ESG Governance, Risk Management and Compliance

As ESG moves up the corporate and consumer agenda, greenwashing is a real concern for companies wishing to make a genuine positive impact. At present, a lack of risk-based ESG management and disclosure can lead to undervaluation by investors and underappreciation by employees and consumers. Managing reputation and customer perception risks across the expanded ESG landscape will help build trust and contribute to a sustainable future.

What EY can do for you

We believe ESG governance, risk management and compliance are the cornerstones of trust in ESG – and the foundations of genuine change ambitions. Sometimes, though, companies struggle to understand which ESG risks they’re exposed to, let alone assess them clearly or define appropriate measures based on good data and their own risk appetite.

EY understands the complexity of ESG risks and helps you find ways to make managing them simple. We’re supporting some of the world’s best known companies on their ESG journeys and can help you on yours. We deliver in multiskilled teams and can quickly mobilize expertise from anywhere in the world to respond to your needs.

Together, we’ll find new ways to manage ESG risk and move towards a sustainable future.

Learn more about our services and contact our team for more information.

ESG Governance, Risk Management and Compliance for financial services

  • ESG governance and policies

    Supporting in the design and implementation of the ESG governance, defining roles and responsibilities across all key functions, establishing ESG policies and procedures.

  • ESG compliance

    Supporting in the adoption of regulatory requirements, designing ESG compliance frameworks from design to implementation, testing, monitoring.

  • ESG risk management

    Supporting in the adoption of regulatory requirements, designing ESG risk management frameworks, implementation, testing, monitoring, and continuous improvement of controls, processes, and technologies deployed for ESG risk management.

  • ESG risk model

    Supporting the model design, development, implementation and validation of ESG models across all risk types and models. Adoption of regulatory risk modelling requirements if applicable. 

  • ESG reporting

    Supporting the design, implementation, testing, monitoring, and continuous improvement of controls, processes, and technologies supporting internal and external reporting on ESG or other non-financial disclosures.

  • ESG internal audit

    Providing insights and assurance to increase the level of confidence in managing ESG risks, reporting and operational performance.

  • ESG and third-party risk management (TPRM)

    Supporting the assessment and management of ESG-related third-party risks to improve end-to-end visibility and resilience of the third-party ecosystem.

  • ESG-related attestation

    Providing attestation services specific to technologies and data on ESG-related or other non-financial metrics or calculations.

ESG enterprise risk

  • ESG compliance and reporting

    Supporting the design, implementation, testing, monitoring, and continuous improvement of controls, processes, and technologies supporting ESG or other non-financial disclosures.

  • ESG internal audit

    Providing insights and assurance to increase the level of confidence in managing ESG risks, reporting and operational performance.

  • ESG integration with ERM and risk governance

    Supporting the embedding of ESG matters into enterprise risk management (ERM) strategy and risk response across functional areas.

  • ESG and third-party risk management (TPRM)

    Supporting the assessment and management of ESG-related third-party risks to improve end-to-end visibility and resilience of the third-party ecosystem.

  • ESG-related attestation

    Providing attestation services specific to technologies and data on ESG-related or other non-financial metrics or calculations.

ESG technology risk

  • ESG technology maturity assessment

    Understanding what is already in place in terms of ESG-related Policies, pre-existing KPIs by run a 4-week diagnostic. Supporting with an action plan to assist clients on the compliance journey.

  • ESG data transformation

    Data gap analysis and process mapping. Understand the type of data needed for ESG reporting purposes and perform a gap analysis against the data available. Support in assigning data owner(s) for the identified ESG data and establish common processes for data maintenance.

  • ESG data analytics

    Established data analytics capabilities that enable us to extract key ESG data from core ERP’s, such as SAP. Using this data we can complete Scope 3 emissions calculations, as well as provide insights from the ESG data.

  • ESG IT programs assurance review

    ESG Programme transformation assurance services to support Boards and the C-Suite have effective oversight on ESG related transformation initiatives and their related risks.

  • ESG process and controls

    Evaluation design and/or implementation of the IT processes and controls including design assessment over IT general controls, IT automated controls and IPE risks in the data lifecycle for ESG reporting. Assurance over data traceability and reliability

  • ESG for third-party reporting

    Attestation on international standard ISAE3000 can be given based on desired criteria as defined together

Recommended actions

  • Identify and understand the relative importance of specific ESG and sustainability topics to your organization with EY`s ESG Materiality Assessment
  • Evaluate the most critical organization’s capabilities for an effective ESG Program with ESG Capability Maturity Assessment
  • Build a comprehensive approach to ESG strategy: decide on desired future state and define and prioritize roadmap

Explore the full breadth of our value-led sustainability and ESG services at EY Sustainability

Contact us

Interested in the changes we have made here,

contact us to find out more.