*This article was first published by Financier Worldwide Ltd ©2024 Financier Worldwide Ltd. All rights reserved. Permission to use this reprint has been granted by the publisher.


Annabel Reoch - Partner, KPMG

Annabel Reoch is a chartered accountant and partner in KPMG’s UK Forensic practice, specialising in business conduct and integrity. She leads KPMG’s Forensic ESG Integrity services globally, helping organisations identify, mitigate and respond to ESG risks, including investigating ESG issues such as financial crime, human rights, greenwashing and sustainability fraud in line with UK and international regulation.

Hilary Hayton - Director, KPMG

Hilary Hayton is a director in KPMG Australia’s Forensic practice. As a chartered accountant and business valuations specialist, she leads KPMG Australia’s Forensic ESG Integrity services and the Dispute Advisory practice by providing Forensic accounting-related services, including quantifying economic loss, financial investigations and contentious business valuations for a range of clients including large corporates, government entities, insurers and individuals.

Global contribution: Becky Seidler, Hilary Hayton, and Chris Schneider.

Chris Schneider - Managing Director, KPMG

Chris Schneider is a managing director in KPMG’s US Forensic practice focusing on investigations, disputes and compliance-related services. He has 20-plus years of experience related to Forensic accounting and financial and fraud investigations, SEC and DOJ, anti-corruption and FCPA, and other regulatory inquiries, including human rights and ESG. He also assists attorneys and their clients with compliance transformation and Dispute Advisory services.

Becky Seidler - Partner, KPMG

Becky Seidler is a Forensic partner at KPMG Canada. She specialises in analysis and quantification of financial losses for litigation purposes, performing Forensic accounting investigations and advising on fraud risk management, ethics and integrity, and regulatory compliance matters, including ESG. She is currently the national Dispute Advisory practice leader, Canada’s national Forensic ESG leader and the global ESG Integrity co-leader.

Financier Worldwide: To what extent are environmental, social and governance (ESG) issues leading to an increase in investigations and related claims directed at companies? To what extent are evolving legislation and regulation, alongside shifting stakeholder expectations, changing the playing field?

Reoch: Historically, investigations focused on the ‘G’ of environmental, social and governance (ESG), often around fraud and financial crime allegations. Increasingly we are seeing concerns around environmental and social issues, including greenwashing, environmental crimes and human rights abuses. This is due to an increase in regulations, from the UK’s Modern Slavery Act, the new failure to prevent fraud offence within the UK Economic Crime and Corporate Transparency Act (ECCTA), which encompasses greenwashing and other ESG infringements, to the Financial Conduct Authority’s (FCA’s) anti-greenwashing rule, which protects consumers by ensuring sustainable products and services are accurately described. Pressure is also mounting from stakeholders, including activist investors, investigative journalists and social media campaigns. With increased emphasis on transparency in disclosures, more data is available to hold companies accountable, and the potential for reputational damage or private prosecutions appears to be greater than ever. Companies should act quickly to investigate and determine the veracity of the claims or ignore at their peril.

Seidler: It is clear that a brighter spotlight has been directed at corporate ESG practices and reporting. With it comes increased expectations and pressures as stakeholders elevate the importance of ESG on their agendas. This growing awareness of ESG issues may contribute to a rise in ESG investigations and dispute claims. One of our recent surveys of Canadian businesses identified that as the pressure mounts on organisations to deliver on ambitious sustainability targets, nearly 89 percent of respondents said they are facing intense scrutiny from their stakeholders to demonstrate tangible progress on ESG targets. Additionally, 86 percent are concerned that the pressures are increasing the risk of ESG-related fraud happening within their organisations. The survey also showed 24 percent of respondents that had experienced fraud within the past five years have discovered ESG fraud, and some are currently still dealing with it.

Hayton: In Australia, we have seen a significant increase in ESG investigations in recent times, driven by the increasing power of stakeholders, changing market dynamics, and the emergence of specific legislation and regulations. In particular, regulatory changes and legislation in Australia, such as the Respect at Work Act 2022 and the Combatting Foreign Bribery Act 2024 are also driving the increased focus on ESG issues. In addition, stakeholder demands for transparency and disclosure of key aspects of a company’s sustainability profile and impact on the environment have also increased. In the future, companies should communicate better around ESG issues and articulate their strategies for long-term value creation. This transparency will be crucial in gaining investor confidence and avoiding the pitfalls of greenwashing which is a particular focus of the Australia Securities and Investments Commission (ASIC).

