Written by
Dr Rebecca HoilePublished on
December 1, 2025
From ESG to ERS: Why Emerging-Risk Strategy must join the Board agenda
This month Sention explores how organisations are shifting beyond ESG toward Emerging-Risk Strategy (ERS) as faster, more interconnected threats reshape the risk landscape.
ESG has shaped how organisations demonstrate responsibility and long-term value. But ESG alone is no longer enough to manage the accelerating, interconnected threats now affecting Australian organisations. Boards are increasingly shifting toward a more adaptive, intelligence-led approach: Emerging-Risk Strategy (ERS).
ERS builds on ESG but focuses on fast-moving hazards such as cyber-attacks, geopolitical shocks, technology disruption, climate events, regulatory shifts and national-security pressures. These threats rarely stay siloed. A cyber breach can trigger a supply-chain halt, a regulatory issue can become a financial shock, and an AI-driven misinformation campaign can escalate into a reputational crisis within hours.
Why ERS matters
Across sectors, risk profiles are becoming more complex. Financial services face AI-enabled fraud and data-sovereignty tensions. Health and aged care are dealing with cyber pressure, workforce strain and regulatory reform. Universities face research-security and foreign-interference risks. Logistics, property and manufacturing continue to feel the impacts of fragile supply-chains, climate events and cyber-physical threats.
ESG shows whether an organisation acts responsibly. ERS shows whether it is ready for the next disruption.
ESG tells you how responsibly you operate; ERS tells you how resilient you are.
What ERS looks like
- Continuous threat scanning across geopolitical, cyber, environmental and regulatory domains.
- Classification of risks by impact, likelihood, velocity and contagion potential.
- Scenario-based modelling to test resilience and identify vulnerabilities.
- Clear governance and board reporting aligned to regulatory obligations.
- Sector-specific mitigation programmes that reflect real-world operating environments.
What recent disruptions show us
Recent disruptions across Australia reveal that risks are escalating far faster than internal decision-making cycles can keep pace, with offshore third-party weaknesses emerging as a persistent point of exposure. Climate-related events are increasingly coinciding with digital and physical system failures, amplifying operational impacts. At the same time, AI is creating new forms of fraud, misinformation and operational disruption, while regulatory change continues to accelerate across critical sectors. Together, these trends highlight the need for boards to adopt an Emerging-Risk Strategy that anticipates complexity rather than reacts to it.
Organisations that anticipate emerging risks outperform those that react.
We see common pitfalls across a variety of organisations and sectors, all requiring cultural change to adapt to a new way of managing risk. These include:
- Treating emerging risks as a siloed cyber or geopolitical issue.
- Relying on annual risk registers that quickly become outdated.
- Scenario exercises that do not reflect multi-hazard, multi-sector realities.
- Lack of clear ownership for cross-cutting risks.
ESG plus ERS
ESG supports transparency and trust; ERS strengthens preparedness and resilience. Together, they provide a more complete picture of organisational risk.
For boards navigating volatility, ERS is no longer a future aspiration. It is becoming essential governance practice, helping organisations anticipate emerging threats, protect their reputation and maintain strategic advantage in an environment where disruption is constant.