In 2025, Environmental, Social, and Governance (ESG) risk management isn’t just a corporate checkbox – it’s at the heart of how businesses navigate sustainability, ethics, and long-term resilience. As we’ve highlighted in previous articles on WINSS, ESG has moved from the margins to the core of business strategy, driven by evolving regulations, growing pressure from investors and communities, and rapid tech innovation.
But despite this momentum, major challenges remain. Inconsistent standards, unclear metrics, political changes, and access barriers – especially for smaller companies – continue to stall meaningful progress.
In this article, we take a closer look at where ESG risk management stands today: the key trends shaping it, the pitfalls holding it back, and the global shifts taking place.
Rising Trends in ESG Risk Management
Regulatory Momentum
Since 2020, ESG regulation has evolved rapidly. The European Union has led efforts to mandate standardized sustainability disclosures through the Corporate Sustainability Reporting Directive (CSRD) and the EU Taxonomy Regulation, which define sustainable economic activities and enforce greater corporate transparency. These policies have been complemented by the Sustainable Finance Disclosure Regulation (SFDR) and, more recently, oversight from the European Securities and Markets Authority (ESMA), which began supervising ESG rating providers in 2025.
ESMA’s role includes enforcing transparency in scoring methodologies and standardizing technical criteria across ESG rating systems. Although early impacts are promising, challenges persist due to regional regulation differences and sector-specific constraints.
One example is the climate agreement debate that continues to divide regulators.
Customization and Data Control
A shift is underway from reliance on bundled ESG scores to custom, in-house models. Asset managers now prioritize raw datasets that better reflect sector-specific risks and regional priorities. Enhanced use of cloud-based APIs allows real-time integration, catering to internal definitions of materiality.
Additionally, data sovereignty has become a geopolitical concern. The EU remains heavily dependent on US- and UK-based ESG providers, despite launching initiatives like the European ESG Data Commons. Uptake remains limited, pointing to the entrenched dominance of global players.
Integration of New Risk Dimensions
2025 has seen the emergence of nuanced ESG metrics, such as biodiversity loss, supply chain emissions (Scope 3), and mental health. Frameworks like the Taskforce on Nature-related Financial Disclosures (TNFD) are gaining traction, urging companies to consider ecosystem risks alongside climate and social factors.
Meanwhile, AI ethics has entered the ESG agenda. The upcoming EU AI Act aims to align artificial intelligence systems with societal values, reflecting a convergence of technology governance and sustainability risk management.
Persistent Pitfalls and Structural Gaps
Rating Divergence and Methodological Inconsistencies
Despite regulatory efforts, ESG ratings remain fragmented. Correlation between major providers like MSCI, Sustainalytics, and ISS ESG still hovers around 0.42 to 0.47, underscoring substantial differences in methodology. These discrepancies stem from varied data sources, weighting criteria, and scoring assumptions.
This inconsistency undermines comparability and can lead to vastly different ratings for the same entity. A firm may be lauded by one provider for environmental performance while being penalized by another for weak governance—confusing investors and distorting market signals.
Risk of Greenwashing
A growing concern is the strategic use of ESG disclosures to portray an inflated sense of responsibility. Companies may highlight favorable metrics – like carbon neutrality pledges – while overlooking serious shortcomings in labor practices or governance. This practice, known as greenwashing, misleads investors and reduces the effectiveness of ESG frameworks as a tool for accountability.
Access Barriers for SMEs
Small and medium-sized enterprises (SMEs) remain disadvantaged in ESG reporting due to high compliance costs and limited expertise. While the CSRD includes tailored provisions for smaller firms, many struggle to meet the data granularity and reporting frequency demanded by rating agencies.
Efforts like the Voluntary SME (VSME) Framework are underway to simplify ESG adoption for SMEs. Yet, access to structured feedback loops and affordable ratings services remains limited.
Key Risk Categories in ESG
Related UN SDG Targets Relevant to ESG
| Goal | Target ID | Description |
|---|---|---|
| SDG 1: No Poverty | 1.4 | By 2030, ensure equal rights to economic resources, as well as access to basic services, ownership and control over land and other forms of property. |
| SDG 1: No Poverty | 1.5 | Build the resilience of the poor and those in vulnerable situations and reduce their exposure to climate-related extreme events and other economic, social and environmental shocks. |
| SDG 1: No Poverty | 1.a | Ensure significant mobilization of resources from various sources to end poverty in all its dimensions. |
| SDG 1: No Poverty | 1.b | Create sound policy frameworks at the national, regional and international levels to support accelerated investment in poverty eradication actions. |
These SDG targets align closely with environmental and social dimensions of ESG risk management, especially regarding community impact, resilience to climate change, and equitable access to resources.
ESG risk management spans multiple domains, each with distinct vulnerabilities:
- Environmental risks: These include climate-related transition risks, such as regulatory penalties on emissions, physical risks from climate events, and reputational damage from unsustainable practices.
- Social risks: Labor violations, human rights abuses in supply chains, lack of diversity, and weak community engagement can lead to public backlash, regulatory fines, and operational disruptions.
- Governance risks: Board-level accountability, data privacy violations, corruption, and executive pay disparities remain major governance red flags.