Schneider: In the US, we are seeing an increased interest in ESG issues from the media especially investigative journalists, which has led to pressure on regulatory agencies, consumers and other stakeholders to ask questions of companies’ ESG disclosures and compliance framework. This increased media focus has also led to greater pressure to legislate and regulate industries and sectors that had previously not had an ESG ‘issue’. Heightened whistleblower awareness of ESG issues has also led to an increased number of reports and enforcement action by US regulatory authorities evidenced by recent enforcement action for ESG-related misstatements and omissions. Furthermore, in 2023 the Securities and Exchange Commission (SEC) launched the Climate and ESG Task Force aimed to proactively identify ESG-related misconduct. We expect this will lead to increased investigations.

Financier Worldwide: Are you seeing any common themes among the factors that cause companies to commit ESG fraud? What are the sources of these pressures?

Hayton: Common themes that we have seen causing companies to commit ESG fraud include weak controls, the absence of an ESG-compliance plan or framework, and a lack of awareness within the company. These issues are often highlighted by pressures from consumers, regulators and boards or shareholders. There are conflicting demands as consumers lead the drive for lower prices, transparency and accountability, regulators enforce compliance with ESG standards, and boards or shareholders push for profitability and growth. However, without robust controls and a clear ESG framework, companies may resort to deceptive practices to meet these demands, potentially leading to heightened risk of ESG related misreporting and fraud. Therefore, it can be critical for companies to strengthen their ESG controls and increase internal awareness to help prevent ESG fraud.

Seidler: ESG fraud is a broad term that refers to a range of organisational misconduct typologies – such as greenwashing, labour rights violations and bribery and corruption – that have implications across ‘E’, ‘S’ and ‘G’. Factors that increase the risk of ESG fraud will vary across the different typologies. If we consider a hot button issue like greenwashing for instance, pressures that may increase the risk of an organisation engaging in greenwashing would include pressure from various stakeholder groups such as consumers, investors and regulators to set and achieve positive ESG metrics. Secondly, employee compensation that is tied to the achievement of ESG metrics could incentivise employees to achieve ESG metrics whether through legitimate or illegitimate means. Thirdly, where organisations have a production threshold, such as a cap on carbon emissions, they may feel pressure to identify shortcuts to decrease those emissions rather than implement organisational change that will lead to lower actual emissions.

Reoch: Financial gain is often an incentive for ESG fraud. The changing economic and geopolitical landscape is placing a strain on companies to find new market opportunities and cut costs. We have seen high-profile cases relating to the covering up of environmental crimes or abusive working conditions to save costs. Employees are also facing economic pressures due to the cost-of-living crisis and corporates must ensure they are not incentivising ESG fraud through reward schemes which encourage employees to cut corners, particularly where oversight is reduced due to increased remote working. As to green and social washing, the regulation is nascent, with no legal definition of ESG fraud. Case studies show that greenwashing or social washing involve companies intentionally or unintentionally making false claims or omitting information from sustainability disclosures. Companies aiming to showcase responsible corporate citizenship may exaggerate their positive impacts, set unachievable targets or falsely market products as sustainable.

Schneider: ESG investigations can arise from many areas, especially in companies with diversified and global supply chains. Typically, however we have seen an uptick in ESG investigations focused on human rights and modern slavery type concerns, including child labour, forced labour and undocumented labour. These issues are nearly always linked to traditional ethics and integrity concerns such as bribery, kickbacks and other frauds. So, although these might be ‘new’ issues for companies, they are commonly linked to more traditional frauds. In terms of themes, we are seeing companies with issues concerning a lack of disclosure for relevant ESG topics, whitewashing of ESG-related metrics and general integrity in disclosures in potential violation of regulatory and societal standards.

Financier Worldwide: What are the potential consequences for companies and their directors for failing to meet ESG obligations?

