Search Results

The Office of the Superintendent of Financial Institutions (OSFI) released a draft guideline on October 13, 2023, on the operational resilience and operational risk management requirements of Federally regulated financial institutions (FRFIs) operating in Canada and foreign bank branches authorized to conduct business in Canada. The draft guideline is open to public consultation until February 5, 2024. Key Requirements of the Guideline Identifying the FRFI’s critical operations and mapping the internal and external dependencies (e.g., people, systems, processes, third parties, facilities, etc.) required to support critical operations. Establishing tolerances for disruption in respect of an FRFI’s critical operations. Conducting scenario testing to gauge the ability of the FRFI to operate within its tolerances for disruption across a range of severe but plausible scenarios. Establishing a culture that promotes and reinforces behaviors that support operational resilience and proactively managing culture and behavior risks that may influence resiliency. The design and implementation of the FRFI’s operational resilience approach and operational risk management should be proportionate to the FRFI’s size, nature, scope, complexity of operations, strategy, risk profile, and interconnectedness to the financial system. The Relationship Between Operational Risk Management and Operational Resilience OSFI states that operational resilience (OpsRes) is built on the foundation of operational risk management (ORM). OSFI further asserts that OpsRes emphasizes the end-to-end performance of the FRFI’s critical operations across the organization, and as ORM matures it should also focus on the performance of operations end-to-end. How Archer Can Help The Guideline lists four outcomes FRFIs are expected to achieve related to operational resilience and managing operational risks: The FRFI can deliver critical operations through disruption. Operational risk management is integrated within the FRFI’s enterprise-wide risk management program and supports operational resilience. Operational risks are managed within the FRFI’s risk appetite. Operational resilience is underpinned by operational risk management subject areas, including business continuity management, disaster recovery, crisis management, change management, technology and cyber risk management, third-party risk management, and data risk management. Archer can play an important part in helping organizations build these operational risk management and operational resilience capabilities. For example: Archer Enterprise and Operational Risk Management enables organizations to: Establish an enterprise-wide operational risk management framework. Set a risk appetite for operational risks. Ensure comprehensive identification and assessment of operational risk using appropriate operational risk management practices. Conduct ongoing monitoring of operational risk to identify control weaknesses and potential breaches of limits/thresholds, provide timely reporting, and escalate significant issues. Archer Resilience Management enables organizations to: Identify its critical operations and map internal and external dependencies. Establish tolerances for the disruption of critical operations. Develop and regularly conduct scenario testing on critical operations to gauge its ability to operate within established tolerances for disruption across a range of severe but plausible operational risk events. For more information or to speak to an Archer expert, you can contact us here.

ESG management, like any innovative concept, has sparked its fair share of controversy. Experts and nations engage in heated debates about the approach, the scope, and even the economic value of implementing an ESG management system in business. Amidst the ongoing debates, McKinsey has shed light on a compelling aspect—evidence is emerging that a strong ESG score can lead to approximately a 10% reduction in the cost of capital. Why, you may ask? Well, it all comes down to risk. When your business boasts a robust ESG proposition, it's better equipped to weather the storms threatening its ability to operate. MSCI Research noted that companies with high ESG ratings tend to be less vulnerable to systematic risks impacting the broad equity market or market-like sectors or industries than those with low ESG-rated companies. Credit rating agencies are now factoring in ESG performance when assessing companies; those with lower credit ratings face higher risk premiums. Of course, ESG ratings have their fair share of critics, often lambasted for the inconsistency and opaque methodologies employed by the rating providers. However, financial institutions still rely on these ratings to evaluate the ESG performance of corporations. The alternative of hiring an army of ESG analysts to scrutinize every company in their portfolio is simply impractical. So, if your corporation aims to secure an accurate and positive ESG rating, you must understand the rating methodologies and align your ESG management programs and policies accordingly. Most methodologies assess two critical factors: exposure to ESG risks and ESG risk management. The former primarily revolves around your core business, which may be difficult to change without altering the fundamental nature of your operations. However, the latter is entirely within your control and responsibility. The question then becomes, how can you demonstrate effective ESG risk management? First , ESG efforts need to be seamlessly integrated into your governance structure. ESG risk management should become integral to your company's core operations, flowing through all three lines: from business users to risk managers to assurance functions like internal audit. Motivation plays a crucial role as well. It's incumbent upon management to establish ESG-related incentives for employees or even ESG challenges for individuals