Approaching the “S” and “G” in corporate ESG strategy

What you'll learn on this podcast episode

A lot of press coverage tends to conflate environmental, social, and governance initiatives exclusively with environmental stewardship and climate change. While the “E” of ESG is certainly important, organizations that overlook the “S” and “G” could open themselves up to other crises such as human rights violations and data breaches. In this episode of LRN’s Principled Podcast, host Susan Divers discusses best practices for integrating governance and social impact considerations into ESG strategy with Sony Group’s Global Ethics & Compliance Strategy Leader, Kathleen Franklin. 

Where to stream

Be sure to subscribe to the Principled Podcast wherever you get your podcasts.

Listen on Apple Pocasts Listen on Spotify Listen on Audible Listen on Google Podcasts_@2x Listen on TuneIn

Listen on Amazon Music Listen on iHeart Radio Listen on Podyssey Listen on Listen notes Listen on PlayerFM


Guest: Kathleen Franklin

Kathleen Franklin – Grayscale

Kathleen Franklin is the Global Ethics & Compliance Strategy Leader for the Sony Group Companies, where she is responsible for promoting a culture of ethics and devising enterprise-wide solutions for critical risk areas. She also acts as the chief compliance officer for Sony Corporation of America and its operating subsidiaries. Prior to joining Sony, Kathleen was a partner and co-chair of the Corporate Governance Group for Boies, Schiller and Flexner, LLP.   

Kathleen is also a member of the board of directors of Bank OZK (NASDAQ:OZK) where she serves on the Risk Committee. Bank OZK is headquartered in Little Rock, Arkansas, conducts banking operations through 240 offices in Arkansas, Georgia, Florida, North Carolina, Texas, South Carolina, New York and California, and has approximately 27 billion in assets.    

Kathleen graduated magna cum laude from Siena College, Loudonville, New York, where she received a Bachelor of Science degree in Business Administration. She graduated magna cum laude from Albany Law School of Union University and earned an LL.M in Taxation from New York University School of Law.

Host: Susan Divers


Susan Divers is a senior advisor with LRN Corporation. In that capacity, Ms. Divers brings her 30+ years’ accomplishments and experience in the ethics and compliance area to LRN partners and colleagues. This expertise includes building state-of-the-art compliance programs infused with values, designing user-friendly means of engaging and informing employees, fostering an embedded culture of compliance and substantial subject matter expertise in anti-corruption, export controls, sanctions, and other key areas of compliance.

Prior to joining LRN, Mrs. Divers served as AECOM’s Assistant General for Global Ethics & Compliance and Chief Ethics & Compliance Officer. Under her leadership, AECOM’s ethics and compliance program garnered six external awards in recognition of its effectiveness and Mrs. Divers’ thought leadership in the ethics field. In 2011, Mrs. Divers received the AECOM CEO Award of Excellence, which recognized her work in advancing the company’s ethics and compliance program.

Mrs. Divers’ background includes more than thirty years’ experience practicing law in these areas. Before joining AECOM, she worked at SAIC and Lockheed Martin in the international compliance area. Prior to that, she was a partner with the DC office of Sonnenschein, Nath & Rosenthal. She also spent four years in London and is qualified as a Solicitor to the High Court of England and Wales, practicing in the international arena with the law firms of Theodore Goddard & Co. and Herbert Smith & Co. She also served as an attorney in the Office of the Legal Advisor at the Department of State and was a member of the U.S. delegation to the UN working on the first anti-corruption multilateral treaty initiative.

Mrs. Divers is a member of the DC Bar and a graduate of Trinity College, Washington D.C. and of the National Law Center of George Washington University. In 2011, 2012, 2013 and 2014 Ethisphere Magazine listed her as one the “Attorneys Who Matter” in the ethics & compliance area. She is a member of the Advisory Boards of the Rutgers University Center for Ethical Behavior and served as a member of the Board of Directors for the Institute for Practical Training from 2005-2008.

She resides in Northern Virginia and is a frequent speaker, writer and commentator on ethics and compliance topics. Mrs. Divers’ most recent publication is “Balancing Best Practices and Reality in Compliance,” published by Compliance Week in February 2015. In her spare time, she mentors veteran and university students and enjoys outdoor activities.


