ESG Governance Best Practices

In 2023, DWS agreed to pay $25 million after US regulators found weaknesses linked to ESG investment statements and anti-money laundering controls. The DWS ESG enforcement case made one point difficult to ignore: ESG claims can become regulatory risk when internal governance does not support external language.

For companies in France, that risk is no longer limited to sustainability teams. Listed issuers face AMF attention on sustainability statements. Banks and insurers supervised by the ACPR need stronger climate-risk governance. Large groups may need to connect supplier oversight with devoir de vigilance. Companies subject to Sapin II already have governance tools that can support ESG controls, including risk mapping, third-party due diligence, training and internal controls.

This article builds on governance best practices by focusing on what French companies should actually do to strengthen ESG oversight, accountability, reporting and compliance.

10 ESG Governance Best Practices French Companies Should Prioritize

Before going deeper, here is the direct answer. ESG governance best practices work best when they are specific enough to guide decisions and flexible enough to fit the company’s sector.

The rest of the article explains how to apply these practices without turning ESG governance into a heavy internal process.

What Are ESG Governance Best Practices?

A direct definition

ESG governance best practices are the oversight methods, roles, controls and review habits that help a company manage environmental, social and governance responsibilities properly. They answer clear business questions: who owns ESG risk, who checks ESG data, who reviews public claims, who approves disclosures and who follows up when controls fail.

For French companies, ESG governance often touches several established responsibilities. Board oversight may sit with the conseil d’administration, audit committee, risk committee or CSR/ESG committee. Management responsibility may sit across finance, legal, compliance, risk, HR, procurement, operations and sustainability. For listed companies, the AMF’s guidance on corporate sustainability reporting and 2025 sustainability statements is especially useful because it connects sustainability disclosures with reporting quality, annual financial reports and European enforcement priorities 

Why this matters in the French market

The French business environment gives ESG governance a sharper compliance edge. AMF expectations matter for listed issuers preparing sustainability statements. ACPR climate-risk work is especially relevant for supervised banks and insurers, not every French company equally. Devoir de vigilance matters for large companies managing serious human rights, health, safety and environmental risks in subsidiaries and supply chains. Sapin II matters where ethics, anti-corruption and third-party governance overlap with ESG.

This is why ESG governance should not be treated as a communications exercise. It is part of how a company controls risk, supports reporting and protects decision-makers.

ESG Governance Best Practices for Board Oversight

Put ESG on the right board agenda

Good ESG oversight begins by deciding where ESG belongs in governance. For some companies, the audit committee may review sustainability reporting controls. For others, the risk committee may focus on climate, supplier, litigation or operational exposure. A CSR/ESG committee may coordinate broader sustainability topics, but it still needs clear links with finance, legal and risk.

The board does not need to manage every ESG detail. Its job is to challenge management, understand material ESG risks, review high-impact commitments and ask whether reporting is supported by reliable evidence.

Make executive accountability visible

Executive ownership should be linked to the work each function controls. The CFO may oversee sustainability reporting governance and data quality. Legal may review greenwashing risk and disclosure wording. Compliance may connect ESG with Sapin II controls, whistleblowing trends and regulatory alignment. Procurement may manage supplier risk. HR may own workplace conduct, training, safety and workforce indicators.

This makes the ESG accountability process easier to defend because responsibility follows the real operating model of the company.

Build an ESG Governance Model That Fits the French Business

Start with business exposure, not a template

A French insurer, energy group, manufacturing company, healthcare provider and retail chain will not need the same ESG oversight model. A bank may need stronger climate-risk governance, stress testing links and board reporting because of ACPR relevance. A retailer may need deeper supplier due diligence. A manufacturing group may focus on energy use, emissions, industrial safety and environmental permits. A healthcare business may prioritize patient safety, workforce protection, ethics and data protection.

A good ESG governance model begins with sector exposure. The structure should reflect where the company could face regulatory, financial, operational or reputational pressure.

Use a RACI-style responsibility map

A RACI-style map helps clarify who is responsible, accountable, consulted and informed. It is especially useful for sustainability disclosures because several teams usually touch the same information.