Schneider: ESG consequences can be very broad, from a downtick in sales to full-fledged investigations by government authorities leading to significant and immeasurable fines. Where we have seen some of the most notable consequences is reputational harm, with instances where customers and vendors, suppliers and other third parties either threaten to cease or do cease business with a company as a bad corporate citizen, potentially putting the company’s operations at significant risk. This could ultimately lead to ongoing increased scrutiny from external stakeholders, meaning the company may need to shift resources and time from core business duties.

Reoch: The potential consequences of failing to meet ESG obligations are extensive due to the numerous regulations holding companies to account. For example, breaches of the UK FCA’s anti-greenwashing rule could lead to regulatory penalties, and the UK’s failure to prevent fraud offence in the ECCTA could lead to criminal penalties for directors and companies, including for ESG fraud. Penalties of up to 10 percent of global turnover and fines for individuals also await those in breach of the UK Competition and Markets Authority Green Claims Code. In relation to labour rights abuse and environmental crimes, in recent years companies have been hit with multi-million pound government-imposed fines, monitorships and investor lawsuits. Companies failing to meet their ESG obligations also risk reputational damage, potentially leading to loss of custom, falls in share price, class actions and difficulty attracting and retaining talent. Ultimately, companies may face going concern issues if investors call in their funding or banks stop their line of credit.

Seidler: There are a number of potential consequences for failing to meet ESG obligations or misrepresenting ESG performance, such as regulators imposing fines and penalties. In Canada, the Competition Bureau has been vocal about its intent to hold companies accountable for misleading claims, such as greenwashing. Consequences could also include litigation from various stakeholder groups such as investor- or consumer-led class action lawsuits, reduction in the company’s access to capital, such as decreases in share price or higher interest rates, and negative impact on the organisation’s social licence to operate, which may include reputational damage and activist boycotts. Other potential consequences include management distraction from responding to ESG allegations, loss of competitive advantage in an increasingly ESG conscious market and internal resources being diverted for compliance remediation.

Hayton: In Australia, companies and directors can face legal, financial and reputational consequences for failing to meet ESG obligations. Directors are personally accountable for their company’s ESG decisions, and non-compliance with regulations can lead to legal repercussions. ESG issues can significantly impact a company’s financial performance, while directors who breach their legal responsibilities risk damaging their reputations and careers, as well as the company’s reputation. Shareholder activism is also a potential consequence. The Australian Securities Exchange Principles recommend that listed entities disclose their ‘material exposure’ to ESG risks and their management strategies, with failure to do so potentially leading to loss of investor confidence and legal action.

Financier Worldwide: If accusations surface, how important is it for companies to launch their own internal investigation into the matter?

Seidler: The approach to investigating an accusation will depend on the circumstances. Where accusations are being raised internally through the company’s whistleblower hotline, the company should follow established protocols to initiate a response, which is likely to include determining whether allegations have merit and identifying the appropriate next steps, which may involve escalation or bringing in an external party to complete the investigation. Where accusations are being raised by external parties, such as activist groups, and are part of public discourse, companies should be cognisant of the risk of ‘whitewashing’ or being perceived to be engaging in ‘whitewashing’ if they do not address the concerns satisfactorily. Depending on the circumstances and the allegations, it may be best to hire an external party to assist with performing the investigation and preparing a defensible response.

Reoch: If faced with accusations, companies should take time to investigate the issue before responding either publicly or to, for example, an investigative journalist. Companies that deny accusations without undertaking due diligence to understand the matter may face further greenwashing allegations. Based on the severity of the allegation, companies should consider whether there is sufficient, appropriately qualified in-house resource or if they should engage external parties, including legal counsel, Forensic accountants and ESG experts to investigate and ascertain root causes. This can help to reduce reputational damage and ensure the investigation is reliable and accurate. It can also enable the company to prevent reoccurrence through the implementation of corrective action plans. Allegations in the public domain may attract the attention of regulators so a company should ensure that the investigation process is robust and defensible. Where relevant, companies should seek to remediate any harm caused to individuals, communities and any other impacted third parties.

