CFO perspectives on ESG strategy and reporting practice

Accounting and financial reporting, Board risk oversight

European Audit Committee Leadership Network, January 2022

Investors, policymakers, regulators, and customers are increasingly basing decisions on companies’ actions around environmental, social, and governance (ESG) matters. ESG has become both a critical risk and a source of opportunity for large European firms, and decision makers demand reliable, quantified data in corporate disclosures. The proposed Corporate Sustainability Reporting Directive, if approved, will make sustainability reporting a requirement for all large EU companies, EU subsidiaries, and companies listed on EU markets.

ESG disclosures are therefore being aligned and integrated with other corporate disclosures and subjected to more rigorous controls. And with stakeholders’ increased interest in performance on nonfinancial objectives, many companies are incorporating ESG in their business strategies and tasking their finance teams with tracking nonfinancial key performance indicators (KPIs) as well as the financial indicators that they have managed for many years. Some have asked their finance functions to help structure and implement nonfinancial reporting systems, as finance professionals can better translate greenhouse gas emissions, social metrics, and other ESG data into monetary terms, and they are often skilled at regulatory compliance. A commentator observed that “the expertise of the CFO team is well suited to lead the design, operation, and maintenance of internal controls and governance over sustainability performance information.”

On November 30, members of the European Audit Committee Leadership Network (EACLN) met virtually to discuss ESG reporting practices and processes with Murray Auchincloss, chief financial officer of bp plc, Julie Brown, chief financial officer of Burberry; Luka Mucic, chief financial officer of SAP; and Paul Penepent, head of group financial reporting and accounting at Novartis.

Key topics from the discussion included:

  • ESG reporting brings unique challenges and risks. Some participants observed that ESG strategy and reporting are often siloed in separate sustainability, ESG, or corporate social responsibility organizations. The data can thus be spread across different systems, making it difficult to trace and to ensure its integrity. Audit chairs worried that ESG data and processes are not subjected to levels of controls used with financial data and that the metrics followed by groups responsible for ESG are too numerous and not always material to the company. They were concerned about risks such as allegations of greenwashing and the possibility of divestment if ESG goals are not met.

  • Good practices: Finance teams respond to ESG reporting challenges

    • Embedding ESG across the organization. Mr. Mucic and Ms. Brown said that ESG is embedded in the overarching corporate strategy at their organizations and is the responsibility of management functions across the company. Ms. Brown noted that Burberry has designated sustainability responsibility champions across the company’s operations, in its retail store network, and in its executive leadership, including in the finance organization.

    • Creating an integrated ESG reporting platform. Mr. Penepent is leading an effort at Novartis focused on building an integrated ESG reporting platform. This includes looking at data sources, defining metrics and methodology, documenting everything in standard operating procedures, and then putting processes in place locally to ensure data integrity, reliability, and control. The company intends to increase local ownership and review of ESG data, with local CFOs managing the process.

    • Prioritizing metrics, focusing on what is material for the company. One member noted that her company follows 84 ESG metrics, in addition to its financial objectives. She said that “trying to run a company with all of these will be difficult” and added that “measures should be chosen selectively and have accountability attached to them, a bit like doing a risk analysis to work out what level of risk is tolerable and what measures there are to mitigate.” Mr. Auchincloss noted that he, too, has seen a variety of ESG metrics that sustainability teams track, which often “are not particularly meaningful for shareholders.” He said, “Part of my job is to challenge the metrics the teams track and/or produce to ensure that we’re focusing on those that will have an impact and are measurable.”

    • Using finance as a second line of defense. Mr. Auchincloss said that the majority of bp’s nonfinancial measures are taken by engineers or human resources staff, noting that finance does not have the expertise to calculate or measure emissions. While these groups are accountable for getting data into bp’s systems, finance is a second line of defense in setting up processes, reviewing their governance, and ensuring a tight system of internal controls. Internal audit, he added, acts as the third line of defense.