Maintaining a social license to operate is challenging many businesses to ‘do better’, writes Michel Feijen, Managing Director for Asia Pacific at MetricStream.
For businesses, performing well isn’t enough of an objective anymore. Companies are also expected to do good. As the world steps up its efforts to stay resilient, businesses are increasingly being held to higher standards of environmental, social, and governance (ESG) accountability.
That currently means a lot of things, such as reducing use of fossil fuels, ensuring supply chains are free from modern slavery, preventing the spread of misinformation online, and building greater ethics and transparency into AI applications.
Research by the University of Melbourne shows that ESG resolutions put forward by shareholders to listed companies’ boards “increased in number, prominence and impact” between 2002 and 2019, but reached new heights in 2020 and 2021, with breakthrough results achieved in the form of hard targets being set.
Businesses in four sectors – energy, banking, insurance, and materials –were the key focus, because either they were “most exposed to the risk of climate change or provided finance to these companies.”
Across the board, Australia’s banks have created ESG initiatives to ensure the companies they finance are working to lower emissions and operate more sustainably. Australian universities have also been asked to confront research and funding ties with the fossil fuel industry.
Outside of climate, misinformation is firmly in the Australian government’s sights. In addition, a range of organisations in Australia, from policing agencies to retailers, exceeded risk tolerances and potentially damaged social licences to operate in their use of AI or biometrics technology.
While the span of activities covered by the drive to ESG is open to interpretation, there’s increasing pressure to act on all these risk areas in a publicly transparent way.
Doing anything less – particularly organisations that are exchange-listed, will find themselves in the public eye which may lead to risk exposures and reputation damage that’s difficult to recover from.
Waves of change
This pressure to ‘do good’ didn’t suddenly come out of nowhere. Instead, we’ve seen a build-up of serious risk over the past 15 years that has progressively changed the way businesses have had to think about their operations.
Four ‘waves’ of risk most notably stand out.
The Great Recession of 2008 was the start of the current trend. It was a shocking and eye-opening risk event for many organisations. Businesses quickly learned that even though the world is an interconnected place, a high level of interconnectedness can also create greater risks – both financial and non-financial. The recession also had a domino effect. When one part of the financial system toppled, it quickly pushed over the other pieces.
The digital era created the second risk wave. We saw a meteoric rise of smartphones and social media platforms, with billions of people around the world connected like never before. This yielded huge benefits but also brought up an ominous underbelly in the form of cyber risk and threats to data privacy.
Cyber-attacks are now a frequent danger to businesses, with hackers relentlessly focused on gaining access to personal and corporate information. Data powers the digital economy but continues to be targeted, stolen, and either ransomed or sold at an alarming rate.
The third wave of risk upended the lives and livelihood of people around the world. The health pandemic is one of the most challenging events in modern times. It’s been made worse by the interconnectedness of the world, which allowed the virus to quickly spread. The health and economic risks of interconnectedness are issues that organisations must be prepared for moving forward.
The fourth wave, which is now emerging across the business landscape, could be the most serious of all: environmental risks. The pressure to reduce emissions and to ensure procedures are based on responsible and equitable policies is increasing rapidly. It’s why, big companies like Telstra went carbon neutral and many investors are looking at environmental and social issues as a metric to consider an investment strategy.
Navigating to new social standards
Boards and leadership teams need a robust governance, risk, and compliance (GRC) program to navigate what’s next; to anticipate and tackle “unknown unknowns”, while also capitalising on growth opportunities.
A solid governance, risk, and compliance (GRC) strategy offers a way for organisations to build more resilient, risk-aware, and better governed enterprises that truly thrive on risk, because it is ultimately these kinds of organisations that will succeed in 2022 and beyond.
CEOs and boards need to set the right tone from the top. They must start by embracing GRC, assessing, and reassessing their readiness quotient, with emphasis on adapting to changing business requirements.
To support this, a comprehensive risk management platform that provides a unified view of risk encompassing all four waves of GRC and every stakeholder is needed. It’s critical to empower key stakeholders, such as employees, partners, and customers – as well as the technology we all use – to harness frontline intelligence and make real-time, risk-aware decisions that unlock new growth opportunities.
Only when governance, risk, and compliance is viewed as a competitive advantage rather than a checklist item, can organisations instil trust and build a positive relationship with customers, investors, and stakeholders, which is an essential part of organisational growth.