Connect with us

Business

ESG Prepared: Why Ignoring ESG is a Costly Business

By Leas Bachatene, CEO ethiXbase

From COP26’s spotlight on the environment and recent extreme weather events, to the devastating human rights violations and inequalities that continue to make the news, the 2020s have catalysed the momentum of Environment, Social and Governance (ESG) enforcement and it’s important on the people and businesses of our planet.

And this momentum is gaining fast. By 2025, Bloomberg calculates that global ESG assets will exceed $53 trillion USD, representing more than a third of the $140.5 trillion USD in projected total assets under management. Businesses used to reporting heavily on financial metrics need to be ready for sustainability accountability, as it fast becomes a focus of consumers, investors, regulators, employees and shareholders alike.

By incorporating broader environmental and sustainability metrics in their decision-making now, organisations can be on the front foot as demand and scrutiny increases. Failing to do so is quickly becoming a costly business. Here’s what you need to know to ensure you are ESG prepared.   

What is ESG and why is it important?

In short, ESG stands for Environmental, Social and Governance and is a measurement of a company’s level of sustainability. It is a standardised set of criteria for a company’s operations that investors use to screen potential investments as well as monitor their performance over time. 

ESG is scored on how companies perform in three key pillars:

1.   Environmental considers how companies use energy and manage their environmental impact, including factors such as energy efficiency, carbon emissions and waste management.

2.   Social considers how companies foster their people and culture and how that ripple effects on the broader community. Factors considered are diversity, inclusivity (D&I) and gender, employee engagement, customer satisfaction, data protection, privacy community relations, human rights and labour standards.

3.   Governance considers companies’ internal systems of controls, practices, and procedures and how an organisation stays ahead of violations.

The supply chain represents the largest potential risk for companies and is where ESG becomes vitally important. Today, it is estimated that 80% of global trade passes through supply chains. This exposes companies to significant reputational and operational risks which may harm their asset price or market value, financial performance and reputation. Supply chains fall outside of a company’s core operations and consequently lack common governance standards and are often opaque.

To manage these risks, companies must audit their third-party networks to reveal any red flags, missing information and outdated data on an ongoing basis. Understanding the ESG risks within their supply chains is vital to preventing reputational damage but given the sheer size of today’s disparate and multi-tiered networks of partners, suppliers and third parties, this is often easier said than done. Today’s ESG and sustainability risk management solutions can take much of this burden away and empower companies to maintain sustainable business practices quickly and cost effectively.

How can ESG ratings impact your company?

There are a magnitude of benefits of having robust ESG policies and credentials. A high ESG score correlates to increased profits, increased consumer demand and improved resistance and productivity during demanding times. According to the MSCI World Index, the average cost of capital of the highest ESG-scored quintile was 6.16%, compared to 6.55% for the lowest ESG-scored quintile.

Companies with high-achieving ESG scores are better positioned to attract better human capital and have more engaged and motivated employees. A report by Marsh & McLennan predicts that by 2029, the Millennial and Gen Z generations will make up 72% of the world’s workforce. These generations set a greater value on environmental and social concerns and will expect employers to share similar beliefs and values as them.

According to a report by the Environmental Defence Fund, 93% of consumers will endeavour to hold businesses accountable for environmental impact, and a report by PWC found that 48% of consumers want companies to show more progress on social issues and 54% on governance issues.

High ESG scores show that your company is doing its part to decrease environmental impact, taking stances on community issues and has a diverse and inclusive workforce. For investors, companies with good ESG scores are thought to be well prepared to deal with future tasks, foresee beneficial opportunities and make better long-term decisions.

Conversely, a company that has a poor ESG score or has not implemented an ESG policy can experience significant financial and reputational impacts. This will ultimately erode or even lose the trust of consumers and investors, which may then lead to reduced sales, funding and investment.

How is ESG measured and scored?

Though there remains some discretion as to exact scoring methodologies and frameworks governing ESG scoring and rating processes, some best practices across ESG scoring have emerged. In most cases, ESG rating agencies rate companies based on information gathered from multiple sources including a company’s own data, Government data banks, the media, and NGOs or other stakeholders. Questionnaires may also be used to gather further information from companies.