For a French financial services firm preparing sustainability disclosures, finance may own ESG data controls, legal may review greenwashing risk, compliance may assess regulatory alignment, sustainability may coordinate reporting content and the board may approve material ESG disclosures. That allocation is clear enough for managers to act and structured enough for future review.

Define ESG Governance Roles Across Finance, Legal, Risk, HR and Procurement

Compliance, legal and risk roles

Compliance, legal and risk teams translate ESG ambition into controls. They review sensitive claims, monitor regulatory exposure, assess third-party risks and make sure ESG issues are included in the company’s risk governance.

Sapin II is useful here because it already gives many French companies a governance-control model. Risk mapping, third-party due diligence, whistleblowing systems, training, accounting controls and internal monitoring all support stronger ESG governance where ethics, corruption, supplier conduct and accountability are involved.

Finance and reporting roles

Finance teams bring discipline to ESG reporting. In practice, ESG maturity is often visible in the data trail: who collected the figure, who reviewed it, what evidence supports it and whether the same number appears consistently across reports.

This is particularly important when ESG information appears in annual reports, sustainability statements, investor materials or lender questionnaires. Strong ESG reporting depends on reliable ownership before disclosure, not emergency corrections at the end of the reporting cycle.

For managers working in finance, insurance, investment or regulated services, ESG, CSR and compliance training for the financial sector can help connect sustainability expectations with compliance controls.

HR, procurement and operations roles

HR manages many social governance inputs, including conduct training, safety, employee relations and workplace culture. Procurement handles supplier screening, responsible sourcing and third-party monitoring. Operations often owns environmental data such as energy, waste, emissions, water and site-level controls.

In France, these roles become especially important for energy, manufacturing, healthcare, finance, insurance and retail supply chains. ESG governance improves when each team knows which decisions, documents and data points it owns.

ESG Governance Best Practices for Risk Management

Add ESG risks to the main risk register

ESG risks should sit inside the enterprise risk process, not in a separate spreadsheet that only sustainability teams review. Climate exposure, corruption risk, supplier misconduct, unsafe working conditions, weak disclosure controls and unreliable ESG data can all create business consequences.

For ACPR-supervised banks and insurers, climate-related risks may affect governance, risk appetite, internal models, strategy and stress testing. For other French companies, the risk profile may look different, but the governance principle is the same: material ESG risks need owners, severity assessment, controls and escalation routes.

Connect supplier risk with devoir de vigilance

For large French companies, devoir de vigilance brings supplier governance into sharper focus. The issue is not only whether a supplier has signed a code of conduct. The company needs a way to identify, prioritize, monitor and address serious risks linked to human rights, health and safety and environmental harm.

This makes procurement, legal, compliance and board oversight part of the same ESG accountability process. A supplier risk that remains unresolved should not disappear inside procurement records. It should move upward when the exposure is material.

ESG Governance Best Practices for ESG Data and Reporting

Control the data trail

ESG data governance becomes credible when the company can follow the data from source to disclosure. A safety figure should trace back to incident records. A supplier-risk figure should connect to due diligence files. A training percentage should match HR or learning-system records. An emissions figure should have a calculation method and review history.

This is where ESG control environment quality becomes visible. Strong controls do not make reporting perfect, but they make errors easier to find and correct before publication.

Review claims before publication

Greenwashing risk often begins with language that moves faster than the evidence. Terms such as sustainable, responsible, aligned, ethical or low impact can create exposure if the company cannot show what they mean in context.

Legal and compliance should review high-risk ESG language before publication. Communications teams should not be left alone to judge whether a claim is safe. A stronger process asks three questions before disclosure: what is the claim, what evidence supports it and who approved it?

Track ESG Metrics That Support Governance Decisions

Choose metrics that change management behavior

The best ESG metrics help leaders decide what needs attention. They are not selected only because they look impressive in a sustainability report.

A French insurer may track climate-risk exposure, responsible investment controls and board review frequency. A manufacturing group may monitor energy intensity, environmental incidents and safety performance. A retailer may focus on supplier due diligence, unresolved high-risk vendors and worker protection. A healthcare organization may track staff safety, training completion, procurement ethics and data protection incidents.

Use metrics to create accountability

Metrics should have owners and review dates. If a number is poor, management should know who will investigate it, what action will be taken and when progress will be reviewed. Without that link, ESG metrics become reporting decoration rather than governance intelligence.

