About the Author and Research

Triin Ujok's 2025 thesis employs a qualitative comparative methodology to analyze the 2023–2024 sustainability reports of Kesko and Migros, two of Europe's most prominent retail groups. The research incorporates a primary interview with a member of Kesko's sustainability team (Migros declined participation, which represents a methodological limitation worth noting) and applies the Gioia analysis method to systematically identify thematic patterns across materiality assessment, stakeholder engagement, governance structure, and sustainability target-setting.

The timing of this research is particularly relevant. The EU's Corporate Sustainability Reporting Directive (CSRD) came into force in 2024, requiring large European companies to publish their first CSRD-aligned sustainability reports in spring 2025. Meanwhile, Migros, operating under Swiss jurisdiction, continues to align with voluntary GRI standards, UN Sustainable Development Goals (SDGs), and national regulations. This "mandatory vs. voluntary" contrast offers Taiwanese companies a rare empirical mirror: Taiwan is itself at an inflection point, transitioning from voluntary ESG disclosure toward increasingly mandatory reporting requirements under IFRS S1/S2 alignment.

Core Research Findings: Two ERM Integration Models, Two Sets of Trade-offs

The study's most actionable insight is not a simple verdict on which company performs better, but rather a structural analysis of how different regulatory frameworks produce fundamentally different ERM architectures.

Finding 1: Kesko Integrates Sustainability into Financial ERM; Migros Operates in Silos

Under CSRD's mandatory double materiality requirements, Kesko has embedded climate risk, supply chain human rights risk, and regulatory compliance risk directly into its financial risk management system. The company sets measurable short-term targets—including a 50% reduction in emissions by 2034—and enforces rigorous supplier audits to ensure human rights compliance. This approach aligns closely with ISO 31000:2018's principle that risk management should be integrated across all organizational functions and decision-making levels, and with COSO ERM 2017's emphasis on strategy and performance integration within the governance and culture component.

Migros, by contrast, evaluates sustainability impacts separately across individual business units, without a unified cross-organizational risk view. This is not a failure of ambition—Migros sets notably long-term targets including net-zero emissions by 2050 and biodiversity protection through certified sourcing—but rather a structural consequence of operating under voluntary GRI frameworks that optimize for disclosure quality rather than ERM integration depth.

Finding 2: Short-Term Measurability vs. Long-Term Systemic Vision—Both Have Blind Spots

Kesko's action-oriented approach provides a strong foundation for KRI (Key Risk Indicator) design and board-level monitoring. However, the research notes a risk that highly quantified frameworks may cause organizations to underweight systemic risks that are difficult to measure—such as long-term biodiversity loss or the financial implications of social inequality. For Taiwanese companies serving European clients, this is a critical warning: building a KRI system focused exclusively on carbon metrics may create a false sense of ERM completeness.

Migros's systemic approach reflects broader stakeholder perspectives but shows weaker integration with financial materiality assessment. Under IFRS S1/S2 frameworks, this "strong vision, weak financial quantification" profile will face increasing disclosure pressure from investors and regulators. Taiwanese listed companies that currently operate in a similar mode should treat this as an early warning signal.

Finding 3: Stakeholder Engagement Quality Determines Materiality Assessment Accuracy

The study finds that Kesko's stakeholder engagement mechanism is more systematized and directly aligned with CSRD's double materiality analysis requirements, while Migros's engagement, though broad, lacks direct linkage to financial impact assessment. This parallels guidance from the Taiwan Stock Exchange (TWSE) on material topic disclosure, which similarly emphasizes systematic stakeholder identification as a prerequisite for credible materiality assessment.

Methodological Limitation Worth Noting

As a constructive ERM advisor, we must acknowledge the study's primary methodological constraint: Migros declined to participate in interviews, meaning the analysis of Migros's practices relies entirely on published sustainability reports. This creates an inherent asymmetry—Kesko's practices benefit from first-person contextual explanation, while Migros's practices are interpreted solely through formal disclosure. For Taiwanese companies using this research as a benchmark, we recommend supplementing the findings with direct engagement with sustainability practitioners from GRI-aligned companies in comparable industries.

Implications for Taiwan Enterprise Risk Management: Three Structural Priorities

Taiwanese enterprises face a dual pressure: rapidly escalating regulatory requirements from international clients and standard-setters, combined with limited internal capacity to execute ERM integration at the required depth and speed.

Priority 1: Regulatory Framework Determines Integration Depth. Kesko's ability to integrate sustainability into ERM is fundamentally enabled by CSRD's mandatory double materiality requirement, which forces governance-level redesign of risk architecture. Taiwan's current sustainability reporting requirements remain predominantly GRI-voluntary, but as IFRS S1/S2 alignment accelerates, Taiwanese listed companies will face Kesko-equivalent integration pressure. Companies should not wait for regulatory mandates—conducting an ISO 31000 ESG risk gap assessment in 2025–2026 is a prudent proactive investment.

Priority 2: Risk Matrix Design Must Incorporate Sustainability Dimensions. COSO ERM 2017's five components—Governance and Culture, Strategy and Objective-Setting, Performance, Review and Revision, and Information Communication—all require integration of sustainability risk perspectives. Kesko's practice demonstrates that this integration strengthens, rather than burdens, risk matrix precision. Taiwanese companies that maintain traditional financial risk as the sole axis of their risk matrix will be disadvantaged in ESG evaluations and client due diligence processes.

Priority 3: The Migros Silo Model Is Taiwan's Current Reality. Many mid-to-large Taiwanese enterprises currently operate in a manner structurally similar to Migros's decentralized assessment model—individual departments produce sustainability data independently, without a cross-organizational integrated risk view. This may be sufficient for current disclosure requirements, but when European clients initiate CSRD-driven supply chain due diligence, these governance gaps will be exposed with material commercial consequences.

