Skip to main content
main content, press tab to continue

ESG: Bringing the role of risk managers to life

Outsmarting Uncertainty webinar series

By John Merkovsky and Lisa Lipuma | April 24, 2023

Risk managers have a critical role in boosting ESG performance. What practical tools, tactics and best practices can they deploy to deliver enhanced ESG risk management?
Climate|Risk and Analytics|Corporate Risk Tools and Technology|Environmental Risks|ESG and Sustainability|Risk Management Consulting
Climate Risk and Resilience|ESG In Sight|Economic Challenges
How ESG factors are shaping risk management and the role of risk managers

The rising importance of ESG is clear, but how does this affect risk professionals?

Environmental, social and governance (ESG) efforts may be led by sustainability, investor relations or people functions but given ESG is a series of risks, risk managers are leaders and partners in helping organizations define and manage ESG risks and opportunities. By measuring and managing ESG risks, risk managers can have a significant impact on factors influencing their organizations’ long-term success.

Some businesses are already embracing the role of the risk manager in progressing ESG. Half of the respondents to our 2022 ESG Global Risk Managers Survey said the risk management function was involved in their organizations’ ESG efforts.

Below, we look to clarify your contribution to ESG as a risk professional, using perspectives from WTW’s Outsmarting Uncertainty webinar series and the best practice our risk management experts are seeing in businesses managing ESG risks most effectively today.

What makes you an ESG risk management expert

Firstly, ESG is not one risk. It’s potentially more than 30 individual risks. Managing them all effectively is not about being an expert in everything from decarbonization, human rights and board diversity, to name just three ‘e,’ ‘s’ and ‘g’ risk drivers respectively. It’s about applying robust risk management frameworks, governance structures and deploying risk analytics, modelling and forecasting to systematically identify and manage these risks. Importantly, it's about defining e, s, and g risks and opportunities highly specific to the business.

We see addressing ESG as happening in parallel with the many other areas of risk and opportunity that shape the success of your organization and that you’re already tackling.

In effect, dealing with ESG means extending your existing risk workstreams. While you may want to call upon specialist expertise in specific areas, there’s nothing about ESG risks per se that puts them outside of being managed, for example, within your current enterprise risk management framework.

All of this means as a risk professional, you are a de facto leader in managing ESG risk.

Connecting ESG issues to risk management

It’s also worth remembering the three strands of ESG are already interwoven into the more established risk concerns you’re already responsible for.

For example, environmental risk touches physical climate risk, such as climate-related weather events like flood or drought on property damage and business interruption, but also workplace safety and environmental liability risks. Social risks, meanwhile, speak to existing risk areas such as employee safety, product and employment practice liability. While through an ESG lens, existing governance risks extend to include cyber and the responsibilities of directors and officers to adapt strategy to a warming world and aligning remuneration with reaching climate goals, for example.

‘E’, ‘s’, and ‘g’ are also not mutually exclusive. Once you address one issue, you’re likely to impact another, with interconnections once you start to interrogate each individual risk area.

For example, we worked with a major global products company to update its climate disclosure requirements and other ESG reporting at board level. This work revealed an immediate need to review a surety issue – a question over the guarantee issued by an insurer – for a specific environmental concern. Leaders in the business subsequently decided to review whether their upgraded ESG priorities were being reflected in reward metrics for executives and all employees. They even expanded the employee survey to cover ESG topics for the first time, providing a baseline of employee ESG understanding and to improve their participation in the organization’s ESG goals.

This example leads us into considering the datapoints risk managers can call on to demystify ESG, making it more knowable and auditable to senior leadership colleagues.

Measure ESG risk to manage it

While half of respondents to WTW’s ESG survey said the risk management function was involved in their organization’s ESG efforts, only 17% said they had documented targets with clear milestones for ESG risks. We see this changing fast as risk managers are uniquely positioned to translate the letters e, s, and g into something relevant and actionable for the business.

