, you can align all areas of your value chain with your business's overall ESG objectives.
Here are some examples of the ESG risks your suppliers may bring:
Environmental risk factors include issues such as water resource management, climate risk, and excessive greenhouse gas (GHG) emissions. According to CDP, environmental risks in the supply chain will cost businesses up to $120 billion by 2026, which will cause higher costs for customers.
In a manufacturing situation, measuring environmental risk could involve monitoring the level of waste vs. recycling, examining the impact of climate change on local operations, or looking for incidents of pollution through improper waste disposal.
To measure your own scope 3 GHG emissions, your team would also need to collect and track your vendors' carbon emissions information.
Social risk factors can include discriminatory hiring practices, instances of human rights violations, and improper community engagement.
Issues like human trafficking and child labor exploitation connected to your supply chain will have a serious impact on your brand reputation, even if the issues are distantly linked to your vendors' operations and workforce.
Starbucks, for example, has been the subject of various customer boycotts over the years. However, in 2020, a British investigative documentary connected the company to Guatemalan coffee farms using child labor — a claim since denied by the business. Following the documentary, Starbucks received widespread backlash along with the other companies mentioned.
Assessing a vendor's social risks upfront and requiring transparency about their social practices can help protect your company and make sure they’re aligned with industry standards and values.
Governance risk factors include poor management oversight, instances of bribery and corruption, and a general lack of compliance with corporate policies.
A vendor engaging in corrupt practices (or taking a lax approach to them) leaves itself open to both civil and criminal penalties, affecting business operations and finances — this can then trickle down to your business. For example, global FinTech companies using Wirecard as their payment processor suddenly found themselves without access to their funds following the processor’s $2.1 billion accounting fraud scandal in 2020.
Through proper due diligence and regular vendor audits, you can identify and address these governance issues before they affect your brand reputation and bottom line. Having a diverse board of directors can also help with creating a well-rounded approach to corporate management.
The Benefits of Proper Third-party ESG Risk Management
Taking proactive measures to assess and manage your third-party ESG risks will put your business in a better position to respond to the changing marketplace and future-proof your operations. Doing so:
- Allows companies to assess how compliant their vendors' operations and technologies are with regulatory requirements
- Helps organizations to build trust and sustain relationships with customers, investors, and other stakeholders by assuring that vendors are meeting the highest ESG standards
- Mitigates the potential negative financial performance and/or legal and reputational risks that can stem from ESG-related issues
- Supports businesses to find and take advantage of opportunities to reduce costs, streamline their operations, and gain competitive advantages
When you consider ESG factors in every stage of your operational strategies and business continuity planning, it makes sure your team considers the long-term risks and opportunities associated with all your suppliers.
How to Identify the Causes of ESG Risks in Your Supply Chain
As part of your vendor risk assessment process, there are a few recommended steps your risk management team can take to select, assess, and monitor ESG risk factors in your supply chain. These include:
- Using a streamlined platform like Certa's ESG software to onboard and track the ESG data of vendors directly involved in your operations, as well as their suppliers
- Developing a methodology for scoring and assessing ESG risk factors. This may include choosing a suitable ESG framework to use for ESG ratings, like the Sustainability Accounting Standards Board (SASB) Standards, for tracking ESG risks in your supply chain
- Evaluating the laws and regulatory requirements applicable to the goods and services your vendors provide, as well as their respective compliance history
- Reviewing financial statements and public disclosures, including press releases and public statements on social media, to assess vendors’ reputational risk profile
With the right approach, you can successfully draw a comprehensive picture of the ESG risks in your supply chain. Understanding the root causes of ESG risks can help you develop strategies to mitigate them as well as identify potential opportunities to improve your company’s ESG performance.
Challenges in Assessing Your Current Vendor ESG Risks
Evaluating your vendors’ ESG risks can be an intimidating process, especially if you have a complex supply chain. Keep in mind, your risk management team will already know the challenges associated with standard vendor risk assessment techniques — reviewing ESG factors requires a similar process.
When approaching vendor risk assessments, you should also factor in potential limitations, such as:
- Limited visibility into third- and fourth-party suppliers' sustainability initiatives. Many smaller vendors don't have access to the data or knowledge they need to understand their environmental, social, and governance risks. This makes it difficult to report on the full range of third-party environmental, social, and governance risks.
- Limited access to knowledge and expertise. Your organization may not have the right resources on the ground to fully assess the risks associated with each of your third-party relationships — especially if you're operating in a complex or remote location. Without enough specific evidence, it’s difficult to do your due diligence on a vendor
- Lack of time and resources. It takes time to complete and regularly update vendor risk assessments. Properly executing these assessments takes careful preparation and resources, which can be challenging when you're strapped for time and resources.
- Lack of common language between your company and the third parties you're evaluating. It's important to establish clear definitions of the key terms you're using during your assessments — especially if there are industry nuances that affect the way businesses interpret these terms.