Principled Podcast transcription

Intro: Welcome to the Principled Podcast brought to you by LRN. The Principled Podcast brings together the collective wisdom on ethics, business and compliance, transformative stories of leadership and inspiring workplace culture. Listen in to discover valuable strategies from our community of business leaders and workplace change makers.

Susan Divers: Is the ESG initiative limited to environmental issues and climate change? As it would seem, from a lot of the press coverage, environmental and climate impact are clearly important, but overlooking the G in ESG can lead to data breaches and scandals such as FTX, and overlooking the S can lead to human rights violations. 

Hello, and welcome to another episode of LRN's Principled podcast. I'm your host, Susan Frank Divers, director of thought leadership and best practices at LRN. Today, I'm delighted to be joined by Kathleen Franklin, the global ethics and compliance strategy leader at Sony Corporation, to discuss this critical area. Kathleen is uniquely suited to this topic because she's both an independent director of a public company, and responsible for Sony's E&C program. 

Kathleen, thanks for coming on the Principled podcast. Kathleen, as I mentioned in my introduction, ESG is often conflated strictly with environmental stewardship and climate change. Can you define it a bit more holistically for us, particularly focusing on the S and the G from your perspective as a board member and the head of compliance? 

Kathleen Franklin: Yes, definitely, Susan. Thank you, it is great to be here. The ESG framework includes a wide variety of business practices, and as you noted, it's much broader than the initiatives that are designed to protect the environment. Areas that are included within the S, basically, look at how the company manages its social relationships with its employees, its suppliers, its customers, and the communities where it operates. So, if I'm listing them out, social initiatives include fair pay and working conditions, workplace benefits, programs that combat discrimination and harassment, as well as diversity, equity, and inclusion efforts for the company employees and the communities, as well as respect for human rights, which includes avoiding harmful products, protecting stakeholder privacy, and operating ethical supply chains. 

The governance areas that are included within the G include all the various components of good corporate governance, such as the company's rules and practices related to board management structures, shareholder participation, rules relating to information disclosure, effective risk management, and ethical business practices. 

So, in a nutshell, investors want to make sure the company's boards independent, diverse and accountable, that the company has accurate and transparent books and records, and that the company has sound and sustainable business practices. 

Susan Divers: Well, that truly is a holistic view and description in ESG. Kathleen, can you give us some examples from your work at Sony, some of the governance social impact considerations that you take into account? 

Kathleen Franklin: Let me give you a little background. Sony is comprised of approximately 250 affiliates from very diverse industries, and we're located throughout the world. We're in the medical, financial, entertainment, gaming, and semiconductor industries. And so, all of our businesses operate under a single brand, and we're all aligned with our corporate purpose. We have a single corporate purpose, which is to create social and economic value by filling the world with emotion through the power of creativity and diversity. And we are always guided by our core values, which includes sustainability, diversity, and integrity as we seek to achieve this purpose, and this is what identifies our areas of focus for our selected ESG initiatives. 

One example of a governance impact for Sony group of companies is to make sure that all our employees work together in an ethically responsible manner. This helps us avoid any negative impacts to our communities and our stakeholders, that could be caused by unethical or illegal activities. This consideration also creates trust for the Sony brand, which is one of our key marketing strategies. We see stakeholder trust as a key differentiator for our products and services. Another example of a governance impact consideration for Sony is risk management, particularly cybersecurity risk management. We've had some issues in the far distant past, and we see the financial and reputational harm that can come from cybersecurity hacks. Particularly, in today's world where this is such an evolving threat, we believe that effective cybersecurity risk management also helps to build stakeholder trust. Our employees, our business partners, and our consumers want to know that we are keeping their information secure. 

So, looking at social impact considerations, one of our key areas of focus is diversity, equity, and inclusion efforts for our employees and our business partners and our communities. Diversity is a core value for Sony. We view differences in our employee backgrounds as strengths, so we offer opportunities to people from underrepresented backgrounds and experiences in many of our industries, and we have significantly invested in leadership programs to make sure that they're able to develop personally and professionally. 

