Large organizations directly impact important initiatives like the environment, social norms, and the governance of society as we know it.

Because of this, popular frameworks like the environmental, social, and governance (ESG) structure have been created to effectively score a company based on how they interact with each of these key pillars.

And for good reason. ESG attracted $330 billion in funding in September of 2021 alone, showing just how important long-term sustainability is when it comes to how businesses operate.

But, what exactly is leading to this increased focus on ESG strategy? Read on to learn more about why today’s biggest companies are integrating third-party risk management into an ESG strategy. This is especially true with regards to ongoing denied party screening of suppliers and customers abroad and domestically, new hires and current staff, contractors and even visitors to your offices and plants.

Starting with GRC

GRC can be considered the predecessor to ESG. So before we start with an ESG strategy, let’s go over the GRC framework: governance, risk, and compliance.

Governance is essentially how a company is directed. Risk involves any event or obstacle that can impede the progress of the company toward its objectives. Compliance means following legal guidelines to reduce the risk of incurring penalties and loss of trust from violations.

Administrators care about GRC because it helps make smarter business decisions and results in less fragmented workflows. Today, however, businesses often talk more about ESG initiatives, which build off of GRC for a truly effective framework. ESG compliance isn’t exactly a product you can purchase. It’s rather a new way to think, act, and approach how we conduct business.

Moving To ESG

What does ESG stand for? The general parts that make up this acronym are related to those from GRC: Environmental and Social Governance. And just like with GRC, third-party risk assessments are a large part of achieving compliance with ESG.


Most of the carbon footprint of your business actually lies in the third-party suppliers and service providers you use. A travel agency, for example, is responsible for the greenhouse emissions from vehicles. Environmental compliance, therefore, involves:

  • Sourcing raw materials and services
  • Waste management
  • Power consumption and energy use
  • The business’s use of natural resources
  • Transportation and shipping


Your social responsibility extends to the vendors and suppliers you work with. If you hire a temporary workforce to cover a holiday rush, then the compliance level of the agency you choose ultimately impacts your firm. Social compliance might include:

  • Equal opportunity employment
  • Treatment of the customer
  • Community initiatives


Any kind of business partnership involves some list of terms and conditions in the contract. Those terms are governance insurance in action. Governance includes:

  • Data storage and cybersecurity
  • Transparency from the management
  • Commitment to business ethics and values

The Takeaway

Developing an ESG compliance checklist is your first step towards getting the benefits of such a program. And don’t forget to include third-party risk management, as the entities you work with do contribute to your overall ESG framework.

Have all the factors of environmental and social governance in mind when making the next major business decision or when onboarding a new client or business partner.

Proper third-party risk management is necessary for the latter, so be ready to perform a compliance audit and check for signs of a proper ESG framework, whether it’s a supplier with environmental responsibility or a software provider with strong cybersecurity features to protect against attacks that will inevitably impact both of you.

Stay on Top of ESG Compliance Obligations with Descartes

There’s no denying challenge for many businesses is effectively staying on top of changes to denied and restricted party watch lists and the latest sanctions.

To help manage compliance risks more effectively, Descartes provides a range of denied party screening and 3rd party risk management solutions, including integration with Salesforce.

Descartes Visual Compliance solutions are flexible and modular, allowing organizations to pick the specific and exact functionality and content they need and scale up later as and when necessary.

By utilizing our robust solutions, organizations can strengthen their compliance processes, enhance their competitive edge and increase sales velocity.

Are you interested in learning more about how Descartes can enhance sanction compliance program? Contact us today to get started.