The Protiviti View  | Insights From Our Experts on Trends, Risks and Opportunities

The Protiviti View

Insights From Our Experts on Trends, Risks and Opportunities
Search

POST

5 mins to read

The ESG Controller—A “Job Of The Future” That’s Actually Here Now

James W. DeLoach

Managing Director

Views
colleagues in a conference room with glass walls
Larger Font
5 minutes to read

As the stakes increase for ensuring the integrity of sustainability reports, CFOs across all industries should not only consider adding the ESG controller role in the finance function but also determine where it sits in the organizational structure and how a newly appointed ESG controller can be positioned to succeed.

What you should know: ESG controllers ensure that sustainability data collected from all manner of sources beyond the general ledger is complete, accurate and auditable; they apply the same control discipline and rigor to non-financial sustainability data that financial controllers apply to financial reporting data.

The bottom line: Although CFOs cannot control how sustainability reporting will evolve in the future, one way they can get a handle on ESG reporting requirements today and put their organizations in an ideal position to address future regulatory changes is by installing an ESG controller sooner rather than later.

___  ____  ___

Do you have an ESG controller? It’s an important question, for the era of the ESG controller is on the way. In fact, some might say it’s already here.

Nearly 99% of S&P 500 companies publish annual sustainability reports, according to research from the Governance & Accountability (G&A) Institute. Another paper from the G&A Institute notes that a growing percentage of large public companies, led by early-adopter Fortune 500 firms, have created an ESG controller position to oversee sustainability reporting and the information processes feeding that reporting—wherever they reside in the organization.

CFOs serving smaller businesses and private companies should take note of this trend and consider doing the same, given that their organizations are increasingly required to share greenhouse gas (GHG) emissions data and other sustainability information with larger trading partners, especially those that are publicly held. Moreover, these CFOs may find, at some point soon, their organizations subject to regulatory standards or market demands requiring them to do so.

Establishing the ESG controller position addresses three pressing questions CFOs now field on a regular basis from CEOs, boards, investors, customers and other stakeholders:

  • Who is responsible for sustainability reporting?
  • Where is the data coming from?
  • How do we know it is complete and accurate?

As I wrote earlier this year, sustainability reporting is, unequivocally, the CFO’s responsibility. The CFO certifies the financial statements. The finance group possesses the organization’s internal controls and reporting expertise, the muscle memory, and a skin-in-the-game interest to ensure the numbers the company reports are complete, accurate, properly valued, timely and consistent. If they aren’t, all heads turn to the CFO for answers.

Finance also has cultivated collaborative relationships with internal audit, the compliance team and external assurance providers, most of whom are—or will soon be—reviewing the efficacy of sustainability information, processes and internal controls that support sustainability reporting activities. Plus, there is a view among a growing number of stakeholders that given the stakes in meeting compliance reporting requirements as well as preserving brand reputation, sustainability reporting is becoming nearly as important as financial reporting.

These drivers, combined with the ongoing promulgation, enforcement and refinement of sustainability reporting requirements around the world, make it imperative for CFOs—especially those in publicly held organizations—to consider creating the ESG controller position. Many CFOs in the oil and gas and financial services industries have already done so. I suspect that technology, manufacturing and consumer products companies whose products are energy-intensive (think AI data center workloads or crypto mining) and/or resource-intensive (think water usage) will follow suit.

Can one imagine a financial reporting process without the disciplined oversight of a financial controller? As the stakes increase for ensuring the integrity of sustainability reports, CFOs across all industries should not only consider adding the ESG controller role in the finance function but also determine where it sits in the organizational structure and how a newly appointed ESG controller can be positioned to succeed.

Roles and reporting relationships

“With an understanding of the risks to achieving sustainable business objectives and the processes that underpin the measurement, management and reporting of the data, the organization identifies specific control activities to manage a risk or mitigate it to an acceptable level,” according to COSO’s report, Achieving Effective Internal Control Over Sustainability Reporting (ICSR). Substitute “ESG controller” for “organization” in that passage and you have a useful distillation of the position’s mission.

ESG controllers ensure that sustainability data collected from all manner of sources beyond the general ledger is complete, accurate and auditable; they apply the same control discipline and rigor to non-financial sustainability data that financial controllers apply to financial reporting data. This work requires scrutiny of systems access and version control along with the design of controls and review processes.