Looking at our communities, this is also a key area of focus for us. We establish the $100 million social justice fund in 2020, and this fund supports diversity, equity, and inclusion issues by providing grants to organizations that are focused on social justice and educational opportunities for underrepresented people. Since we established it in 2020, we've provided support to nearly 400 organizations across 60 countries. And in addition, as part of that commitment, the Sony Music group of companies also launched separately a global scholarship program that's designed to advance the music careers of talented young musicians from historically underrepresented communities. 

Susan Divers: That's tremendous. And it's clear that your company is walking the walk, as well as talking the talk in the S and G area, and I'm sure in the E area as well. 

I know that you don't head ESG, but obviously, you've made clear that there's a strong relationship between the two areas of E&C, ethics and compliance, and ESG. So, do you mind describing for me a bit how Sony approaches its ESG obligations? Who's responsible, and how does the ESG program interact with the E&C program? Let's start there. 

Kathleen Franklin: At a high level, how we approach it is, we look at the impact of our activities, not only on the environment, but on all of our stakeholders, shareholders, customers, employees, business partners, and the local communities, and we solicit their feedback to help us identify where we think our key areas of focus. As far as responsibility, since 2018, our CEO has made sure that Sony's efforts are integrated into the operations of each and every Sony group business, so the top management for each Sony business is responsible for taking the lead, and he or she has to promote sustainability initiatives that are relevant to their particular business, but aligned with the overall Sony group initiatives. 

And overall, these management initiatives are supported by the sustainability section, and they're in HQ in Tokyo. But there's certain areas, such as protection of human rights, which is a key area of focus for us. We need to utilize the combined perspectives and subject matter expertise of cross-functional leads from all areas necessary to make sure this risk is properly managed. So, for human rights, the internal audit function, procurement, the ethics and compliance function, trade affairs and legal, we all work together with the business leaders to make sure that we've integrated the appropriate due diligence, monitoring and reporting to manage this risk across all the businesses. 

Susan Divers: So, you take a non-siloed approach to it, it sounds like? And then, you deal with specific issues, like human rights, to make sure that you've got all the stakeholders involved, which makes a great deal of sense. So, Kathleen, tell me about the role of E&C in the process that you just described, for example, with human rights. 

Kathleen Franklin: Our ethics and compliance function is very involved in, not only human rights, but other aspects of our ESG framework, particularly in the social and governance aspects. As I mentioned, earning trust for the Sony brand through ethical conduct is a key area of focus for us, and that has always been the primary role of our ethics and compliance program. All of our activities are designed to make sure we have an ethical culture, and that we're managing legal regulatory risks. So, that is our key area of focus. But we also partner with sustainability for supply chain risks, and we partner with human resources. They help us implement our training, but also we found that there's a synergy between the ethics and compliance activities, particularly those designed to create a speak up culture and organizational justice, and the HR activities that are designed to promote diversity, equity, and inclusion. 

And this point's illustrated by two recent studies that I found really interesting. There's one study that show that company's employees who reported that they had a high level of perception, that they had organizational justice, where the same rules apply to everyone regardless of race, gender, or rank, also felt comfortable speaking up and had positive perception about the company's inclusion efforts. 

So, it makes sense. Minority employees feel more comfortable in a company where they think the same rules apply to everyone, and that their concerns are going to be addressed without retaliation. And there's another study that shows that a diverse workforce is generally more comfortable reporting wrongdoing, which benefits our culture and risk management efforts. 

Susan Divers: That's really interesting, those two studies. It sounds a lot like our research as well. Let's take another aspect of the ESG model, if you will. Now that we've delved into some examples and talked about the role of E&C, the issue of reporting has become a big issue, as we all know, from reading the paper. So, how does Sony actually gather data to report on ESG? 

Kathleen Franklin: Before we start to gather it, obviously, we have to identify what we need and why we need it, and then this is going to be based on what our targets are. For example, if our target is women in management, we're probably going to be looking at data just within Sony. If our target is zero injury and zero illness, we might also have to go outside Sony. For example, to government agencies or our insurance company. 

So, it's important to locate the source of the data, and this can be very challenging, as you know. In particular, in a company like Sony where we have 250 different affiliates and not all of them even use the same systems, the data can be in these different systems in different formats and maintained by different people. And if we're looking outside Sony to try to get information from government agencies or insurance companies, the data might not even be owned by us, it could be stored by a third party. So, we frequently have to work across to first identify the source, and then collect the necessary data. This can be very challenging. 