or teams. Healthy competition never hurts, especially when it aligns with corporate values, strategy goals, and a purposeful mission. Second, ESG risks must be appropriately managed and mitigated. Common sense dictates integrating ESG risk management into your existing enterprise risk management framework. And most importantly , companies must allocate sufficient resources to their sustainability initiatives, such as investing in technology to integrate sustainability into risk management. This includes investments in technology to integrate sustainability into risk management. Many of today's ESG challenges focus on data collection processes, standardization, and maintaining a dynamic overview of ESG risk management posture. A robust ESG risk management program inherently leads to more consistent operational performance and sustainable long term growth. Archer's ESG solution enables organizations to collect and centralize ESG data into a single platform, evaluate the impact of risks and the opportunities on business strategy, understand 3rd party ESG risks, set ESG goals, and produce auditable reporting all from one integrated platform. If you would like to learn more about how Archer ESG Management can help your organization achieve its ESG goals and objectives, we invite you to our webinar hosted by Verdantix and Archer titled "California's Climate Change Legislation: What Your Business Needs to Know". In this webinar, we will discuss: Gain an understanding of the key provisions of California's new regulations and how they impact your organization's compliance and sustainability reporting. Discover the broader implications of these groundbreaking California laws on corporate climate reporting, accountability, and sustainability programs. Learn about technology that can help you manage and advance your ESG program. We hope you can join us for this informative webinar.

As a go to market lead at Archer for our Enterprise Risk Quantification practice and Archer Insight product, I’ve had the opportunity to speak with thousands of customers and risk practitioners across the ERM and GRC space. While there is a market desire to quantify risks, the desire to adopt risk quantification is often met with hesitancy, no thanks to perceptions around risk quantification being reserved for the only mature users, users with access to rich data analytics, modeling expertise, or challenges in demonstrating the value of risk quantification beyond specific risk functions like cyber. At Archer, we’ve taken these perceptions and challenges head-on when developing the Enterprise Risk Quantification practice behind our Archer Insight solution. Why Archer Insight? Archer Insight takes an enterprise approach to risk quantification shifts previous perceptions and challenges associated with adopting risk quantification by prescribing a purpose-built risk quantification methodology for getting started with quantified risk assessment. Why Enterprise Risk Management? As you well know, the purpose of an Enterprise Risk Management program is to provide a holistic view of risk across the enterprise for visibility and governance of risks impacting the enterprise’s key initiatives. Recognizing the objective of the enterprise risk management program, quantification doesn’t need to be complex, quantification just needs to better than what we are doing, which is likely qualitative and semi-qualitative risk heatmaps. Please join OCEG and Archer for our December 12 webinar, “ Debunking the Complexity Around Risk Quantification ,” where I’ll discuss how risk quantification is best suited for the enterprise risk management program, strengthening and delivering on ERM program objectives.

It might seem like yesterday you were getting ready for spring and today you’re thinking about the new year. Like most people, you have a variety of resolutions in different buckets: physical health, mental health, finances, relationships, etc. Your company also makes resolutions in the form of corporate objectives. Corporate objectives are not mere aspirations or vague intentions; they are tangible targets that drive an organization's growth and success. They provide a roadmap for decision-making, resource allocation, and performance evaluation, ensuring that the organization's actions are aligned with its overarching goals. Chief risk officers and risk management teams play an important role in ensuring success as your company strives to reach new heights in the coming year. As you kick off strategic planning, there are some key questions to keep in mind: #1 - Which objectives matter most? Identifying the objectives that matter most requires a thorough assessment of your organization's internal and external environment. Consider factors such as: Strategic priorities: Align objectives with the organization's strategic plan and long-term goals. Industry trends: Identify emerging trends, monitor upcoming and current regulation, and adapt objectives to remain competitive. Stakeholder expectations: Address the needs and expectations of key stakeholders, such as customers, employees, and investors. #2 - How can I demonstrate how corporate objectives were determined? Transparency and accountability are essential for building trust with stakeholders. Demonstrate how corporate objectives were determined by: Documenting the process: Clearly document the steps involved in objective setting, including stakeholder input, risk assessment, and alignment with strategic priorities. Communicating rationale: Clearly communicate the rationale behind each objective, explaining its relevance to the organization's overall goals. Seeking feedback: Encourage feedback from stakeholders on the objectives and the process used to develop them. #3 - How can I measure the progress of corporate objectives? Measuring progress towards achieving corporate objectives is essential for staying on track and making informed decisions. Establish