ESG reporting frameworks: which one to choose?

A quick start guide to ESG standards

Far from a buzzword, ESG is fast becoming the standard for businesses to manage and report on their risks.

ESG Reporting Frameworks: An Overview

ESG: environmental, social and governance, are essentially the broadest set of factors which can be used to measure a company’s impact in the world. Regarding environmental impact, how is a business impacting the environment, deforestation, pollution and climate change? On the social front, how are they supporting communities? This includes both their employees, through health and safety measures and diversity, and also the wider society that they operate in. And on governance, how well is the company run, how diverse is its board, does it have strong anti-corruption policies and good management structures?

ESG reporting and ratings drive a huge and growing amount of investment. ESG is much like corporate social responsibility but on a vastly larger and more measurable scale. Companies that are at the forefront of talking about their ESG scores are generating more attention from across the business spectrum, and investors are actively looking for high ESG scoring companies.

Deciding to start ESG scoring can seem like a daunting task. But in actual fact, compliance dovetails into ESG reporting in a very meaningful way. Undertaking training on bribery and tax evasion is a key factor in reducing the risk of a governance failure. Diversity audits and progressive HR policies can help with the social side of the score, and even something as simple as a well-implemented recycling policy can make a difference when it comes to measuring your environmental impact.

Using a particular ESG framework can help to guide your reporting processes, showing you where to look, what to measure, and how to communicate it. Here, we break down the key reporting frameworks for ESG.

3 key elements of ESG

The three key elements of ESG, environmental, social, and governance, each encompass various different elements of corporate social responsibility:

The environmental element includes initiatives such as reducing a company’s negative impact and making it “greener” by cutting carbon emissions, pollution and waste and improving energy efficiency. It also encourages using greener modes of transport.

The social element refers to efforts to design a diverse and inclusive workforce with employee safety and advancement opportunities at the forefront of the company’s priorities. This category also includes best practices for data and cybersecurity. 

The governance element focuses on ensuring that the company abides by the highest standards of ethics and tax transparency, distances itself from bribery and corruption, and encourages whistleblowers while protecting them from potential repercussions.

Why is ESG reporting necessary?

Investors of all stripes now understand that ESG is about investing in companies that either make the world better, or at the very least, don’t make it worse.

“At its core, ESG investing is about influencing positive changes in society by being a better investor,” said Hank Smith, Head of Investment Strategy at The Haverford Trust Company.

Investors are prioritising companies’ resilience to unanticipated and potentially damaging ESG risks. Bloomberg, S&P Dow Jones Indices, JUST Capital, MSCI and Refinitiv are a few of the most well-regarded ESG research companies. Scores generally follow a 100-point scale: The higher the score, the better a company performs in fulfilling different ESG criteria. 

However there is no one ESG reporting standard or scale on which to rate or judge companies’ ESG compliance. Metrics and weighting schemes differ, which can make it hard to make proper comparisons. There is some move towards making an international standard.

The International Financial Reporting Standards (IFRS) Trustees announced in February that it is moving forward with the idea of forming a new board that would establish global ESG reporting standards. The reason ESG is having such a big impact on the investment world is that it helps investors understand the resilience of firms to ESG risks. Those could be as widespread as climate change or environmental disasters, accusations of racism or harassment, as well as the impact of governance failures such as fines for bribery.

Bringing these disparate risks together helps investment houses prioritise putting money into less risky businesses, or at the very least businesses which understand the risks they face, and are taking the time to conduct due diligence and mitigation measures on those risks. As Goldman Sachs noted: “ESG is no longer optional for asset managers.”

What is a Good ESG Score?

ESG ratings measure a company’s exposure to long-term environmental, social, and governance risks. A good score would mean that a company is found to have good risk resilience in these areas. A poor score means the opposite: i.e., an organisation’s exposure to ESG risk is not well managed. 

ESG risks, which could include such issues as climate change mitigation and adaptation, duty of care and working conditions, respect for human rights, and bribery and corruption practices, can sometimes have financial implications, but are often not considered in traditional financial reviews. Investors who use ESG ratings as part of their financial analysis can gain a more complete picture of an organisation’s long-term chance of success.

There are several ESG rating systems investors can use, and different systems use different scoring systems. Most follow an 100-point rating scale, while some have a letter rating scale, for example, from AAA (Leaders in ESG) to CCC (Laggers in ESG). 

Download our guide to implementing an ESG programme

What ESG reporting frameworks are there?

