Running the Risks: How Corporate Boards Can Oversee Environmental, Social And Governance Issues

Veena Ramani is Senior Program Director, Capital Markets Systems and  Hannah Saltman is Manager, Governance at Ceres. This post is based on their Ceres report. Related research from the Program on Corporate Governance includes Socially Responsible Firms by Alan Ferrell, Hao Liang, and Luc Renneboog (discussed on the Forum here).

As the risks from environmental, social and governance (ESG) issues such as climate change, water scarcity and human rights become more apparent, and with growing investor attention and action on ESG issues, it is increasingly important for corporate boards to understand how these issues affect business strategy and performance. Impacts from these issues can be financial, material, and can spread across multiple areas of a business. No longer off in the future or merely hypothetical, many of these impacts are being felt now across almost every sector of the economy.

Table 1: What do we mean by “ESG risks”?

ESG issues such as climate change, water scarcity and human rights abuses can affect corporate strategy, business objectives and performance over both the short and long-term. Risks arising from ESG issues could include not only negative impacts on business objectives such as a reduction in revenue targets or reputational damage, but could also include missed opportunities such as emerging markets for new products or cost savings initiatives.

Physical Risks In 2017, 73 companies on the S&P 500 publicly disclosed a material effect on earnings from weather events, and over 90% of these companies disclosed the effect on earnings was negative.
Supply Chain Risks Supply-chain disruptions due to climate risk have increased 29% from 2012 to 2019.
Reputational Risks Forty-seven percent of consumers walk away from a brand that doesn’t align with their beliefs.
Regulatory Risks The number of climate change regulations has grown to 1,500 globally, up from 72 in 1997.
Litigation Risks More than 1000 cases have been filed in the U.S. on climate change impacts as of May 2019.
Transition Risks Electric vehicles (EVs) are on track to account for over half of new car sales by 2040.
Human Capital Risks Eighty-six percent of millennials would consider taking a pay cut to work at a company whose mission aligns with their values and the cost of replacing one employee is between 10-30% of an employee’s annual salary.

Why should boards consider how their risk oversight responsibilities apply to ESG risks?

As a part of their role as stewards of long-term corporate performance, boards have a critical role to play in ensuring that companies are aware of, and able to navigate, an ever-evolving risk landscape. Where an ESG issue impacts—or has the potential to impact—the business, it is a director’s job to exercise risk-related oversight. This oversight should be informed, strategic and closely aligned with the company’s business model and operations to create long term value. A key part of directors’ fiduciary responsibility is the duty of care—or the duty to adequately inform themselves on these issues prior to making business decisions. To fulfill this responsibility, directors need to be able to understand and evaluate the risks that arise from ESG factors.

In this report, Ceres provides guidance to corporate boards on how they can effectively oversee risks posed by ESG issues, including questions for directors to ask management throughout the risk identification, prioritization and mitigation processes. We also offer concrete recommendations for boards looking to improve their companies’ resilience in the face of ESG risks.

ESG Issues Have Financial Impacts

Climate change: A 2019 analysis of 500 of the largest global companies estimated that potential financial implications from climate change-related impacts found just under a trillion dollars at risk- and half of these risks were anticipated to materialize in the next five years.

Water scarcity: By 2050, in order to meet the needs of a growing world population of $9.7 billion, water demands are expected to increase by 55%, straining water-intensive industries such as food and beverage and energy, posing geographic and supply chain risks, increasing commodity price volatility and decreasing supply reliability. The World Bank identified that water scarcity could cost some regions up to 6% of GDP.

Deforestation threats: Up to $941 billion of revenue from publicly listed companies is dependent on commodities linked to deforestation. In 2017, 87% of nearly 300 large global companies identified at least one risk related to the production or consumption of forest-risk commodities including timber, palm oil, cattle and soy. Nearly a third of these companies are already experiencing impacts from these risks, such as a reduction or disruption of supply, increased costs or reputational damage.

The #MeToo movement: Surveys reveal that 55% of professional women are less likely to apply for a job and 49% are less likely to buy products or stock from a company with a public #MeToo allegation. Sexual harassment is now considered a serious investment risk, with increased pressure on boards to oversee the company’s sexual harassment policies and enforcement.

