ESG for Malaysian MSMEs

Build practical ESG knowledge aligned with SEDG, SME Corp's ESG Quick Guide, and Malaysia's sustainability frameworks.

0%
Course Overview

Big customers and banks are starting to ask about your ESG practices. Are you ready to answer them?

This course gives you a clear, step-by-step path to understanding what ESG actually means for your business, and what to do about it. No jargon, no overwhelm. Just practical actions you can start taking this week.

By the end, you will know how to track your environmental impact, improve your workplace practices, strengthen your governance, and put together a simple ESG report that impresses customers and opens doors to new opportunities.

Course Modules
Course Content

Module 1: ESG & My Business

Awareness + Readiness

Understand what ESG means in plain language and connect it directly to your business - cost, revenue, and risk.

Learning Objectives
  • Explain what ESG stands for and why it matters for Malaysian MSMEs
  • Understand how national tools like SME Corp's ESG Quick Guide and SEDG support smaller businesses
  • Connect ESG to the three core business dimensions: cost, revenue, and risk
  • Distinguish between ESG and traditional CSR
  • Identify 3-5 ESG quick wins relevant to your own business
What You'll Learn
  • What ESG means: Environmental, Social, and Governance defined
  • ESG vs CSR - why ESG is central to daily operations, not just charity
  • Malaysia's national ESG landscape: i-ESG, NSRF, SME Corp Quick Guide, SEDG
  • The “cascade effect”: how listed companies pass ESG expectations to SME suppliers
  • ESG in terms of cost (savings), revenue (market access), and risk (operational resilience)
  • Introduction to SME Corp's 13 basic ESG indicators and the SEDG Basic-Intermediate-Advanced levels
  • CIMB's GreenBizReady programme and i-ESG starter kit as practical support tools for Malaysian SMEs
  • ESG-i: Malaysia's Islamic finance-aligned ESG assessment framework for MSMEs

What is ESG?

Environmental, Social and Governance (ESG) describes the way a business manages its impact on the environment, its people, and its own decision-making processes. Environmental covers energy and water use, waste, pollution, and resilience to climate events like floods. Social includes relationships with employees, customers, suppliers, and communities - fair wages, working conditions, safety, and training. Governance concerns how decisions are made and controlled: ethics, anti-corruption, financial transparency, and data protection. Many Malaysian owners are more familiar with CSR (Corporate Social Responsibility), which often centres on donations and sponsorships that sit “on the side” of the business. ESG goes further - it concerns how the business is run every day and how its practices affect cost, revenue, and risk. For example, how a factory manages its wastewater is an environmental issue, how it treats its workers is a social issue, and whether its accounts are transparent is a governance issue. These are not separate projects - they are part of daily management. Banks, large customers, and investors now use ESG information in their decisions about whom to finance and whom to buy from. National initiatives like the National Sustainability Reporting Framework (NSRF) require listed companies to publish sustainability disclosures, which in turn creates indirect pressure on their SME suppliers to provide ESG data. This has moved ESG from listed corporations into smaller businesses that form part of supply chains.

Watch video: What is ESG?

Think about your own business. Which ESG-related practices are you already doing without calling them ESG - for example, saving electricity, treating staff fairly, or keeping transparent records?

ESG in the Malaysian MSME Context

Several national developments have placed ESG firmly on the Malaysian business agenda. The government introduced the National Industry ESG Framework (i-ESG) under the Ministry of Investment, Trade and Industry, and the National Energy Transition Roadmap, both signalling that economic growth should align with environmental responsibility. The i-ESG Framework is built on four key pillars: Standards (adopting appropriate ESG reporting frameworks), Financing (accessing green and ESG-linked funding), Capacity Building (training and tools for businesses), and Market Mechanism (strengthening ESG-compliant supply chains). A self-readiness tool called i-ESGReady and an i-ESG starter kit support companies at the start of their journey. Phase 1.0 (2024-2026) is explicitly designed as a “Just Transition” - a supported, manageable entry point that helps MSMEs begin without being overwhelmed. The intention is not to burden small businesses but to provide a structured pathway so they can build ESG capacity gradually and access emerging opportunities in green supply chains. Capital Markets Malaysia's SEDG was developed for SMEs in supply chains. Its 35 priority disclosures are grouped into Basic, Intermediate, and Advanced levels. For businesses seeking an Islamic-finance-aligned approach, INCEIF University and Ficus Capital developed the ESG-i Assessment Framework - a Shariah-compliant tool built around Planet, People, Profit, and Principle that simplifies ESG for MSMEs. CIMB's GreenBizReady programme offers a complementary one-stop ecosystem providing training, ESG assessment tools, financing connections, and sustainability service providers.

