Expert-led tax essentials delivering practical insights and strategic foresight. Learn more.
In the rush to comply with new regulations, many organisations are prioritising climate-related disclosures while overlooking the broader spectrum of environmental, social and governance risks.
This narrow lens often results in climate-related risk and opportunities being identified solely for reporting purposes, rather than integrating into the organisation’s core risk management processes. Social, governance and other environmental risks, which can be equally significant, are frequently sidelined.
The result? Compliance may be achieved; however the full remit of sustainability is potentially missed. True sustainability requires embedding environmental, social, and governance (ESG) considerations into strategic decision making ensuring they are not just reported but actively managed as part of the organisation’s long-term resilience and value creation.
To move beyond surface-level compliance and truly embed sustainability into your organisation’s DNA, it is essential to take a structured and proactive approach. Embedding sustainability requires a holistic approach anchored in strong governance and leveraging existing organisations enterprise risks management structures.
The following points outline key actions to help embed sustainability into your core business practices to drive long-term value and strategic advantage:
Assign clear ownership of sustainability risks across the organisation. Establish board level oversight and executive sponsorship to drive accountability. Embed sustainability considerations into existing governance structures, integrating them into risk policies, reporting lines, and decision-making processes to avoid fragmentation.
ESG risk factors should be embedded into existing processes for identifying, assessing, and mitigating risks. Rather than managing them in isolation, organisations should encourage cross-functional collaboration, assign clear accountability, and establish consistent reporting mechanisms to ensure ESG risks are properly monitored, escalated, and addressed within the broader governance structure. To make this integration effective, it’s essential to educate teams on both risk management and change management. This builds the necessary skills and shared understanding across the organisation, enabling people to respond confidently to ESG challenges and adapt to new expectations and responsibilities.
Integrate ESG considerations into existing control frameworks and apply consistent oversight through internal audits and, where appropriate, external assurance. Treat sustainability related controls with the same rigour as financial and operational controls to support resilience, compliance, and stakeholder confidence.
Invest in capability building through targeted training and leadership development. Promote a culture of innovation, accountability, and recognition, encouraging employees at all levels to contribute meaningfully to sustainability goals and initiatives.
Identify and engage key stakeholders to understand their expectations and co-develop sustainability initiatives. Maintain transparent communication through regular updates, disclosures, and feedback mechanisms to build trust and foster collaboration.
At Grant Thornton, we have a team of experts who can help you embed sustainability into your current risk management practices to ensure long term resilience, regulatory alignment, and drive positive impact in multiple areas of your organisation. Reach out to our experts today to find out how we can assist you.
Grant Thornton worked with AUSTRAC (the federal Anti-Money Laundering regulator) to support the development of their new AML/CTF Starter Kits released this week, designed specifically for Tranche 2 sectors including lawyers, real estate professionals, accountants, and conveyancers.
The Federal Court’s $5.8M ACL decision signals a new era for privacy, cybersecurity, and governance in Australia. It reinforces that privacy and cyber obligations start Day 1 of any acquisition, governance failures will be scrutinised, and accountability cannot be outsourced. Boards must ensure robust oversight, deep cyber due diligence, and forensic incident response. With OAIC escalating regulatory enforcement, organisations face heightened legal, financial, and reputational risks.
In June this year, APRA published its eight proposed changes to its governance prudential standards. We have summarised APRA’s updated/clarified position and provided guidance on some steps that boards should be doing to prepare for the revised standards.
