Ambitious mid-sized companies that embrace ESG principles have benefited financially but now they are nervous about a new wave of regulation that will compel them to vouch for the sustainability of every link in their global supply chains.
Almost half (46.5%) of businesses surveyed by Moore Global have implemented comprehensive governance practices to meet a higher level of scrutiny.
However, they are concerned about external risks such as supply chain disruptions and cybersecurity attacks that could impact their efforts to comply with the new rules.
The findings emerge from a long-term research project undertaken by Moore Global that has tracked the evolution of Environmental, Social and Governance issues – the three pillars of ESG that companies of all sizes now have to bear in mind as they plan ahead.
“This is one of the most comprehensive studies of ambitious, mid-sized companies’ attitudes towards ESG, risk management and governance,” says Moore Global CEO Anton Collela. “It shows that sustainability has moved from being a buzzword in boardrooms to business critical.”
“The companies we spoke to are the engine of the global economy, so how they view the future is incredibly important for all of us. They are tackling complex issues and may have to make significant changes to the way they have operated for decades.”
The study was conducted for Moore by the Centre for Economic and Business Research (Cebr). It reflects the changing attitudes and concerns of almost 4,000 business leaders in 12 key economies spanning the Americas, Europe, Asia, Africa and the Middle East.
Over the three years of our research, sustainability and ESG have risen up the agenda of investors, banks, regulators and customers.
Now, there is a new regulatory framework emerging that will increase due diligence and require companies to audit their activities in order to adhere to a tougher governance regime.
“What we are seeing is a rapidly changing regulatory landscape for mid-sized companies across the globe,” says Mark Stewart, Moore’s Global ESG leader. “Many mid-market companies are becoming more aware of the impact ESG risks can have on their operations, especially in terms of reputation, regulatory compliance and access to capital.”
The EU’s Corporate Sustainability Reporting Directive (CSRD) requires companies to report on the impact of their activities on the environment and society. Meanwhile, the International Sustainability Standards Board aims to deliver a global baseline of sustainability-related disclosure standards, focused on the needs of investors.
In the US, there is a proposed rule change to the Federal Acquisition Regulation that would require certain federal contractors to disclose their greenhouse gas (GHG) emissions and climate-related financial risk. They would also have to set science-based targets to reduce their GHG emissions.
Our investigation reveals that only 55% of businesses surveyed are completely confident about their organisation’s awareness of upcoming regulatory changes.
Among business leaders that are not completely confident in their organisation’s awareness of impending regulatory changes, the most common reason for doubt was the complexity of regulatory requirements, according to 39% of respondents.
Other reasons included: a lack of clear information or guidance on regulatory changes (38%); limited internal resources or expertise to keep up with updates (36%) and previous difficulties in compliance with regulatory changes (30%).
More than 80% of businesses have already adjusted their operations in response to upcoming regulatory changes, although the contrast between the world’s largest economies is stark.
In the US, 42% of surveyed businesses – the equivalent of 22,000 individual companies – have already significantly altered their operations in response to upcoming regulatory changes. Mobilisation rates among European members of the G7, France, Germany, Italy and the UK, are between 30% and 35%.
Japan, the world’s third largest economy, is lagging with only 11% of companies altering business practices in response to upcoming regulations. The country is both a major exporter and foreign investor and the new rules will impact companies that trade across borders.
The bureaucracy of further regulation is often cited as a drag on business and economic growth but our survey shows that those that have embraced the emerging new regime have enjoyed financial benefits.
Of decision makers surveyed, 63% reported that previous regulatory changes positively impacted their organisation’s finances and a similar number (57%) expect upcoming changes to also have a positive impact on the bottom line.
However, this optimism is not universally shared. Emerging economies, like the UAE, Brazil and South Africa are very positive but that optimistic mindset is shared by less than half of the respondents in more developed economies that have already had to adapt to many changes of regulatory regimes.
A raft of new regulations brings a need for greater oversight – once again, readiness is patchy across the globe. Some 46% of business leaders have already implemented comprehensive governance practices but almost as many – 42% – say they have introduced some measures “but there is room for improvement”.
Among the most far-reaching of the impending regulations are requirements on companies of all sizes to be able to demonstrate the sustainability of their entire supply chains of suppliers, no matter where they are based.
Around 45% of decision makers reported that supply chain disruptions pose more risk now than they did five years ago.
More than half of businesses expect to conduct supply chain audits more frequently in the future – with the frequency highest in banking and finance.
In Brazil, a country that is seeking to attract investment from the US, Europe and Asia, 56% of firms conduct audits at least four times a year against the global average of 3.6 per year.
This risk of cyber attacks has leaders of mid-market companies extremely worried, perhaps a reflection of the fact they may lack the cyber security sophistication of multinational corporations.
Around 85% of companies worry about cyber attacks having negative financial impacts on their organisations and more than half (55%) believe cyber-attacks pose more risk now than they did five years ago.
It is clear from our unique study that the new business reality for mid-sized companies is very different from pre-Covid days. However, those that have adapted to the changes have done well and in many cases they are now more sustainable than before.