Skip to content

ESG in the Spotlight for the UK: How GRC Frameworks Are Evolving to Meet Sustainability Demands

Rebecca Johnson

Environmental, Social, and Governance (ESG) issues are integral to business strategy and risk management. As regulatory frameworks tighten and stakeholder expectations evolve, organisations of all sizes must integrate ESG considerations into their governance, risk, and compliance (GRC) operations to remain competitive and resilient.

At Axiom GRC, we help organisations move from reactive compliance to proactive leadership. With the UK Government’s new Sustainability Reporting Standards (SRS) now under consultation, the time to act is now.

The UK’s new SRS: what organisations need to know

On 25 June 2025, the UK Government released the draft Sustainability Reporting Standards (SRS), signalling a major shift in how businesses will be expected to report on ESG performance. The consultation runs until 17 September 2025, with mandatory compliance anticipated from 2026 for:

  • UK-listed companies
  • Large privately owned organisations

Initially voluntary, these standards will soon create ripple effects throughout the business ecosystem. Small and medium-sized enterprises (SMEs), while not directly regulated, will face growing pressure from larger partners demanding transparency on:

  • Carbon emissions (Scopes 1, 2, and 3)
  • ESG risk management practices
  • Supply chain ethics

The ESG-GRC connection: why integration matters

A mature GRC framework can serve as the backbone for ESG performance. From risk registers to audit trails, your existing compliance infrastructure can be leveraged to support and report on sustainability goals.

Here’s how businesses can embed ESG into their GRC systems:

Environmental risks

  • Resource scarcity, pollution, climate-related disruptions, and extreme weather events can impact operations and supply chains.
  • These risks should be evaluated, monitored, and mitigated within your existing environmental risk framework.

Social risks

  • Issues such as employee wellbeing, DEI, skills shortages, and human rights should be integrated into risk registers and operational plans.
  • Ethical sourcing and supply chain compliance are increasingly essential to reputational and legal standing.

Governance risks

  • Data protection, cyber security, corruption, and shareholder rights are core governance concerns that align closely with ESG priorities.
  • These risks can be effectively managed using established compliance protocols.

Understanding the UK SRS framework

The UK SRS is composed of two major standards:

UK SRS S1 – General Requirements

  • Applies to all ESG topics
  • Requires disclosure of sustainability risks and opportunities that could impact enterprise value

UK SRS S2 – Climate-Related Disclosures

  • Focuses on transition and physical climate risks
  • Includes reporting on:
    • Scope 1, 2, and 3 emissions
    • Climate targets and related strategy

These standards reflect a growing global move towards transparency and accountability, in line with recommendations from the Financial Stability Board’s Task Force on Climate-related Financial Disclosures (TCFD).

The takeaway: ESG is business-critical

Integrating ESG into your GRC framework is not just a compliance exercise, it’s a strategic imperative. The companies that succeed in the years ahead will be those that treat ESG not as an obligation, but as a driver of long-term value and resilience.

Whether you’re a large listed company preparing for SRS or an SME responding to supply chain demands, Axiom GRC and its group companies offer the expertise, tools, and platforms to help you embed ESG into the heart of your business.

Our Solutions