Schneider: As with all accusations, a proper triage process is recommended to first properly consider the severity of the accusations, their scope and the timeliness in which to respond. Involving outside counsel and independent consultants at the direction of the board or audit committee may be prudent if senior management are implicated or complacent, or if there is a certain level of media and external interest in the accusations.

Hayton: It is vital for companies to launch their own internal investigation if accusations of ESG fraud surface to identify the facts in relation to potential issues and address them quickly. This can be essential for companies to maintain trust with stakeholders and also to help avoid potential legal and financial consequences. In the context of ESG fraud, in addition to ensuring the company’s disclosures accurately reflect the underlying facts, an internal investigation can also review controls and frameworks to identify any weaknesses that may have led to the ESG fraud. This is especially important as the Australian Corporations Act 2001 prohibits companies from making false or misleading statements or engaging in misleading and deceptive conduct.

Financier Worldwide: What challenges are involved in investigating ESG issues?

Hayton: There may be challenges in investigating ESG issues as a result of inadequacies in the available underlying data and potential lack of clarity in the standards required by relatively new regulations, legislation and company targets. This may include a lack of standardisation in reporting which makes ESG data voluntary to capture, inconsistent across companies and difficult to compare. It also leads to difficulties in verifying the accuracy of data internally and relative to market standards. In addition, the complexity and wide-ranging nature of ESG issues means there is often no single source of truth in ESG data. This makes it difficult to establish a clear and accurate picture of the company’s ESG performance and involves collating many disparate data sources, and comparison against benchmarks, which are often unclear. The deployment of specialist Forensic technology, analytics and investigation methodologies is therefore vital to bring clarity and robustness to ESG investigations.

Reoch: ESG investigations are a nascent regulatory area, lacking in consistent definitions. As such, the landscape is shifting and what constitutes a breach now may not have been at the time of the allegations. Further, ESG datapoints are complex, often relying on unstructured data. For example, assessing if workers within your supply chain have been provided with food or shelter or that sustainable claims on packaging have undergone appropriate sign-off processes is difficult to measure and will typically rely on qualitative data that could be problematic to obtain. Added to this, global standards differ and ESG metrics reported in one country may rely on data from an overseas subsidiary which adheres to different standards. Finally, in relation to sensitive ESG matters, such as human rights abuses, people may be reluctant to transparently report their concerns. This should be mitigated through robust grievance mechanisms which are accessible, confidential where possible and prohibit retaliation.

Seidler: One of the most significant challenges in investigating ESG issues is the availability and reliability of relevant information and data. Depending on the specific allegations being investigated, relevant data may sit anywhere within the company where the data collection and internal control processes may be immature compared to the processes in place around financial data. This could result in ESG data being at risk of manipulation at any point in the data’s lifecycle. It is possible that data relevant to the ESG allegation may not be systematically maintained or tracked by the company, which may require investigators to find alternative sources of information and piece together the necessary data. For instance, where carbon emissions would be relevant for an ESG investigation but are not tracked by the company, investigators may need to consider alternative sources of information, such as energy expenditures, which may provide a reasonable proxy.

Schneider: Like any investigation, ESG issues can be difficult to investigate due to several factors. Challenges such as ambiguity in the accusations, reluctance by whistleblowers to speak with investigators, availability and quality of data and documentation are some of the more traditional challenges. With ESG issues, there are also often cross-border investigation challenges to consider, such as languages, cultural differences in ways of working across jurisdictions, data privacy guidelines, lack of trust in the investigation process and with investigators in general, and fear of retaliation in the form of physical harm.

Financier Worldwide: What are the essential elements of an ESG-related investigation? What best practices should be followed?

Reoch: ESG investigations will often begin with data collection and analysis which informs the understanding of root causes. The investigation should take into account both the nature of the identified issue and the relevant operational and regulatory context, and as such a mapping exercise to understand these elements and involvement of the right subject matter experts (SMEs) can be critical from the outset. Investigations into human rights abuses, for example, are more likely to necessitate public communication and reporting than human resources concerns. Likewise, if the company is operating in certain jurisdictions, it may be required to follow certain regulatory standards. The final stages of the investigation should be centred around remediating harms and preventing reoccurrence. In the case of a bribery investigation, remediation may involve exiting the relationship, whereas for social or environmental issues, emphasis should be placed on remediating harms to individuals and using leverage to change processes for the better.