clear metrics and indicators for each objective, such as: Key performance indicators (KPIs): Quantifiable measures that track progress towards achieving specific objectives. Milestones: Significant markers of progress along the way, indicating successful completion of intermediate steps. Regular reviews: Conduct periodic reviews to assess progress, identify challenges, and make adjustments as needed. #4 - How can I track progress made from the starting point? Tracking progress from the starting point provides valuable insights into the organization's growth and development. Compare current performance against initial objectives using: Benchmarking: Establish industry benchmarks to assess relative performance and identify areas for improvement. Trend analysis: Track performance trends over time to identify patterns and assess progress towards objectives. Gap analysis: Identify the difference between current performance and desired outcomes, providing a basis for improvement initiatives. #5 - What can be done if progress is off track? Recognizing and addressing deviations from objectives is crucial for ensuring success. When faced with setbacks: Analyze the reasons: Identify the root causes of the deviation, whether they are internal challenges or external factors. Develop corrective actions: Implement appropriate strategies to address the underlying causes and get back on track. Communicate openly: Keep stakeholders informed about the situation and the steps being taken to rectify it. #6 - How can we reliably achieve corporate objectives? Achieving corporate objectives reliably requires a comprehensive and well-structured approach: Establish clear ownership: Assign ownership of each objective to specific individuals or teams. Provide adequate resources: Allocate necessary resources, such as funding, personnel, and technology, to support objective achievement. Embed objectives into processes: Integrate objectives into day-to-day operations and decision-making processes. Monitor and measure progress: Regularly monitor progress towards objectives and make adjustments as needed. Celebrate successes: Recognize and celebrate achievements to maintain motivation and engagement. Risk management teams must work closely with company executives and the board to ensure that strategic planning and decision-making processes produce reliable results. By aligning individual and team goals with the company's objectives, and fostering a culture of accountability, your company can achieve and even surpass your desired outcomes. Contact us today to learn how Archer can help you reach your corporate objectives in 2024.

Today, global regulatory pressures coupled with unforeseen disruptive events pose substantial challenges for companies that are working to build operational resilience. These challenges are driven by a myriad of factors including rapid technological advances, geopolitical unrest, and the escalating pace of global economic shifts. Now more than ever, your organization must be proactive in mitigating these challenges to remain operational and competitive. The Growing Focus on Operational Resilience Operational resilience has become a key topic in boardrooms and executive suites for good reason: Cybersecurity threats : As organizations digitize their operations, the risk of cyber threats increases. From ransomware attacks to data breaches, the potential impact on operational resilience and reputation is substantial. Supply chain vulnerabilities : Global supply chains are interconnected and vulnerable to disruptions caused by geopolitical events, natural disasters, or unforeseen challenges such as the recent global supply chain issues. Regulatory demands : Regulatory bodies are increasingly emphasizing the importance of operational resilience. Compliance with standards such as the Digital Operational Resilience Act (DORA) in the European Union highlights the need for a proactive and strategic approach. Technological dependencies : Reliance on intricate technological ecosystems means that a failure in infrastructure or a critical system can have cascading effects across an organization. Strategies for Enhancing Operational Resilience Operational resilience requires a coordinated, company-wide approach that goes beyond planning for recovery from disruption to fortifying all facets that drive your organization’s success. For many organizations, this approach necessitates a pivotal shift. But in doing so, you are able to better adapt to changes and disruptions while also optimizing processes, enhancing productivity, and fostering innovation. A comprehensive strategy should consider the following elements: Prioritization : Your organization must use business impact analysis to prioritize what is most important to make resilient. These priorities should start with products and services offered to customers and cascade to the business units, process, technologies, data, and other interdependencies. Integrated risk assessment : Conducting thorough risk assessments allows you to identify vulnerabilities and potential points of failure. This includes assessing risks related to business processes, technology, supply chains, and regulatory compliance. This risk assessment should incorporate groups across the second line of defense to coordinate their efforts. Robust cybersecurity measures : Investment in robust cybersecurity measures is essential, including regular assessments, employee training, and the implementation of advanced threat detection and response systems. Diversification of supply chains : Recognizing the vulnerabilities in global supply chains, it’s important to explore strategies for diversification and localization to mitigate risks. Scenario planning and testing : Adopting a proactive approach involves scenario planning and testing. Simulating potential disruptions enables you to identify weaknesses, refine response strategies, and enhance