Last update: September 1, 2025

ESG

Our ESG statement.

Our contribution to a sustainable future

At 3rdRisk, we acknowledge the critical importance of Environmental, Social, and Governance (ESG) principles in today's world. Our commitment to ESG is not just a part of our operations – it's a foundational principle that guides everything we do.

1. Introduction

At 3rdRisk, we believe that organisations can only achieve sustainable success when they take responsibility for the impact of their decisions and activities on people, the environment, and society at large.

This Environmental, Social, and Governance (ESG) Policy outlines our commitments and provides guidance for embedding corporate social responsibility into our strategy, operations, and daily activities. The policy applies to all employees, directors, and external partners working with or on behalf of 3rdRisk.

This policy is aligned with the ISO 26000 Guidance on Social Responsibility. ISO 26000 provides international guidance—rather than certification—on how organisations can operate in a socially responsible way. It highlights four fundamental pillars:

  • Endorsing and applying the seven principles of social responsibility
  • Identifying and engaging stakeholders
  • Addressing the seven core subjects and 37 related issues
  • Integrating social responsibility throughout the organisation

Our policy reflects these four pillars and demonstrates how 3rdRisk integrates them into practice.

2. Our Principles of Social Responsibility

3rdRisk fully endorses the seven internationally recognised principles of social responsibility as defined by ISO 26000:

  1. Accountability – We take responsibility for the impacts of our decisions and activities on society, the economy, and the environment.
  2. Transparency – We are open and honest about our policies, decisions, and results, and we disclose relevant information in a timely manner.
  3. Ethical Behaviour – We act with integrity and fairness, avoiding corruption, conflicts of interest, and abuse of power.
  4. Respect for Stakeholder Interests – We recognise, consider, and respond to the interests of our stakeholders in decision-making processes.
  5. Respect for the Rule of Law – We comply with national and international laws and regulations wherever we operate.
  6. Respect for International Norms of Behaviour – We follow recognised international standards even where national legislation may be weak or absent.
  7. Respect for Human Rights – We support and respect internationally proclaimed human rights throughout our operations and supply chains.

3. Stakeholder Identification and Engagement

Our stakeholders are individuals and groups who are affected by, or can affect, our activities.

  • Stakeholder Mapping: Our key stakeholders include employees, customers, suppliers, business partners, investors, regulators, and the wider communities in which we operate.
  • Engagement Methods: We engage stakeholders through customer interviews, surveys, employee feedback mechanisms, partner meetings, webinars, and collaboration with industry associations and NGOs.
  • Integration into Decisions: Insights from stakeholder dialogue inform our ESG priorities, risk assessments, and strategy.
  • Feedback and Transparency: We actively report back to stakeholders on how their input has been used and publish annual ESG updates on our website.

4. Core Areas of Social Responsibility

4.1 Organisational Governance

  • We maintain a clear code of conduct for all employees and partners.
  • The management team and Board of Directors oversee ESG strategy, risk management, and reporting.
  • Our compliance programme includes annual training on ethics, anti-corruption, and data protection.
  • We ensure transparency and accountability in decision-making.
  • 3rdRisk is fully compliant with relevant regulations and industry standards, including:
    • Adherence to Dutch and European regulations, such as the GDPR and
    • Holding a SOC2 Type 2 assurance report for data security.

4.2 Human Rights

  • We prohibit all forms of forced labour, child labour, and human trafficking.
  • We enforce a zero-tolerance policy for discrimination and harassment.
  • We actively encourage diversity, equity, and inclusion in recruitment, promotion, and leadership.
  • We expect suppliers and partners to respect human rights; this is included in our procurement criteria.

4.3 Labour Practices

  • We ensure equal pay for equal work and fair compensation.
  • Flexible working and remote work are standard practices that promote wellbeing and sustainability.
  • We invest in employee training, workshops, and coaching.
  • We maintain a safe and healthy work environment in line with occupational standards.
  • We provide a yearly training to educate employees about ESG practices, the importance of sustainability, and how they can contribute.

4.4 The Environment

  • Our IT infrastructure is powered by renewable energy; our target is 100% sustainable hosting by 2026.
  • We exclusively use non-combustion company vehicles and encourage sustainable mobility for employees.
  • We minimise travel-related emissions through remote collaboration.
  • Hardware is reused and recycled responsibly.
  • We prefer European-based hosting providers to reduce environmental impact and ensure data sovereignty.
  • We monitor CO₂ emissions annually, set reduction targets, and report progress publicly.
  • We continue to promote a paperless office environment by using digital documents, cloud storage, and electronic signatures.
  • We encourage the use of video conferencing tools for meetings and collaboration.
  • We implement a sustainable procurement approach by choosing suppliers and vendors who align with our ESG values.

4.5 Fair Operating Practices

  • We uphold a strict anti-bribery and anti-corruption policy.
  • We engage in fair competition and responsible tax practices.
  • ESG criteria are embedded into supplier selection and contract management.
  • We collaborate with suppliers who demonstrate sustainable practices.
  • We uphold the highest standards of data protection and privacy, fully aligned with GDPR.

4.6 Consumer Issues

  • We ensure platform reliability, resilience, and security.
  • Privacy and data protection are embedded in our design and operations.
  • We offer discounts and dedicated programmes for NGOs and non-profits, improving access to risk management tools.
  • We communicate transparently about our services, their capabilities, and their limitations.

4.7 Community Involvement and Development

  • We share knowledge through webinars, podcasts, and events to advance risk and compliance practices.
  • We collaborate with partners and regulators on sustainability and resilience challenges.
  • Employees are encouraged to take part in volunteer and community initiatives.
  • We provide tools within our TPRM platform to assess and enhance the sustainability practices of our customers and their third-parties.

5. Integration into the Organisation

  • Strategy: ESG objectives are part of our corporate strategy and risk framework.
  • Governance: The Board has ultimate oversight of ESG matters.
  • Processes: ESG criteria are integrated into supplier due diligence, procurement, product development, and contracting.
  • Training & Culture: All employees receive training on ethics, diversity, sustainability, and compliance.
  • KPI & Reporting: ESG performance is measured against defined indicators and reported internally and externally.

6. Monitoring and Continuous Improvement

  • ESG objectives are reviewed semi-annually.
  • An annual ESG report is presented to the Board and published for stakeholders.
  • We disclose results, challenges, and next steps on our website.
  • Stakeholder feedback is actively collected and incorporated into improvements.

7. Closing Statement

3rdRisk is committed to responsible business practices in line with ISO 26000. By endorsing its principles, engaging stakeholders, addressing the seven core subjects, and embedding responsibility into all aspects of our organisation, we aim to contribute to a more sustainable, inclusive, and ethical society.