Landscape of Gardens by the Bay in Singapore

Why ESG integrity is at a crossroad between aspiration and regulation


The EY Global Integrity Report 2024 highlights that ESG-related regulatory reporting and data integrity are top risks for organizations.

This article is part of the EY Global Integrity Report 2024.


In brief

  • Thirty-seven percent of organizations see complying with new and changing ESG regulations as the greatest challenge in meeting compliance obligations.
  • Executives say they’ve undertaken a number of initiatives to address these challenges and they’re being transparent about it.
  • Taking an integrity-first approach to ESG can help organizations to tackle immediate risks and achieve aspirational objectives.

As climate-related goals become obligations, and voluntary environmental, social and governance (ESG) efforts become mandatory, a quick scan of the market landscape reveals that the conversation around net-zero emission targets and broader ESG issues has shifted in tone over the last two years from boldly aspirational to compliant box-ticking.

In the past, many organizations set lofty goals, issued audited Global Reporting Initiative (GRI) reports and reported their climate impacts according to Task Force on Climate-related Financial Disclosures (TCFD) recommendations. By contrast, today’s conversations focus on ESG’s significant challenges and risks, particularly around changing regulation, a lack of harmonization across sustainability reporting standards, and data integrity.

Rather than a race to the top, many organizations appear to be in a race to the bottom. Confronted with the need to publicly disclose progress toward their sustainability goals at a time when corporate disclosures are becoming more technical, complex and confusing, organizations are considering scaling back their targets either to what they know to be achievable and easy to measure, or to what is needed to meet current regulatory and compliance obligations. This may become even more prevalent, depending on the outcome of upcoming political elections in more than 60 countries in 2024. While the intentions behind developing stronger mandatory reporting requirements for companies are laudable, it may prove counterproductive as organizations divert efforts from meeting ambitious but hard-to-measure ESG goals to focus on compliance.

Yet, as ESG regulations rapidly evolve around the world, the practical approach of doing only what is required may quickly prove woefully impractical. According to the EY Global Integrity Report 2024, 37% of respondents cite keeping up with and complying with new and changing ESG regulations in various jurisdictions as one of the greatest challenges in their organization in meeting their ESG compliance obligations. 

Meeting ESG regulatory requirements
of respondents say that complying with new and changing ESG regulations is one of their greatest challenges in meeting ESG compliance obligations.

This is hardly surprising given the proliferation of ESG-related legislation around the world and the lack of harmonization of sustainability reporting standards. From 2011 to 2023, more than 1,255 ESG regulations were introduced globally1. Notable examples of ESG-related legislation proposed or enacted in the last two years alone are detailed below.

Seven areas where organizations struggle most

Based on the results of the EY Global Integrity Report 2024, as well as EY experience working with clients, there are seven areas where CFOs, chief sustainability officers (CSOs) and other senior executives struggle most to address ESG challenges:

  1. Mapping and measuring the sustainability journey. One-third (34%) of report respondents admit that they have limited reliable data to measure progress against performance targets. Measuring and reporting against ESG ambitions and targets drives the need for better, auditable data at the group level, often across multiple markets, business units and brands.
  2. Ensuring CSOs are more involved in key decision-making. But, for 29% of report respondents, there is a concern that, without the appropriate level of influence or power, they may not be getting sufficient dedicated resources and budget for ESG initiatives.
  3. Adding sustainability solutions to deal with regulatory requirements rather than building them in. This is an approach that gives the impression within and outside the organization that ESG is an afterthought rather than an integral part of the organization’s strategy, value creation and culture.
  4. Implementing the right processes, systems and internal controls to strengthen transparency and reporting. Organizations may also have to take additional actions to push ESG data to the level of financial reporting and ensure that it can withstand the rigor of an audit — a requirement by some of the new ESG regulations, including CSRD. In the research, organizations say they’re increasing their focus on ESG and have already undertaken several initiatives to comply with ESG external reporting requirements. Furthermore, nearly two-thirds believe their organization is transparent about its progress. However, as legislation and regulations evolve, more will need to be done.
  5. Building a robust risk management program. While there’s increased focus on what to report and how to report, organizations are sometimes missing the critical need to build a robust risk management program around ESG activities. Having the structures in place to report is important. However, a risk management framework over business conduct — of both employees and third parties — in executing ESG initiatives has lagged. Organizations should be putting as much effort into risk management around nonfinancial reporting as they have around their financial reporting. Further, even when organizations do think about it, they focus on investor relations and marketing. However, the increase in regulations and disclosure requirements means that other parts of the business and processes now need to be included. Organizations will require a multidisciplinary approach — which can be challenging for those who operate under a more decentralized and siloed structure.
  6. Avoiding the hidden perils of greenwashing. Employees who haven’t traditionally been involved in ESG reporting are being inundated with new requests for information, new acronyms and new standards. Most of these people are already carrying a full load with their regular roles and responsibilities. The more they are asked to take on additional roles, the more pressure they feel to get things done, even if some might not yet have the skills or knowledge to deliver what’s being asked of them.
  7. Bearing the weight of market and regulatory scrutiny, as well as the pressure to make meaningful advances in the organization’s sustainability transformation.

These challenges raise the stakes significantly around the types and levels of risk organizations face, which can include regulatory risk, litigation risk, reputational risk and commercial risk — all of which can lead to accusations of greenwashing, greenhushing (underreporting or hiding ESG credentials from public scrutiny) or even fraud, if improperly managed.

