Digital technology advancements have led the business community to popularize the abbreviation VUCA -- short for volatility, uncertainty, complexity and ambiguity -- with great hype and enthusiasm. The concept connotes the spirit of risk-taking, agility and lean business practices required in the current age of digital transformation -- and, most recently, environmental, social and governance development. A new landscape is forming under corporate objectives to manage the intensifying ESG risks derived from regulatory and social demand. Various systematic tools and approaches are developing to help companies better address risk management.

ESG disclosure mandates require careful risk management

South Korean companies will face gradual yet intense progression toward mandatory disclosure and reporting. A total of 211 Kospi-listed companies with assets over 2 trillion won ($1.73 billion) are required to publish governance reports. The same rule will apply to companies with assets over 1 trillion won by 2022 and over 500 billion won by 2024, then to all companies by 2026. Starting in 2025, Korean companies listed on the Kospi with assets over 2 trillion won will have the obligation to publish sustainability reports. This mandate will extend to all Kospi-listed companies by 2030.

The European Commission’s Corporate Sustainability Reporting Directive package, revised from the Non-Financial Reporting Directive announced last April, will alter investment policies more aggressively. The CSRD mainly targets large corporations with over 250 employees to adopt science-based criteria of EU Taxonomy partially from January 2022 and fully from January 2023.

Unfortunately, the Korean Standards Association’s 2021 statistics show that only 15 percent of Korean companies publish annual sustainability reports, which adds up to only around 100 companies. This means many Korean companies will hurriedly begin to set ESG targets and actively make statements in their ESG reports.

Transparency and reliability

Companies must recognize that with the enforcement of mandatory disclosure, mishandled or unaddressed ESG issues can expose companies to greater risks. Companies must find ways to evaluate all risk types. Regulatory risks will be the starting point as usual. However, commercial issues such as reputation and strategic risks will be intertwined with regulatory issues as diverse factors emerge such as climate change, supply chain monitoring and organizational transition issues.

What companies must avoid is overstating ESG targets. Following these regulatory initiatives, many governments, NGOs and investment institutions are reinforcing monitoring and assessment systems to watch companies that engage in ESG window dressing in marketing materials and sustainability reports. The US Securities and Exchange Commission’s Division of Examination issued a Risk Alert to check companies that make unsubstantiated or potentially misleading ESG claims.

Mismanaged ESG such as unimproved ESG issues, lack of effective monitoring systems or inaccurate ESG disclosure can invite penalties, particularly in the capital markets. It will also hurt companies’ reputation in society as trust and fiduciary responsibilities have been neglected. Therefore, the first step in ESG risk management is to focus on the transparency and reliability of the disclosure and reporting practices.

Strategic, multifaceted approach

Although the new ESG landscape looks tough, it does not mean companies are stuck with harsh regulatory grounds. Various entities are enhancing value creation through opportunity-enabling technologies and strategies. The Committee of Sponsoring Organizations moved beyond frameworks focused on internal control and auditing in 2018 by partnering with the World Business Council for Sustainable Development to create social opportunities for enhanced reputation, customer loyalty and investment returns. The International Organization for Standardization updated its definition of risk management (ISO 31000:2018) as a strategic process for improving risk-adjusted decisions.

ESG risk management can lead to exploring new opportunities if companies gradually accumulate expertise and innovate by delivering differentiated ESG services to society. For this, valuation technicians are quantifying both ESG risks and opportunities to help companies and investors improve capital allocations and decision-making in line with sustainability objectives.

Legal services are engaging more comprehensively and strategically as well. Global law firms are actively embracing the findings and tools of business strategy experts while partnering with technical experts. Concepts like change management consulting, data-approach and tech-driven applications are buttressing earlier legal components to enhance risk management practices and create value.

ESG risk management in the past minimally focused on compliance and legal concerns. It weighed in business costs, and companies painstakingly adjusted by assessing and correcting financial and legal situations to minimize negative impacts like investment challenges, reputational minuses, or a fleet of loyal employees and customers.

However, the ESG risk management landscape has changed. The ESG impact cycle has been compressed, bringing a more direct value to corporate performance. To adapt to this change effectively, companies must develop consistent, all-around ESG master plans by efficiently aligning company value with ESG practices to curtail risks while exploring opportunities.

Lee Yeon-woo
Lee Yeon-woo is an expert adviser at the Korean law firm Bae, Kim & Lee. -- Ed.