The Intersection of GRC & Sustainability

A company’s approach to GRC (governance, risk management, and compliance) can help align the organization’s processes and actions to achieve its goals. The term GRC refers to the composite function of governance, risk management, and compliance. It can identify and address organization-wide risk, and ensure all activities meet legal and regulatory requirements. A company’s GRC can help determine its stability and longevity. Given the rapidly changing socio-economic environment, to ensure business stability, sustainability principles need to be foundationally incorporated into the GRC strategy.

Sustainability refers to resource consumption in a way that meets present needs without compromising future generations’ ability to meet their own needs. The goal of a sustainability strategy is value creation in the form of efficient and ethical utilization of natural resources and social capital. An organization’s sustainability strategy can be driven by a variety of factors, such as goodwill and CSR. However, most often, the key drivers of sustainability in organizations are business risks and compliance with environmental and legal regulations. Evidently, sustainability and GRC are inextricably linked.

The COVID-19 pandemic has highlighted how unpredictable the economy and free market really is. In a climate of increasing uncertainty, varying attitudes, and inconsistent regulations, enterprises face a myriad of risks. They need to manage legal risks, operational risks, changing customer demands and expectations, and the resulting reputational risks. According to the World Economic Forum’s 2019 list of global risks, mounting investor interest in climate change is driving broader consideration of the financial consequences of systemic environmental, and social risks. A robust corporate sustainability strategy can be an effective tool to reduce and manage such risks.

Even in cases where a corporate sustainability strategy isn’t expressly designed as a tool for risk mitigation when viewed in the context of the GRC functions, it can provide greater insights through a unified view. It can generate a MECE (Mutually Exclusive, Collectively Exhaustive) list of strategic actions that reduce duplication and redundancy and optimize resource utilization. When used in tandem, these two strategies can help an organization achieve its business objectives, address uncertainty, and act with integrity through good business practices. Eliminating internal silos and promoting data sharing within the organization is integral to the identification and utilization of such strategic synergies.

Despite being strategically interconnected there are several scenarios in which sustainability cannot be a tool for risk management. In instances where there are multiple conflicting or inconsistent regulations, disagreement between the company’s decision-makers, varying project timelines, or incompatible framework architecture, it is extremely difficult to align the two processes. In such situations, it is important to analyze these strategies through an organization-wide, high-level view to make sure that despite differing timelines or immediate objectives, both strategies align with the company’s overall business objective.

The new chief executive officer of the Sustainability Accounting Standards Board recently declared that “sustainability isn’t new; it is the new face of risk.” Clearly, sustainability has the definite potential to be used as an effective risk management strategy. The only caveat is that the effectiveness of this strategy depends on the individual organization and how it implements the strategy. Gaining wide-ranging insight into the company’s operations, identifying all forms of risks, and creating a sustainability strategy to manage those risks is the biggest challenge for businesses today.

New technologies like AI, design thinking, and advanced data analytics can be incredibly useful tools to prioritize business objectives. AI-based software platforms can offer organizations an autonomous way to monitor the success of a sustainability strategy and to measure its impact on the organization’s governance, risk mitigation, and compliance framework. A collaborative outlook that aligns sustainability functions and GRC can drive stronger, more sustainable strategies to make business resilient to the changes and uncertainties of the future.