ESG: Your questions answered

Our Answers to Your Top ESG Questions

What does implementing an ESG programme mean?

Throughout our webinars and guides on ESG, VinciWorks has received many questions about the subject. ESG is a new area for business, and one still largely unregulated so these are common concerns. Most of the questions we have received about ESG fall into three distinct categories.

1 – Clarity around regulations

2 – What professional services can do

3 – How to get started

Clarity around ESG regulations

Regulations are coming, and for more detail see our blog on Mapping International ESG Regulations. For the moment, coming regulations in the UK, EU and US are relatively focused on the environmental side. The US is going to be announcing their own environmental reporting standards this year, and the UK is already mandating the TCFD framework for large businesses. The EU has already implemented the sustainable finance disclosure regime, while the Corporate Sustainability Reporting Directive (CSRD) still several years away. However these regulations do not necessarily fit the wider picture of ESG, given the relatively climate-related focus.

ESG is, at the moment at least, not a regulated or required thing for most businesses to do. Emissions reporting or other ESG tracking is not currently required for the vast majority of companies, beyond the largest businesses required to report against TCFD by April 2022 or those already tracking against existing regulations

However regulations are coming. New EU rules are likely to have a very wide catchment and require ESG due diligence on the supply chain, not just the business itself. Getting processes in place now will save time and resources down the road.

Implementing some form of ESG programme can also demonstrate the positive impact the business is having on the world. Our recent survey showed managing risk and brand reputation were key ESG drivers for over 60% of businesses. Implementing an ESG programme now demonstrates a market-leading philosophy, and shows stakeholders, in particular key investors and employees, that the business is leading the pack.

Investor relations has always played a key role in promoting ESG. Finding the best investment is a major part as to why ESG is gaining popularity. An investment firm considering two businesses, one with an ESG programme and one without, will tend to prefer an investment in the ESG-ready firm. The business with the ESG programme is more resilient to risk and is better placed to manage any environmental, social and governance risks that can impact on the bottom line.

What can professional services do on ESG?

Professional services firms often wonder if and how ESG applies to them. Or what impact they can make. Despite generally having lower levels of emissions, the impact professional services can have on ESG can still be significant. A professional services firm is likely to have a decent social and governance programme, so adding the environmental side to that is a good place to start.

Understanding existing emissions is vital, which will assist the business in deciding whether or not to commit to net zero and over what timeframe. Net zero means investing in carbon offsetting. If a business emits 50 tonnes of carbon per year, then it will need to offset that by the same 50 tonnes in order to get to net zero. There are specific enterprises which can assist businesses in offsetting. This could be through tree planting, water conservation, or carbon capture.

ESG can seem heavily focused on the environmental side, but it is important to look at ESG in the round. Professional services can likely have the most significant impact in the social sphere, which can include initiatives such as:

  • Pro bono and volunteering hours. 
  • Giving advice to charities or to people who need it and otherwise can’t afford it. 
  • Redirecting some of your spending towards ethical enterprises and investments.
  • Using recycled office furniture or donating equipment that you don’t need to people who need it
  • Actively going out to underrepresented communities
  • Building links with local schools and colleges
  • Offering work placements and training opportunities to those who would otherwise not have them

These are particularly attractive social initiatives because they demonstrate to stakeholders the positive good a business is having on the world. The indicators can be as diverse as the initiatives, as long as the data is measurable and trackable over time. Ideally with an associated financial impact, either in resource or savings.

A professional services firm might, for example, offer three work placements to a local college one year, five the next year and 10 in the third year. This would be a trackable metric. A five-year goal of 10,000 hours of pro bono work is another significant ESG commitment a business could make, track and report on.

One of the reasons ESG is grouped together is due to the fact different commitments can cross-impact. Catering bought from a local business which is a social enterprise will also have a lower carbon footprint than store-bought sandwiches. Improving diversity measures has an impact on governance as well. A more diverse leadership team is by all measures stronger and more resilient.

How to get started with ESG?

Many firms wonder how to get started with ESG. You can find out more in our guide: How to Implement an ESG Programme. Any business considering starting an ESG programme should start by forming a committee. Spend time making sure the right people are around the table, there is board buy-in, and there is a clearly defined output such as annual report pages or a specific ESG report. 

Then start to consider existing data. This could be done by adding up electricity bills and water bills to track total usage. Identify missing policies and procedures that should be in place. Figure out social commitments and diversity measures, and implement some tracking and reporting mechanisms. It might start with a spreadsheet, but VinciWorks Omnitrack tool is specifically designed to track different strands of ESG data.

ESG awareness training is another important initial starting point. Engaging staff in the process will make the overall journey easier. Employees may want to participate, forming their own groups or taking forward initiatives such as waste reduction or diversity. 

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”

Picture of James

James

VinciWorks CEO, VInciWorks

Spending time looking for your parcel around the neighbourhood is a thing of the past. That’s a promise.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.