Successful ESG strategies rely on a comprehensive cybersecurity strategy
ESG is not a new concept. However, its significance and popularity has increased over the last few years. According to PwC, asset managers globally are expected to increase their ESG-related assets under management (AUM) to US$33.9tn by 2026, from US$18.4tn in 2021. With a projected compound annual growth rate (CAGR) of 12.9%, ESG assets are on pace to constitute 21.5% of total global AuM in less than 5 years.
As we look to the future, responsible investments and ESG (Environmental, Social and Governance) considerations will be critical topics in the alternative investment industry. As the world works towards a more sustainable, ethically sound future, companies in our sector will play an important role in securing this future through the incorporation of ESG factors into their investment strategies. Such investments cover climate change and environmental projects; diversity, equality and inclusion efforts as well as corporate responsibility and governance of an organisation as a whole, including their ESG reporting efforts.
To do this successfully, businesses looking for investment need to have a comprehensive ESG strategy in place, which in turn ensures asset managers can evidence transparency surrounding goals to investors and clients. For these managers, securing a robust data strategy for adhering to ESG regulatory frameworks is a priority as there is pressure to improve ESG standing. Firms also need to consider how effective their cybersecurity strategy is, as this will likely form some of the questions on investor DDQ’s when governance and risk are being considered.
In 2022, Bloomberg reported that cybersecurity risk is a growing ESG issue. There is no denying that the importance of cybersecurity has increased in the last couple of years due to the increased number of people working remotely and geopolitical conflicts. Bloomberg continues to detail that as ‘cyberattacks continue to increase in both size and frequency, there is great threat regarding direct and indirect damage to companies. This is inclusive of reputation damage, the loss of customer data and confidence and potential implications to stock prices. All of these can impact different aspects of ESG’. Good governance relies on having a robust data strategy in place. In this case, governance, risk and compliance are all closely linked.
While firms need to be able to adhere to their regulator’s governance requirements, focus must also be given to managing and mitigating cyber risks. This can be achieved by structuring business and investment goals with a firm’s overall IT strategy. A JP Morgan report from 2021 states that cybersecurity should be considered as a key metric under the social pillar of the ESG umbrella too. This aligns with how firms should build a cybersecurity culture within their operational structure, so that employees understand what risk looks like, and have adequate training in order to reduce risk of data breach in the event of an attack.
Firms should take a holistic approach to ESG and cyber strategies, starting with a review of their current standing. Firms should address shortfalls in their technology and IT, understand the skillsets and capabilities of their staff, as well as assess and monitor their processes and governance. Alternit One works with a number of funds with ESG credentials. We help our clients to build effective cybersecurity strategies that correspond with their ESG goals. We are also focused on our own ESG strategy which will continue to evolve as we learn from clients, partners and our team to set and achieve our own goals to align with those of our clients.