Key Insight: SME Corp Malaysia launched the ESG Quick Guide for MSMEs in 2024, designed to simplify the process of understanding ESG for smaller firms. It introduces 13 basic indicators and an 8-step journey from awareness to simple ESG reporting.

Have any of your customers, banks, or suppliers ever asked you about sustainability or ESG practices? If so, how did you respond? If not, consider which stakeholder is most likely to ask first.

ESG as a Business Issue: Cost, Revenue, Risk

The most useful way to see ESG's relevance is through three business dimensions: Cost: Simple environmental measures - adjusting air-conditioning settings, maintaining machinery, improving lighting, reducing material waste - can lower energy and input costs directly. Stronger HR processes reduce staff turnover and absenteeism. Better governance controls reduce losses from error or misconduct. Revenue: ESG is increasingly a condition for market access. Listed companies on Bursa Malaysia must produce sustainability reports that include supply-chain information. International buyers apply similar pressure. An SME that can demonstrate basic data on its environmental performance, workforce practices, and governance is better positioned to win contracts and participate in global value chains. Risk: Malaysia faces flooding, heatwaves, and storms that can disrupt operations for days or weeks. Social risks include workplace accidents, labour disputes, or reputational damage from poor working conditions. Governance risks include fraud, data breaches, and penalties from non-compliance with regulations like the Personal Data Protection Act 2010 or the Malaysian Anti-Corruption Commission Act 2009. ESG helps businesses think systematically about these risks and implement reasonable controls before a crisis occurs. The important point is that most SMEs are already managing some of these issues informally. ESG simply provides a structured way to see what you are already doing, identify gaps, and communicate your practices to stakeholders who ask.

Watch video: ESG as a Business Issue: Cost, Revenue, Risk

Real-World Example: 💡 Example: A small packaging manufacturer supplying cardboard boxes to food brands found she already had the data her customers needed - electricity bills, waste records, and safety procedures. By following SME Corp's Quick Guide, she tracked energy and waste, implemented low-cost changes (AC settings, machine maintenance, waste segregation), and used SEDG Basic disclosures to respond to customer questionnaires with confidence.

Pick one of the three dimensions - cost, revenue, or risk. What is one specific example from your own business where that dimension connects to an environmental, social, or governance issue?

SEDG: Your Translation Tool

The Simplified ESG Disclosure Guide (SEDG), developed by Capital Markets Malaysia, defines what kind of information businesses should provide to stakeholders interested in ESG performance. Because its 35 disclosures are tiered across three levels, a small enterprise can start with Basic level disclosures that cover fundamental topics like energy use, waste management, employee welfare, and basic governance - leaving Intermediate and Advanced for later as the business grows its capacity. SEDG's usefulness lies in its alignment with questions already being asked by larger companies and financial institutions in Malaysia - making it a “translation tool” between SME reality and stakeholder expectations. When an SME receives a questionnaire about emissions, workplace safety, or anti-corruption from a major buyer, the structure of those questions often reflects SEDG categories. By learning the SEDG framework, you are essentially learning the language that your customers and bankers already speak. For example, if a multinational customer asks about your energy consumption and waste practices, the SEDG Basic environmental disclosures give you a clear format for responding. Instead of guessing what information to provide, you can use SEDG as a checklist to organise data you likely already have - electricity bills, waste disposal records, and safety procedures.

Watch video: SEDG: Your Translation Tool

If your biggest customer sent you a questionnaire tomorrow asking about your energy use and waste practices, could you answer confidently? What information would you need to gather?