Susan Divers: Yes, I can imagine. Then, once you've actually identified what you need and collected it, and then, actually, synthesizing it to make sure that you're being accurate, is the next step. So, how do you ensure that you've got accurate reporting once you've completed that part of the process? 

Kathleen Franklin: You're right. That's the key piece, right? Because we always have to make sure that any statement, whether it's in an SEC filing or a sustainability report or an executive speaking to a reporter, is accurate and complete and auditable, right? If we don't, I mean, we have a greenwashing risk or similar risks, and it can cause us... Errors or overstatements can subject us to regulatory and reputational risks. So, once we get the data, then we always have to make sure we assess its quality, and that we can determine how to collate it, and make sure it's accessible so it can be audited, because we really have to be careful about making sure every statement can be confirmed before it's public. 

Susan Divers: That's a good, clear standard. And it's so interesting talking with you, because it all comes back to what you said before of earning trust, and that's how ethics and compliance and ethical culture support sustainability and other areas of company operations, it sounds like. 

So, as a global company, how do you actually harmonize your company goals, particularly in the ESG area, across multiple jurisdictions? That must have its challenges. 

Kathleen Franklin: Definitely, it has its challenges, especially as the world becomes increasingly decentralized and we face competing regulations across multiple jurisdictions, it becomes more challenging. But our goals are based on our strategy. One of our key strategies is, we seek to be the brand of choice. We're looking for top performing employees and creators, artists, gamers, and end users. And so, we are trying to differentiate ourselves around the attributes of creativity, sustainability, and trust. 

So, I think it's important for global companies, like Sony, to set a global standard that either meets or exceeds these stakeholders expectations that we're looking to attract, and not the minimum regulatory requirements for these competing jurisdictions. 

Susan Divers: That's as good a definition, as I've heard, of making sure that you go beyond just meeting the minimum to do the right thing, and to sustain those values that you were just talking about. 

Well, let's shift gears a little bit, although it's a related area. We participate in a lot of the UN global compact, goal 16 working groups, and at some of those, people have been voicing concern, and there's certainly press reports that indicate that, in some cases, ESG has just become another checklist. And you've given us some good examples of how you really strive to make sure that that's not the case. But are there other things that you do, to make sure that your ESG activities, which, of course, tie closely to the E&C program, actually go beyond check the box? 

Kathleen Franklin: Yes. I mean, I think if your activities are in line with your values, and those are embedded within the how the company does everything, it does go beyond check the box. At Sony, we make sure that our ESG efforts are intrinsic to our overall strategy. They have to align with our values and connect with the core of what we do best and want to do best. And integrity, for example, is a core value at Sony. So, when we're focusing on actions to build an effective speak up culture and instill organizational justice, we're doing that because those actions allow us to weather stress and more effectively manage risk than if we just had mere policies and rules. 

Survey data shows us that people may not even know the particular policy rule, but if this is the value and everyone else is acting, that they will act as their colleagues are acting. We also do have strong governance systems. We have a very sophisticated audit and monitoring program, to make sure that our values just aren't words written on a page, that we trust but verify. 

Susan Divers: That's a great explanation of how you're going about the process. Can you give us some more examples? 

Kathleen Franklin: We're constantly making sure that we have a resilient speak up culture and organizational justice across all the companies in the Sony group. To do this, we make sure that our employees receive constant, ongoing communications from top level management. So, we included in many of the messages about the benefits and the need to report concerns. We also offer our employees various options for reporting the concerns, not just the manager, but also legal and HR, and we have the independent third party hotline system, as other companies do, that allows anonymous reporting. But all people managers at Sony are trained on their role in the ethics and compliance program, and we have a lot of time, giving them information about how to foster an environment where their direct reports are comfortable raising concerns. We also tell them how to handle the reports and how to escalate them, and we provide a lot of information about avoiding any actions that could be retaliatory, such as treating an employee who raises a concern the same, as they did before they raised the concern. 

