Risk and sustainability: How to get the most out of your existing ERM framework

Grant Thornton LLP Growth through sustainability seriesAfter decades of being a fringe movement, sustainability has finally earned a seat at the table. Only six years ago, it was difficult for companies to measure their level of risk when embarking on strategic initiatives. The game changer was Wal-Mart’s then-groundbreaking Sustainability Product Index1, which demonstrated the benefits of risk-reward. Needless to say, a lot has changed since 2009.

Grant Thornton LLP’s 2014 Food and Beverage Sustainability Survey confirms that over a quarter (26%) of respondents consider their companies to be “mature” on the sustainability adoption curve, meaning that they are already controlling the risks and costs associated with programming. Another 28% describe themselves as “followers” who are focused on compliance. That means that over half (54%) of surveyed businesses have embarked on this journey and are maturing in their efforts.

Is risk a bad thing? Risk is a loaded term. Businesses don’t want to be exposed to it, and financial advisers want to steer clear of it. But sometimes taking a risk can reap far greater rewards than staying the course. In the case of sustainability, failing to take action might actually expose your business to increased reputational risk, according to Bailey Jordan, a partner in Grant Thornton’s Governance, Risk and Compliance practice. The risk “is not a threat to green companies, but rather to non-green companies. Stakeholders may be vocal if they perceive a company is not doing their part to be socially responsible and respectful of people, cultures and the natural environment,” Jordan says.

The 3 Ps
The triple bottom line is an accounting framework that measures ecological, environmental and social responsibility — intangibles that until recently have been difficult for risk assessors to quantify. The triple bottom line refers to the “3 P’s”: people, planet and profits. There are tangible things you can do to measure how these factors can affect the growth of your business.

Sustainability is more than just looking for ways to cut your electricity bill or reduce packaging or fuel costs. It’s about corporate social responsibility and transparent economic performance. If your business is thinking about adopting a sustainability strategy, it is crucial that you consider these intangibles to make sure you’re covered in all areas.
Within the whirlwind of social media, where reputations can be made or broken within the space of a few news cycles, “ignoring or being slow to respond to questions about social responsibility could impact company or brand reputation ― with the result being lost sales and shareholder value,” Jordan explains.

On the flip side, increased public perception of your business’s sustainability stance can be a great opportunity for revenue growth, and it would seem that companies are seeing the light. According to Grant Thornton’s survey, the response is clear: 68% of respondents say they believe that sustainability is critical to growth. The same number agree that sustainability is profitable in the long run, while a resounding 64% describe sustainability as a competitive differentiator.

Embracing risk can be an opportunity to grow your business, says Jose Molina, Grant Thornton principal and leader of the Financial Services Advisory Enterprise Risk Management practice. He cites the Equator Principles as “a model for designing services and products that are in compliance with sustainability, but also give the company an advantage over businesses who are not following the principles. This is a real way they can grow revenue while embracing corporate sustainability.”

In fact, the biggest risk in embarking on a strategic sustainability program is associated with the initial financial outlay — the cost to redo existing HVAC, for example — and the resulting effect on your business’s working capital. For that reason, numerous grants and incentives are available at the local, regional and national level to help offset this risk.
Find the best match
Which assessment tool is the right ERM match for your business?

COSO: Enterprise risk management — Integrated framework
Issued: In 2004 by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Although COSO has been widely used in its original 2004 form, it recently released an online survey designed to capture views and insights regarding the current framework and to collect suggestions for improvements. Visit for future updates.
Emphasis: Provides a flexible evaluation standard against which you can evaluate your current ERM process. While ISO 31000 defines itself as a set of principles a business can use to create its own ERM, COSO is more focused on performance-based risk management.
Strategic differentiator: Focuses on performance-based risk management.
Intended use: Offers compliance-based functionality.