Conscious consumption: Nearly nine out of ten of U.S. consumers say their purchasing decisions will be impacted by a company’s stance on an issue they care about, and 78% say they want companies to address important social issues.

Diversity: Companies that have more diverse management teams have 19% higher innovation revenue* and report better overall financial performance.

* The share of revenues that companies generate from enhanced or new products or services over the most recent three years.

The Board’s Role in ESG Risk Identification

Recommendation 1: Consider how ESG risks could affect your company

Questions for Directors to Ask

  • What kinds of risks could ESG issues pose to the company?
  • How could these risks interrelate? When could these risks manifest?

In addition to posing reputational impacts, risks from environmental and social factors fall squarely within mainstream business risks (e.g., enterprise, business-management and emerging/non-traditional risks) that companies consider as a matter of course throughout the risk identification process. Boards need to consider these risks not only individually, but also how they interrelate. Timeframes are also important: while some ESG issues are categorized as “emerging” or “long-term” and are expected to manifest over a multi-decade timeframe, others—such as extreme weather events—are affecting businesses across sectors right now. For example, PG&E declared bankruptcy as a result of billions of dollars in claims incurred as a result of California wildfires in 2017 and 2018. While these fires had multiple causes, their speed and intensity were attributed in large part to conditions driven by climate change.

Recommendation 2: Evaluate whether existing processes allow the discovery of ESG risks

Questions for Directors to Ask

  • What is the company’s process to identify risks from ESG factors?
  • Which ESG risk factors is the company already tracking?

Boards should assess whether their companies’ existing risk identification processes allow for systematic identification of ESG risks. Where ESG issues are not already identified by these processes, boards should work with management to examine how they could be strengthened, including through specific risk (e.g., climate change, water scarcity) and megatrend analyses.

Table 2: How can boards examine ESG risks throughout the risk identification process?

Type of risk Example ESG Factors
Governance risks Board decision-making including CEO selection, executive compensation and board composition
  • Growing shareholder focus on:
    • Diversity of the board
    • Recruiting directors with ESG or climate expertise with the ultimate goal of building “climate competent boards”
    • Linking executive compensation to ESG factors
  • ESG risk impact on directors’ and officers’ insurance
Board approval risks M&A, divestiture, major capital expenditures, new product lines
  • ESG performance as a factor in mergers and acquisitions-related valuations
  • Access to capital impacted by ESG performance
  • Growing consumer focus on ESG solutions
Enterprise risks Reporting risks, operational risks, human resources/ labor risks, compliance risks, reputational risks, litigation risks
  • Fines and penalties arising from ESG violations
  • ESG regulations
  • ESG-based litigation
  • Extreme weather events disrupting operations
  • Workplace injuries or deaths
  • Sexual harassment
  • Data privacy and data security breaches
  • Market devaluation from an ESG liability
    • Loss of liability insurance coverage
    • Loss of assets, reduced profits and reputational damage
    • Diminished likelihood of business receiving services and capital from financial institutions
Emerging risks New technologies, economic/regulatory policy change
  • Impacts from growth of artificial intelligence technology on job creation and local economies
  • Genetic engineering and nanotechnology impact on product development and human health

Recommendation 3: Look to a range of sources in identifying ESG risks

Questions for Directors to Ask

  • What sources were consulted to determine the company’s ESG risks?
  • What are our corporate peers doing on ESG risks?
  • What ESG issues do our top investors think are most relevant to our sector?

Boards need to evaluate if management has consulted all relevant internal and external sources of information about which ESG risks could pose a material impact to the company. This evaluation could include consulting cross-organizational management teams, employee surveys, customer feedback, peer benchmarking and shareholder engagement.

Pharmaceutical company AstraZeneca merged their safety, health and environment, compliance and sustainability departments into one Global Sustainability team. Their decision was driven by their executive team, which sought to move from governance of risk to governance of the company’s ESG commitments, as well as to pivot from defensive risk management to a more proactive model of corporate responsibility.