Verifiable ESG disclosures are expected to adhere to a specified set of mandatory and voluntary requirements. Until ESG scoring becomes mandatory, it has relied on transparency. This allows stakeholders to compare performance, gain a clear picture of a company’s direction and make long-term beneficial decisions.

However, as an increasing number of business-relevant legislative Acts are passed, such as the Modern Slavery Act in the UK and Australia or the more recent lLieferkettensorgfaltspflichtengesetz (LkSG) in Germany, it’s more important than ever for businesses to start viewing ESG scoring as a mandatory business process.

How to improve your ESG reporting?

The first step to achieving good ESG reporting is to have a reliable, sustainable business framework as well as choosing the right metrics. Taking steps that are recognised as being key to your company’s operation will shine through in ESG performance. This starts with integrating ESG data and an ‘ESG mindset’ into everyday business operations. This mindset will enable your organisation to create a platform for further internal activity and your supply chain.

Frequently reporting on processes used to meet ESG goals as well as any remediation action and methodologies that have been taken to improve your operations will help make accurate ESG judgments. By identifying exactly how your business is going to achieve your ESG goals is important to stay on top. Analytics and data visualisation plays a key role in this and can help your organisation identify which areas of your business need improvements on ESG areas.

Identifying the ESG gap in your supply chain is crucial and can be the difference between failure and long-term success. It’s fast becoming a fundamental business requirement to be able to prove that you are measuring authentic sustainability and social impact with genuine continuous improvement to gain trust and recognition in the market. Those that act now will reap the benefits, but those that delay will count the costs sooner than they think.  

 

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Business

The Power of Purpose in the Financial Services Industry

Source: Finance Derivative

Becky Willan, CEO and Co-Founder of Given

The Challenge

Banks and businesses in the financial services industry are coming under greater scrutiny for not only how they invest their money but, increasingly, who they invest it with.

In June, Barclays came under attack – quite literally, with 20 branches vandalised across the UK – over accusations of links to defence companies supplying Israel. This led to the suspension of their sponsorship of all Live Nation music festivals, and prompted the bank’s chief executive, CS Venkatakrishnan, to write an opinion piece in the Guardian about what he called “a ​​campaign of disinformation against Barclays”.

Lloyds Banking Group is another high profile example after its AGM was disrupted by pro-Palestinian and climate activists in May. Two years ago the bank committed to end direct funding of new oil and gas exploration projects, but for some this does not go far enough, with the protesters demanding Lloyds divest from all fossil fuel and arms companies.

This comes amid growing concerns about the lack of sufficient capital to fund the transition from “grey to green”. As we have seen, financing projects from oil and gas companies, even if there’s a clear decarbonisation agenda, now comes with increasing reputational risk for banks. And yet we can’t achieve a low carbon economy without system-wide transformation.

The banking industry operates in a challenging space when it comes to navigating purpose, but do these institutions deserve the level of criticism we’re seeing in the media?

What we do know is that businesses operating in the sector need to have more clarity and focus around what their purpose is.

Our recent Purpose Gap Report revealed that over a quarter of respondents in the financial services industry (26%) are actively thinking about leaving their current job role due to their company’s failure to deliver on corporate purpose promises. This compares to a 13% average across all sectors looked at in the report. At twice the rate of dissatisfied employees, financial services appears to be lagging behind other industries.

Additionally, over half (56%) of consumers say it is important to them that their bank acts sustainably and/or ethically. It is therefore essential for businesses in the financial services industry to consider carefully their purpose and corporate values and ensure they align with the causes their stakeholders are passionate about.

Making this change, while important to the longevity of the institution, can be complicated to implement and investment decisions are not always clear-cut.

According to the same report, additional blockers cited by those in finance wishing to make positive change were among the following:

  • It is too costly
  • There is a lack of understanding across the business around potential positive impact
  • It is not a business priority
  • There is an overall lack of commitment from leadership
  • There is a lack of integration of purpose within employees’ roles

A year on from the fallout of the Coutts / Nigel Farage scandal, which saw Dame Alison Rose step down from her position as NatWest’s chief executive, some are fearful of the risks associated with moving away from business as usual.