Practical Starting Tools

Two practical tools introduced in this module reappear throughout the programme and form the backbone of your ESG journey. They help you connect abstract ESG concepts to the concrete reality of your own business. The “ESG and My Business” canvas is a one-page reflection that maps your business model, major cost drivers, main revenue sources, and key risks. When you write down what you sell, to whom, and how - and list your major costs and operational challenges - it becomes easier to see where environmental, social, and governance issues are already present in daily operations. The readiness self-assessment follows the same approach used in SME Corp workshops and platforms like ESGHub: straightforward yes/no or basic-rating questions across Environmental, Social, and Governance themes. Its purpose is diagnostic, not evaluative. The results show which areas are relatively strong and which may need attention. In Module 7, you will repeat this assessment to measure progress. For businesses using Islamic finance or seeking a Shariah-aligned approach, the ESG-i Assessment Framework (from INCEIF University and Ficus Capital) provides a complementary tool that incorporates Maqasid Al-Shariah principles alongside E, S, and G dimensions. It is designed specifically for MSMEs and is aligned with Bank Negara Malaysia's Climate Change and Principle-Based Taxonomy and SC Malaysia's SRI Taxonomy.

Action step: Set aside 30 minutes this week to sketch a simple map of your business - what you sell, to whom, your major costs, and your top three operational risks. Where do environmental, social, or governance issues naturally appear?

Module 2: What Really Applies to My SME?

Regulations & Market Drivers

Distinguish legal obligations from market expectations and voluntary frameworks. Use a decision tree to identify what ESG requirements matter most for your business.

Learning Objectives
  • Distinguish between legal minimums, market expectations from buyers and financiers, and voluntary ESG initiatives
  • Understand how SEDG and national sustainability reporting frameworks affect SMEs indirectly through the supply chain
  • Use a simple decision tree to determine which ESG expectations are most relevant to your business
  • Identify your top 3 ESG expectations from key stakeholders
  • Build a personalised list of priority SEDG Basic topics for your business
What You'll Learn
  • The hard floor: Malaysian legal baselines on labour, safety, environment, anti-corruption, and data protection
  • Bursa Malaysia's sustainability reporting requirements and how they cascade to SME suppliers
  • The National Sustainability Reporting Framework (NSRF) and its indirect impact on MSMEs
  • SEDG Basic, Intermediate, and Advanced levels - what each means for an SME
  • The role of Scope 3 emissions in creating pressure on SME suppliers
  • Decision tree: identifying which frameworks and expectations apply to your business

The "Hard Floor": Legal Obligations

Every business in Malaysia must comply with a set of legal requirements that form the absolute baseline - what we call the “hard floor.” ESG does not replace these obligations; it builds on top of them. Key legislation includes the Employment Act 1955 covering minimum wages and working hours, the Occupational Safety and Health Act 1994 requiring safe workplaces, the Environmental Quality Act 1974 governing pollution and waste, the Malaysian Anti-Corruption Commission Act 2009 addressing bribery and corruption, and the Personal Data Protection Act 2010 protecting customer and employee information. Think of it as a building. The ground floor is legal compliance - you must have it in place. ESG is the upper floors, where you go beyond the minimum to build practices that improve efficiency, attract better customers, and reduce risk. A business that skips the ground floor will find its ESG efforts meaningless, because stakeholders expect legal compliance as a given. This course does not constitute legal advice. Whenever there is doubt about specific requirements, consult professional advisers or official government guidance. The key distinction is that ESG frameworks are not law in themselves - they are frameworks for disclosing and improving performance beyond the legal minimum. Understanding this distinction prevents confusion and helps you prioritise correctly.

Key Insight: ESG does not replace your legal obligations - it builds on them. Always ensure basic compliance first, then use ESG frameworks to go further.

How confident are you that your business fully meets the legal baseline - employment law, workplace safety, environmental permits, data protection, and anti-corruption? Which area would you want to double-check first?

