Despite compliance leaders recognizing that ESG compliance integration is increasingly critical to their organization’s business strategy, action and investment do not currently mirror their intentions, particularly with respect to third-party risk, according to new data from Hogan Lovells.
“Organizations must wake up to the reality of third-party risk and act now – or face jeopardizing their business growth and exposing themselves to financial and reputational damage, as well as litigation risk in a growing number of jurisdictions,” according to Hogan Lovells. “Successful ESG strategies look at a business’s whole ecosystem, including the third parties they do business with across the world, as they pose a potentially great risk.”
From Hogan Lovells:
- The majority of compliance leaders (96%) think that third-party relationships pose some degree of risk to their business with regards to ESG. But only 1% believe that this risk is great and two-thirds believe that the risk is negligible, with third-party relationships posing either “a little” risk or “hardly any” risk.
- Although the majority (56%) of compliance leaders anticipate their levels of third-party ESG risk increasing in the next 12-18 months, it is unclear whether this is due to impending regulatory pressure or because this is the timeframe compliance leaders hope they have to prepare their organization for ESG risk.
- Organizations with more established ESG management protocols appear more likely to recognize the possible impact and ramifications of third-party risks. For example, 32% of those with high-maturity schemes believe they pose a “fair amount” or “great deal” of risk.
- 82% of compliance leaders are struggling to embed ESG in existing risk practices, 78% cite a lack of established ESG knowledge and skills as a limitation and 74% are hindered by the complexity of ESG risk management in different markets.
- Four in five (81%) compliance leaders recognize that integrated ESG programs can positively impact their organization.