Why ESG Investing Might Never Recover

The ESG brand probably has its best days behind it.

Following a three-year craze for investment products focused on environmental, social and corporate-governance concerns, the percentage of newly created funds in the U.S. and Europe with ESG in their name has fallen from a peak of 8.3% to just 3.3%, according to an analysis of quarterly data by Morningstar Direct.

Likewise, online searches for “ESG investing” have plummeted back to mid-2019 levels, according to Google Trends. Mentions of the term in company analyst calls have dropped 59% from their quarterly peak in 2022, FactSet data suggest.

One explanation is the collapse of the clean-energy stocks most readily associated with the ESG movement. Flagging growth in electric-vehicle sales has hit sector behemoth Tesla . The S&P Global Clean Energy index, which lists solar-panel maker First Solar and Danish wind-turbine giant Vestas among its top constituents, has lost 31% since the start of 2023 as renewable-energy projects have been shelved. That compares with returns of 27% for global stocks.

The rise of ESG investing between 2019 and 2022 coincided with a surge in clean-tech valuations, and now the reverse is happening. Investors have pulled $2.2 billion from funds dedicated to decarbonisation since the start of the year, according to EPFR, and the outflows are getting larger every week.

There is a risk that ESG was an investment fad rather than a financial revolution extending across all industries.

The term was the product of an uneasy three-way alliance. On one side were ethically driven investors, who are particularly widespread in Scandinavia and include pension funds, universities and religious organisations united in wanting to shun contentious firms. On another were institutions such as the United Nations that aimed to channel money to industries that benefit society. Finally, there were investors who wanted to profit from the green revolution.

Asset managers jumped at the chance to cater to all three simultaneously. ESG allowed them to differentiate their products, revitalise the case for active management and, at a time of declining fees, charge more for stock screens that often lead to only small changes in allocations . Among U.S. equity funds, ESG strategies have an asset-weighted average fee of 0.52%, compared with 0.33% overall, Morningstar Direct data shows.

But the confusion of motivations made for contradictions and a lot of doublespeak. Neither ethical objectives nor bets on decarbonisation square logically with fund managers’ claims that ESG is a broad path to higher, safer returns.

Yes, an ESG focus can help active managers account for risks such as a regulatory backlash or governance blow up, which in some cases might be highlighted by new company disclosures. This month the European Union cleared the way toward requiring firms to better report and address sustainability impacts.

However, the assumption that integrating ESG criteria into their screening will lead to better stock picking seems flawed . The very popularity of ESG makes it unlikely that the market is under appreciating the risks. The rush of money into firms like Vestas, whose stock hit a price-to-earnings ratio of 534 in 2022, illustrates the risk that shares with high sustainability scores can get too expensive, leading to lower returns.

Ethical investors might be fine with this, but that just shifts the focus to what counts as ethical. Tellingly, interest in ESG has dropped more in the U.S., where the politicisation of EVs and culture wars surrounding Bud Light beer show how easily corporations can become ideological battlegrounds.

ESG ratings aren’t much help in navigating these issues. Different providers give wildly different scores to the same companies, even within the specific “E,” “S” and “G” factors, according to a February paper by the Leibniz Institute SAFE. Researchers also found that environmental concerns tend to explain most of the overall score.

This is another hint that the ultimate driver of the pandemic-era ESG craze might have been a hunger for thematic investment. It has since found better sources of sustenance, as demonstrated by the breakneck growth of firms such as Global X, which is delivering increasingly granular offerings such as tracker funds for electric batteries, cloud computing and ageing populations.

Buyers of these products can be fickle and jump to the next theme—often too quickly for their own good, a Morningstar analysis showed last November. It is possible that the overly generic ESG brand will never recover its appeal, with the different parts of it eventually rebranded to suit their specific client bases. BlackRock , the world’s largest asset manager, has already dropped it and is now emphasising transition themes over ethical stewardship of companies.

