There’s no “e” in third party risk management (TPRM), but that’s quickly changing thanks to new environmental regulations, rapidly growing clean-energy investments, changing societal norms and other factors that show no sign of waning. TPRM practitioners should take note, as this trend will likely have profound impacts on most aspects of their work.
These changes will pose challenges and deliver benefits. “Increased transparency and awareness of ESG-related third-party risks also improve end-to-end visibility and resilience of the third-party ecosystem,” writes Justin Boehm (Ernst & Young LLP, Consulting, Senior Manager) in an article examining how to manage third-party ESG risks. “For example, a company with social or climate risk trend visibility across its third-party ecosystem may be better prepared to respond and recover from an incident by shifting activities to another location and/or third party in advance of or in response to that incident. In early 2020, companies struggled to adapt when third parties were unable to provide services due to production shutdowns, and countries around the world faced shortages of essential supplies.”
(While environmental, social and governance (ESG) have become a standard grouping in the risk management discipline, this article focuses primarily on environmental risks. To be sure, TPRM teams also have compelling reasons for bolstering their assessments of social risks, as a growing collection of new and expected laws – Frances’ Duty of Obligations of Corporate Vigilance, the Slave-Free Business Certification Act in the U.S., the U.K.’s Modern Slavery Act, and California’s Transparency in Supply Chains Act among others – demonstrate.)
The Changing Third Party Risk Climate
While the Biden Administration’s sweeping climate-related goals and substantial green-energy investments have recently focused attention on environmental rules, standards and opportunities, several other drivers of change have played major roles in reshaping how environmental risks will be managed going forward.
In February, SEC Commissioner Allison Herren Lee (in her brief role as acting commissioner) directed the commission’s Division of Corporation Finance to enhance its focus on climate-related disclosure in public company filings. “Now more than ever, investors are considering climate-related issues when making their investment decisions. It is our responsibility to ensure that they have access to material information when planning for their financial future,” Lee stated, confirming many regulatory experts’ hunch that environmental-related financial reporting requirements would materialize within the next one-two years. “Ensuring compliance with the rules on the books and updating existing guidance are immediate steps the agency can take on the path to developing a more comprehensive framework that produces consistent, comparable, and reliable climate-related disclosures.”
On the legal front, new laws aimed at slashing greenhouse gas emissions are rising. More than 100 countries have made commitments to achieving net-zero emissions by 2050 or sooner. These commitments are triggering bans on vehicles with internal combustion engines. Expect more of these bans to appear following the International Energy Agency’s recent projection that emissions from coal, oil and gas will increase by 4.8% in this year, which would represent the second-largest rise ever recorded.
On the investment front, clean energy companies are having no problem accessing capital. “Some of the world’s biggest companies and deepest-pocketed investors are lining up trillions of dollars to finance a shift away from fossil fuels,” note The wall Street Journal’s Scott Patterson and Amrith Ramkumar. “Assets in investment funds focused partly on the environment reached almost $2 trillion globally in the first quarter, more than tripling in three years. Investors are putting $3 billion a day into these funds. More than $5 billion worth of bonds and loans designed to fund green initiatives are now issued every day. The two biggest U.S. banks pledged $4 trillion in climate-oriented financing over the next decade.”
These changes and trends will have impact – both indirect and direct – on how TPRM teams evaluate and monitor third party environmental risks.
Monitor, Adjust, Align and Enhance
Countries and states are not the only entities implementing emissions-reduction targets. Companies are, too, which in some cases has direct implications on third parties. Globally, EY has committed to becoming carbon negative in 2021 and net zero in 2025. The consulting firm also announced that it will require “75% of its third-party suppliers (by spend) to set science-based carbon reduction targets no later than fiscal year 2025.”
While it’s fair to note that these goals seem more realistic for a services firm to achieve than, say, and old-school manufacturing company, EY’s worldwide consulting force certainly racks up airline miles (when a global pandemic isn’t raging, anyway). The firm has set ambitious business-travel reduction objectives along with plans for carbon offset investments.
As more companies embrace climate-related policies, their TPRM teams and third parties will need to respond. That involves monitoring climate-related standards-setting and regulatory changes (industry-specific as well as at the local, state, federal and global levels). In his article, Boehm identifies three steps that will help “embed an ESG mindset in an organization’s TPRM program.” These include:
- Reviewing TPRM program to determine potential inflection points with corporate ESG campaigns;
- Adjusting applicable TPRM governance policies, procedures and processes to align and support ESG priorities; and
- Enhancing procurement processes to accelerate third-party disclosure compliance, diversity and social responsibility commitments.
TPRM teams should also keep in mind that Shared Assessments’ Standardized Information Gathering Questionnaire (SIG) addresses a range of ESG topics. “As ESG considerations continue to grow in prevalence,” Boehm adds, “so will the urgency for management to incorporate ESG thinking into the TPRM framework to enable the organization’s strategy and manage transition risk.”