Recommendation 4: Be aware of assumptions in the risk identification process

Questions for Directors to Ask

  • Did management assess ESG risks that the company could face in 1, 5, 10 and 20 years?
  • What blind spots about ESG risks may exist in the risk identification process?

ESG issues are wrongly assumed to affect a corporation over such a long time frame that they are impossible to quantify or even evaluate. Boards need to ask management whether and how the risk identification process surfaces ESG risks in the short, medium and long-term, and how these risks could impact corporate strategy over each time frame. Boards should ask questions about corporate culture and management’s degree of openness in sharing concerns, problems and response to mistakes.

Recommendation 5: Integrate identified ESG risks into the Enterprise Risk Management (ERM) process

Questions for Directors to Ask

  • Who owns the ERM process internally?
  • Does the ERM process consider ESG risks?
  • Is the ERM process agile?

Directors need to assess whether the company’s ERM process is flexible enough to continuously identify ESG issues as both current and emerging risks. As a place to start, companies should consider the newly released guidance on how to integrate ESG issues within a company’s ERM process, developed by the Committee of Sponsoring Organizations of the Treadway Commission (COSO) and the World Business Council for Sustainable Development (WBCSD).

The Board’s Role in ESG Risk Assessment

Recommendation 1: Assess the information the board receives on prioritized risks

Questions for Directors to Ask

  • Does the heat map/risk assessment appropriately reflect ESG risks?
  • Has the company performed a scenario analysis on the most relevant ESG risks and their possible impacts on the company?

Boards should consider heat maps as the beginning of a conversation, and question management further to identify connections between the identified risks and corporate strategy. Directors also need to be aware of the contagion effect of various ESG risks: when one event or risk is realized it may have a domino effect across multiple areas of the economy. Scenario analysis is a useful tool to assess the potential impacts of key environmental and social risks on corporate strategy.

In 2018, the AES Corporation published its “Climate Scenario Report,” which stress-tested its portfolio against several alternative climate change scenarios, including global temperature increases by 2100 of 1.5-2°C; 2-3°C; and 3-6°C. AES evaluated climate risks, including energy transition risk and physical impact risks to its business, using several in-depth analytical approaches that tested the sensitivity of AES’s gross margin across the entire business.

Recommendation 2: Use a materiality lens

Questions for Directors to Ask

  • Do the prioritized ESG risks materially affect the company?
  • Have we considered stakeholder and shareholder input in making this determination?
  • Have we considered how the ESG risks may interrelate?

When ESG risks surface in a company’s heat map or risk register, the board needs to consider whether these issues have a material impact. Given the growing findings that relevant ESG topics can be financially material to a corporation, boards need to ask management to run materiality analyses that include both traditional financial factors and financial impacts from ESG-related risks.

Nestle conducted a materiality assessment every two years to identify the economic, social and environmental issues that are of top priority to the company’s external stakeholders. In 2018, the company evolved its materiality assessment to include ESG risks with other financial risks and align them better with business operations. This evolution included integrating the identified material issues within the company’s ERM process.

Recommendation 3: Consider the board’s skills to evaluate ESG risks

Questions for Directors to Ask

  • Do we discuss our ESG risks at regular intervals?
  • Is the board regularly briefed on relevant ESG trends and how these trends could pose risks to the company?

Ceres’ report “Lead from the Top: Building Sustainability Competence on Corporate Boards” recommends three key avenues for boards to build their fluency in ESG issues: recruit directors with the experience and exposure to material ESG issues that the company faces; educate the entire board on relevant ESG issues; and engage with relevant stakeholders and shareholders on ESG risks.

Prudential Financial, an insurance and financial services company, has included expertise in “environmental/ sustainability/corporate responsibility” within its board matrix as a skill set that is needed to be on their board.

Recommendation 4: Ensure that prioritized ESG risks are surfaced appropriately in board discussions about corporate strategy, whether at the committee or full-board level

Questions for Directors to Ask

  • Do we discuss our ESG risks at regular intervals?
  • Are ESG issues addressed systematically?
  • How are ESG issues integrated into our strategic planning and execution?

