ESG in Egypt: What is the Status Quo?

The Environmental, Social, Governance (ESG) standards in Egyptian companies were not introduced until recently, in 2021. It was predicted that, by 2023, maintaining high ESG scores would be mandatory and the majority of Egyptian companies would utilise their high scores to incentivise investors and improve Egypt’s overall foreign investments.

First, one must explain the ESG criteria. As stated above, they consist of three main standards: environmental, social and governance. The environmental focuses on how an organisation protects the environment, including its energy usage, waste management practices, climate change regulation policies, and the preservation of natural resources. The social looks at how the business handles relationships with suppliers, clients and its own workers, and if it strives to improve the communities in which it works. It also looks at whether the business practises socially responsible investing (SRI). Finally, governance covers internal controls, shareholder rights, audits, executive compensation, and leadership in the company. It guarantees that the firm conducts both internal and external business using precise and open techniques.

With the introduction of ESG to the Egyptian market, the Egyptian Exchange (EGX) promoted the importance of maintaining it by stating that it should make the Egyptian market more appealing and resilient, helping foreign investors to assess the underlying drivers of value more accurately.

As more investors come to understand the importance of ESG, they will focus more of their efforts on exchanges that support it. It is also worth noting that, in 2021, the Chairman of the Financial Supervisory Authority (FRA) issued a resolution requiring companies with issued capital or ownership rights less than EGP100 million listed on the EGX and any companies operating in non-banking activities to submit ESG reports.

These resolutions are binding on any company whose securities are listed on the EGX. However, companies involved in non-banking financial activities and listed on the EGX with issued capital or net ownership rights exceeding EGP500 million will have to submit annual disclosures regarding the financial effects of climate change in compliance with guidelines set forth by the Task Force on Climate-Related Financial Disclosures (TCFD).

Further, in 2023, the Egyptian General Authority for Investments and Free Zones (GAFI) was recognised in the global ESG practices index for its sustainable investment efforts. In this regard, GAFI ranked first among 74 investment agencies globally as specified in the World Association of Investment Promotions Agencies (WAIPA) 2023 report titled “The Future of Foreign Direct Investment: How to Attract, Measure, and Ensure Sustainable FDI”.

Moreover, in early 2024, a study was made by the American University in Cairo (AUC) based on panel data of 200 firms listed on the EGX EWI 100 index from the years 2007 to 2022. In addition to other conclusions derived from the study, the most important one to the topic at hand was that companies with poor ESG scores were in fact affected and did not deliver higher nor the same value of returns as companies with high ESG scores.

Following the above, it is apparent that ESG standards are becoming more and more significant to issuers and investors alike and the Egyptian market has managed to smoothly adapt to the market’s need for high ESG standards with today’s spotlight on climate change regulations. However, how would the data protection regulations fit in with all of this?

Even though the data used for ESG reporting is frequently aggregated or non-personal, personal data can still be used to derive it. Therefore, even if data privacy is not something that companies deem relevant at the moment, they should nonetheless take into account the need for appropriate data protection measures and compliance. Even if the primary focus of ESG reporting is on overall sustainability and governance, dismissing the personal data considerations can potentially lead to regulatory challenges. The intertwining of data protection and ESG focuses on how a company’s initiatives to ensure the data protection of its individuals can be inserted within the ESG metrics. By including data privacy in their ESG framework, companies may demonstrate their dedication to the cause. On the basis that ESG performance is evaluated using pre-established measures, businesses may present a quantifiable picture of their achievements in the field of data privacy.

Inclusion of data protection in the ESG report does not necessarily entail it being an additional fourth standard: data protection can be included within each of the three standards. In relation to the environmental component, a study has predicted that, by 2025, the percentage of global carbon emissions attributed to the internet and its support services will quadruple from its current level of 4%. Therefore, companies should resort to cloud storage to decrease the number of physical servers needed for data storage, thus lowering the amount of hardware, power and land needed, and increasing their ESG environmental scores. As stated earlier, the social component includes how a company maintains its relationship with its clients. In this modern age, any operating company gathers a lot of personally identifiable information and sensitive personal data in relation to individuals. Although it does so only with express consent and for the particular reason the client has granted permission, such data may be gathered and utilised. Any misuse of this data and its sale to unaffiliated parties for profit involve significant hazards that can damage a business’s reputation, thus affecting its ESG score. Lastly, when it comes to governance, overall compliance with Egypt’s data protection regulations as well as the General Data Protection Regulation (GDPR) improves a company’s governance scores.

In conclusion, it can be demonstrated that data privacy and ESG go hand in hand. It is foreseen that data privacy will play a bigger role in the ESG framework as investors and other stakeholders become more aware of the possible dangers and consequences of misusing personal data. Consequently, the prioritisation of data privacy will benefit a company’s long-term sustainability and success.