ESG “Environmental, Social and Governance” first popularized in the mid-2000s – is now firmly on boards’ lists of hot topics. Following the 2015 Paris Agreement and the annual COP climate change conferences that have continued to take place since, the “E” has increasingly taken center stage. However, this focus creates the risk that not all elements of this broad acronym get the attention they deserve.
While climate change and environmental issues are (rightly) high on the agenda of all corporations as governments and individuals take steps to mitigate the impact of climate change, corporations should not lose sight of their obligations and consequent risks under the Social and Governance elements of ESG.
An awareness of climate change is important, but policyholders should also be taking steps now to mitigate risks in the areas of Social and Governance. In an age of heightened scrutiny by regulators and on the public stage, policyholders should be aware of developing risks and how to protect against them.
This is a rapidly developing area, and insurers will be under pressure to keep up with the range of judicial decisions and regulatory intervention, and the potential implications for coverage under liability policies. We expect to see insurers probe policyholders at renewal to understand their assessment of ESG-related risk. Liability policies, particularly D&O, continue to see increased claims, but pricing remains fairly low. With capacity increasing and prices attractive, policyholders and their broking teams will be looking to maximize the limits purchased. At the same time, it is generally accepted that ESG claims risk is on the rise. This tension means that we should expect significant scrutiny of policies, business practices, and procedures at renewal. Should current trends continue, we may also see a tightening of wording, the introduction of new exclusions, or even decisions not to underwrite certain risks.
That said, a focus on ESG should also be seen as an opportunity – implementing robust policies and horizon-scanning can have a positive impact on discussions at renewal.
“E”: environmental risk and exposures
The “E” in ESG is clearly well and truly on insurers’ agendas when assessing their underwriting risk. In an April 2023 edition of The Policyholder Perspective, we discussed the increasing risks that climate change litigation and regulatory action in the UK can bring for businesses and how to mitigate the risks.
In this article, we look at some of the developments in Social and Governance.
“S”: Social – interaction with employees, customers, and stakeholders
Diversity and Inclusion will continue to be a focus for various key stakeholders, in particular investors, customers, and employees. Businesses are being held to account by stakeholders to do more than simply pay lip service to DE&I policies or risk litigation, regulatory action, and reputational damage. In the same way that greenwashing is considered a litigation and regulatory risk, companies may also find themselves at risk of social washing claims if they mislead about the positive social impact they claim to have. For example, multinational sports brands have come under fire in the media for making public statements to combat racism while facing reported allegations of racial discrimination by their employees. It is only a matter of time before the first social washing legal actions follow.
Another key theme emerging in the Social limb of ESG is health and safety and working conditions. One of the key pillars of ESG-related policies is transparency—not just the transparency of the business itself but how it operates on an international stage.
A number of claims have reached the English courts in recent years:
- The UK Supreme Court has found that a parent company could owe a duty to care in respect of operations carried out by an overseas subsidiary (Lungowe and others v. Vedanta Resources Plc [2019] UKSC 20 (a negligence claim in relation to mining operations in Zambia) and Okpabi v. Royal Dutch Shell [2021] UKSC 3 (a claim for environmental damage and alleged human rights abuses in connection with an alleged oil leak in Nigeria)).
- The Court of Appeal has taken this further by permitting the claim in Municipio de Mariana and others v. BHP Group (UK) Ltd (formerly BHP Group PLC) and BHP Group Ltd [2022] EWCA Civ 951 to continue despite being parallel proceedings in the Brazilian courts. (See our previous article: Municipio de Mariana v. BHP).
- The English courts are also willing to find, in principle, that a parent company is responsible for the actions of third parties it engages with. (Begum v. Maran (UK) [2021] EWCA Civ 326 – a case brought by the widow of a worker against the UK-domiciled company). The UK company had sold the vessel to a third-party shipping company, which arranged for its disposal in an unsafe manner.