While reacting to crises presents opportunities to jumpstart discussions of ESG issues, it should not be the only time these risks are considered, especially as a crisis response does little to address the root of the problem.

In 2019, Boeing’s board created a new board committee focused on safety and amended its Governance Principles to include safety-related experience as one of the criteria it will consider in choosing future directors after the company was forced to ground all 737 Max airplanes worldwide due to concerns from two fatal crashes. Directors need to integrate ESG risks into boardroom decision-making on strategy both within committees and with the full board. EILEEN FISHER’s Quadruple Bottom line committee evaluates connections between the company’s business and its impact on people, planet, purpose and profit with a view to aligning the company’s ESG strategy and day-to-day operations.

The Board’s Role in ESG Risk-Related Decision-Making

Recommendation 1: Consider how prioritized ESG risks affect organizational strategy

Questions for Directors to Ask

  • What is our risk tolerance for ESG-related factors?
  • Is the company prepared to respond in case ESG risks manifest?
  • Who has responsibility for managing identified and/or prioritized ESG risks?
  • Could the ESG risks we face disrupt our business model?
  • What business opportunities do these ESG risks present?

Boards and management need to work together in determining the company’s tolerance for ESG risks. As a part of this collaboration, boards and management should be clear on who within the organizational structure owns each risk and should ensure that ESG risks do not remain siloed within the sustainability team and are instead evaluated within the ERM process.

Jones Lang LaSalle (JLL), a commercial real estate services firm, integrates material ESG risks into its ERM program. These risks are overseen by JLL’s Global Executive Board (GEB), which includes both the company’s CEO and CFO, and are coordinated through the ERM team, which sits within the company’s legal department. The top risks are then communicated to the GEB, the board’s Audit Committee, and the full Board of Directors on a semi-annual basis.

Many ESG issues, most significantly climate change, have the potential to be systemic, meaning that they may manifest on such a large scale they could impact entire industries and even entire economies. On the upside, because of their potential scope and scale, ESG issues also present vast business opportunities that boards should understand and integrate into conversations on business strategy.

Recommendation 2: Understand what strategies are available to mitigate or adapt to ESG risks

Questions for Directors to Ask

  • Can the company avoid the risk?
  • Does the company have a plan for managing the risk?
  • If the company can neither avoid nor manage the risk, what adaptation measures might lessen the impact?

Once boards understand the impacts of top ESG risks on their business strategy, they need to decide how their company mitigates or adapts to those risks. Mitigation and adaptation strategies could include capital allocation, mergers and acquisitions, policy advocacy and lobbying, insurance and value creation.

PepsiCo incorporates environmental sustainability criteria into its Capital Expenditure Filter, which is applied to all capital expenditure requests over $5 million.

Recommendation 3: Hold executives accountable for addressing ESG risks

Questions for Directors to Ask

  • To what extent are prioritized ESG factors linked with executive goals and performance?
  • How are ESG factors incorporated in executive compensation plan design in the short term and in long-term?

Boards should hold executives accountable for ESG risk management by asking for regular progress updates and assessing new issues. In addition, boards should consider linking a portion of executive compensation to performance on prioritized ESG metrics to underscore the strategic importance of these issues to the company.

Barclays’ board links a portion of its executive compensation plan to facilitating greater social and environmental financing, expanding their green product portfolio and reducing operational emissions by 38% by 2018 against the company’s 2015 baseline levels.

Structuring Board Oversight of ESG Risks

Recommendation 1: Formalize oversight of ESG risks at the board level

Questions for Directors to Ask

  • How is the board currently structured to oversee ESG risks?
  • Would explicit reference to ESG in a committee charter enhance our approach?
  • How should the audit committee address ESG risks?
  • When should ESG factors be elevated for consideration by the entire board?

While the entire board should have an opportunity to engage on the ESG risks that impact corporate strategy, formalizing oversight in a specific committee allows for key issues to be raised systematically and in depth. The audit committee can play an important role in assigning ESG risks to specific board committees and in clarifying when the responsibility extends to the whole board.

