Skip to content
Best Practices


For years, we’ve all paid respect to the disciplines defined by GRC – Governance Risk and Compliance. This framework provides companies with organizational tenets to excel in integrity, accountability and transparency. By enabling these practices, companies can lower the risk of potential legal and financial penalties, the erosion of trust in their reputation, and any business disruption from lack of risk management or non-compliant behavior. 

For many, that eventually broadened to IRM – Integrated Risk Management.  At their core, all issues ultimately can cause financial or reputational harm or both.  Whether it is a plant closing due to civil unrest, a hurricane shutting down infrastructure for days, restating earnings due to financial fraud, or being on the losing end of a lawsuit for discrimination or harassment, they cause checks to be written and reputations to be damaged.  It makes sense to elevate these threats and issues and stratify them to manage a wide array of risks simultaneously.

Having a robust, future-ready ECOI – Employee Conflict of Interest software solution is a necessity for mitigating the risks associated with an employee’s outside business activities (OBAs), political contributions, and insider trading, among others. Fines to both the employee and the company can escalate and provide undue strain on its financial and cultural health.

Now things are again evolving and for the better. ESG – Environmental Social and Governance programs are being adopted by companies and it’s helping businesses build loyalty, improve financial performance, and attract investors – all while making their operations more sustainable. Not commonly part of a company’s financial metrics, investors are increasingly applying these parameters to their evaluations of companies to better identify material risks and growth opportunities.  But as this shift happens and companies start being measured for financial solvency and investment worthiness, they will need to increase the transparency in reporting and disclosures.


Broadening reporting standards does require a strategic reset.  So much of the reporting needed to meet these new disclosure expectations is not necessarily readily available today.  But that doesn’t mean it’s not available with a little focus and effort.  Fortunately, numerous institutions, such as the Sustainability Accounting Standards Board (SASB), the Global Reporting Initiative (GRI), and the Task Force on Climate-related Financial Disclosures (TCFD) are working to form standards and define materiality to facilitate the incorporation of these factors into ESG data gathering and reporting processes.

Historically, there was a separate set of evaluation criteria that investors commonly considered known as SRI (Socially Responsible Investing), but these metrics were separate and distinct from other financial metrics and did not provide a consolidated view of the investment worthiness of a business.  ESG is a natural evolution and marriage of GRC, IRM and SRI into a much more efficient and transparent set of reporting standards.


Admittedly all of this can be a bit overwhelming, especially when you take an honest assessment of your starting place.  Taking a holistic view of your organization is the best way to start, and partnering with the right software partner is a great next step.  For example, do you already have compliance software in place to automate ECOI or an independent third-party hotline provider to facilitate the sharing of concerns and allegations?  How about an Incident & Policy Management platform to document investigations and the findings into allegations and areas of concern?  That will give you a thorough and unbiased view of concerns and ensure consistent review and oversight of issues. 

To learn more about how Star’s Employee Conflict of Interest and Incident & Policy Management solutions can help you keep up with the regulatory challenges of tomorrow while protecting your business and employees, contact a Star professional today.