overall preparedness. Technological innovation : Utilizing technologies such as Archer, you can leverage artificial intelligence and data analytics to enhance predictive capabilities and improve overall resilience. Collaboration and information sharing : The importance of collaboration extends beyond organizational boundaries. Information sharing among industry peers and public-private partnerships can enhance collective resilience against shared threats. The Evolving Landscape The state of operational resilience for your organization must mirror the dynamic landscape your organization is navigating. Operational resilience is not a static goal; it is an ongoing process of adaptation. As threats evolve, so must strategies for resilience. By embracing a proactive and strategic approach, investing in technology, and fostering collaboration, businesses can not only survive disruptions but emerge more resilient and better prepared for the uncertainties of the future. To learn more, register today to join Archer and BCI on January 11 for an informative webinar, Operational Resilience: Lessons Learned & Key Strategies for Success , to: Gain insights into lessons learned, current trends and best practices in operational resilience, and how to leverage these to enhance your organization's capacity to respond to unexpected disruptions. Understand the latest regulatory guidance concerning operational resilience and the potential implications for your organization. Learn effective strategies for adopting and executing Archer as an integral part of your organization's existing business continuity plans.

On October 7, 2023, California signed into law two new bills that have far-reaching implications for compliance and sustainability owners. SB 253, also known as the Climate Corporate Data Accountability Act (CCDAA), and SB 261, the Climate Related Financial Risk Act (CRFRA), apply to organizations that conduct business in the state of California. These laws are the first of their kind in the United States and are expected to significantly impact corporate climate reporting and accountability policies and programs for organizations that conduct business in the state. The bills mandate reporting of greenhouse gas (GHG) emissions as per the GHG Protocol. It also requires reporting of climate-related financial risks based on the Task Force on Climate-related Financial Disclosures (TCFD) recommendations. These requirements are also referenced in the Securities and Exchange Commission's climate disclosure proposal, the European Sustainability Reporting Standards (ESRS), and the IFRS Sustainability Disclosure Standards. However, the scope of these bills extends beyond the SEC's proposal as they apply to public and private companies meeting revenue thresholds and doing business in California. Scope of Impact SB 253 and SB 261 are designed to increase transparency around corporate climate impacts and financial risks. This information can help investors, consumers, and other stakeholders make more informed decisions about the companies they support. What Organizations Need to Know If your organization meets the revenue thresholds and operates in California, you will be subject to the requirements of SB 253 and/or SB 261. You should start preparing now to comply with the new laws. This includes developing a process for collecting and reporting emissions data or assessing climate-related financial risks. The California Air Resources Board (CARB) and the California Secretary of State have published guidance documents to help organizations comply with SB 253 and SB 261, respectively. What to Do Now To ensure compliance with SB 253 and SB 261, sustainability and compliance owners should take the following actions: Assess the implications. Conduct a thorough assessment of the risks and opportunities presented by the new regulations and identify areas where your company may need to act. Engage with suppliers. Work with your suppliers to ensure they are also aware of the new regulations and are taking steps to comply. Invest in innovation. Look for opportunities to invest in new technologies, materials, and processes that will help your company comply with the new regulations and achieve sustainability goals. Collaborate with stakeholders. Build partnerships with suppliers, customers, and other stakeholders to achieve the goals of the new regulations and maximize sustainability benefits. How Archer ESG Management Solutions Can Help Archer ESG Management solutions can play an important role in helping organizations meet the compliance and reporting obligations outlined in these new laws. Archer ESG Management solutions are designed to address the scope 1, 2, 3 GHG disclosure requirements set forth in these laws and incorporate the TCFD, ESRS, and IFRS Sustainability Disclosure Standards. Archer ESG Management solution represents an integrated approach to managing corporate ESG programs, eliminating the need for multiple point solutions. The solution is comprised of four major use cases that deliver an effective way of managing ESG processes all from one place. Archer’s preconfigured ESG use cases allow organizations to move from manual processes to automated and streamlined ESG management programs. Archer ESG Management Use Cases Archer ESG Management provides enterprise-wide assessment, mapping, monitoring, reporting, and quantification of the organization's ESG programs. Archer Sustainability Reporting is a comprehensive solution addressing the growing demand for transparency in ESG reporting, providing a complete solution that aligns with the TCFD framework and GRI 2 - General Disclosures. Archer Double Materiality Calculator helps you quickly and easily perform a double materiality assessment based on the ESRS requirements. Archer ESG Portfolio Management enables institutional investors to efficiently gather and analyze ESG data across their investment portfolios. Archer’s ESG