The Emerging Role of the ESG Controller: Does Your Organization Need One?
The rapidly evolving environmental, social, and governance (ESG) regulatory landscape is changing how organizations understand and manage ESG risks and disclosures. With new disclosure requirements proliferating in the US and globally, they’re taking a fresh look at how they collect and manage information about material ESG topics and impacts — most often concluding that existing governance, processes, controls, and technologies are insufficient.
As organizations work to meet these complex challenges, a new role has emerged: the ESG controller. As GreenBiz points out, though the role didn’t exist two years ago, more than half of the Fortune 100 now have ESG controllers on their payrolls.
What does an ESG controller do? Who do they report to? What skills do they need to be successful? Read on to understand what’s behind the growing need, how ESG controllers solve for it — and whether your organization might benefit from bringing one onboard.
What’s Driving the Demand?
Several factors are driving the need for this unique role, which unites the rigor of finance and accounting with a strong understanding of ESG regulations and reporting.
- Evolving stakeholder expectations. Since ESG-related risks can materially impact operational performance, financial outlooks, and business strategies, investors, regulators, and other stakeholders increasingly want to know how organizations are managing these risks. They want consistent, comparable, and reliable information about material ESG risks and impacts to inform decision-making.
- New requirements for audit-ready ESG reporting. The ESG disclosure landscape has transformed in response, with implementation of disclosure requirements in the U.S., EU, and UK. AuditBoard’s 2024 Sustainability and ESG Guide offers a rundown. ESG disclosures are integrated with financial reporting, making them subject to equally high levels of scrutiny and liability. And while some disclosures will be subject to third-party assurance, a 2023 KPMG survey assessed that only 25% of companies have the policies, skills, and systems in place to be ready for independent ESG data assurance.
- Lack of ESG reporting maturity. Most leading organizations are already reporting on ESG (including 90% of the Russell 3000), but many struggle with ESG data availability and quality and lack reporting maturity. A 2023 AuditBoard survey found that half of organizations scored in the lowest level of maturity when it comes to reporting and disclosures. Plus, ESG data collection often relies on multiple disparate internal and external sources and labor-intensive manual processes.
ESG reporting requires cross-functional collaboration that looks different in every organization. As a result, organizations need a leader — the ESG controller — who brings together the skills needed to enable effective compliance, collaboration, governance, and data verification.
What Is an ESG Controller?
At a high level, an ESG controller is responsible for overseeing and managing sustainable business information processes and activities, and producing external ESG reporting. They own data verification and integrated reporting of financial and non-financial information as mandated by the ESG disclosure requirements that apply to their organizations.
What Are the Typical Responsibilities of ESG Controllers?
A recent LinkedIn job search for “ESG controller” yielded nearly 70 listings across industries. While titles and responsibilities varied, the following were key themes:
- Readiness, reporting, and compliance planning. Oversee development of implementation and readiness plans for applicable ESG reporting-related initiatives (e.g., CSRD, SEC’s climate rule, GHG, IFRS S1/S2, California SB 253/261).
- ESG reporting landscape monitoring and strategy. Stay apprised of evolving ESG disclosure requirements and voluntary frameworks. Provide guidance to help leadership align reporting efforts with compliance needs and overall business strategy.
- Audit relationships/coordination. Maintain relationships with internal and external auditors to coordinate their review, oversight, and assurance of ESG reporting.
- Cross-functional relationships/coordination. Build relationships and coordinate efforts to educate and support internal stakeholders and gain buy-in.
- Data quality, accuracy, validation, and controls. Ensure reliable data and standardized supporting work processes, policies, procedures, and controls. Assist teams in optimizing processes, data flows, and controls.
- Materiality assessments. Manage annual assessments to determine the materiality of ESG topics (based on how requirements/standards define materiality).
- Executive/board reporting. Present to leadership and board, as appropriate, around all ESG items.
- ESG data/technology strategy. Lead the organization’s ESG data and technology strategy in collaboration with IT.
To Whom Do ESG Controllers Typically Report?
We often see ESG controllers reporting to organizations’ controllership functions. This alignment establishes the ESG controller as distinct from any sustainability team — appropriate given their respective purviews. For example, while traditional controllers focus on the accuracy, efficiency, and security of the financials and optimizing related processes and controls, sustainability teams focus on assessing, benchmarking, and improving ESG practices, goals, and ROI. That said, reporting relationships in LinkedIn’s listings included everything from CFOs to CSOs and beyond.
What Are the Desired Qualifications for ESG Controllers?
At minimum, ESG controllers are generally expected to have experience in:
- ESG and accounting/finance, ~10 years’ progressive experience across both areas.
- Regulatory compliance, including US GAAP and SEC reporting, corporate governance, internal controls, and other statutory requirements (e.g., SOX); the ESG regulatory landscape and related industry trends; and key frameworks and disclosure requirements (e.g., SEC, GHG, CSRD, ESRS, TCFD, SASB, CDP, GRI, IFRS S1/S2).
- ESG technology implementations.
- Executive- and board-level presentations.
- Cross-functional collaboration.
- Relevant industries or company types (e.g., public multinationals).
Does Your Organization Need an ESG Controller?
So, would your organization benefit from hiring an ESG controller? If — like most — your organization lacks ESG reporting maturity, absolutely. Depending on your company’s size and applicable reporting requirements, it may be appropriate to have a dedicated ESG controller role, or to allocate the responsibilities to an existing team or role.
Organizations shouldn’t underestimate the effort needed to build and integrate the controls, data metrics, processes, communications, and change management required to get an effective, sustainable, audit-ready ESG program up and running. ESG risk is simply business risk, and there’s no better time to ensure you’re on track to understanding, managing, and reporting on the material ESG risks impacting your organization. An ESG controller can play a critical role in instilling the rigor, data quality, accountability, and cross-functional collaboration needed for a truly sustainable ESG program.
Claire Feeney is a Senior Product Marketing Manager at AuditBoard focused on ESG and RiskOversight. In her role, she helps support organizations in transforming their enterprise risk management and sustainability programs. Prior to joining AuditBoard, Claire worked in product marketing at OneTrust, VMware, and Infor. Connect with Claire on LinkedIn.