Companies often overlook a key factor of their environmental, social, governance (ESG) initiatives: their third-party relationships.
Eighty-two percent of organizations plan to focus on ESG issues, but many don’t have a formal mechanism to assess or prioritize ESG risks across their extended enterprise.
That’s a problem because while third parties are essential for business success, they also bring considerable risk. Your company could be confident about managing ESG risks within its four walls, but one misstep by a supplier or partner could cause damage to your brand, financial standing, ability to deliver products, services and more.
The value chain accounts for 41% of a company’s ESG impact. Supply chain leaders have a tremendous opportunity to help their organizations advance ESG performance and reduce risk through the way suppliers and other third-party relationships are selected and managed.
Stakeholders rising ESG expectations
40% of consumers globally say that a company’s actions on social issues would influence their decision to purchase a product or service from the company. 30% say the same for environmental factors. Consumers today are more informed about ESG and this growing awareness increases the pressure on companies to strengthen their practices.
The regulatory environment around supply chain ESG is also intensifying. The U.S. Securities and Exchange Commission recently announced a proposal that would require public companies and suppliers to report on Scope 3 emissions if the emissions are likely to have a material impact on the business or the company has announced plans to reach net-zero emissions by a certain date.
The Corporate Sustainability Reporting Directive (CSRD) will go into effect in fiscal year 2024. It requires companies to identify and act on environmental and human rights risks in their operations and end-to-end supply chains. As organizations take steps to improve their ESG performance, third-party risk management needs to be a core part of the go-forward plan.
Four steps to take now
Here are four steps to take today to ensure you’re accounting for ESG risks across the extended enterprise.
- 1.) Identify your third parties.
Companies rely on a variety of third parties across the supply chain such as suppliers, manufacturers, distributors, technology and service providers, contractors and more. Understand who these business partners are which includes direct suppliers, their suppliers, their supplier's suppliers and the work they provide your organization. Given business partners can frequently change try to keep track of your third parties and their important details in a central system so you always know what companies your organization works with. It’s impossible to protect your organization from third parties you don’t know about.
- 2.) Assess and vet your third parties.
Require all your current and future vendors to provide information about their ESG practices. Send customized questionnaires to each partner so you can get detailed data on their policies, risks and performance on the metrics you have identified. Software can then score responses, track outstanding issues and verify resolution. This insight will enable you to understand if your partners are exposing you to unanticipated ESG risks.
Only contract with trusted third parties that meet your ESG standards. If your company is committed to diversity and fostering inclusiveness or has a goal to reduce its carbon footprint, make sure your third parties are aligned with these values and hold themselves to similar standards. As part of your due diligence process, ask for references from other companies that have worked with these partners. Defining ESG expectations in service-level agreements and requiring suppliers to abide by your standards will help ensure you meet your ESG goals.
- 3.) Keep a close eye on high-risk partners.
Focus on the third parties and situations that pose the biggest threats to your business. Classify your third parties into categories such as high, medium and low risk based on your risk assessments and prioritize mitigation efforts with partners considered high risk. You can also categorize specific ESG issues based on how urgent they are to resolve, including critical, medium and low.
It’s wise to regularly reassess third parties throughout the entire relationship to make sure they continue to meet performance standards, fulfill their contractual obligations and that the partnership still aligns with your priorities.
- 4.) Lean on technology.
Many organizations rely on informal and fragmented systems to manage third-party risks. Internal information may be static and stuck in PDFs and spreadsheets. Manufacturers, suppliers, distributors and other partners all use their own systems which makes it difficult to get a real time and accurate view of ESG risk.
Software can help centralize ESG and third-party risk insights from across the extended enterprise. The right platform will automatically pull in relevant data from inside and outside the organization and instantly show you the full impact each party could have on the rest of your business. You can see how partners connect to critical processes, open issues, compliance requirements, specific products and services, and more. With a clear and reliable view of your exposure, you can understand where you are most at risk and prioritize mitigation actions.
The company you keep
As the saying goes, you are the company you keep. Customers don’t care if an ESG issue stemmed from your own operations or those of a supplier. It’s all the same in their eyes.
Organizations that are serious about improving their ESG performance in 2023 will factor in their relationships across the extended enterprise.