Recent disclosures from Swiss Re, for instance, show that ESG risk screening is becoming more rigorous. In 2024 alone, over 125,000 transactions were screened for ESG risk, and 4,834 companies were flagged for enhanced monitoring. These figures show the operational scale of ESG risk as a due diligence concern.
Here are several real-world examples from 2025 that illustrate how organizations are actively engaging in ESG risk management.
Environmental Risk Management
Kering’s Water-Positive Strategy
French luxury conglomerate Kering has introduced an industry-first water strategy aimed at reducing the fashion sector’s extensive impact on global and local water resources. The initiative includes improving raw materials through regenerative agriculture, establishing water resilience labs in 10 global freshwater basins by 2035, and implementing stewardship programs to enhance water quality and efficiency among suppliers. Kering aims to become net water-positive by 2050.
FAIRR’s Climate Risk Tool for Protein Producers
The FAIRR Initiative has developed a Climate Risk Tool that models potential financial impacts on meat and dairy producers under various climate scenarios. This tool helps investors assess risks related to methane emissions, volatile feed prices, and rising consumer demand for plant-based alternatives, thereby informing more sustainable investment decisions.
Governance and Regulatory Compliance
CDOP and SBTi Redefining Carbon Market Standards
In early 2025, the Carbon Data Open Protocol (CDOP) and an updated draft of the Science Based Targets initiative’s (SBTi) Corporate Net-Zero Standard are reshaping global voluntary carbon markets. CDOP aims to standardize and harmonize carbon market data, enhancing transparency and alignment with the Paris Agreement. Simultaneously, SBTi’s Version 2.0 introduces stricter requirements for emissions reduction and carbon credit usage, mandating separate targets for Scope 1 and 2 emissions and detailed tracking.
SEBI’s Norms for Withdrawing ESG Ratings
India’s Securities and Exchange Board (SEBI) has introduced new guidelines allowing ESG rating providers to retract ratings if a company lacks a Business Responsibility and Sustainability Report or if there is no demand for the rating. This move aims to enhance the credibility and relevance of ESG ratings in the Indian market.
Social and Human Capital Management
WTW Survey Highlights Health and Safety as Top Risk
A survey by WTW indicates that health and safety continues to be ranked as the number one risk for directors and officers globally, with 80% of respondents ranking it as very or extremely important. The survey also notes that workplace and personal matters impacting mental health and wellbeing are ranked almost equally as important as physical health and safety.
Reform and Improvement Pathways
Standardization Through CSRD and ESRS
The CSRD, coupled with the European Sustainability Reporting Standards (ESRS), is driving uniformity across disclosures. The new standards provide structured templates for sustainability data, allowing clearer comparison across companies and sectors.
By enforcing consistency in metrics—especially on climate risk, resource use, and social performance—the CSRD is closing critical data gaps. While implementation challenges remain, particularly for multinational firms operating in divergent regulatory regimes, early reports show improved input quality for ESG rating models.
Oversight and Transparency
The supervisory role of ESMA in ESG rating provision is considered a major milestone. From 2025, ESG providers must disclose methodologies, data sources, and scoring logic. While some major firms now publish key scoring details, full transparency remains a work in progress.
Additionally, stakeholder engagement is improving. Large ESG agencies have created structured feedback loops to allow rated companies to contest or update data, reducing the volume of outdated information. However, tiered access means smaller companies are often excluded from these mechanisms.
A recent headline that illustrates these concerns noted that the U.S. Environmental Protection Agency officially terminated programs focused on mitigating environmental racism, raising broader ESG governance concerns.
Innovation in ESG Data and Technology
The ESG ecosystem is embracing technology-driven improvements. Providers are leveraging AI, satellite imagery, and big data analytics to assess real-time risks and detect inconsistencies. ISS ESG, for example, has integrated AI into its analysis framework, while MSCI has launched real-time ESG monitoring services.
However, the use of proprietary AI models also introduces concerns about algorithmic opacity, echoing existing criticisms of third-party ESG scores.
Future Outlook
In 2026 and beyond, ESG risk management will likely be formed by:
- Unified terminology frameworks: The European Commission’s Green Claims Directive aims to harmonize sustainability language, reducing confusion caused by inconsistent use of terms like “green,” “impact,” and “ESG”.
- Expanded regulatory coverage: The forthcoming Corporate Sustainability Due Diligence Directive (CSDDD) will mandate ESG risk assessments across supply chains, moving ESG governance from optional to obligatory for thousands of firms.
- Localized ESG scoring models: Regional adaptations, particularly in agriculture, manufacturing, and energy, will gain momentum. These models address sector-specific exposures and local taxonomy needs but are unlikely to displace dominant global rating frameworks in the near term.
Don’t Forget the SME’s
ESG risk management in 2025 faces both opportunities and challenges. While regulatory frameworks like CSRD and ESMA oversight are building a more consistent and transparent system, persistent inconsistencies and access barriers dilute the reliability of ESG assessments.
The path forward requires not only regulatory enforcement but also capacity building for SMEs, alignment of global and regional standards, and continued innovation in data infrastructure. ESG risk management will only fulfill its promise when it moves beyond checklists to deliver measurable, systemic accountability.