Also, many of our managers have KPIs that attract their performance on these topics. And then, in addition, we conduct employee engagement and separate ethical culture surveys to better understand how our people feel about our culture and what we need to improve. We also conduct exit interviews to gain insights from departing staff, to the extent they'll share them with us. And we do extensive internal and external benchmarking, so that we know where we are compared to similar organizations. 

To promote organizational justice, we also make sure that, at a high level, we do disciplinary actions across all the companies, to make sure that similar misconduct has similar consequences regardless of the employee's rank or business performance. And then, finally, also, we believe it promotes organizational justice. And we share statistics, our hotline reporting statistics and sanitized reports with Sony employees, to show them that their reports do have an impact. 

Susan Divers: That's tremendous. Our research also shows that organizational justice is absolutely fundamental to an effective ethics and compliance program. And without it, you really don't have a program, although you might have hotlines and codes. But going the extra mile to show employees what has been done and that there is equality of outcomes, no matter what the rank is or the position, that's really a great best practice. And thanks for outlining that. 

I'm going to shift gears a bit and ask you to look at things from your perspective as a board member. I know that many boards struggle in the area of ESG because they supervise management and they need to ensure that ESG reporting isn't just the report, but actually reflects reality. How do you handle that, as a public board member, and what's your advice to boards in that area? 

Kathleen Franklin: I think the key is to make sure that company management is focusing on initiatives that align with that particular company strategy for long-term growth. You can't be all things to all people, so not all aspects of the E, the S and the G can be priorities for all companies. What's appropriate for a medical device company is going to be very different than what's appropriate for a financial services company. And companies have to make trade-offs in line with their strategy, and directors have to understand how the initiatives chosen by management, compliment and strengthen the company's strategy and business plan. 

And one example for almost every company, recruiting top talent is necessary to achieve your strategy. And if you're focusing on diversity inclusion, you're expanding your available pool of talent. So, as a director, you could say, "Yes, that makes sense. That's in line with our strategy", and you understand that management's picked the right initiative, in that case. And just bringing it back to Sony for a second, for us, diversity is also not only to expand our pool of talent, but also because research shows us that if employees are exposed to different viewpoints, they're going to be more creative. And again, this aligns with our purpose, which is filling the world with emotion to the power of creativity. So, we're looking for the environments that create the best creative situation for our employees. 

Susan Divers: That's very good advice and very practical. And the constant theme, I hear, in your remarks is that, it all relates to Sony values and Sony purpose and mission, which I think is the most effective way to do it, for sure. 

You've mentioned data quite a bit, both talking about E&C and also ESG. Can we talk about that in a little bit more depth? As we know, data by itself doesn't necessarily give you actionable insights, but how do you approach that subject and how do you use it in your ESG and E&C efforts? 

Kathleen Franklin: No, I agree that data, by itself, doesn't mean anything, right? So, if you say one statistic, anonymous reporting rate, it doesn't tell you anything in and of itself. So, I think that it's important that the company has subject matter experts that can analyze the data and interpret it, so that the executives, internally and external stakeholders, can understand its relevance and its meaning, and tell you what you need to do, right? And you also, it's important, I think, to benchmark the data against high performing peers, also, to give it further context and relevance. 

I'll give you an example. So, if you look at your hotline data and you see that your anonymous rate for reported cases is higher than peer companies, that doesn't mean anything. It means nothing, in a vacuum. But if your subject matter experts, your ethics and compliance people can explain to you, well, that typically means that employees fear retaliation, so they don't want to identify themselves. And it helps you understand that you have to put in processes and programs, like I discussed, that help address this fear, and efforts to show your employees that there is a policy against retaliation and it will be enforced by the company. 

We use data in our ethics and compliance program. We're always looking for new ways to use it. Specifically, the types of information that we're currently using is, one tool, we have... It's a fully validated compliance program assessment, and we conduct one of these every three years. Effectively, the compliance people have to answer over 250 questions about program implementation. They have to attach supporting documentation, supporting all of their answers, and then we have a monitoring team that goes in and reviews this information. And we use this as a key aspect to make sure that all compliance program activities are fully implemented at all of our affiliates worldwide, because obviously, we wouldn't have enough resources for internal audit to go in. So, this is a key tool we use. It also is part of our risk assessment process. It helps us make sure that all the risks at the affiliate level have been identified, and that they're properly managed. 