Management solution enables organizations to collect and centralize ESG data into a single platform, evaluate the impact of risks and the opportunities on business strategy, understand 3rd party ESG risks, set ESG goals, and produce auditable reporting all from one integrated platform. If you would like to learn more about how Archer ESG Management Solutions can help your organization meet its ESG obligations. If you would like to learn more about how Archer ESG Management can help your organization achieve its ESG goals and objectives, we invite you to our webinar hosted by Verdantix and Archer titled " California's Climate Change Legislation: What Your Business Needs to Know. " In this webinar, we will discuss: Gain an understanding of the key provisions of California's new regulations and how they impact your organization's compliance and sustainability reporting. Discover the broader implications of these groundbreaking California laws on corporate climate reporting, accountability, and sustainability programs. Learn about technology that can help you manage and advance your ESG program. We hope you can join us for this informative webinar.

We are excited to introduce an enhanced user experience for the Archer Exchange! The new interface provides Archer customers with an online shopping experience for pre-built app-packs, integrations, tools and utilities, accelerators, and content that provide added value for Archer solutions, and allows customers to easily find the offerings that best fit their needs. The value-add offerings available on the Archer Exchange help each of our customers get their unique risk management program on the right path, right from the start. Customers can leverage value-added offerings to expand their use of Archer into new business processes and address specific industry, geographic, regulatory, or technical requirements. The new Archer Exchange provides Archer customers with everything they need to know at a glance, highlights the latest news, and provides information about new and updated offerings. We invite you to visit the Archer Exchange today to check it out!

Everywhere you look today, there are reports on the news about something that could impact your supply chain and your business. It could be a fast-approaching hurricane, an active crime scene causing closure to parts of the city, or a traffic stoppage that halts deliveries of essential supplies. It has become critical to have a supply chain risk management strategy, but creating an effective plan is challenging if you can't anticipate the challenges that will impact your organization to prioritize risks effectively when there are so many different types of challenges that organizations need to be prepared for to mitigate risk and limit impact to the organization. Wouldn't it be nice to be able to anticipate potential disruptions and take action to minimize the impact on your company? We are excited to introduce a new Archer report powered by Mapbox that allows organizations to see their physical locations, assets and third parties on a map, compare them to potential threats that could impact them, and take action to reduce the risk. If your organization – like most – could be impacted by certain threats of disruption or other risks, you'll love the way Archer and Mapbox connect the dots so you can take proactive steps - instead of reacting after your organization has been disrupted. This mapping capability is an essential tool in your efforts to build a more resilient organization. To learn how you can build a more resilient organization contact an Archer expert.

It’s coming -- mandatory, recurring financial and non-financial sustainability reporting for organizations around the world. Are you prepared? Do you know what information regulators and shareholders will expect? Do you know which reports your organization needs to produce and how often? Do you have the proper systems and processes in place? The answer for most organizations and reporting officers is a resounding “no.” Reporting on environmental, social, and governance ( ESG ) information is new territory for reporting officers in many organizations. They find themselves in a distressing scenario similar to what they faced at the introduction of Sarbanes-Oxley (SOX) and similar anti-fraud and accounting requirements. Introduced this month, the new ESG Exchange is designed to help demystify the financial and non-financial ESG reporting requirements. Archer is proud to be a founding sponsor of the ESG Exchange, with Peadar Duffy, Archer ESG Global Practice Lead, serving as Technical Committee Chair. Founded by the Good Governance Academy and Professor Mervyn King, the ESG Exchange provides deep global expertise to organizations on the processes and content requirements for ESG. The ESG Exchange will provide organizations access to the best available content and hands-on implementation programs for all necessary organizational roles, including directors, executives, finance, audit and assurance partners, operations, IT, and stakeholder/investor relations departments. For more information: Register now for Archer’s co-hosted webinar with the ESG Exchange, “ ESG: Preparing for Sustainability Reporting ,” on July 14, 2022, featuring Peadar Duffy. We’ll discuss where to start on the road to sustainability reporting to meet relevant stakeholder needs, wants, and expectations of such sustainability reports, no matter the organization’s regulatory environment. Read the ESG Exchange paper, “ How the ESG Exchange Can Help Organizations Address ESG Integrated Reporting. ” Watch the ESG Exchange global media launch , which highlights the origins and objectives of the organization, as well as available ESG playbooks. Read how the Archer ESG Management offering can help you with your ESG reporting needs. Read how the Archer ESG Value Stack Framework provides a playbook for establishing global ESG processes.

