Environmental, Social, and Governance (ESG) initiatives in India were formally introduced in the year 2009 when the Ministry of Corporate Affairs (MCA) issued the Corporate Social Responsibility Voluntary Guidelines 2009. These guidelines mandated companies to contribute to society beyond their financial performance and to promote sustainable development.
The ESG reporting framework in India has evolved over the years. In 2021, SEBI mandated the disclosure of the Business Responsibility and Sustainability Report (BRSR) for the top 1,000 listed companies (by market capitalisation) starting from the financial year 2022-23.
Incorporating ESG practices into day-to-day activities, embedding them within business processes and routine decision-making can enable companies to contribute to their top-line growth, gain increased access to capital, effectively manage compliance and stakeholders, attract talent, and enhance return on
Internal Audit can play a pivotal role in helping corporates navigate through and integrate ESG considerations into its overall operations, risk management, and decision-making processes. With a cross-functional view across the company, the Internal Audit function is ideally positioned to assume a crucial role in ESG matters.
Evolving stakeholder expectations are driving change, encompassing the expectations of investors, customers, regulators, employees, and society at large. Businesses should establish an ESG framework, taking these considerations into account, which aligns with their distinctive business model and sustainability goals. The Internal Audit wields the most significant influence when its approach and results harmonise with an organisation’s purpose.
There are various approaches that the Internal Audit function can adopt to review ESG matters. The following are a few illustrative approaches that can be adopted:
– Broad high level internal audit reviews – Conduct an assessment of the organisation’s overarching ESG efforts and establish a foundation for success. This aims to comprehend the risk landscape and identify potential opportunities for enhancement. This may involve focusing on the approach, implementation plans, assessing the maturity relative to ambitions, or benchmarking the approach against peers.
– Specialised, risk focused ESG Internal Audits – Conduct ESG-centric “deep dive” internal audits to ascertain whether ESG-related risks and activities are being properly identified, considered, assessed, and documented.
– Integrated ESG Internal Audits – Incorporate ESG considerations into a diverse array of non-ESG specific audits by integrating pertinent ESG risks.
– ESG-focused Internal Controls Framework and Testing – Assisting in the development, enhancement, or testing of a controls framework to identify risks and controls, document process flows, and pinpoint potential opportunities for improvement.
Internal Audit can provide an independent and objective assurance, insights, and advice on ESG-related issues through performing the following responsibilities:
– Evaluating company’s current ESG maturity
– Reviewing adequacy of governance structure and oversight
– Validating ESG risk management goals
– Evaluating the ESG risk management framework
– Reviewing the ESG policies and procedures
– Review ESG financial and non-financial reporting metrics
– Continuous monitoring
The Internal Audit functions that effectively address ESG risks are those that:
– Understand their organisation’s short and long-term priorities.
– Update audit universe to incorporate ESG risks and plan for comprehensive coverage across all three areas in their annual plans for the long term.
– Identify suitable opportunities to integrate ESG considerations into their IA plan, either as independent audits or as part of non-ESG focused audits.
– Recognise the necessity to adapt the IA approach to ESG as the organisation matures.
– Share an overview of the provided assurance and identified issues across audits. This may manifest as a dedicated section within the annual opinion or as a thematic overview in the reporting to the Audit Committee.
To effectively assist organisations in their ESG initiatives and to achieve the above-mentioned objectives, the Internal Audit function must also invest in upskilling. This involves encouraging team members to enhance their skills in areas such as data analytics, law, sustainability, environmental science, HR practices, and more.
In conclusion, the role of the Internal Audit function in addressing ESG matters and promoting transparency within Indian enterprises is paramount. Through conducting independent reviews, assessing underlying processes and procedures, and reviewing data integrity, the Internal Audit function serves as a guardian of transparent and ethical business practices. By upholding these principles, internal audit not only enhances stakeholder confidence but also contributes significantly to the organisation’s sustainable growth and positive societal impact.
[This piece was written by Akhilesh Varghese, Partner, Risk Advisory, Deloitte India]