Managing global risks: six lessons on enterprise risk management from over 250 companies

Published: 21 Jan 2022
Author: Andy Beanland
Type: Insight

Global risks are increasingly sustainability-related risks

There is a growing spotlight on sustainability and environmental, social and governance (ESG) issues. Just last week, the Global Risk Report 2022 from the World Economic Forum listed the consequences of climate inaction, nature loss, and erosion of societal cohesion as the most severe risks on a global scale over the next 10 years.

To tackle these risks, the report calls for a “whole-of-society” response, engaging different sectors to lead individual actions towards an end goal that benefits long-term well-being and prosperity. At WBCSD, we believe the role of the private sector cannot be understated. Our Vision 2050 and new strategy outline how sustainable businesses can catalyze the systems transformations needed for a net-zero, nature-positive and equitable future.

Our analysis of over 250 companies, collectively representing a market cap of over $9 trillion USD, reveals that business has a key role that business to play in mitigating ESG-related risks, not only to foster stronger business performance, but also to contribute to a more resilient economy and society. Key to this will be embedding ESG-issues into all business practices and processes, including enterprise risk management systems.

ESG and ERM: bridging the disconnect

Enterprise risk management (ERM) is the system and processes that companies and other organizations use in managing risk. Just as WBCSD believes that sustainability is not limited to one function or department, thought leaders in corporate risk management – notably the Committee of Sponsoring Organizations of the Treadway Commission (COSO) – assert that ERM, too, requires a whole-of-organization approach.

This makes the integration of sustainability, or ESG-related risks into ERM particularly challenging. In 2016, WBCSD published Sustainability and Enterprise risk management: the first step towards integration which identified that, on average, only 29% of the areas deemed to be “material” (i.e., relevant) in a sustainability report were disclosed in a company’s legal disclosure of risks.

That is why, with the support of the Gordon and Betty Moore Foundation’s Conservation and Financial Markets Initiative (CFMI), we developed the COSO-WBCSD guidance on Applying ERM to ESG-related risks to provide a comprehensive and practical tool for organizations to apply ERM to mitigate and manage ESG-related risks. WBCSD subsequently worked with over 100 companies through a series of risk workshops and complementary guidance to strengthen integration of ESG in ERM and bridge that disconnect.

Four years on, data shows ESG-related risks are better managed

Since 2017, WBCSD has been reviewing corporate sustainability reports, annual reports, board charters and other publicly available information of approximately 280 companies, spanning 16 sectors across four regions, to track progress on the integration of ESG into ERM, governance, and assurance approaches. Four years of data analysis and collaboration with these companies and our partner organizations suggest there are many reasons why we can feel encouraged there is a stronger connection between ESG and ERM today:

 The percentage of companies that had zero alignment between the material topics listed in their sustainability report and the topics covered by legal risk filings was reduced from 29% in 2017 to 17% in 2020. Companies who engaged with WBCSD in our work on enterprise risk management were more likely to have improved the integration of ESG and ERM by 10 percentage points.

Figure 1: The number of companies with 0% alignment between their sustainability reports and legal risk filings decreased from 81 in 2017 to 49 in 2020.

Though this is encouraging, there is still progress to be made in fully integrating ESG issues in ERM practices – in 2020, only 5% of companies referenced all their material ESG topics in their risk filings. There are also differences in alignment according to region, with European companies more likely to have higher alignment than other regions. As regulatory developments to strengthen climate- and sustainability-related corporate reporting continue to unfold around the world, more and more companies will have to get to grips with integrating ESG-related issues into mainstream business practice.

Another area of improvement is around balanced coverage of sustainability topics that are integrated into risk management systems. For example, we have found that material social risks concerning themes related to society and human rights also tend to be underrepresented in legal risk filings, compared to risks like climate change and governance.

Figure 2: Sustainability topics are unevenly represented in legal risk filings.

Allaying fears and taking action

We should not be paralyzed by the impending global risks that the world is facing. We only have a few short years to halt irreversible degradation of our environment while saving lives and livelihoods. And the business case for doing so is becoming increasingly clear -- over 50% of the world’s GDP is moderately or highly dependent on nature and its services. $6.3 trillion USD of investment is at risk for companies that don't disclosure their impact on issues such as deforestation and land conversion.

Now, more than ever, is it critical to embed ESG, and specifically nature, into business practices and act on findings like those in the WEF’s Global Risk Report. Based on our observations from hundreds of engagements with companies in integrating ESG into risk management, our top takeaways for companies to strengthen action on ESG-related risks are:

  • Diagnose your current state. Use the COSO-WBCSD diagnostic to assess your level of integration of ESG-related risks into your mainstream ERM processes.
  • Break silos. Review the COSO-WBCSD guidance on applying ERM to ESG-related risks. Work across the organization to strengthen the ERM and sustainability functions of your company.
  • Think outside likelihood and impact. Explore new approaches to enterprise risk management by considering interconnectivity, velocity and speed of onset of risks, as these may be more appropriate for the dynamic environment in which companies are operating.
  • Engage leadership. In particular, get your CFO on board. ESG-related risks and opportunities are now firmly in the domain of the CFO and will impact the financials of your company. WBCSD’s CFO Network brings together leading CFOs to support the integration of all ESG aspects into business practices.
  • Disclose meaningfully. Use your company’s Annual Report, investor presentations, and other priority outputs to clearly link risk factors with the sustainably material topics of your company. The ESG Disclosure Handbook provides a judgement framework to support effective disclosure.
  • Advocate for change. Follow regulatory developments in your jurisdiction and provide support for policies that enable measurable, transparent and comparable disclosure of ESG-related information.

WBCSD will continue our work on supporting companies in bridging ESG and ERM with the Gordon and Betty Moore Foundation’s Conservation Markets Initiative. For more information on how to engage with us, send us a message at

Andy Beanland is Director, Redefining Value, WBCSD

We use cookies to ensure you get the best experience on our website. By choosing to continue, you agree to our use of cookies. You can learn more about cookies on our privacy policy page.