top of page
  • Satarla

ESG Risk Management - University of London

In this University of London and Institute of Risk Management webinar on 9th December 2020, Dr Sarah Gordon spoke about ESG (Environmental, Social and Governance) risk management and how to integrate sustainability into your business decisions.

Material used in the webinar can be viewed here, and the summary, full recorded webinar and abstract are below. If you have any further questions please feel free to contact us:


In this webinar, Dr Gordon discussed:

  1. ERM (Enterprise Risk Management) - we use this to understand all of an organisations risks, both positive and negative events, and how they relate to one another. We use risk based decision making to manage all of them. ESG is one part of an organisations risk profile, along with other specialist areas of risk management, such as finance. ERM is therefore critical for making balanced decisions that include ESG.

  2. ESG (Environment, Social and Governance) - this term has evolved over a few decades. In 1987, the term sustainable development was defined by the Brundtland Commission. In 2015, the UNs 17 SDGs (Sustainable Development Goals), set ESG goals for 2030. ESG says that Environment, Social and Governance are intertwined areas of risk that cannot be understood in isolation. We use ERM to understand and manage these relationships, both for understanding the upside that comes with managing ESG risks, as well as managing the downside.

  3. Why the importance? - many organisations are seeing the upside of proactively managing their ESG risks, shifting their business model away from being short term profit oriented, to integrating ESG into their organisations culture, and long term strategy. This is achieved by balancing your organisations business activities and values. This is important because different stakeholders are aligning around ESG now, not only consumers but investors and insurers.

  4. What is ESG risk management? – organisations can make balanced decisions when they truly understand ALL of their risks, including ESG risks, and can make balanced decisions based on how they relate to one another. We use ERM to get this balance right.

Full recorded video


This webinar discussed a current trend in risk management, often we are asked: “as an expert in Enterprise Risk Management, do you also do Environment, Social and Governance risk management?”. We politely reply that: “Environment, Social and Governance (or ESG as it is often referred to), risk management is an integral part of robust Enterprise Risk Management (ERM)…. and if you have not been including your ESG risks in your organisations risk profile, then your risk management program is likely not integrated across your enterprise”. Note: The second part of this sentence is only voiced when deemed not to cause the questioner undue distress(!).

However, no matter how distressing I find this question personally, it provides insight to a world that is being taken by surprise of the urgent need to not only understand ESG risks, but also it stresses the need to manage ESG risks properly, in light of their potential impact on organisations, and their wider stakeholders.

The term “sustainable development” made its formalised entrance in 1987 via the World Commission report on Our Common Future as led by Norwegian Prime Minister, Gro Harlem Brundtland [1]. It defined sustainable development as being: “Development that meets the needs of the present without compromising the ability of future generations to meet their own needs”. Since then, this concept of sustainable development has had many titles including Corporate Social Responsibility, Sustainability, Social License to Operate, and most recently ESG.

A vast array of frameworks, principles, goals, standards, and metrics have been designed to support governments, businesses and teams operate in a sustainable manner. The most widely recognised of these is the United Nations Sustainable Development Goals (SDGs) [2]. Launched in 2015, the SDGs replaced the Millennium Goals and have a life expectancy of 15 years.

The SDGs are big and brave. They outline 17 goals that aim to: “end poverty, combat climate change and fight injustice and inequality”. This massive vision scares some and inspires others. Until now, many businesses have either ignored them or selected the few goals that they feel most closely align with their activities and carefully placed the others into the “to do later” pile.

The addressing of the SDGs as a cohesive package is not made any easier by them often conflicting with one another. For example, actions taken to address SDG #13: Climate Action may reduce our ability to address SDG #1: No Poverty. This is where risk management comes in.

Risk management is a process through which the potential pros and cons of a decision, event or scenario can be assessed and then, if necessary, actively managed. It exists to help us take charge of some of the uncertainty in the world around us, and therefore better navigate our teams and businesses towards our vision, purpose, and strategy. It is therefore used on a routine basis when we need to decide if carbon or human rights are more important to our organisations.

Risk management has evolved hugely over the past decade. No longer do teams agonise over the positioning of a risk in a red-amber-green infested impact versus likelihood matrix. Rather, risks are viewed as an interconnected series of nodes that change with time and knowledge. Robust risk management relies on having as much data and knowledge on the table as possible. Some of this data will be accurate, some will not, however it all helps to paint that picture of what the future may hold.

The weaving of environment, social and governance risks (both to the organisation and created by the organisation) into the increasingly complex web of modern enterprise risk understanding is critical if risks are to be accurately assessed and successfully managed. If there are areas where we have unintentionally or intentionally ignored ESG risks, it is increasingly guaranteed that we will have misrepresented our risks and our risk profiles will be incorrect. This in turn leads to suboptimal control strategies and objectives not being met.

If ESG has been around for decades, why are we beginning to focus on it so much now? Simple answer: the money has arrived. Be it due to requirements such as the Task Force on Climate-related Financial Disclosures (TCFD) [3] being placed on those who invest or lend money, or members of those financial institutions requiring increased transparency on where their money is being invested, “green washing” will no longer cut it. This arrival of the financial world therefore pushes many risks over their tolerance thresholds into the “action needed now” territory as if we do not take them seriously, we will lose our investment and potentially even our insurance.

Do I and my organisation “do” ESG risk management? Yes, it has always been there. However, it is it increasing in its importance to organisations from both the ethical and financial perspectives. Now it is the time for practical risk management to be fully unleashed and provide the mechanism through which organisations can hold themselves to account and achieve their objectives in an ethical manner.

[1] Brundtland Commission (1987) Report of the World Commission on Environment and Development: Our Common Future. (“A global agenda for change”).

256 views0 comments


bottom of page