Responding to the increasing relevance of Environmental, Social, and Governance (ESG) for TPRM practitioners around the globe, last month Shared Assessments launched a new ESG Team that will play an instrumental role in gathering, analyzing, and sharing information to help our members define metrics, improve their SIG questionnaires, and develop best practices with SMEs. The group is actively recruiting knowledgeable SMEs, especially those with UK and EU experience, and welcomes all TPRM practitioners interested in how ESG fits into the risk framework.
Because this complex, multifaceted area of risk management is becoming a crucial factor in regulatory and reporting requirements and gaining increasing attention from boards and shareholders. These trends are reflected in recent polling among Shared Assessments members, which showed a strong interest in ESG, specifically in how ESG fits into a risk framework and how it relates to TPRM within those frameworks.
The team is led by Gary Roboff (Senior Advisor, Shared Assessments), Colleen Milazzo (SVP of TPRM Software Products, Shared Assessments), Charlie Miller (Senior Advisor, Shared Assessments), and Ken Wolckenhauer (VP of Vendor Management, Nordea Bank, Abp, International Corporate Branches).
Andrew Moyad, Shared Assessments newly appointed CEO, kicked off the call, noting how experienced industry members have developed an evolving view of what is necessary for accountability. Recalling the history of legislation — from GLBA in 1999, through the Patriot Act, SOX, and recently with GDPR, Moyad saw how TPRM practitioners view risk and responsibility to shareholders, stakeholders, and their organizations have evolved and will continue to do so:
Over the next five years the realms of privacy, and ESG in particular, will be leading topics. We want to measure cultures of accountability using Shared Assessments, thought leadership, and products, and in my view that necessarily includes ESG as an emerging topic, and an important one. People often don’t know what metrics they should use, what sort of benchmark should apply, or even in the broadest sense risk management, how to begin to interrogate their business partners in order to understand what they’re doing in the terms of ESG and how it fits into the larger organization.
Last month in its Risk and Compliance Journal, the Wall Street Journal’s Richard Vanderford wrote about how changes in SEC guidelines are increasingly giving shareholders “new avenue[s] to scrutinize and potentially influence companies” regarding ESG topics and practices.
SA’s Roboff believes ESG is often relegated to the tail-end of TPRM programs, and many people may not even be aware of their company’s level of interest or involvement in ESG. This will change; Nordea’s Wolckenhauer noted that in his bank, interest in the subject grew from the ground up and became a call to action.
Milazzo thinks that while companies will define ESG in a different way when it comes to third parties some basic ground rules will need to be established: “from an ESG perspective, you need to know what you are doing internally before you can require that of your third parties… it will take time to carve out the objectives you’re trying to capture from a data perspective.”
Shared Assessments ESG Committee is interested in shaping the SA program and finding specific areas of interest to our members. Participants will consider their own organization’s ESG program and how it applies to their third parties. We invite you to help define the group’s direction, and how it can meet your goals.
Over the next two months the group will form a subcommittee to take part in the following activities:
This is a rapidly changing environment, which will increasingly affect Procurement divisions and supply chains along with TPRM. We look forward to engaging with our members to develop the information that helps them reach their goals. Contact Jessica Calzada to get involved.