ISO 31000: Risk management — Principles and guidelines
Issued: 2009 by the International Organization for Standardization (ISO)
Emphasis: Concentrates on integration, implementation and change themes. ISO 31000 puts a greater emphasis on risk management principles, allowing an organization to develop its own risk management plan, while COSO is more focused on performance-based risk management.
Strategic differentiator: Focuses on risk management as a strategic discipline for making risk-adjusted decisions.
Intended use: Provides guidance on the nature of the risk management process and how to implement it.
A 6-point ERM plan for sustainable companies Most likely, your company already has a risk management plan in place. Follow these steps to integrate sustainability-related risks into your current framework:
  1. Align from the top. Having C-suite alignment and buy-in from the very beginning of sustainability planning is crucial. Without management’s support and enthusiasm, it will be difficult for this venture to succeed. They need to know what the risk mitigation strategy looks like, how much risk they’re willing to assume, and how high the stakes can become.
  2. Document existing ERM strategy. Take the time to create a baseline. What is your focus? What measurement tools and documentation are already in place? If sustainability is a new area for your company, you may need to consider realigning your tools to make sure you are covered (see sidebar).
  3. Get your key stakeholders onboard. From suppliers to distributors, complete agreement is vital to the success of your ERM plan. Let people weigh in on the risk you are about to assume. Don’t forget stakeholders who may not be directly linked to your business — such as local community leaders, green activist groups and educators — as these people could have an impact on your progress.
  4. Be responsible. In many ways, sustainability is a holistic concept. Seeing things through the lens of corporate social responsibility will help you align your plan with decision-makers who will support your cause and reduce your risk. Remember that social responsibility is a strategy, not a tactic. Keeping this approach top of mind will be key in the future.
  5. Measure your progress. Create a baseline at the beginning of your journey and keep track of your progress. What does your current risk look like? How is your ERM framed? Include the triple bottom line and the 3 P’s (see sidebar). How is this undertaking affecting people, the planet and your profit? Determine your goals and assign steps to make them happen.
  6. Commit to the process. Historically, sustainability has been thought of as someone else’s job — it’s frothy and a nice thing to do, but there are larger business issues to address. Not anymore. Sustainability is becoming an industry priority, and companies that don’t get onboard will find themselves out in the cold. Dedicate a team whose job it is to make a plan, analyze risk, conceptualize reward and move the process along. Sustainability will not become an integral part of your business unless you make it one.

Black swans and beyond: The many shapes of risk The uncertain nature of the environment, due to climate change, makes it vital to have a strategy in place to assess new risks — a kind of black swan board. Having someone whose job it is to monitor global and environmental shifts and trends could be essential to protecting your company in case of a black swan event.

According to Warren Stippich, Grant Thornton partner and National Governance Risk and Compliance practice leader, “Management should consider every strategic business objective, determine whether they have accomplished it and how, and determine if other considerations are appropriate.”

It’s important to note that risk is not just about the unpredictable. Often, it’s more common events that torpedo a company’s reputation. Consider the 2011 scandal that threatened to destabilize a major lingerie retailer. When the story broke — a supplier was using forced, conscripted child labor to produce fiber for underwear that was marketed as certified fair trade, made with 20% organic fibers — social and traditional media took the company to the wall. The U.S. government quickly took steps to investigate the scandal, and Fairtrade International issued a statement that it would “prioritize further training on child labor and child protection for its members.2

Similarly, in 2010 a pharmaceutical company was forced to pay $250 million to a number of women who were victims of “rampant discrimination against female sales staff.3” The lawsuit remains a landmark case in sexual discrimination in the U.S., and the company quickly became an example of bad practices. From a sustainability standpoint, it is equally damning, as the company violated the codes of ethics and social responsibility inherent in the 3 P’s.

Taking all of these factors into consideration, one thing is clear: We can no longer predict the future by analyzing the past, so having a team to measure and assess ongoing risk will be key to your strategic success.    
1 Wal-Mart. “Environmental sustainability.” Visit for more information.
2 Bliss, Jeff; Dontoh, Jeff; and Simpson, Cam. “Child labor for Victoria’s Secret cotton examined by U.S.,” Bloomberg Business, Jan.13, 2012. See for details.
3 Reuters. “Novartis fined $250 million in sexual discrimination suit,” The New York Times, May 19, 2010. See for the full story.