Widely reported at the time was Coutt’s internal memo that the Reform UK MP’s views were “at odds with our position as an inclusive organisation.” Whether this was about principles, or politics, the scandal brought purpose into the spotlight.

Missteps can happen in any walk of business, but we need to remember that purpose is about good business and strategic focus, not taking a moral high ground.

Adopting a purpose-driven business approach is also not in lieu of profitability – indeed it is essential. Profit without purpose is meaningless and purpose without profit is unsustainable.

The significance of profitability with purpose

The business case for purpose is now truly evident. Financial services organisations that contribute positively to a sustainable and inclusive future are simultaneously driving their own success.

A report by Deloitte last year found that most consumers agreed that a business’s commitment to sustainability affects their level of trust in the company. The study also suggests around a quarter of shoppers are willing to pay more for products that are more sustainable or committed to more ethical practices.

With investors, customers, and wider society increasingly demanding ethical, sustainable and positive actions from businesses, purpose-driven companies not only attract a wider, more impact-conscious group of stakeholders, but also see improved performance and greater resilience.

An Interbrand study found that purposeful brands, set on improving our quality of life, outperform the stock market by 120%.

Additionally, purpose-led brands attract and retain the best and most passionate employees, with EY reporting 84% of staff found it important to work for an organisation that positively impacts society.

A better way to bank

Nationwide is an example of a financial services model flourishing while helping change the world for the better. The building society has experienced year-on-year growth in the number of current accounts held since 2011, with a market share of 10.4% last year.

Boasting over 17 million customers, and a balance sheet of £272 billion, the institution celebrated its £2 billion profits earlier this year by offering a £100 profit share to each of its members under the Fairer Share initiative.

Additionally, the institution also donates 1% of pre-tax profits to charity, as part of its Fairer Futures initiative – a project developed alongside us at Given.

Led by its social purpose, Nationwide donates to partners working to combat homelessness; families living in poverty; and those suffering with dementia. Last year alone, charitable donations came to £15.5 million.

Asking the right questions

In the highly regulated financial services sector, boards of directors play a critical role in ensuring compliance with environmental, social, and governance (ESG) standards.

This extends beyond simple financial oversight to include the integration of ESG principles into the company’s goals and risk management frameworks, along with promoting ethical conduct and sustainability practices.

Board members will not find their questions answered by an aspirational turn of phrase about an organisation’s role in the world. Instead, purpose must be understood as a complete management strategy that is embedded into every part of an organisation. The right questions go beyond the ‘why’ to consider the ‘what’ and the ‘how’ too.

Businesses must create a space for learning, reflection and the idea that they can do better. Most boards regularly evaluate their effectiveness in governing a business. Not many look at this through the lens of purpose.

An annual “purpose stock-take” could ultimately be a valuable exercise ensuring that purpose really is embedded into the company culture and governance structure. It could involve asking the following five big questions:

  • Are we satisfied with how much of our balance sheet is aligned with our purpose today?
  • What are the biggest opportunities our purpose could unlock for our business?
  • Would our different stakeholders recognise our purpose as more than simply words on a page?
  • Are we clear on our “red lines” – the purpose promises we won’t break in pursuit of profit?
  • When was the last time we challenged a decision on the grounds of our purpose?

Final Thoughts

Financial institutions are now being scrutinised more than ever, but there is more than just reputational risk at stake. There is one final question those in the sector should ask themselves: what risks are we exposed to by not clearly defining and living our purpose?

The repercussions here could be incredibly damaging to the overall health of a business: falling foul of regulation; reduced employee morale and productivity; lack of consumer and investor trust; lack of long-term growth and resilience.

This can be avoided if businesses take the time to define and embed their purpose and values, using them as a management approach to profitably solve problems of people and the planet.

Adopting a purpose-driven approach is a strategy that may seem daunting at first, but asking the right questions and implementing an open and collaborative approach is a step in the right direction.

Continue Reading

Business

Why financial institutions must prioritise contact data quality if serious about fraud prevention

Source: Finance Derivative

By Barley Laing, the UK Managing Director at Melissa

According to Nasdaq’s 2024 Global Financial Crime Report $3.1 trillion of illicit funds flowed through the global financial system in 2023.