We also continuously monitor and benchmark data from audits, investigation results, our hotline system, and ethical culture surveys that measure our employees' perceptions on key topics, including organizational justice. And this data helps us measure our ethical culture and program effectiveness, as well as identify risks. So, another way that we're using data right now is to confirm whether our activities that we put into place, have produced a desired result. I'll give you an example. 

Several years ago, we conducted an ethical culture survey, and we found that employees who reported that their manager frequently talked to them about ethics, those same employees noted that they knew where to find company policies, and that they would be more likely to report misconduct if they saw it than their colleagues, whose managers did not speak to them, about ethics. Based upon those findings, we implemented the mandatory manager training that I told you about earlier, where managers are required to learn about their role and ethical culture and what they can do, and we provide them with talking points and other resources to help them with this obligation. And then, when we launched our next survey, we saw that our efforts had worked, right? We saw increased favorable employee perceptions across the board, demonstrating, to us, a need that we need to continue these efforts to maintain this type of culture. 

And then, finally, we found that the analysis, these different data sets, it's always been important and useful. But then, several years ago, we partnered with a third party vendor to harmonize the data, as you mentioned, allowing us to cross-reference it, across different risk areas, that showed us information that wasn't evidence when we're looking at the data separately. We also were able to use Power BI to create a heat map. For example, if we wanted to identify companies within Sony, with the highest corruption risk, we could cross-reference these different data sets and look for the intersections, and then we could see where we needed to focus our activities, whether it was enhanced monitoring or additional training or whatever was needed for that potential risk. 

Susan Divers: Kathleen, that's tremendously impressive because you are looking for those intersections between different factors or among different factors, and including critical ones like culture, and that tells you where to look or where to remediate or where to strengthen. 

Before we leave this podcast, which I'm enjoying tremendously, I'd like to ask, what do you see in the area of data for the future? And if I can include the magic words, AI, where do you think we're going in terms of using data, particularly in the E&C area? 

Kathleen Franklin: I think that predictive data is going to be part of all decision making. So, instead of what happened and why, and then taking actions based on historical information, teams are going to be able to focus on what will happen. So, to accomplish this, I think companies are first going to need to invest in centralized management systems, so they don't have all this disparate data that has to be harmonized. 

And then, as you mentioned AI, state-of-the-art business intelligence structures, for example, that include AI such as continuous third party screening tools. So, instead of screening an employee at onboarding, and periodically thereafter, you would have these tools that are continuously screening your third party. So, at any minute, if someone was added to a sanctions list or had some other reputational risk, you'd be immediately alerted. 

So, I think in addition to centralized management systems, you're going to have to have team members that are upskilled, data scientists, and they're able to manage these systems and be able to correctly interpret, and then report on this data and be able to use it in a predictive fashion. 

Susan Divers: I agree with you, and I think we refer to certain types of data by themselves, like hotline data is dead data, or training completions, because yeah, it's what happened, but it doesn't tell you what's around the corner. So, it'll be an interesting space to watch. 

Well, Kathleen, it's been a pleasure speaking with you, and I could easily spend another hour on these subjects and more, so I hope you'll come back and visit with us sometime soon. 

Kathleen Franklin: Thank you, Susan. It's been my pleasure. 

Susan Divers: My name is Susan Divers, and I want to thank all of you for tuning into Principled podcast by LRN. 

Outro:   We hope you enjoyed this episode. The Principled Podcast is brought to you by LRN. At LRN, our mission is to inspire principle performance in global organizations by helping them foster winning ethical cultures, rooted in sustainable values. Please visit us at to learn more. And if you enjoyed this episode, subscribe to our podcast on Apple Podcasts, Stitcher, Google Podcasts, or wherever you listen. And don't forget to leave us a review.


Be sure to subscribe to the Principled Podcast wherever you get your podcasts.

Listen on Apple Pocasts Listen on Spotify Listen on Stitcher Listen on Audible Listen on Google Podcasts Listen on TuneIn

Listen on Amazon Music Listen on iHeart Radio Listen on Podyssey Listen on Listen notes Listen on PlayerFM