As asset flows continue to pour into environmental, social and governance (ESG) factored investments, the problem of establishing reliable benchmarks continues to persist. The landscape of performance evaluation is bifurcated into established and quantifiable financial factors, like operating margin, and emerging ESG factors which can often be ambiguous. This makes it challenging for corporate managers to align their planning and resource allocation to the ESG factors that contribute most to the bottom line, as well as being problematic for investors to screen-in or screen-out companies by integrating those factors into traditional valuation models. This divergence between financial and ESG measurement is no more prevalent than in the area of data privacy.
Data privacy is a fundamental human right. While regulatory frameworks like the European Union’s General Data Protection Regulation (GDPR) have recently emerged, privacy as it is more broadly defined, was included in the United Nations’ Universal Declaration of Human Rights in 1948. Data privacy is a human rights issue and as such it is categorized as a social (or “S”) factor under the ESG framework.
Privacy Enhancing Technologies for Risk ScreeningThe ability for a company to safeguard private data with proper governance and strong encryption has historically been viewed as a risk factor to investors. Companies have been classified across the spectrum of high to low risk based on how well they have protected sensitive data and avoided incidents of data leakage. The mismanagement of data privacy can lead to large fines imposed by regulators, as well as a potentially significant hit to a company’s market capitalization.
Both privately held and publicly traded companies are gathering increasingly larger amounts of data, some of which inherently contain sensitive inputs like names, addresses, biometric or health information. Until recently, many companies had limited choices in their ability to analyze that data. They either restricted it to an isolated privacy zone, chose to make the data inaccessible, or used techniques like anonymization to try and maintain some preservation of data privacy. Each of these decisions naturally involve some kind of tradeoff, for example, in the form of a lack of precision or an increased risk with solutions like anonymization which have proven to be ineffective at maintaining data privacy.
Now, however, companies interested in performing analysis on either their own sensitive data, or even data being sourced from another party, can utilize Privacy Enhancing Technologies (PETs) to a suite of cryptographic techniques that make analysis of data with sensitive inputs possible. While there are several PETs relevant for the ESG space, techniques like federated learning, fully homomorphic encryption, and secure multi-party computation (MPC) would be most appropriate for inclusion as part of the criteria for data privacy risk management where precision in analysis is a requirement. While data protection comes at a cost to the company in the form of increasingly larger cybersecurity budgets, the cost to integrate encryption-in-use technologies is trivial relative to the risk of regulatory fines, legal claims, or share price depreciation from ESG minded investors.
PETs for Financial Screening
In addition to the case for inclusion of PETs as part of risk screening, corporate managers can now direct their attention to sensitive data as an opportunity to grow their bottom line by utilizing PETs while at the same time satisfying investor ESG concerns.
Adoption of PETs creates a hybrid sustained value factor where users show investors that they are decreasing risk as an ESG factor and at the same time making it easier to determine which companies are shifting their resources towards increased profitability through data monetization as a financial factor. Data monetization is a relatively new concept, with a recent McKinsey & Co. study reporting that, of the companies that do monetize data as part of their business, a majority have only begun doing so over the last few years. In the same study, thirty-six percent of participants reported that they were extracting new insights from data that were traditionally unrelated to their business or in different systems.
Data monetization may seem like an unlikely choice when you are dealing with private data inputs. With PETs, however, those potentially valuable private inputs can be made available for analysis by a company’s internal data scientists or to external businesses that may find the data valuable to their analysis. For example, imagine a publicly traded senior living company making their resident health data available to a health insurance or pharmaceutical company for the purposes of constructing better mortality models or developing more targeted drug delivery mechanisms. It has the financial advantage of benefitting all three companies’ bottom line, as well as providing a social benefit all while cryptographically maintaining data privacy of the individual residents. The monetization is sustainable and represents new channels of revenue that were previously unattainable.
Changing ESG Benchmarking Standards With PETs
In addition to being able to screen for companies using PETs to mitigate risk and generate revenue in the form of data collaboration, companies can utilize secure multi-party computation to provide a better real-time window into ESG factors for cross industry benchmarking.
As more research becomes available on the positive correlation between sustainability and financial performance, investors have sought more transparency from companies directly in the form of performance data on ESG factors. A large percentage of companies in the S&P 500 index, for example, now include a sustainability report as part of their quarterly or annual reporting. A quick scan of those reports, though, even within the same industry, show them to be selective and qualitative in nature with significant differences as to which ESG factor performance they prefer to disclose.
Compounding the problems associated with voluntary company reporting, ESG factor selection and weighting is an evolving process which is being led and defined by over 100 different ESG data providers, leading to a fragmented approach to defining a consistent methodology. One ESG ratings agency may give a company an A+, while another might give the same company an F.
As investors and ratings agencies quickly adopt machine learning strategies to their company evaluation, new opportunities are presented in an effort to standardize benchmarking and verify a company’s commitment to ESG.
Companies are naturally reluctant to release any more data than they legally need to. MPC satisfies the interests and concerns of both companies and investors in that it allows for basic or complex analysis of the data directly, even if sensitive inputs are contained. For example, companies themselves can use MPC analysis to audit their supply chain vendors to ensure that there are no unreported incidents of child labor or that the supplier is treating employees humanely. The utilization of MPC with data also makes it easier to spot outlier incidents, like falsified emissions data, as there would be more industry wide or peer data to use as a benchmark.
The combination of the adoption of MPC and more company data will identify new areas for inclusion as ESG factors. It can help accelerate the standardization of data formatting and taxonomy. It should also move company specific analysis by investors towards machine learning, rather than just ESG filtering and screening, to identify which of those factors will generate the most excess return. This will allow rating agencies to adjust their weightings towards the ESG factors that generate longer term sustainable value for the industry and better harness corporate resource allocation.
Concerns from investors about ESG analysis being irrelevant can be mitigated by adopting the recommendation of wider PET industry to decrease risk, generate new revenue opportunities and identify stronger correlation between ESG and financial factors. Institutional investors, leveraging their size and board influence, have been some of the biggest drivers for change in companies, especially so with sustainability reporting. Financial services companies and asset managers have also been some of the fastest and earliest adopters of machine learning and PETs and are in the best position to advocate for PET inclusion in the ESG space.
If you’re interested in learning more or speaking with the Inpher team, reach out to us today!