Schneider: At their core, ESG-related investigations should follow the same methodology and be consistent with general better practice investigation guidelines. ESG-related investigations also have additional elements to consider, including the use of SMEs when dealing with, for example potentially underage interviewees, a cross functional investigation team versed in the local language and cultural norms, environmental specialists, as well as having a team of investigators with the requisite experience working across borders. ESG-related investigations should also be undertaken thinking ahead to remediation, given that these will most probably be different to traditional control recommendations made. The focus on people, process and technology, with a focus on tone at the top is always a good starting point.

Seidler: The essential elements of an investigation are planning the investigation, gathering and analysing information, and reporting. At the planning stage, ensuring that an ESG subject matter expert is involved to assist with identifying potential sources of information relevant to the allegations is a key step. Selecting the right ESG SMEs will depend on the specific ESG allegation. When gathering information, companies should be mindful that custodians of information relevant to an ESG-investigation may be broader than a typical financial fraud investigation and that controls over ESG-related information may not be as rigorous as controls over financial information. At the reporting stage, being aware that ESG allegations often have a public interest component to them and may require a public response from the organisation can be essential. Thus, it is important to ensure that any reporting can withstand the scrutiny of various stakeholders.

Hayton: The essential elements of an ESG-related investigation are consistent with the elements of a Forensic investigation. To establish the facts of the ESG fraud, companies should firstly plan the investigation including whether ESG SMEs are required and how investigative interviews with witnesses, whistleblowers and suspects may be executed effectively. Investigations should focus on preserving, controlling and forensically capturing and analysing documents and related evidence comprehensively, ensuring procedural fairness and paying close attention to the manner, timing and coordination of the communications of both the substantive issues and the process of the investigation. Companies should further consider issues such as the cooperation of personnel, potential conflicts of interest, the mandatory protection of whistleblowers and requirements of eligible stakeholders. Finally, investigations should include reporting to the client and other relevant stakeholders such as regulators, the key findings and recommendations for improved process controls to help prevent future ESG fraud from occurring.

Financier Worldwide: What advice would you offer companies on preparing a plan to mitigate ESG risks that includes early response and investigation in light of any suspected compliance breach?

Schneider: Having a clearly defined ESG strategy that properly considers the ESG risks is a first step. Accordingly, companies should take a risk-based approach tailored to their industry, organisational structure, and risk profile and tolerance, starting with a specific ESG risk assessment, moving on to a risk-based approach to managing third-party risks, including ongoing due diligence and continuous monitoring and auditing of high-risk third parties. Strong governance around ESG matters is also one of the cornerstones of a mature ESG framework. An ESG policy and related governance framework, including a strong tone at the top, can be crucial for companies looking to mitigate their ESG risks. Should a compliance breach be suspected, companies should have a robust investigation plan in place including a triage process to properly escalate and attend to high-risk and complex investigations. Conducting separate assessments and reviews on ESG-related metrics in financials, website and other publicly facing statements and information should also be conducted on a periodic basis.

Seidler: There are three broad steps that companies should take. First, companies should perform a risk assessment to understand the types of ESG risks to which the company is most susceptible in its end to end value chain, and involve appropriate perspectives, such as ESG SMEs, to help ensure a comprehensive coverage of the relevant ESG risks. Second, companies should implement internal controls and monitoring strategies which may involve gathering data from and implementing internal controls in areas of the business that might not be subject to the same rigour of controls and monitoring as the finance and accounting function. Leveraging data-driven monitoring activities and developing an effective whistleblowing mechanism can assist with early anomaly detection. Third, companies should be prepared to respond strategically, which may involve having an internal team that is accountable for investigating identified anomalies and escalating issues to internal legal counsel or the board of directors.

