TheCorporateCounsel.net

I’m thrilled to announce that Lawrence Heim has joined our team – and will be leading the charge on our upcoming launch of a new sustainability/E&S platform! With the plethora of ESG ratings models & reporting frameworks, and what feels like a rapid but uncertain move towards new regulations, one of the hardest things about this exploding practice area is being able to cut through the deluge of information & gobbledygook. You need to know which developments matter – and what you actually need to be doing to gather E&S data and report on progress & risks. Lawrence is here to break that down for all of us.

Lawrence is going to be sharing insights & tips based on over 35 years of experience in ESG management. He’s been in the trenches to evaluate supply chains & environmental risks, he sits on the board of ASSET (a non-profit anti-slavery organization), and he wrote the book “Killing Sustainability.” Back when the conflict minerals rules were under consideration, he was the only non-financial auditor selected to give testimony to the SEC. You might also recognize his name from our webcasts over the years.

Lawrence understands the players in this space and how multi-disciplinary ESG teams can work together to make real progress and avoid risks. One of Lawrence’s early professional highlights was saving a major petroleum refinery $150 million through a unique waste management regulatory strategy. He built on that experience to help create the Global Environmental Risk Consulting Practice at Marsh and to support clients in environmental, health & safety compliance and management for many years at Elm Sustainability Partners. Most recently, Lawrence led development of supply chain due diligence standards at the Responsible Business Alliance/Responsible Minerals Initiative.

When we launch our new sites, we’ll be able to give more in-depth & practical coverage to the wide range of E&S topics that you’re grappling with – tailored to the corporate counsel and sustainability officer perspectives. We’ll continue to cover the “G” here on TheCorporateCounsel.net. We’ll also continue to act as a “hub” in our network of ESG experts, so always feel free to reach out with questions or topics that you want to see covered – or practice pointers that you want to share.

This has been in the works for a while and I’ve been dying to share the news with all of you. So, consider this the “preliminary announcement,” with more details coming soon about how you can sign up for Lawrence’s blogs and the new resources. In the meantime, Lawrence is going to be running a few blogs here on TheCorporateCounsel.net, starting today, so that you can get to know him! You can also contact him via email – lheim@ccrcorp.com.

– Liz Dunshee

Principle Responsibility

Last Thursday (April 1), Responsible Investor wrote about an initiative intended to stem proliferation of new ESG codes/principles, or at least encourage collaboration between existing frameworks. According to the article, the “Principles for Responsible Principles” were launched due to:

“… concern that the growing number of voluntary codes creates a reputational risk for the better known and more established sets of responsible principles if their numbers continue to proliferate unchecked.”

The program contains five main points that “reflect those of similar initiatives and aim to create self-regulation within a sector that lacks clear KPIs.” Details are here, but if you want to skip that I can quickly summarize it thusly: pay attention to the date of publication.

Yes, I fell for it. No, none of my colleagues did.

To many ESG practitioners, this prank brings an uncomfortable grin because we painfully recognize the truth therein. And with that, my new career I begin. Inauspiciously.

Want to Get Ahead on ESG Data Quality? Internal Audit Is Your Not-So-Secret Weapon

Last month, Doug Hileman published this white paper on Internal Audit’s role in corporate ESG programs. Among Doug’s rather stark findings:

– 44% of respondent companies indicated a “complete commitment” to ESG, yet 25% don’t know where the ESG function “lives”

– 44% of respondents had not performed any internal audits of ESG topics in the past 5 years

– Another 36% didn’t know if any internal audits performed in the past 5 years included ESG topics

– Diversity & inclusion was identified as the top material ESG topic (44%). Supply chain ESG risks garnered exactly zero votes.

The results are based on polling at the Institute of Internal Auditing (IIA) March 2021 Los Angeles conference, so it’s not too surprising that this cohort would think they should be more involved with anything that could border on a compliance issue. Nor is it surprising that there’s some reluctance to add this layer of review to voluntary disclosures. In fact, it’s consistent with my own experience.

But, my humble prediction is that the absence of internal audit from ESG data gathering, evaluation & disclosure is going to start raising alarm bells very soon. Now’s the time to get ahead by starting to involve your own team, if you haven’t done so already. Much rides on ESG information quality these days: investors make decisions/issue guidance on it, media outlets write about it and the Biden administration has made clear that regulatory actions and enforcement will be taken based on it. With so much at stake, it’s only a matter of time before companies will be expected to have more stringent internal controls over this non-financial information – or face reputational & litigation risks for inaccurate disclosure.

Some simple steps for bringing Internal Audit to the ESG party:

– Have IA include internal environmental and social responsibility experts in audits. Blended teams merge IA’s governance and controls expertise and the E&S technical subject matter knowledge.

– Ensure established audit procedures are understood and followed by the blended team – especially evidence sampling methodologies. IA may be concerned about the amount of in scope E&S data and E&S staff may not understand controls testing. E&S staff can filter E&S data/evidence for technical appropriateness and IA can ensure evidence sufficiency.

– Recognize that there are risks with industry collaborative supplier ESG audit programs and certifications. IA needs to understand how these programs produce audit results on which companies rely and disclose to customers, the public and increasingly – regulators.

– Lawrence Heim