Skip to main content


ESG & GRC: how to maneuver?

Ten years ago, Compact issued an edition highlighting sustainability. Much has changed since then in the area of sustainability, including the terminology. In the last few years, companies have moved from the terms Sustainability and CSR to ESG. Combining Environmental, Social, and Governance criteria makes sense, as it allows for a more comprehensive way to direct efforts toward finding the right configuration of an organization’s resources to maximize value creation for society and the organization. Since 2018, ESG has become a crucial factor for organizations to be considered as regulators, shareholders, clients, rating agencies, and employees are all expected to think about how they affect the environment and society. As of 2023, the EU Corporate Sustainability Reporting Directive (CSRD) will extend the scope of the previous Non-Financial Reporting Directive (NFRD), which will require companies to be accountable for ESG subjects. Periodic and reliable reporting on ESG criteria will be quite challenging for most organizations.

The term GRC – Governance, Risk management, and Compliance – has been around for a while. The first academic article mentioning GRC in 2007 defined it as “the integrated collection of capabilities that enable an organization to reliably achieve objectives, address uncertainty and act with integrity.” We can use the three core concepts highlighted in this definition to evaluate how ESG permeates GRC:

  • Integrity arguably goes a step further than compliance. Where compliance concerns conforming with requirements, those requirements may have a limited reach. Think of political boundaries limiting the reach of legislation, but also niche or novel situations that the requirements or laws did not consider. From an ESG perspective, integrity and compliance concern adhering to local regulations on environmental, social, and governance topics, and extending these to all parts of the organization.
  • Moving on to uncertainty, two main angles of approach come to mind. The first being uncertainty related to non-compliance and brand perception when an organization is perceived to dedicate insufficient resources to environmental, social, and governance. Will sales decline? Would shareholders want to divest? The second being the uncertainty that an organization is exposed to ESG topics such as climate change, inequality, and corruption. What would be the effect of climate disaster on my business continuity? How does limited internal health and safety procedures affect employee retention?
  • These all come together in an organization’s ability to achieve its objectives. If an organization wishes to ensure compliance and mitigate risks from an ESG perspective: how are they going to do it? For this, departments that usually operate in an isolated (siloed) way within an organization, need to align with one another to enable an efficient flow of information enabling the whole organization to act with integrity and address uncertainty.

This Compact edition aims to provide a variety of insights that either address a topic within ESG or GRC, or bring them together. In the next Compact edition, we will further explore ESG-related subjects. We hope you will enjoy this edition and invite you to reach out to the authors or us in case you would like to discuss a topic in more detail.