Global Reporting Initiative (GRI):

The GRI provides ESG standards that address disclosures of socially material topics affecting a company’s stakeholders. It also requires that companies determine the issues that are material in consultation with stakeholders. GRI Sustainability Reporting Standards are the most widely used standards for reporting on ESG impacts globally and have been developed over many years through multi-stakeholder contributions. GRI Standards aim to meet the information needs of all stakeholders, and the modular structure supports both comprehensive reports and selected disclosures.

Sustainability Accounting Standards Board (SASB):

The SASB recommends topics and metrics for 77 different industries across all three pillars of ESG. These standards provide guidance on how organizations can align their reporting with investor needs and how companies gather standardized data. 

The Task Force on Climate-related Financial Disclosures (TCFD):

Chaired by former New York City mayor Michael Bloomberg, this was set up in 2015 by the Financial Stability Board (FSB) of the G20 to develop voluntary guidelines for companies, banks and investors to use when disclosing climate-related financial risks and opportunities to their stakeholders. The recommendations, issued in 2017, aim to help financial markets, including lenders, insurers and investors, better assess and price those risks and opportunities. Voluntary at first, TCFD-based reporting became mandatory in 2020 for all asset owners and managers signed on to the UN Principles for Responsible Investment.

The Climate Disclosure Standards Board (CDSB):

is an international consortium of business and environmental NGOs that have developed a framework for companies to report environmental and climate change-related information in their corporate financial reporting. The organisation aims to enable companies to report environmental information with the same rigour as financial information in order to provide investors with decision-useful information to ensure resilient capital markets. The CDSB Framework helps companies explain how environmental matters affect their performance and show how they are addressing associated risks and opportunities to investors in annual or integrated reports.

The Carbon Disclosure Project (CDP):

is a UK-based non-profit that runs a global disclosure system for investors, companies, cities, states and regions to manage their environmental impacts. Over 8,400 companies, 800 cities and 120 states and regions have reported through CDP on climate change, water security and deforestation. Each year, CDP takes the information obtained through its annual reporting process and scores companies and cities on their environmental performance. The CDP collects standardised information from companies on climate change and the use of natural resources such as water and soft commodities.

The United Nations Sustainable Development Goals (SDGs):

This is a collection of 17 goals adopted by the UN member states in 2015 to achieve the 2030 Agenda for Sustainable Development. The SDGs provide a blueprint for countries to achieve a more sustainable future, including ending poverty and hunger, improving health and education, combating climate change and protecting oceans and forests. While the SDGs were created for UN member states, the UN Global Compact and GRI have joined forces to help businesses report on the SDGs.

UN Principles for Responsible Investment (PRI):

In 2006, the United Nations launched the Principles for Responsible Investment to help investors incorporate ESG factors into their investment and ownership decisions. The international network of investor signatories has grown from 100 to over 2,300, representing over $80 trillion in assets under management. The six principles are a set of voluntary investment principles, supported by 35 possible actions, that investors can use to integrate ESG into investment practice. The PRI has specifically aligned its work with the UN SDGs and also made TCFD-based reporting mandatory for its signatories in 2020.

EU Guidelines on reporting climate-related information:

In June 2019, the European Commission published guidelines on reporting climate-related information. The guidelines aim to give practical recommendations to around 6,000 EU-listed companies, banks and insurance companies that must disclose non-financial information under the Non-Financial Reporting Directive (NFRD). They incorporate the TCFD recommendations as well as the “EU taxonomy”, a classification system to identify the parts of a business that have a significant positive impact on climate. The goal of the guidelines is to help companies better report the impact their activities are having on the climate as well as the impact of climate change on their business.

EU Taxonomy:

The European Commission’s Technical Expert Group on sustainable finance (TEG) has developed a classification system, or taxonomy, for environmentally-sustainable economic activities. The group screened activities across a wide range of sectors, including energy, transport, agriculture, manufacturing and real estate and identified low-carbon activities such as zero-emissions transport but also transition activities like iron and steel manufacturing to compile a framework to identify the parts of a business that have a significant positive impact on climate. The taxonomy also provides guidance on the boundaries of negative impact with do-no-harm criteria. 

Maintain ESG compliance with Omnitrack

With Omnitrack, VinciWorks’ reporting and tracking software, businesses can manage their entire ESG compliance process. From building compliance forms from scratch to using our best-practice templates as a starting point, we have you covered.

Features

  • 100% customisable — admins can edit any form from our template library
  • Conditional logic — the form adapts as it is completed, so that only relevant questions are asked
  • Includes built-in workflows for different jurisdictions
  • Securely share analysis and information between offices
  • Get started right away with best practice templates
  • Create graphical reports in seconds
How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”

Picture of James

James

VinciWorks CEO, VInciWorks

Spending time looking for your parcel around the neighbourhood is a thing of the past. That’s a promise.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.