A former head of sustainable investing at a global investment firm recently accused the company of greenwashing. The accusation led to reputational damage and negatively impacted its stock price. In fact, according to a recent survey*, 68% of U.S. executives admitted that their companies are guilty of greenwashing. Greenwashing is the act of providing the public or investors with misleading or false information about the environmental impact of a company's products and operations. But what if the misstatements from the investment firm were not coming from bad intentions? Companies must have defensible data and build efficient governance around ESG data to protect their reputations from similar accusations. ESG data and reports provided by organizations can be difficult to benchmark from company to company, and investors are often unsure whether the data can be trusted. The European Union Council aims to tackle the challenges of voluntary ESG sustainability reporting with the Corporate Sustainability Reporting Directive (CSRD). The CSRD standard is designed to make corporate sustainability reporting more common, consistent, and standardized, like financial accounting and reporting. Beginning in 2025, companies will have to produce CRSD reports based on 2024 fiscal year performance. So who will be impacted by CSRD? More than 50,000 companies in the EU will be reporting according to the following calendar: FY2024: Companies subject to NFRD (The Non-Financial Reporting Directive) FY2025: EU companies meeting at least two of the following criteria: 250 employees, >€40M annual revenue, >€20M total assets FY2026: Public companies with more than ten employees or €20M annual revenue FY2028: International and non-EU companies with EU branches and annual revenue >€150M. But in practice, non-EU companies are likely to be required to adhere to ESG reporting a lot sooner than 2028. This is because CSRD extends the reporting boundaries to include the data from the upstream and downstream value chain when it is material. Therefore, all companies worldwide working with large EU entities will be under pressure to collect ESG data and disclose their sustainability risks. In addition, it is worth noting that CSRD extends sustainability reporting to include the disclosure of risk management and internal controls to the public. Archer's ESG Management solution enables organizations to collect and centralize ESG data into a single platform, evaluate the impact of risks and the opportunities on business strategy, understand 3rd party ESG risks, set ESG objectives, and produce auditable reporting on sustainability disclosures all from one integrated platform. In addition, Archer ESG Management can help automate and standardize the sustainability reporting process simplifying the effort needed to collect and aggregate data in sustainability reports and minimizing the risk of disclosing inaccurate information. Interested in learning more? Register for our January 26, 2023 webinar, " Integrating ESG & Risk Management" Keys to Success in 2023 ," to learn about: New ESG reporting requirements, mandates, directives, and technology to expect in 2023 The vital role of risk management in accelerating corporate ESG and sustainability programs Technology solutions to help your organization advance your ESG practice * Fast Company Survey April 2022

Recent global events have shown business leaders how crucial it is for organizations to demonstrate capabilities to thrive in unpredictable and evolving circumstances. ESG ( environment, social, and governance ) is increasingly becoming an imperative as organizations cope with increasing global political, economic and social uncertainty. In just the past few months, new ESG directives concerning financial disclosures and reporting requirements have been developing at a rapid pace as compared to the decades-long process seen in developing traditional corporate reporting standards. Consider this snapshot of recent ESG announcements: March 21: SEC proposes climate-related financial disclosures March 24: IFRS and GRI sign agreement to align sustainability reporting March 30: EU on track to publish draft standards before the end of April ‘22 March 31: IFRS publishes S1 General Requirements Exposure Draft March 31: IFRS publishes S2 Climate Disclosures Requirements Exposure Draft April 6: UK Climate Financial Disclosure (CFD) law comes into effect Organizational leaders who have committed to ESG values haven’t done so for the optics. They’ve realized that an effective ESG strategy helps to secure a brighter future not only for their own business but for the health of the planet and the good of society as well. Increasingly, winning organizations will be characterized by their resilience in the face of the volatile global supply chain, social, and environmental conditions. Therefore, it’s more crucial than ever for organizations to implement strategies and demonstrate capabilities that will allow them to thrive in changing business environments. Driving toward compliance with emerging ESG reporting requirements equips organizations to outperform competitors in both near-term risk mitigation and ongoing resilience. By providing their organizations with these strategic capabilities, leaders empower their teams to perform and drive down the cost of their capital. To learn more about the impact of ESG, join us for our webinar “ The Critical Role of ESG in GRC Programs , ” featuring Michael Rasmussen of GRC 20/20 and Archer ESG Product Manager Phil Freund, who will discuss: The critical role of ESG in GRC programs How ESG impacts your organization Steps you can take today to begin planning and implementing an ESG program Webinar: The Critical Role of ESG in GRC Programs June 15, 2022 11:00 am Eastern Time Register Now! Visit Archer ESG Management for more information. Contact us to speak to an Archer Expert about how you can implement an ESG program.