Sustainable investing isn’t going anywhere. But a broad tent covering too many interests serves none of them well.

As tech leaders race to bring Windows systems back online after Friday’s software update by cybersecurity company CrowdStrike crashed around 8.5 million machines worldwide, experts share with CIO Journal their takeaways for preparing for the next major information technology outage.

Be familiar with how vendors develop, test and release their software

IT leaders should hold vendors deeply integrated within IT systems, such as CrowdStrike , to a “very high standard” of development, release quality and assurance, said Neil MacDonald , a Gartner vice president.

“Any security vendor has a responsibility to do extensive regression testing on all versions of Windows before an update is rolled out,” he said.

That involves asking existing vendors to explain how they write software, what testing they do and whether customers may choose how quickly to roll out an update.

“Incidents like this remind all of us in the CIO community of the importance of ensuring availability, reliability and security by prioritizing guardrails such as deployment and testing procedures and practices,” said Amy Farrow, chief information officer of IT automation and security company Infoblox.

Re-evaluate how your firm accepts software updates from ‘trusted’ vendors

While automatically accepting software updates has become the norm—and a recommended security practice—the CrowdStrike outage is a reminder to take a pause, some CIOs said.

“We still should be doing the full testing of packages and upgrades and new features,” said Paul Davis, a field chief information security officer at software development platform maker JFrog . undefined undefined Though it’s not feasible to test every update, especially for as many as hundreds of software vendors, Davis said he makes it a priority to test software patches according to their potential severity and size.

Automation, and maybe even artificial intelligence-based IT tools, can help.

“Humans are not very good at catching errors in thousands of lines of code,” said Jack Hidary, chief executive of AI and quantum company SandboxAQ. “We need AI trained to look for the interdependence of new software updates with the existing stack of software.”

Develop a disaster recovery plan

An incident rendering Windows computers unusable is similar to a natural disaster with systems knocked offline, said Gartner’s MacDonald. That’s why businesses should consider natural disaster recovery plans for maintaining the resiliency of their operations.

One way to do that is to set up a “clean room,” or an environment isolated from other systems, to use to bring critical systems back online, according to Chirag Mehta, a cybersecurity analyst at Constellation Research.

Businesses should also hold tabletop exercises to simulate risk scenarios, including IT outages and potential cyber threats, Mehta said.

Companies that back up data regularly were likely less impacted by the CrowdStrike outage, according to Victor Zyamzin, chief business officer of security company Qrator Labs. “Another suggestion for companies, and we’ve been saying that again and again for decades, is that you should have some backup procedure applied, running and regularly tested,” he said.

Review vendor and insurance contracts

For any vendor with a significant impact on company operations , MacDonald said companies can review their contracts and look for clauses indicating the vendors must provide reliable and stable software.

“That’s where you may have an advantage to say, if an update causes an outage, is there a clause in the contract that would cover that?” he said.

If it doesn’t, tech leaders can aim to negotiate a discount serving as a form of compensation at renewal time, MacDonald added.

The outage also highlights the importance of insurance in providing companies with bottom-line protection against cyber risks, said Peter Halprin, a partner with law firm Haynes Boone focused on cyber insurance.

This coverage can include protection against business income losses, such as those associated with an outage, whether caused by the insured company or a service provider, Halprin said.

Weigh the advantages and disadvantages of the various platforms

The CrowdStrike update affected only devices running Microsoft Windows-based systems , prompting fresh questions over whether enterprises should rely on Windows computers.

CrowdStrike runs on Windows devices through access to the kernel, the part of an operating system containing a computer’s core functions. That’s not the same for Apple ’s Mac operating system and Linux, which don’t allow the same level of access, said Mehta.

Some businesses have converted to Chromebooks , simple laptops developed by Alphabet -owned Google that run on the Chrome operating system . “Not all of them require deeper access to things,” Mehta said. “What are you doing on your laptop that actually requires Windows?”