Published On March 29, 2022Each day around the globe there is more attention, and intention, given to address the interrelated topics of environment, social responsibility, and corporate governance (ESG). As organizations, public and private, large and small, make commitments to tackle climate change; increase diversity, equity, and inclusion (DEI); and govern ethically with integrity, they’ll need to validate their actions.
Hundreds of organizations and governments have signed pledges and agreements to reach carbon net-neutrality by 2040 or before. Society, as well as co-signatories, will expect progress to be made and demonstrated. Credible, authentic, and valid data must be collected for consistent reporting to authorities, auditors, certifying bodies, executives, customers, shareholders, and more. While the immediate focus is on “E” represented by sustainability discussions and efforts, many reporting frameworks also include Social and Governance accountability.
So how can Records and Information Management (RIM) and Information Governance (IG) professionals support their organizations’ ability to provide accurate and timely information about ESG performance? There’s plenty we can—and should—do.
Introduce yourself to the stakeholders
If your organization has an ESG team, you should engage with them immediately. They may have designated an individual who is responsible for report generation; that individual would be your strongest point of connection and collaboration.
Other functional areas likely to be involved in data creation and collection depends on your organization and may include: Governance/Oversight/Audit, specific Lines of Business, Legal/Compliance, IT, Data Governance, Procurement, Facilities/Real Estate, etc.
Be aware of new regulations
There is momentum by governments to create new or updated regulations related to ESG data collection and reporting. The European Union already requires, by law, certain large organizations to disclose ESG-related information, while the SEC in the United States recently proposed climate disclosure rules, and the United Kingdom’s HM Treasury has issued Sustainability Reporting Guidance.
In addition, the GRI/Global Reporting Initiative, an “independent, international organization that helps businesses and other organizations take responsibility for their impacts by providing them with the global common language to communicate those impacts,” has created a set of Standards for ESG reporting that are also “highly relevant to many other groups, including investors, policymakers, capital markets, and civil society.” Their objective is to enhance “global comparability and enable organizations to be transparent and accountable.” We encourage you to review the publicly available Standards on their site as they align with many other regulatory and voluntary disclosure frameworks.
Review your Retention Schedule
Top of mind for most of us is whether or not ESG reporting will require changes to our organization’s Retention Schedule. As the focus on these subjects is still nascent, the answer to this question will most likely change over time and depend heavily on an individual jurisdiction or industry. It is conceivable that new record classes and/or records will need to be added, but a careful review of your existing Schedule may show they can be included in a class such as “Government and Compliance Reporting.” That said, we can envision scenarios where auditors or other authorities require decades-old information to substantiate net-neutral emissions claims, further complicated by merger, acquisition, and divestiture activity.
Know your data sources
Data and reporting will come from a variety of potential sources, including applications or systems either in the cloud or on-premises, various functional areas (such as HR, Finance, and Real Estate), vendors and their sources (which could include their impact reports), and it will be collected from all global locations. This requires a comprehensive mapping of the sources, both internal and external, to enable traceability and accessibility for audits.
Ideally, information management professionals have been included in data-mapping efforts related to privacy and/or security management pressures and requirements. The mapping of ESG-related data would be an extension of those efforts involving the relevant stakeholders.
The data collected is typically aggregated into reports. You will need to ensure that there is no conflict between the retention of the source data and the retention of the aggregated reporting as required in the designated Schedule classification.
New demands for reporting are being put on organizations to demonstrate commitments made to support the environment, society, and ethical governance. Their ability to respond will depend on accurate and reliable data collection and reporting. This need aligns perfectly with the Records Management Principles of Accountability and Transparency with which RIM and IG professionals commit to adhere. So take action today by partnering with your organization’s ESG team to meet the requirements of an enlightened world.