How do you spell ESG? While it is a simple question, oftentimes simple questions are the hardest to answer. It does not matter what industry you work in. Each has its unique language, sayings, and code that is difficult to understand to those not adequately versed. The risk and compliance domains are no different. Risk and compliance functions are awash in techno-speak, anacronyms, abbreviations, and slang that, to the outsider listening in, the conversation can sound like listening to aliens from another planet. But if you can know the “alphabet” of your domain, conversations can flow as naturally as walking down the street. So, the answer to the simple question of how do you spell ESG depends on your understanding of the ESG alphabet. The good news is that the ESG alphabet is quite simple and easy to learn. So let's start with the basics: what does ESG mean? ESG stands for environmental, social, and governance. ESG is a risk management tool to help stakeholders (investors, employees, society) better understand the organizations they engage with regarding social and environmental factors such as the impact on the environment, diversity, and equity policies and practices. Now that we have answered that question, how can you learn to speak ESG? We will stick with the basics for this lesson and focus on the five most common ESG standards and the primary framework that are part of nearly every ESG conversation. ESG standards: GRI - The Global Reporting Initiative (known as GRI) is an international independent standards organization that helps businesses, governments, and other organizations understand and communicate their impacts on issues such as climate change, human rights, and corruption. SASB - The Sustainability Accounting Standards Board (SASB) standard guides companies' disclosure of financially material sustainability information to their investors. The Standards identify the subset of ESG issues most relevant to financial performance in each industry. CDSB - The Climate Disclosure Standards Board (CDSB) standard provides investors and financial markets material information by integrating climate change-related information into mainstream financial reporting. CDP - The CDP (formerly the Carbon Disclosure Project) standard helps companies and cities disclose their environmental impact . It aims to make environmental reporting and risk management a business norm, driving disclosure, insight, and action towards a sustainable economy . IIRC - The International Integrated Reporting Council (IIRC) standard helps demonstrate the linkages between an organization's strategy, governance, and financial performance and the social, environmental, and economic context within which it operates. By reinforcing these connections, Integrated Reporting can help businesses make better-informed decisions regarding sustainability and enable investors and other stakeholders to understand how an organization is performing. ESG framework: TCFD - While many ESG frameworks are being discussed today, the TCFD (Task Force on Climate-Related Financial Disclosures) framework has risen to the top and has achieved global recognition. This framework helps public companies and other organizations more effectively disclose climate-related risks and opportunities through their existing reporting processes and disclose the organization's governance around climate-related risks and opportunities. You now know the basics of the ESG alphabet. These ESG standards and frameworks make up the core of most all ESG conversations. Understanding what these anacronyms stand for and how they can help guide your organization's ESG programs will catapult your ability to lead strategic and impactful ESG conversations with your organization's leadership. Want to learn more about ESG? We invite you (and your ESG colleagues) to watch a replay of Archer’s Peadar Duffy, Global ESG Practice Lead, and French Caldwell, Chief Strategy Officer for Archer, for a discussion of the critical factors and concepts risk managers need to know before implementing an ESG solution to best leverage their organization’s risk and compliance platform. For information on Archer ESG Management , visit www.ArcherIRM.com/ESG