As a result, it’s not surprising that most in financial services are investing heavily in advanced ID verification technology to protect themselves from fraud and meet Know Your Customer (KYC) and Anti-Money Laundering (AML) regulatory standards.

However, to bolster their ID verification efforts they need to do more, and the best way is by improving customer contact data quality from the outset.

Why is contact data quality so important?

From our experience the quality of contact data is key to the effectiveness of ID processes, influencing everything from end-to-end fraud prevention to delivering simple ID checks; meaning more advanced and costly techniques, like biometrics and liveness authentication, may not be necessary.

When a customer’s contact information, such as name, address, email and phone number are accurate the verification process becomes more reliable. With this data ID verification technology can confidently cross-reference the provided information against official databases or other authoritative sources without discrepancies that could lead to false positives or negatives.

A big issue is that fraudsters often exploit inaccuracies in contact data to create false identities and manipulate existing ones. By maintaining clean and accurate contact data ID verification systems can more effectively detect suspicious activity and prevent fraud. For example, discrepancies in a user’s phone or email, or an address linked to multiple identities, could serve as a red flag for additional scrutiny. This basic capability is more important than ever as identity fraud becomes increasingly sophisticated.

Address verification is the foundation of contact data quality

Address verification – having a consistently accurate, standardised address – is usually recognised as the cornerstone of contact data quality. Once you have access to up-to-date customer addresses it makes it much easier to match and verify identities across multiple sources.

Therefore, verifying the accuracy and legitimacy of an individual’s address should be the first step in any identity related process, with any discrepancies between a claimed address and official records highlighting a potential fraudster.

By catching these inconsistencies early ID verification technology can help mitigate risks, ensuring only legitimate users are granted access to services, protecting both their business and customers from fraud. 

Address verification also plays an important role in regulatory compliance, by ensuring that the address information provided meets KYC and AML regulatory standards.

Phone and email verification

As I’ve already touched on it’s not all about having an accurate address, the role of phone and email verification is also vital as part of a comprehensive ID verification process, and therefore in preventing fraud. Particularly when it comes to helping organisations to identify and mitigate possible fraudulent activity early on. Verifying all three contact channels together contributes to enhanced security by filtering out fake or high-risk contact information, improving the accuracy of the ID verification process.

Email verification involves analysing various factors such as the age and history of the email address, the domain and syntax, and whether the email is temporary. After all, new and poorly formatted email addresses are often tell-tale signs of fraudsters. Furthermore, the association of a single email with multiple accounts could highlight criminal activity. It’s only by checking if an email address exists and works, then examining those elements I’ve already mentioned, that organisations can identify possible high-risk indicators.

Phone verification is equally important in fraud detection. By verifying the type and carrier of the phone number, organisations can identify high risk numbers, such as those associated with VoIP services, which are commonly used in fraudulent activities.

Checking the validity, activity and geolocation of a phone number also ensures it’s not only functional, but consistent with the user’s claimed location. And like with email, a single phone number linked to multiple accounts can indicate fraudulent behaviour. 

Deliver contact data accuracy with autocomplete / lookup tools  

The best way to obtain accurate customer contact data is to use autocomplete or lookup services.

With an address autocomplete tool it’s possible to deliver accurate address data in real-time by providing a properly formatted, correct address at the onboarding stage, when the user starts to input theirs. Tools such as these are very important because around 20 per cent of addresses entered online contain errors; these include spelling mistakes, wrong house numbers, and incorrect postcodes, as well as incorrect email addresses and phone numbers, typically due to errors when typing contact information. Another benefit of the service is the number of keystrokes required when entering an address is cut by up to 81 per cent. This speeds up the onboarding process and improves the whole experience.

Similar technology can be used to deliver first point of contact verification across email and phone, so these important contact datasets can also be verified in real-time.

In summary

The success of ID verification technology, and therefore fraud prevention, hinges on the accuracy and quality of customer contact data. Having such data not only enhances fraud detection, but improves the user experience and operational efficiency. Financial institutions must make sure that data verification tools are used across address, email and phone, alongside their ID verification technology.