Recommendation 2: Ensure coordinated deliberations on ESG risks across committees

Questions for Directors to Ask

  • How could ESG risks fit into deliberations taking place across the board committees?
  • How could these deliberations be better coordinated?

The board committee(s) tasked with ESG risk oversight should coordinate with other committees charged with general risk oversight. The board should establish systems for committees to work with each other on ESG risk oversight in addition to conversations that may happen at the full board level.

Gap Inc. embeds sustainability into the mandate of its Governance and Sustainability Committee. The committee includes the board chair, and chairs of the compensation, audit and finance committees, allowing for greater integration and dialogue on ESG risks.

Disclosing ESG Risk Oversight

Recommendation 1: Disclose the board’s role in overseeing ESG risks

Questions for Directors to Ask

  • What should the company disclose about the board’s role in ESG risk oversight?

As investor attention on ESG risks continues to intensify, particularly in the face of escalating climate risk, investors and other stakeholders want to ensure that a company has robust processes in place to address them. Decision-useful disclosure helps investors and other stakeholders understand how a board oversees ESG risks and should include the following:

  • Describe the full board’s role in ESG risk oversight.
  • Describe how the board oversees ESG key risks, including board structure and board expertise, where appropriate.
  • Describe how the board receives training on key ESG risks, including the topic and leaders of the training.
  • Describe the board’s approach to allocating ESG risk oversight responsibilities.
  • Describe the nature and frequency of reporting to the board on ESG risks.
  • Disclose how ESG risk discussions are integrated within other management discussions on strategy, business unit performance or other strategic and tactical functions.

In 2018, Coca-Cola aligned its sustainability and annual reports to demonstrate the company’s commitment to long-term value creation that included its sustainability goals. Each of these reports included a letter authored by the company’s board and signed by its board chair, explaining how the board provides oversight of the company’s sustainability progress as a part of their fiduciary duty: “At Coca-Cola, the Board of Directors is elected by our shareowners to oversee their interests in the long-term health and the overall success of the business and its financial strength… Our sustainability efforts, therefore are not separate from our business but actually foundational to the way we do business.”

Recommendation 2: Disclose material ESG risks in financial filings

Questions for Directors to Ask

  • Which ESG risks should be disclosed in financial filings?
  • What information are investors looking for on ESG risks?

The most effective type of ESG disclosure goes beyond boilerplate language on operations and offers a true discussion on ESG risks facing the company, as well as on actions that the company has taken or plans to take to mitigate these risks. Companies should provide disclosures that meet investor expectations on material ESG issues by focusing on what is material without ignoring emerging trends, disclosing decision-useful quantitative and qualitative information, and integrating sustainability information where investors are already looking, such as within company sustainability and annual reports, company websites, proxy statements, 10-Ks and other required filings.

JetBlue uses the TCFD framework to disclose its board committee involvement in oversight of the company’s financial exposure to ESG risks. The top environmental issues reviewed by JetBlue’s board include the cost of carbon-offsetting compliance, the strategy to mitigate those costs, market opportunities to use bio-jet fuel to hedge fuel cost, and the integration of environmental and social risk factors within the company’s ERM process. JetBlue’s Audit Committee oversees relevant ESG issues, questions, and trends.


ESG issues pose a variety of risks being felt by companies today. These risks manifest across industry sectors, and can pose systemic risks that require thoughtful attention by companies. Boards need to be able to understand how to oversee ESG risks through their overall oversight of the risk identification, prioritization and mitigation processes. Boards also need to understand how to adequately structure and disclose their ESG oversight to investors and other stakeholders. As ESG risks will only continue to disrupt the market, boards that examine and oversee these risks will lead their companies to long-term success.

The complete publication, including footnotes, is available here.

Both comments and trackbacks are currently closed.

One Comment

  1. Abdelilah Chami
    Posted Tuesday, March 3, 2020 at 5:42 am | Permalink

    Very good explanation of the integration of EsG and risk factors on governance système and into business.
    I have to raise one point about the possibility of mitigation measures based on ESG risk assessment that can also give better elements to business in creating value and make sustainable and in some cases is making more profitable some businesses if they do it correctly.

    Dr Abdelilah Chami