As a risk professional, you understand that what gets measured gets managed.

There are both a number of ways you can define the variety of ESG risks, and a range of metrics you can choose to measure where you’re at and where you want to be.

There are many ESG performance benchmarks and scores available. There’s currently no single standard but some like the MSCI ESG Rating have a large following on the finance side, while companies like Aniline have interesting employee ESG insights and Polecat has ESG metrics tied to reputation risk.

There is no one ‘right’ way for organizations to master ESG, but it is important to create a clear ESG measurement and reporting framework that connects to company priorities. Your priorities and the metrics you use to track your progress against them will depend on your business model and future growth plans.

Whatever the most urgent ESG markers for your organization, you can align these to the metrics that matter to the business, whether that’s financial resilience indicators, employee sentiment or corporate reputation, to name three measurable ESG indicators.

ESG risk management tools and tactics

There are many mechanisms you can use to effectively manage ESG risks. You’re probably already doing some of them, even if you haven’t yet extended them to include ESG. Examples include:

  • Risk registers – A specific ESG risk register featuring the range of ESG risks pertinent to your organization can ensure you’re systematically identifying and tracking them
  • Risk mapping – You can identify the risks and opportunities around your ESG objectives using the same mapping techniques, such as analytics and modelling, you’re already using to interrogate other business objectives
  • Prioritize the areas for action – You can widen your work with leaders in your organization to understand the critical ESG areas, whether that’s the risk of flood in key manufacturing locations, the reputational risk around supplier operations in overseas territories, or a lack of board diversity that’s hampering growth.

There are also some best practice behaviors we’ve observed in high performing companies in the ESG space. These organizations tend to:

  • Communicate their ESG aims and efforts to external audiences and employees at the same time, connecting employee and corporate goals with engaging programs that employees understand and want to be part of
  • Articulate quantified, company-relevant ESG risk and opportunities to the board on a quarterly basis, consistent with the various external and internal sustainability reporting requirements
  • Create strong ties between the risk and sustainability functions (and others) to empower the business to better address ESG regulatory and reporting requirements, as well as the ESG priorities that require attention and funding.

Managing ESG risk for long-term value

ESG risk management frameworks are about evaluating corporate behaviour and determining the current and future financial performance and sustainability of companies. Another way to think about sustainability, then, is long-term value. In this way, you can see ESG as much more about value and managing risk than some notion of ‘values,’ or simply ‘doing the right thing’ as an end in its itself.

Risk managers have a crucial role in making sure their organization can answer the big ESG questions:

  • What are the key ESG risks and opportunities?
  • How likely are these risks and opportunities to manifest and how severe could they be?
  • What are our regulatory and other reporting requirements related to sustainability risks?
  • What is the business doing to address priority ESG risks and what could it be doing?

Again, risk and analytics tools can provide clarity and direction of travel for organizations, whether they are relatively early in their ESG progress, or are seeking to refine their approach or performance.

To see how WTW’s ESG Clarified software solution can refine and advance your ESG journey, get in touch.

Outsmarting Uncertainty webinars cover a range of subjects designed to benefit risk and insurance professionals. Our aim is to provide you with the knowledge and confidence to make more informed choices on behalf of your organization.


Head of Risk & Analytics and Global Large Account Strategy, WTW

Director, Risk and Analytics

Lisa leads WTW’s Enterprise and Transition Risk Consulting practice for North America and has 15 years of experience in risk and insurance. Over the course of her career, she has led large strategic consulting engagements and pioneered the development of WTW web apps including Global Peril Diagnostic, a natural catastrophe and terrorism model, and Collateral Quantified, an actuarial reserving and negotiation tool. Lisa helps organizations navigate, quantify, and make efficient investments to control their strategic and enterprise risks. She is part of WTW’s Global Climate Strategy Task Force and takes a leading role shaping WTW’s Risk & Broking large account strategy.

Contact us