All of the above cases demonstrate that the English courts are potentially willing to acknowledge the responsibility of a parent company toward workers in countries in which its subsidiaries operate.
Risk in this area can be mitigated by having clear policies in place and fostering a culture of transparency to allow for incidents to be investigated and managed appropriately. Policyholders should seek to demonstrate to insurers that they have appropriate oversight of overseas operations.
“G”: Governance
This prong encompasses the business’s ethical and legal management—how a company governs itself.
This broad topic is developing in many areas and has a clear focus on transparency. Shareholders and customers are (rightly) holding businesses to account.
In terms of a business’s leadership, in mid-2022, the FCA issued Policy Statement 22/3, which introduced changes to the UK Listing Rules and imposed a new “comply or explain” obligation to improve the diversity of the board and executive management of listed companies.
In respect of the board, it is required that:
- At least 40% of the board members are women.
- At least one senior board position is held by a woman.
- At least one board member is from a minority ethnic background.
As to executive management, annual reports should include standardized numerical tables that set out: (i) the sex or gender identity; and (ii) the ethnicity of the board and executive management.
A key concern for businesses as a result of these “comply or explain” requirements will be the extent to which claims under s90A FSMA follow, alleging misleading disclosures.
This is not likely to be the end of DE&I policies implemented by UK regulators. We can expect both the FCA and PRA to continue to focus on the diversity of businesses listed in the UK.
In addition to the make-up of a company’s leadership, we are seeing increased scrutiny of supply chains. It is no longer sufficient to ignore or profit from bad practices or illegal activity happening elsewhere around the globe.
This risk has existed for some time. The Modern Slavery Act 2015 requires companies to produce a slavery and human trafficking statement for each financial year, assessing the modern slavery risk in supply chains and the business. The Bribery Act 2010 also applies where an offense is committed overseas by a person connected with the UK. The EU’s new Deforestation Regulation, which came into force in June 2023, requires companies to conduct extensive due diligence on their supply chains when dealing with certain products (including cattle, cocoa, coffee, oil palm, rubber, soya, and wood). Implementing robust policies, regular training, and clear reporting lines will enable risk to be monitored and incidents, when they do arise, to be managed appropriately.
Mitigating ESG-associated risks
Policyholders are facing risk exposure from a wide range of potential risks, from regulators to activist shareholders to loss and damage claims backed by litigation funders.
While daunting for many insureds, it is possible to navigate the positive change brought by an increased ESG focus by implementing the following robust policies and procedures.
- Implement clear sustainability and ESG frameworks that cut across all business stakeholders.
- Produce environmental and social impact assessments and, as importantly, have processes in place to monitor and update them so risks remain relevant.
- Ensure that controls and processes are in place to ensure early identification of specific threats facing businesses. Specifically, ensure the Money Laundering Reporting Officer (MLRO) and other reporting and compliance functions are connected to the areas of the business where risks may arise to ensure prompt notification to the insurance and legal teams.
- Engage proactively with legal teams to stay abreast of rapidly changing legislative and regulatory frameworks. As discussed above, it is no longer acceptable (or possible) to turn a blind eye to overseas actions.
- Ensure any foreign offices or businesses with which you have a relationship are aware of the regulatory obligations in the UK and, if applicable, the EU.
- Have dedicated ESG managers whose role it is to collect relevant data and monitor risk.
- Have clear plans for implementing targets, whether climate-based or DE&I-based. These plans should have concrete steps that can be demonstrated to insurers and regulators.
- Engage with insurers and/or brokers early, ahead of policy renewal. Policyholders should expect questions in proposal forms and in discussions with insurers about what steps are being taken to mitigate the risks associated with ESG.
- Review your insurance program regularly. The D&O market continues to see a high volume of claims. It is also reportedly under-priced. While we are yet to see specific exclusions for ESG or dramatic policy wording changes, insurers will be looking closely at their exposure in this line of business.