ESG, sustainability and compliance insights
Explore our blog for practical insights that support informed decision-making and strengthen your non-financial performance.
What good looks like: Building an environmental governance programme for ecocide-level scrutiny
What does good environmental governance look like under ecocide-level scrutiny? The standard is higher than most organisations think.
From compliance to governance: How boards should be thinking about ecocide risk
Ecocide risk can’t be managed as a compliance exercise. It requires direct board-level governance.
Ecocide, attribution science and the emerging case for corporate liability
The defence of scientific uncertainty is disappearing. Attribution science is making corporate environmental liability far harder to contest.
The ICC proposal: What it would mean for business if ecocide becomes an international crime
What if environmental destruction became an international crime? The ICC proposal on ecocide could redefine accountability for business leaders.
Ecocide and the supply chain: Why your liability does not stop at your factory gate
Where does your environmental liability really end? Under emerging ecocide frameworks, it extends across the supply chain.
When environmental liability becomes personal: What ecocide means for directors
Environmental liability is becoming personal. #Ecocide laws are shifting risk from the company to the individuals making decisions.
The EU Environmental Crime Directive: What boards must know before May 2026
The EU has already moved. The Environmental Crime Directive is reshaping corporate liability ahead of 2026. Understand what boards need to know before May 2026.
Ecocide is becoming a crime and your board needs to understand what that means
Ecocide is moving from theory into criminal law. For boards, environmental risk is becoming personal liability.
From deployment to decommission: The full lifecycle of AI governance
What happens after your AI system goes live? For agentic AI, governance starts at deployment – not ends.
The AI supply chain: A governance gap most boards are ignoring
Your AI risk doesn’t stop at your organisation. The AI supply chain creates exposure far beyond what most boards see.
Measuring agentic AI risk: Why traditional audits are not enough
Traditional AI audits miss the risks that matter most. Agentic systems require new ways of measuring behaviour in real conditions.
Mapping your AI risk landscape: What the NIST AI RMF requires and why it matters
AI risk mapping is not a formality. For agentic systems, it defines what your organisation actually understands about its exposure.
Multi-agent systems: Why the whole is riskier than the sum of its parts
What happens when AI agents start working together? The risks don’t add up – they multiply.
Privacy and security risks in agentic AI: Why the attack surface is bigger than you think
How secure are your AI agents, really? As autonomy increases, so does the attack surface.
Human oversight in the age of AI agents: Designing for accountability
Do you really have oversight over your AI agents? At scale, control can quickly become an illusion.
ISO 42001 as the governance foundation for agentic AI
Can your AI governance keep up with autonomous systems? ISO42001 provides the structure to manage agentic AI at scale.
The loss of control problem: What happens when AI agents go off-script
What happens when AI agents go off-script? Loss of control is becoming a real enterprise risk.
Why agentic AI is now a board-level risk
Agentic AI doesn’t just assist. It acts – and that shift turns AI into a board-level risk.
NIST CSF, ISO 27001 and the standards landscape – a plain-English guide for ESG teams
Too many cybersecurity frameworks, not enough clarity. NIST CSF 2.0 and ISO27001 are not competing standards – they work together to structure and prove cyber risk management.
Your supply chain is your biggest cyber risk – but NIST CSF 2.0 helps you manage it
Cyber risk often enters through your supply chain, not your own systems. The NIST Cybersecurity Framework 2.0 makes third-party risk a core governance priority.