On October 7, 2020, US Regulator the Office of the Comptroller of Currency announced that it had fined Citibank $400m, citing the bank’s “long-standing failure” to institute effective risk and compliance management, data governance and internal controls. By Rupert D.E. Brown, CTO Evidology Systems

This is currently the largest regulatory fine imposed on a financial organisation where the failure of its general data governance processes has been a core reason for sanction rather than inaccurate or incomplete data for a particular product or analysis dimension.

Despite this significant fine, there seems to have been little effort on the part of Citibank’s peers to improve their data governance processes, be they for regulatory reporting or KYC and AML failings where large penalties continue to be imposed around the world.

The UN COP 26 conference in Glasgow in 2021 added a whole new raft of regulatory reporting requirements under the acronym ESG (Environmental, Social and Governance), which will place even further stress on corporate data transparency and supply chains in the coming years.

Vladimir Putin’s “special military operation” has further strengthened the case for detailed environmental impact analysis as it has forced EU and NATO countries to both seek alternative short term fossil fuel supplies and speed up their drive for self-sufficiency based on renewable technologies. The new sanctions regime imposed on Russia will also have a significant impact on the transparency of corporate structures and shareholdings as western governments delve into the investments of Russian Oligarchs made across the world after the collapse of the Soviet Union.

The scene is therefore set for a major step change in regulatory reporting away from the simple “what and when” of fiscal balance sheet and position reporting on to a deeper introspection of the “how, who, where and why”.

In order to try and scope out the scale/breadth of these reporting requirements, the EU has produced a taxonomy of the activities impacted by ESG reporting requirements and some supporting high level coding schemes. Although significant effort is being expended to define and create the first generation of ESG reports, it is far from clear who will eventually be the key beneficiaries of them and how they might be used by shareholder activists seeking to change the culture of a corporation from the outside.

It is quite possible that the outcome of the war in Ukraine will have a significant impact on the scope and impact of ESG reporting requirements on global corporations. If Putin manages to achieve any of his key goals in the same way he did when supporting Assad in Syria, then it will be seen as a win for authoritarianism. A win for the west, despite the already terrible cost in lives and infrastructure in Ukraine, will strengthen the hand of democratic and accountable governance at both the state and corporate level.

A major unanswered question in ESG reporting is what is to be done with all the data that gets generated – where will it be stored and how will it be analysed? The infrastructure needed to do this will itself have a significant carbon footprint, given the energy needed to operate it.  We have already started to realise the environmental cost of highly stateful middleware such as blockchain, but it is doubtful that the technology firms implementing ESG solutions will focus on energy efficient runtimes and protocols unless that is baked into their delivery and support contracts.

It should be noted that the major cloud platform providers such as Amazon and Microsoft are amongst the most keenly aware corporations of their environmental impact, as the energy and thermal efficiency of their data centres is a core factor in their profitability. They still, however, need to solve the problem of recycling obsolete and older generation physical servers, network and storage devices that are largely abstracted by layers of software virtualization away from actual running code.

It seems a long time since the COP26 summit in Glasgow and although the Covid pandemic now seems to be receding rapidly in the rear-view mirror, the inflationary spike we now face across the whole world is likely to change political priorities until at least 2024.  It is reasonably safe to assume that the world will revert to “carbon familiarity” because the delivery and fiscal management mechanisms are already in place.

Thus, it is imperative that work done along the whole ESG data supply and analytics chain produces consistent, accurate and actionable data that is credible to both politicians and the public around the world. The costs of implementation will need to be borne internally by corporations and governments around the world as much as possible with tangible fines and other sanctions for failure, otherwise there is a danger of the whole initiative being regarded as a vanity project.

If you were to ask the “customer at the Clapham Tesco filling station” what ESG means to them currently, they are likely only to point at the digital price per litre sign in the forecourt before telling you where to go.