Safeguarding Trust: The Board’s Role in Integrating ESG and ERM

Maria Castañón Moats is Governance Insights Center Leader and Jamie Gamble is Managing Director at PricewaterhouseCoopers LLP. This post is based on their PwC memorandum.

Related research from the Program on Corporate Governance includes The Illusory Promise of Stakeholder Governance (discussed on the Forum here) by Lucian A. Bebchuk and Roberto Tallarita; Does Enlightened Shareholder Value Add Value? (discussed on the Forum here) and Stakeholder Capitalism in the Time of COVID (discussed on the Forum here), both by Lucian A. Bebchuk, Kobi Kastiel, and Roberto Tallarita; Restoration: The Role Stakeholder Governance Must Play in Recreating a Fair and Sustainable American Economy—A Reply to Professor Rock (discussed on the Forum here) by Leo E. Strine, Jr.; and Corporate Purpose and Corporate Competition (discussed on the Forum here) by Mark J. Roe.

The war in Ukraine is a human tragedy. From a business management perspective, it is also an example of old-school “global geo-political risk.” But the fast, overwhelming exodus from Russia and support for Ukraine isn’t driven primarily by old-school operational risk concerns over raw material costs and supply chain disruptions. For most companies, the primary enterprise risk of continued engagement with Russia, or the failure to support Ukraine, is to stakeholders’ trust that the company shares their personal values.

The past three years provide a long list of events outside the control of corporate leadership and outside the traditional value chain that nonetheless have presented serious risk to enterprise value. COVID and Ukraine are the obvious global examples. In the US, civil unrest over racial injustice, the January 6 attack on the capital, election law changes, political fights over education and LGBTQ+ rights, and the recent decision by the Supreme Court to overturn Roe v. Wade are all socio-political issues on which employees, customers, investors, and communities want the companies they associate with to take action that aligns with their own beliefs. That call from stakeholders is a strategic issue for companies, as well as a moral one. PwC’s most recent Consumer Intelligence Series shows that more than 80% of consumers/employees are more likely to buy from/work for a company with strong performance on climate issues. More than 70% are more likely to buy from/work for companies with strong performance on social issues and the same for governance issues. Employees and the customer overwhelmingly see environmental, social, and governance (ESG) issues as a reason to connect with a company. And the link between trust and ESG is strongest among young people.

The market data frames a simple question at the heart of nearly every company’s strategy: How do we become the company that everyone between the ages of 15 and 35 wants to work for, buy from and identify with on social media? Getting the answer wrong can: make it impossible to recruit and retain talent; damage the brand and platform; increase capital costs by driving away socially responsible investors; and end executive careers.


Some aspects of ESG-related risks fit into the models that have long been used by companies for risk management and boards in meeting their Caremark oversight duties. Risks to supply chain or physical plant from extreme weather or rising seas are fundamentally operational in nature, even if they are difficult to quantify. Regulatory uncertainty arising from political dysfunction is similarly familiar. But the trust risks posed by ESG issues are different and extremely difficult to manage because of four key characteristics:


Nearly every major social issue on a corporate agenda is rooted in problems that arise outside the company and which the company cannot fix alone.


How a company can engage with those issues in a constructive way is very often outside the expertise of the board and senior management.


The issues are often controversial and different stakeholders may hold very different views on the right way for the company to engage.


While the underlying issues are often long-standing, the high level of immediate interest is frequently sparked by a specific event which was not foreseeable.

What should the board’s role be?

There are two steps companies should take to mitigate trust risks relating to ESG, and the board has a role in both:

Set a risk appetite level that considers ESG risks and allocates capital and structures operations accordingly

This is a part of all risk management, but it is particularly important with respect to trust risks. For example, to what extent should a company pursue lower labor costs by offshoring manufacturing to a country that has weaker environmental and labor laws? The risk to reputation, brand, and platform needs to be considered in making that decision. So too does the risk of increasing the firm’s cost of capital in the event that ESG focused investors are unwilling to hold company equity or debt. Not all questions of this nature—perhaps not even most—will make it to the board. But all should be informed by risk appetite parameters that the board has reviewed, tested, and approved.

Build a reservoir of trust to draw on in difficult moments

This isn’t easy. It means devoting time and effort to stakeholder engagement to understand the values that the community of people who create and sustain the long-term value of the company expect the company to demonstrate. It means taking action on those priorities, measuring progress, correcting mistakes, and being accountable to your corporate community. The best response to the latest act of political grandstanding, or tragic event, or social upheaval is to respect the full range of views of your diverse corporate community by sticking with the values you have set together. Neither company management nor the board should need to figure out the company position on an emergent social issue in the heat of intense public pressure.

The board’s role in the process of building trust among employees, customers, investors, suppliers, and the people who are affected by the company’s operations should still be oversight. Management has to execute the process. But setting corporate values and integrating them into strategy is a core function of the board. At the end of the day, any set of social values the company will pursue will need board approval. Individual board members are not, necessarily, embracing the particular values. The board as a whole is approving the process and also affirming the belief that the best interests of the company are served when the company reflects in its actions the values of the community of people who create and sustain it.

Questions for boards

As companies continue to discuss strategic risk and ERM broadly with their board, boards should consider the following questions:

  1. Do we have a risk appetite statement? If not, are we aligned with management on what the company’s risk appetite should be?
  2. How do we build trust risk assessment into our strategic oversight discussions?
  3. How does the board reflect and execute on its role in building trust?
Both comments and trackbacks are currently closed.