Reoch: Our advice for companies preparing a plan to mitigate suspected ESG breaches involves having the controls and compliance framework in place to help mitigate risk and quickly identify breaches when they occur. This involves undertaking ESG risk assessments and developing a risk based and proportionate response. For example, building robust due diligence processes to identify breaches and establishing grievance and speak-up mechanisms through which internal and external stakeholders can raise concerns without fearing retaliation. Companies should establish robust accountability and governance structures, supported by clear escalation routes to help ensure quick decision making when issues arise. This includes establishing clear lines of accountability and ownership of ESG risk within the business, and a forum at which decisions can be taken quickly. Companies can help protect themselves from incidents and develop effective controls by conducting continuous horizon scanning to keep pace with developments in regulation, international guidance, industry wide risks and good practice examples.

Hayton: Companies can effectively prepare a plan to help mitigate ESG risks and ensure early response and investigation in case of suspected compliance breaches by identifying and understanding ESG risks relevant to their business. Companies should also build ESG understanding and awareness by helping to ensure they have the appropriate skills and competencies to oversee strategies designed to respond to sustainability-related risks and opportunities. ESG risks should be incorporated into risk discussions, including considering climate change as a financial risk and understanding its impacts. Companies can help ensure compliance with applicable standards and regulations, including avoiding greenwashing by ensuring that the company’s disclosures are accurate. Companies should also establish a plan for how to respond to any ESG compliance breaches, including how to investigate these breaches and what actions to take in response.

Financier Worldwide: How do you expect regulatory developments to affect ESG investigations in the months and years ahead? Is this issue likely to climb the corporate agenda?

Seidler: The trend we have been seeing is a shift from voluntary piecemeal guidance toward mandatory regulation, demonstrating that regulators are taking a stronger stance on companies’ ESG performance, or lack thereof. With the creation of the International Sustainability Standards Board (ISSB) and the enactment of a modern slavery act in Canada, we anticipate continued issuance of standardised ESG disclosures, including the ‘Disclosure of Climate-related Matters’, which would require companies listed on Canadian stock exchanges to disclose governance mechanisms, risk management procedures and goals set to reduce greenhouse gas emissions. With stronger regulation, we expect more enforcement to follow suit, compelling executives to take charge of their corporate ESG strategies with an emphasis on the ‘E’.

Hayton: Regulatory developments are expected to significantly impact ESG investigations in Australia, both now and in the future, as the global trend toward standardisation of international disclosure requirements continues. The increasing focus on ESG factors by investors, stakeholders, governments and regulators is driving a shift toward greater transparency and accountability in ESG reporting, which is likely to increase ESG fraud and resulting investigations. Regulatory bodies such as ASIC are taking steps to prevent greenwashing and ensure that investors have access to accurate and reliable ESG information. This includes scrutinising claims by listed companies that may not be supportable, such as net-zero targets without a reasonable basis, and considering appropriate enforcement actions. In addition, the rise of ESG litigation funds may reduce cost barriers to entry to start a course of action, potentially leading to an increase in ESG-related litigation. ESG issues are therefore likely to continue to climb the corporate agenda.

Reoch: Regulations in the ESG space are increasing and becoming more stringent across the world, and many companies are likely to find themselves caught by due diligence and reporting requirements or subject to import and export regulations. Even companies not in scope of such regulations are likely to find their value chains or operations impacted by regulatory requirements in coming years, as regulations like the European Union’s Corporate Sustainability Due Diligence Directive come into force. This, coupled with the increasing scrutiny from consumers, investors and employees, is likely to drive ESG investigations up the corporate agenda. Against the backdrop of a challenging economic and geopolitical climate, ESG may drop down the list of priorities. However, the financial and reputational penalties for ESG fraud and adverse incidents should act as an incentive to companies to prioritise protecting themselves against these risks.

Schneider: We expect regulatory developments to continue to increase and mature in line with expectations from external stakeholders. This could lead to increased ESG investigations for companies subject to this heightened focus. The issue is likely to climb the corporate agenda as more companies are pressured by customers, vendors, stakeholders and consumers to ensure they demonstrate what they are doing to be good corporate citizens. Consumers are increasingly wanting to know they are buying from socially responsible companies and those that do not act in line with societal expectations could be left behind. Companies are also highlighting their ESG credentials to differentiate themselves in the market and attract new customers looking to buy from responsible corporate citizens.