Regulatory Clarity Is Coming, But Companies Still Need to Thread the Needle on ESG

Companies will have to make strides on ESG in 2023, whether they’re ready or not. And it will be a balancing act as they determine how to make meaningful improvements on some risk and ESG categories without undermining progress on others. 

One of these struggles is the push to invest in green technologies, such as solar panels, to cut carbon emissions. It’s the right thing to do — for consumers, the environment and the law — but it’s complicated.

For example, in June 2022, the U.S. Uyghur Forced Labor Prevention Act (UFLPA) went into effect, which presumes that any shipment originating from or passing through China’s Xinjiang region, where more than 50% of the world’s polysilicon supply originates, is the product of slave or forced labor. Polysilicon is a major subcomponent of solar panels, and it’s difficult to conduct sufficient due diligence to comply with the law. As a result, more than a thousand solar panel shipments were seized at U.S. borders during the first four months after the law went into effect.

Taking a step forward on the world’s green initiatives without taking two steps back on human rights considerations means looking closely at the inner workings of your global supply chain.

Regulations to watch this year

Effective Jan. 1, the German Supply Chain Due Diligence Act seeks to manage risks — such as child labor, workplace hazards, unfair pay and the use of persistent organic pollutants — within an organization’s own operations, as well as that of their direct and indirect suppliers. While it primarily monitors companies in Germany with at least 3,000 employees and foreign companies with German branches, smaller organizations will still feel the impact along the larger supply chain, and the scope of the act will broaden in 2024. Other nations may soon follow suit.

In the U.S., SEC may soon require large, publicly traded companies to disclose their Scope 3 greenhouse gas emissions, and while companies await the ruling, forward-thinking business leaders ought to prepare now. Even if the SEC rules against Scope 3 reporting, other governing bodies, such as the International Sustainability Standards Board and the European Financial Reporting Advisory Group, may still require these disclosures.

And in mid-2022, Norway passed a human rights due diligence law that, though it hasn’t grabbed headlines like laws in the U.S. or Germany have, is said to be more stringent than other supply chain transparency laws. 

How to thread the needle in today’s regulatory landscape

This will be a tough year for companies to comply with multiple, sometimes conflicting, laws and regulations. But this is not the time for business leaders to sleep on ESG. Violations could result in both reputational and monetary damages, creating further financial hardship in the face of a potential recession.

Here are six ways companies can successfully thread the needle while navigating competing ESG initiatives: 

Develop and implement an ESG program charter to define the scope, objectives and expectations

For your ESG strategy to succeed, you need to ensure cross-department communication, collaboration and harmony. Internal stakeholders, such as procurement, legal, IT, the C-suite and the board of directors, must be transparent and aligned on ESG initiatives to prevent their departments’ mandates from undermining each other. For example, the board may want to push for net-zero carbon emissions and mandate that the company imports solar panels; however, if they’re not careful, that could also violate the Uyghur Forced Labor Prevention Act.

Break down data silos by integrating various systems to manage risks across the extended enterprise

Given the many risks that need to be monitored and managed, having a consolidated view of the risk profiles, individually and collectively, for third parties is essential. Yet, many companies still rely on a patchwork of technology systems that are difficult to integrate, leading to low efficiency, high costs and unforeseen risks. In a dynamic and ever-changing environment like we’re in today, enterprises must eliminate data silos and take a more integrated approach to risk management. This means all teams within an organization should work from common or compatible systems and workflows. In doing so, a company can not only stratify processes but also share data and intelligence that allow its departments to enable rather than undermine each other’s mandates.

From supplier due diligence to continuous monitoring — never take your eye off your supplier base

Risk doesn’t end after onboarding and neither does due diligence. Procurement, supply chain and enterprise risk management teams need to continuously monitor vendors and third parties for new and changing risks throughout the duration of their partnership. While suppliers may be fine at the beginning of a relationship, ongoing changes in laws/regulations, world events (wars, pandemics, strikes) and company issues (data breaches, labor issues, leadership changes) require continuous and automated monitoring. By actively monitoring their ecosystem of suppliers and where they operate, companies can catch these events or incidents as they arise and make necessary adjustments before the risks can impact the integrity of their own operations.

Gain visibility into your extended enterprise, including third parties and sub-tier suppliers

Increasingly, companies are held accountable for the practices of their supplier community by governments and consumers.  Sourcing, procurement and category managers need clear sightlines as far and as wide as possible to understand supplier, vendor and third-party risks. Is this supplier reputable? Are they going to help advance my company’s mandate or mission? What about their suppliers? Are they as compliant as the first-tier? Can they deliver for me? Are they going to get my company in trouble with the law or in the news for the wrong reasons? When a company partners with a supplier, it is also partnering with that supplier’s extended network. It’s important for business leaders to ask the above questions and ensure they are working with only the most reputable organizations as their risks, and their nth supplier’s risks, will become their own. 

Think about risk holistically; consider all hazards

There are many ways suppliers and third parties can introduce risk to a company’s operations. Taking a holistic view of a product or supplier can fill in the missing colors of that product or supplier’s risk profile. In regard to the solar panel example, a company should first ask itself: Where are the solar panel’s parts produced? Where are they assembled? Who are they being assembled by? Where do they ship from and where do they stop along the way? Asking these questions may uncover unforeseen ESG violations that go beyond the environment, such as child labor, undermining the company’s commitments to human rights. It’s crucial for companies to take a holistic approach to risk management, so they are aware of any supplier business practices that could cause them reputational harm. 

Connect supplier performance and supplier risk management

A low- or non-performing supplier is a risky one. They may cut corners and use shoddy materials. They may even use forced labor, debt bondage or make their workers put in excessive hours under unsafe conditions. Their products may be defective or rarely arrive on time for your company to produce and ship your own product. Know who has become a liability to your brand and decide what to do next.

The pace of regulation shows no signs of slowing down, as national and regional governing bodies look to pass additional ESG laws in the next couple of years, inlcuding the Netherlands’ Responsible and Sustainable International Business Conduct Act (2023) and the EU’s Corporate Sustainability Reporting Directive (2024).

Companies will get stung badly by fines and penalties over non-compliance with ESG laws and regulations, unless they act now. The road to ESG is a journey: Making strides on the world’s ESG initiatives begins with supply chain visibility, continuous risk monitoring and integrated risk management. 

To be successful, business leaders will need to establish an ESG charter that outlines their risk priorities and objectives, define a clear roadmap for implementation, secure cross-organizational alignment (both internally and externally) and create blueprints to define and inform the business processes required to make it happen. Business leaders can start implementing one or two of their most critical programs today while aligning on their organizational ESG strategy for the long-term.