The rise of ESG fraud

The term ESG keeps cropping up in many corporate discussions with organizations keen to strategically position their businesses for long term sustainable success amidst growing environmental, social and governance concerns. 

ESG simply stands for Environmental, Social and Governance. It is a framework of non-financial factors that organizations are adopting to drive and measure the sustainability of their businesses and respond to stakeholder pressures. 

These stakeholders include investors, employees, regulators, suppliers, customers, and communities. ESG is a broad and diverse topic covering a range of issues and bringing evolving risks for organizations to consider. 

ESG fraud risk is, therefore, similarly complex to navigate as organizations begin incorporating ESG in their business operations. This article considers some of the ways in which ESG fraud can show up and what can be done to protect against these risks.

First, there are growing concerns about issues such as climate change, diversity and inclusion, financial misreporting, cyber security, unpredictable technological shifts and social injustice, among others. Some of these issues have led global organizations and governments to hold high level meetings aimed at charting solutions to these concerns. The recent Africa Climate Summit 2023 held in Nairobi in September is an example.
 
To respond to these concerns, organizations are faced with the inevitable task of adopting the ESG framework as this is key for long-term success and continued existence. There are, however, two major problems: lack of a uniform reporting standard and general lack of understanding of ESG. 

No clear rules
While there are some standards that have been developed by bodies such as the European Financial Reporting Advisory Group (EFRAG), the International Sustainability Standards Board (ISSB), and the Sustainability Accounting Standards Board (SASB), there is no current requirement for organizations to follow a particular standard. 

This, coupled with the general lack of understanding of ESG and how it impacts businesses, creates variations in how organizations interpret and apply ESG in their day-to-day operations. It also affects how organizations report on their ESG agenda through sustainability reporting. Areas of ESG fraud risk are therefore emerging in relation to misreporting, corruption and bribery to bypass incoming requirements or obtain falsified documentation, carbon credit market abuse, among others.

One of the most considered areas of ESG fraud involves intentional misreporting or misrepresentation of an organizations' achievements in relation to ESG. This misreporting or misrepresentation is an intentional act of deception committed to benefit the organization or specific individuals related to the organization. 

It could be done to meet expectations of investors, lenders, regulators, and customers or to meet individual performance goals. This is commonly referred to as ‘greenwashing’.

Some examples of this are manipulation of Sustainability Performance Targets (SPTs) to deceptively show conformance to certain covenants for Sustainability Linked Loans (SLLs), manipulation of ESG data to earn ESG credits and falsely claiming to meet certain Key Performance Indicators (KPIs) for executive remuneration. Other common examples include falsely obtaining a certificate of compliance with pollution management standards by concealing relevant facts.

For most countries, the regulatory frameworks in relation to ESG are still in the development stage. When coupled with limited understanding of the subject, this creates an environment that could facilitate the materialization of ESG fraud risks. As per the 2022 PwC Global Economic Crime Survey, respondents in Eastern Africa indicated that the greatest challenges they face in managing ESG risks are: failure to define ESG objectives for the organization (40%), inability to prevent or detect ESG misconduct (40%); and general lack of understanding of ESG (20%). 

If individuals see an opportunity to take advantage of the lack of understanding in order to ‘get away with’ manipulation of reporting, the risks become greater and the chance of detecting such instances of fraud are relatively low without enhancements to controls relating to ESG fraud specifically.
Organizations should put in place ESG fraud mitigating measures from the onset at the core of the ESG strategy as well as considering detection controls. 

Raising awareness, conducting fraud risk assessments, and embedding ESG fraud risk management within the organization's broader Fraud Risk Management framework could go a long way in helping organizations to mitigate the risk of ESG fraud.

Consulting with experts in specific ESG topics at the start of the ESG journey or employing individuals with specialist ESG knowledge may reduce the risk. 

Davis Tushabomwe  is a senior associate at  PwC.