Putting integrity first, from strategy to execution to reporting

While the challenges and risks stemming from the evolving ESG regulatory landscape may seem daunting, it’s allowing companies to take a more mature approach to how they’re focusing on their sustainability transformation efforts. It’s also important to recognize that organizations that reach beyond simply meeting regulatory or compliance requirements do so because they see the business benefit in deeply embedding sustainability into their core strategy.

A more mature approach to ESG requires organizations to have clarity of purpose, knowledge (often in the form of reliable data) and an actionable path forward — something many organizations still struggle with.

Organizations need to be comfortable speaking about the importance of ESG integrity as part of their corporate ESG strategy. Organizations also require policies and programs to make certain that ESG measures and reporting address both regulatory requirements in all applicable jurisdictions and fulfill the organization’s stated ESG ambitions.



Organizations need to both establish their ambitions and strategic priorities around ESG, and focus on aligning everyone to these priorities.



To become integrity-first on ESG, organizations will need to focus on five key areas:

1. Make ESG a strategic priority and gain consensus around the alignment of priorities 

Overall, 62% of global respondents agree that their organization makes ESG a priority. However, there is a perception gap between senior management’s confidence they are doing this (73%) and rank-and-file employees (52%). Further, there appears to be some discrepancy around the alignment of priorities. For example, while board members say their organization is prioritizing climate-related sustainability, greenhouse gas emissions and responsible supply chain management, senior management, management and employees believe the top priority is social responsibility, followed by ethical governance and transparency. Not only do organizations need to establish their ambitions and strategic priorities around ESG, but they also need to focus on aligning their people and messaging around these priorities. Sometimes, when aligning around strategic ESG priorities, less can be more. Organizations will want to consider focusing on where they can have the greatest impact and do it well, given their industry and size, for example. Leaders will also want to make sure that there is clear tone from the top on the importance of ethical conduct around ESG.

 


2. Clarify who owns ESG within the organization

Part of the reason for varying ESG priorities within the organization may be because typically no single business function owns ESG. If ESG objectives are shared among various functions, there is a need to revisit governance structures and establish well-defined roles and responsibilities with clear accountability among all stakeholders. It’s also important to understand individual capacities. If additional skills, experience or resources are needed, organizations should prioritize their investments.


3. Design and implement an agile ESG governance framework and processes that allow the organization to pivot as regulations change

This is particularly important as new regulations, such as the EU’s CSRD, are enacted. First, implement a comprehensive risk assessment methodology that can incorporate new ESG areas and respond to changing international standards. Use risk assessment output to identify areas for improvement within ESG programs from a governance perspective, and develop measures in the form of KPIs and key behavioral indicators (KBIs) against which to measure progress. This includes embedding KPIs and KBIs to track progress and enable accountability for the company’s ESG activities and performance.

4. Implement a robust reporting process to ensure data integrity

One-third of respondents (34%) identified unreliable, inconsistent or inaccurate data as the greatest ESG compliance challenge. A similar number (34%) identified a top priority as defining and gathering necessary data sets for ESG reporting. Data integrity is a significant risk area within ESG reporting and complying with regulatory requirements. It also risks the transparency of disclosures. Companies should leverage technology and automation to build workflows that gather, compute and monitor performance metrics in a consistent and reliable manner. Nonfinancial ESG disclosures should be incorporated into existing disclosure and control procedures for external financial reporting, with tested internal controls and record- retention policies that provide assurance in the quality and reliability of ESG reporting. If the organization has confidence in its nonfinancial ESG data and due diligence processes, it will have more confidence in both its financial and nonfinancial disclosures and reporting.

Data integrity issues
of respondents cite unreliable data to measure progress against performance targets and use for ESG-related reporting as a top challenge.

5. Create an effective communication plan that educates, drives consensus and builds trust

Although there is always the potential for fraud through misstatements, these misstatements may not stem from a deliberate intention to deceive, but rather from a lack of familiarity or lack of training and education around collecting nonfinancial data and implementing the right internal controls. Organizations need to make certain that their employees have the necessary knowledge. For example, only 19% of employees profess to understand ESG regulations and their impact on the organization, according to the EY Global Integrity Report 2024. Increasing the ESG IQ of employees inspires them to take an active role in reaching ESG goals. Moreover, enhancing transparency in a company’s ESG agenda builds employee trust.

Knowledge of ESG regulations
of employees say they understand ESG regulations and their impact on the organization.

Being aspirational about ESG goals remains important. In a super election year, sustainability will either rise or fall on the global political agenda, depending on election outcomes. Regardless of political developments, organizations have the option, and an obligation, to stay the course on ESG — to be ambitious, bold, ethical and authentic in setting, meeting and accurately reporting on established ESG targets, while remaining proactive about the potential risks. This doesn’t mean trying to “boil the ocean” around ESG. It’s more important to focus efforts on where the organization can have the most impact and where it can be the most accountable. It’s about setting feasible targets that balance bold ESG ambition and ethical behavior with compliance.   

At the end of the day, organizations need to decide whether they want to join the race to the bottom and focus solely on meeting regulatory and compliance obligations, or whether they want to commit to what this exercise is really about: business responsibility and long-term value creation.

Summary

As voluntary efforts around ESG become mandatory through a raft of new laws, regulations and disclosure obligations, the tone and nature of conversation — and effort — is shifting. The EY Global Integrity Report 2024 reveals that organizations have moved from setting aspirational targets to doing only what is necessary to meet regulatory requirements and compliance.


Related articles

How can trust survive without integrity?

The EY Global Integrity Report 2024 reveals that rapid change and economic uncertainty make it harder for companies to act with integrity. Read our findings.

    About this article