Practical steps for setting policy
We have previously discussed the potential to use international law frameworks as a tool to set an organisation's policy on ESG issues. In terms of achieving this practically, we strongly recommend using these frameworks to audit the commitments the organisation has made, and:
- consider gaps as between those commitments and the prevailing high-water mark international law standards. Consider conducting multi-functional workshops to establish the company's policy position on relevant ESG issues using these international law standards as a key data point. A recent topical example is commitments around consultation and engagement with Indigenous Peoples and the achievement of the international human right of Free Prior and Informed Consent of relevant Indigenous Peoples to certain project activity; and
- equally, consider gaps between international standards to which the company has committed and what is actually happening on the ground. As we've discussed above, a failure to align with public policy commitments made has the real potential to result in allegations of misleading conduct and we are seeing increased regulatory interest in both greenwashing (in relation to environmental commitments not met) and bluewashing (in relation to social or human rights related commitments not met).
Embedding an ESG risk and compliance culture
Once ESG policy positions are established, the next question is how to best embed a leading ESG risk and compliance culture that ensures the organisation is meeting the standards set out in its policies in its day-to-day operations. Setting a culture that embraces the organisation's ESG commitments and also works to comply with the controls aimed at meeting those commitments is an ongoing, material challenge faced by the majority of businesses and governments.
Ensuring there is a shared understanding of the expectation that the organisation aligns its practices with the policy standards it has set means that employing the right people is key, but what is also key is embedding these standards into all elements of your existing risk and compliance framework. You want to avoid these standards being policy commitments and nothing more. They need to be a part of your risk and compliance culture.
None of these elements can be static. Rather, they need to be updated as risk and compliance approaches evolve. And while each one alone is important; it is in combination that they are most powerful in embedding a strong ESG culture. Each element also facilitates oversight, by allowing the board and other parts of the organisation to have insights into how ESG standards are being implemented and rectify issues before they become large-scale corporate failures.
The role of in-house legal, risk and compliance and HSE/sustainability teams in forging this healthy culture
Beyond the details of an ESG risk and compliance framework set out above, there is no 'one size fits all' approach to shaping and embedding a strong ESG culture in your organisation.
Who should be responsible for driving the cultural improvements that will enable the organisation to thrive in an era of ESG scrutiny? And who is best placed to ensure this culture is continually maintained and evolved as needed? In reality, it will be a number of parts of an organisation – from the board and senior executives through to risk and compliance teams, in-house legal teams and HSE and sustainability teams.
These in-house functions increasingly need to position themselves as a go-to for not 'can I?' but 'should I?' questions and, if needed, to be part of leading a shift in the mindset in organisation – both with board and senior management, and at the operational level – to achieve this kind of culture. The commitment to best practice standards is not a one-off event – it's an ongoing process to assess where the organisation sits against its commitments and expectations.
Key questions to ask
Those who are responsible for shaping and embedding a strong ESG culture can use the risk and compliance toolkit discussed above to test the organisation's approach and maintain accountability over time. Each element of the toolkit allows targeted questions to be asked about how best practice standards are being implemented on the ground. For example:
Rather than being seen as a further burden on in-house teams, this should be seized upon as an opportunity to drive real change and accountability across the organisation and be a key player in forging and leading a robust ESG risk and compliance culture.