Environmental, social, and governance (ESG) factors and sustainability have been on the corporate agenda for a few years now. A whole industry has emerged around supporting companies creating and meeting their ESG objectives, often facilitated by dedicated ESG leads or teams within a business. But ESG has traditionally been skewed toward the E: environment. Under virtually any measurable metric, the environment receives the lion’s share of ESG attention. Whether budgets, resources, or key performance indicator measurements, discussions around environmental issues such as carbon and net zero are front and center. Virtually any company with an annual revenue of over $100 million will have a sustainability strategy, and the environment will usually contain the headline objectives.
Compliance professionals have historically had less need to get involved in the environmental aspects of ESG. Instead, it is the G, or governance—covering anti-bribery and corruption (ABC) sanctions or fraud, for example—that compliance departments are heavily focused on and long familiar with.
So, that leaves S: social. This is the most varied pillar of ESG, but also where we see the most regulation emerging and where compliance officers will be required to do some of the heavy lifting. At S-RM, we commissioned a survey of 550 corporations and 200 investors across eight different sectors to probe further into the social pillar of ESG: What risks does it pose for compliance professionals, how prepared are they, and what are their biggest headaches? Our headline findings identified that more than two-thirds of the corporate leaders we spoke with anticipate their ESG budgets will increase over the next five years, with the biggest rise coming in the social pillar. The social issues compliance professionals need to respond to will not only have a greater budget allocated to them, but they also pose some of the biggest risks in terms of reputation and market value and are commanding growing attention from corporate boards and senior decision-makers.
Where is the social burden going to fall?
The social pillar of ESG comprises such varied issues as human rights, modern slavery, DEI (diversity, equity, and inclusion), labor rights, supply chains, geopolitical risk, and data protection and privacy. These are all areas increasingly driven by regulation—particularly the Corporate Sustainability Reporting Directive (CSRD) or the Corporate Sustainability Due Diligence Directive (CSDDD). Both are coming out of Europe, but each brings into scope many U.S. companies with a footprint in the Eurozone. Domestically, there is modern slavery and supply chain legislation, or DEI disclosures and listing requirements, such as the NASDAQ board diversity reporting requirement. The fact is, there is a growing role here for compliance professionals, both now and over the next five years at least.
Yet, surprisingly, in our recently published 2024 ESG report (The rise of social sustainability), only 43% of corporate leaders said their compliance departments were monitoring the social pillar of ESG.[1] The data (which is part of a large body of compliance data generated by the research for the report, but which was not included in its final version) indicates that there was some sectoral variation here, with 55% of compliance departments at manufacturing firms saying they monitor for social risks, followed by financial services at 48%. The lowest figures were among investors, at just 31% of respondents, saying their compliance departments monitored for social risks, along with pharmaceutical compliance teams at 32%.
If compliance departments are not monitoring these social issues, then who is? Like much of ESG, it is often not clear where the responsibility of one team starts and another ends. However, given the amount of social regulation about to hit, the consequences are potentially much greater. Compliance needs to have a core role at the table in considering, implementing, and enforcing these regulations. Our survey indicated that responsibility is currently spread across legal, compliance, risk, and corporate affairs, as well as within standalone ESG teams. But this can cause long-term headaches for a compliance department. In some cases, you may find compliance with social regulation being led by the corporate affairs team within an investor, working on the compliance of the portfolio to report upward to their institutional investors. In other instances, responsibility will fall squarely on an already overburdened general counsel or compliance team, who may have little understanding of the context within which regulation will be applied, such as within a critical but complex supply chain.