While the following attributes do not necessarily qualify as formal job specifications, effective ESG controllers tend to demonstrate the following competencies:

  • A deep understanding of the business (i.e., how the gears really work)
  • Credible relationships throughout the organization forged through effective collaboration skills
  • Internal controls and regulatory reporting expertise
  • The right attitude (i.e., a genuine commitment to the value of controls and control frameworks)
  • The ability to work with third-party assurance firms (and, ideally, established relationships with those firms)

These attributes explain why most ESG controllers hired to date have: 1) been promoted from within their companies; and 2) previously worked on financial reporting or SEC reporting teams. In fact, the creation of such a position is a way to address another concern of CFOs: developing leadership in their finance organization. (Of note, in our latest global survey of CFOs and finance executives, leadership within the organization is ranked sixth on the list of priorities for the finance function to address and improve in the coming year.)

The vast majority of ESG controllers report to the CFO, as they should, even in organizations with chief sustainability officers and formal sustainability functions or ESG programs. While ESG controllers work closely with sustainability officers, sustainability groups and even ESG counsel (another emerging sustainability job title), their purview can be significantly larger, extending across the enterprise and beyond, to wherever sustainability data is gathered. As one of two signatories (with the CEO) of the company’s public and regulatory filings in the United States, the CFO has a personal stake in ensuring the effective functioning of the ESG controller’s work. Access to the right data and functions throughout the organization is paramount for the ESG controller’s success.

Position the role for success

CFOs play a key role in laying the groundwork for ESG controllers to thrive in performing their respective duties. Finance leaders can do so by making sure the ESG controller possesses the following:

  • Proper authority: ESG controllers need access to a broad range of leaders and managers who produce or provide sustainability data that must be auditable. Some organizational groups, like HR, are accustomed to audits; others, such as operational teams, often are not. While, in addition to collecting data, ESG controllers should guide and counsel their business counterparts, they also must have the authority to obtain the information they seek.
  • Credibility: ESG controllers perform better when their emails, direct messages and phone calls are returned promptly. This explains why most current ESG controllers were promoted from within their companies—where they earned respect and reputations as high performers and trusted collaborators.
  • A sufficient budget: To succeed long-term, ESG controllership functions will need to grow beyond “a department of one.” Doing so requires investments in awareness, training, staffing and supporting technologies. As with any new senior role or reporting structure, change enablement is required to help the workforce and other stakeholders understand the context of the ESG controller’s mandate and its importance to the company’s market permission.
  • Supporting technology: In many organizations, a substantial percentage of sustainability data resides in spreadsheets. This needs to change, as COSO’s ICSR guidance emphasizes: “The systems around sustainable business information are often immature and depend on spreadsheets with few formal controls. By incorporating this information into IT platforms with well-established controls, an organization can significantly improve decision-maker confidence in data that has previously been measured, validated, managed, and reported outside the formal financial control environment.”

It’s worth keeping in mind that sustainability reporting has only recently entered adolescence—a phase sometimes described as the “SOX-ification of sustainability reporting.” The first EU Corporate Sustainability Reporting Directive (CSRD) report has yet to be filed. Third-party assurance of sustainability reports is in its infancy. There is much more to come as enforcement actions, rules refinement, lessons learned, and leading reporting and compliance practices take form.

Although CFOs cannot control how sustainability reporting will evolve in the future, one way they can get a handle on ESG reporting requirements today and put their organizations in an ideal position to address future regulatory changes is by installing an ESG controller sooner rather than later. From where I sit, that would be a smart move on the board.

This article originally appeared on Forbes CFO Network.

Was this post helpful to you?

Thanks for your feedback!

Subscribe to The Protiviti View Blog

To face the future confidently, you need to be equipped with valuable insights that align with your interests and business goals.

In this Article

Authors

James W. DeLoach

By James W. DeLoach

Verified Expert at Protiviti

Jim DeLoach has more than 35 years of experience and assists companies with responding to government mandates,...

EXPERTISE

No noise.
Just insights.

Subscribe now

Related posts

Article

What is it about

The big picture: C-suite leaders in traditional aerospace and defense (A&D) companies are launching and growing their aftermarket services and...

Article

What is it about

What to watch: President-elect Donald Trump will take office in January 2025 with Republican control of both the Senate and...

Article

What is it about

What’s new: HR leaders are having to rethink and relearn traditional rewards strategies in response to the growing need to...