Continue Reading

Business

Fortifying Email Security Beyond Microsoft

By Oliver Paterson, Director of Product Management, VIPRE Security Group

Most organisations today are Microsoft software houses. Microsoft 365 is the go-to productivity suite, offering comprehensive tools, flexible licensing, and built-in security features. Employees live and breathe in Outlook, and so many different technologies seamlessly integrate with this indispensable communication tool to deliver productivity gains to business professionals.

However, email-borne cyber threats continue to surge. Malware delivered via email is exponentially increasing. .eml attachments, which often get overlooked in phishing emails, are growing. Cybercriminals are resorting to email scams, alongside phishing emails, and with the arrival of generative AI technologies, users are increasingly finding it challenging to spot these “expertly” written, persuasive emails too. 

The reason for this growth in email-led attacks? Cybercriminals are exploiting the ubiquity of Microsoft – and indeed our trust in the software. It is no wonder that today Microsoft is the most spoofed URL.

Microsoft, a software powerhouse, but not an email specialist

Microsoft is undeniably a technology powerhouse, but its primary focus or specialty isn’t email security. Historically centered on infrastructure, operating systems, and cloud services, email security is a small part of its vast ecosystem. For example, while the company offers features like SafeLinks and SafeAttachments to protect against phishing scams, these are often limited to the priciest licenses. As a result, many organisations aren’t able to benefit from the depth of functionality that is needed for robust email protection.

The shortcomings of Microsoft’s security tiers

Microsoft offers a range of security packages for its Microsoft 365 and Office 365 suites, from E1 and E3 to the premium E5. While this tiered approach allows organisations to tailor licenses to employee roles, it also introduces vulnerabilities. Higher-tier subscriptions like E5 provide advanced security, but they’re costly. Lower-tier licenses often lack critical protections against impersonation and zero-day threats—gaps that cybercriminals eagerly exploit.

Furthermore, Microsoft’s user caps (e.g., 300 users on Business Premium) sometimes can lead organisations to make risky compromises in pursuit of cost savings. This mix-and-match strategy can result in blind spots, as lower-tier subscriptions typically lack advanced threat visibility tools, hampering investigation and response times.

Configuration conundrums

The Microsoft security portal, while comprehensive, is also complex. Take Link Protection (aka Microsoft SafeLinks) as an example. This feature needs enabling in multiple locations, and with Microsoft’s routine updates, these settings can be moved, altered, or even disabled by default. Such inadvertent misconfigurations not only pose security risks but also burden IT teams with constant vigilance and reconfiguration.

Static intelligence versus real-time threats

Microsoft’s reliance on third-party security feeds means its threat intelligence is often outdated. The company’s vast and complex platform requires time-consuming updates, and with email security being just one part of its portfolio, critical updates may not always be prioritised. A delay of even a day or two is all a zero-day attack needs to succeed.

A layered approach to email security

So what can organisations do? In an era where a single email can cripple a business, firms need to bolster Microsoft 365’s standard security. By understanding its limitations and layering on specialised protection, organisations can fortify their email defenses, with additional, advanced security capabilities, without breaking the bank. Due to the relentless onslaught of threat actors,  such caution is essential.

Capabilities such as Link Isolation and Sandboxing are vital today to protect against zero-day threats. Link Isolation renders malicious URLs harmless, while Sandboxing automatically isolates suspicious files in a virtual environment for safe analysis. These methods provide real-time monitoring and intelligence, enabling proactive defense.

No matter how advanced technology gets, it alone can’t solve everything. User awareness is key, and “in-the-moment” training trumps the typical periodic sessions for cybersecurity education. When users are immediately informed why an email or attachment was blocked, along with the telltale signs of malice, the lesson is more likely to stick.

Many organisations, and especially the smaller and growing firms, can’t afford top-tier Microsoft licenses for all employees or indeed maintain in-house IT teams to address the gaps in security capabilities. Partnering with third-party security services providers across different aspects of the function is a viable option as no single software or platform can provide all the security techniques and capabilities. This approach is not only more cost-effective but also provides the technological expertise needed for protection in today’s rapidly evolving threat landscape. Reducing reliance on a single security provider is an astute approach to minimising business risk.

Continue Reading

Copyright © 2021 Futures Parity.