Align ESG Governance Best Practices With CSRD, ESRS and French Compliance Requirements

Keep CSRD and ESRS wording current in 2026

CSRD and ESRS have raised the level of discipline expected in sustainability reporting, although companies should continue monitoring EU simplification updates and French regulator guidance. The European Commission sought feedback in 2026 on revised sustainability reporting standards, so companies should avoid treating the reporting environment as fixed.

The governance lesson remains stable. Companies still need clear roles, materiality processes, data controls, approval workflows and documentation. Even if reporting rules are simplified, stakeholders will still expect ESG information to be credible.

Watch AMF expectations for listed issuers

For listed companies in France, AMF guidance is especially important. The AMF has continued drawing attention to sustainability-statement preparation, reporting quality and European enforcement priorities. This makes ESG governance a listed-company disclosure issue, not only a sustainability-management issue.

AMF-linked expectations are most relevant where companies prepare regulated sustainability statements, annual financial reports or market-facing disclosures. That means listed issuers should align ESG oversight with audit committees, finance teams, legal review and board-level approval.

Connect ESG compliance with French governance duties

Strong ESG compliance should include CSRD and ESRS where relevant, but it should also reflect French governance duties. Sapin II supports ethics and anti-corruption governance. Devoir de vigilance supports supplier-risk governance. ACPR climate-risk work matters mainly for supervised financial institutions. AMF expectations matter strongly for listed issuers.

This is the difference between generic ESG advice and France-focused ESG governance. The company should know which rules, regulators and sector expectations actually apply to its business.

ESG Governance Best Practices to Reduce Greenwashing Risk

Make public language match internal controls

Greenwashing risk is not only caused by false statements. It can also come from vague claims, missing context or statements that sound stronger than the evidence. A company may have real ESG initiatives and still create risk if its wording is too broad.

A disciplined review process helps prevent this. Sustainability teams can draft the message. Legal can test the wording. Compliance can check regulatory sensitivity. Data owners can confirm the evidence. Management can approve the final claim.

Keep decision records

The safest ESG claims are not only well written. They are traceable. If a regulator, investor, auditor or client asks how a statement was approved, the company should be able to show the review path.

This may include data records, legal comments, committee minutes, approval emails, supplier files, risk assessments and reporting-control notes. The records do not need to be complicated, but they need to exist.

Common ESG Governance Mistakes to Avoid

Giving ESG to one small team

A sustainability team can coordinate, but it cannot own every ESG control. If ESG sits only with one person or one small department, finance, legal, procurement, risk and operations may treat it as someone else’s job.

Reporting faster than controls mature

Some companies rush to publish strong ESG statements before their control environment is ready. That creates risk when investors, auditors, regulators or clients ask for detail.

A better sequence is simple: define ownership, check the data trail, review high-risk claims and then disclose.

Tracking too many weak indicators

A long dashboard can hide weak governance. If management does not use an indicator to make decisions, it may not deserve space in the main ESG dashboard.

Treating French rules as background detail

France-specific governance obligations should not be added as a final paragraph. AMF expectations, ACPR relevance, Sapin II controls and devoir de vigilance can shape how ESG governance is designed from the beginning.

ESG Governance Checklist for French Companies

Use this checklist before reporting or making ESG claims

Conclusion

ESG governance best practices help French companies turn sustainability expectations into clear oversight, reliable controls and defensible reporting. The strongest models are not the most complex. They are the ones that show who owns each decision, how risks are escalated, how data is checked and how public claims are approved.

For listed companies, AMF expectations make sustainability-statement governance especially important. For banks and insurers, ACPR climate-risk work adds sector-specific pressure. For large groups, devoir de vigilance brings supplier-risk governance into the boardroom. For companies subject to Sapin II, existing anti-corruption controls can support ESG ethics and third-party oversight.

As CSRD, ESRS and EU simplification measures continue to evolve, French companies should avoid waiting for perfect certainty. A flexible ESG governance model gives the business a stronger base for reporting, compliance, risk management and stakeholder trust.

For regulated teams that need to connect sustainability expectations with compliance controls, financial-sector ESG compliance training can support stronger internal understanding before reporting pressure increases.