Sustainability and enterprise risk management: The first step towards integration


17 January, 2017



An organization’s enterprise risk management function plays a critical role in monitoring and managing the risks and opportunities that stem from the internal and external forces that can impact a company’s profitability, success or even survival.

Risk management experts across academic and consulting institutions alike perceive that the impact of economic and legal risks on a business and society are steadily giving way to a raft of existing and emerging social and environmental risks. And yet there is evidence that the effectiveness with which organizations are identifying, managing and disclosing these risks is limited:

I. Comparing WBCSD member company sustainability and risk disclosures reveals that, on average, only 29% of the areas deemed to be “material” in a sustainability report were disclosed in a company’s legal disclosure of risks. Notably, 35% of member companies did not disclose any of the sustainability risks identified in their sustainability reports in their legal filings.

II. Discussions and surveys with risk management and sustainability practitioners show that most practitioners (89%) agree that sustainability risks could lead to a significant impact on business, while more than 70% find that “risk management practices are not adequately addressing sustainability risks”.

III. The number of real-world incidences of companies failing to adapt to, respond to or mitigate social and environmental risks is increasing, from environmental disasters and oil spills to natural disasters, conflict minerals, human trafficking and cyber security.