How Winners Consulting Services Co. Ltd. Helps Taiwan Enterprises Build Integrated Sustainability ERM

Winners Consulting Services Co. Ltd. (積穗科研股份有限公司) helps Taiwanese enterprises implement ISO 31000 and COSO ERM frameworks, establish risk matrices and KRI systems, and strengthen board-level risk governance capabilities. Based on the core findings of this research, we recommend the following concrete action steps:

1. 90-Day ESG Risk Integration Assessment: Benchmark existing sustainability reporting processes against ISO 31000:2018 principles and COSO ERM 2017's five components to identify where sustainability risks remain outside the financial risk matrix. This is the foundational step to transition from a Migros-type silo model toward a Kesko-type integrated ERM architecture.
2. Cross-Functional Risk Integration Mechanism Design: Develop an integrated KRI framework covering climate risk, supply chain human rights risk, and regulatory compliance risk, with board-level periodic review protocols that directly connect sustainability risks to financial decision-making processes.
3. Financial Materiality Assessment Aligned with IFRS S1/S2 and CSRD: Establish a systematic double materiality assessment process incorporating stakeholder identification, financial impact quantification, and sustainability reporting IP management. Target completion of the first full assessment cycle within 6 to 12 months, with results directly updating the corporate risk matrix and board risk reporting.

Frequently Asked Questions

How does the Kesko and Migros research directly apply to Taiwanese export-oriented companies?

The most direct application is this: Kesko's CSRD-driven practice of integrating sustainability risks into financial ERM represents exactly the capability Taiwanese exporters need when facing European client supply chain due diligence. Kesko has set a quantified target of 50% carbon emission reduction by 2034 and enforces rigorous human rights audits on suppliers. Taiwanese companies supplying Kesko or similar EU-regulated enterprises must be able to provide sustainability data meeting these standards. We recommend completing a supply chain carbon emissions inventory by end of 2025 and establishing auditable KRI monitoring systems before European clients initiate formal supplier assessments.

What is the most common challenge Taiwanese companies face when integrating sustainability risk into ISO 31000 frameworks?

The most prevalent challenge is organizational silos between the sustainability department and the risk management function—precisely the Migros-type structural pattern observed in this research. ISO 31000:2018 Clause 5.4 explicitly requires risk management to be integrated into organizational structure, strategy, and daily decision-making, not isolated as a standalone process. COSO ERM 2017 similarly emphasizes establishing cross-functional risk communication mechanisms under the Governance and Culture component. The recommended first step is to explicitly define ESG risk integration responsibilities in the ESG committee charter, followed by a 90-day ISO 31000 gap assessment to identify specific process breakpoints.

What are the specific steps and timeline for implementing ISO 31000 with ESG risk integration?

Based on Winners Consulting Services Co. Ltd.'s advisory experience, a typical implementation follows four phases: Month 1 focuses on current-state diagnosis and ISO 31000 gap analysis; Months 2–3 cover risk matrix and KRI framework design incorporating ESG dimensions; Months 4–6 execute the first materiality assessment cycle and establish cross-departmental data collection mechanisms; Months 7–12 conduct system validation, board reporting integration, and continuous optimization. The full foundational mechanism can be established within 7 to 12 months. If concurrent alignment with COSO ERM 2017 and IFRS S1/S2 is required, a full 12-month cycle is recommended to ensure governance documentation completeness.

How should companies realistically assess the resource investment and expected ROI of building a sustainability ERM mechanism?

Research evidence indicates that companies with higher sustainability management maturity can reduce staff hours required for CSRD-equivalent reporting preparation by 30% to 50%. For mid-sized enterprises (500+ employees), typical resource requirements include 1 to 2 dedicated internal staff working alongside external consultants over a 7 to 12-month implementation period. Expected benefits include improved pass rates for European client supply chain evaluations, reduced compliance penalty risk from incomplete disclosures, and improved ESG ratings that may reduce financing costs. For Taiwanese companies supplying to Japanese parent companies with market capitalization above ¥500 billion, new disclosure requirements from Japan's Financial Services Agency working group also create additional urgency for ERM integration.

Why engage Winners Consulting Services Co. Ltd. for Enterprise Risk Management advisory?

Winners Consulting Services Co. Ltd. (積穗科研股份有限公司) offers integrated cross-framework expertise spanning ISO 31000 risk management, COSO ERM 2017, CSRD compliance requirements, and IFRS S1/S2 sustainability disclosure standards. This multi-framework capability enables us to deliver a "single diagnostic, multi-framework integration" advisory service, avoiding the resource waste and framework conflicts that arise when companies engage multiple specialized consultants separately. Our engagement begins with a complimentary mechanism diagnostic that produces a concrete gap list and prioritized action recommendations, ensuring Taiwanese enterprises achieve maximum impact within constrained resources. Whether addressing supply chain sustainability due diligence, board-level risk governance strengthening, or first-time CSRD-compatible sustainability report preparation, Winners Consulting Services Co. Ltd. provides systematic end-to-end support.

積穗科研株式会社解説：KeskoとMigrosの比較研究が示す台湾企業ERM統合の急務

積穗科研股份有限公司（Winners Consulting Services Co. Ltd.）は、2025年に発表されたフィンランドのKesko社とスイスのMigros社の永続性報告実践を比較した最新研究を精査し、台湾企業の企業リスク管理（ERM）に対する重要な示唆を導出した。この研究が明らかにした最も重要な発見は、両社のサステナビリティ目標の野心度の差異ではなく、サステナビリティリスクをERMアーキテクチャにどこまで深く統合しているかという構造的な差異である。