The Cascade: How Listed Companies Create SME ESG Pressure

One of the most important forces driving ESG expectations into smaller businesses is the supply chain cascade, where requirements flow from listed companies down through their supply chains to smaller suppliers. Three distinct but interrelated layers shape how ESG affects Malaysian SMEs: Layer 1 - Legal Obligations: Baseline laws every business must follow (minimum wages, OSH, environmental permits, PDPA, anti-corruption). Layer 2 - Regulatory Disclosure: Bursa Malaysia listing rules and the National Sustainability Reporting Framework (NSRF) require listed companies to publish sustainability statements. These are binding obligations for listed issuers, scrutinised by investors and regulators. Layer 3 - Guidance Tools: Voluntary frameworks such as SEDG, the SME Corp Quick Guide, and bank playbooks (including CIMB's GreenBizReady) help businesses structure and improve their performance and disclosure. Although unlisted SMEs are not directly covered by Layer 2, they are often part of the supply chains that listed companies must describe. This creates the "cascade." When a listed company must report emissions, it may ask SME suppliers for electricity, fuel, and transport data. The NSRF is built on IFRS S1 (general sustainability-related financial disclosures) and IFRS S2 (climate-related disclosures), making climate risk a baseline expectation for larger Malaysian companies and their supply chains.

Real-World Example: 💡 Example: A medium-sized logistics company began receiving detailed supplier questionnaires from multinational manufacturers. Management adopted SEDG as a reference point - at Basic level, they started tracking aggregate fuel use and accident data, and formalised a simple anti-corruption policy.

List your three biggest customers. Are any of them listed on Bursa Malaysia or part of a multinational group? If yes, they may already be preparing to ask you for ESG data - or they soon will.

Scope 3 Emissions and the SME

“Scope 3 emissions” refers to the greenhouse gas emissions in a company's entire value chain - both upstream (from suppliers) and downstream (from customers using the product). For large Malaysian companies committed to net-zero or emissions reduction targets, Scope 3 is often their largest category of emissions. To report it accurately, they need data from their SME suppliers. This is why a logistics company, food manufacturer, or component supplier might start receiving questions about their electricity use, vehicle fuel consumption, and waste - even if they are a small business. The SME's data becomes the large company's Scope 3 footprint. Responding to these requests using SEDG Basic level disclosures gives SMEs a structured, credible way to answer. The important takeaway is that Scope 3 reporting is not something most SMEs need to do themselves right now. However, being prepared to provide your own Scope 1 and Scope 2 data when asked gives you a genuine competitive advantage. Start by collecting your monthly electricity bills and fuel receipts. These simple records form the foundation of your emissions data and demonstrate to larger customers that you take sustainability seriously. Many SMEs discover they already have most of this information filed away in their accounts department.

Watch video: Scope 3 Emissions and the SME

Do you currently keep your monthly electricity bills and fuel receipts organised and accessible? If a large customer asked for your energy data next week, how quickly could you provide it?

Using the Decision Tree

Not every ESG framework applies equally to every business, which is why a structured approach to identifying your specific priorities matters in practice. This targeted approach saves time and ensures your ESG efforts are relevant. Rather than trying to comply with every possible framework, MSMEs benefit from a focused approach. The first step is stakeholder mapping - identifying your main customers, banks, and regulators, and understanding what ESG information each may request. Three key questions then help clarify what applies: 1. Are you supplying to listed or multinational buyers? If yes, SEDG Basic disclosures are highly relevant. 2. Do financiers ask ESG questions during loan applications? Banks including CIMB now use ESG assessments for SME clients. 3. Is your sector high-impact? Manufacturing, logistics, agriculture, and construction face earlier and more specific ESG expectations. By working through these questions, each SME can build a personalised, manageable list of priority SEDG Basic disclosures rather than attempting to address all 35 at once. Practical Tip: Read your largest customers' published sustainability reports - they are publicly available on Bursa Malaysia's website. These reports reveal exactly which ESG data points the customer is collecting from its supply chain, giving you advance notice of what questionnaires or audit requests may follow.

Action step: Run through the three decision tree questions for your own business right now. Write down your answers and the top three SEDG Basic topics they point you toward.

Module 3: Environmental Basics for SMEs

Simple First, Data Later

Start environmental improvements with simple actions and checklists. Introduce basic data collection only where feasible. Connect your actions to SEDG Basic environmental disclosures.

Learning Objectives
  • Identify where your business touches the environment: energy, water, waste, fuel, and local pollution
  • Use a qualitative "no-calculator" environmental checklist to identify quick wins
  • When ready, estimate basic energy-related emissions using simple data from utility bills
  • Select three practical environmental actions that save cost and support SEDG Basic environmental disclosures
  • Understand Malaysia's environmental context and why green business practices are becoming critical
What You'll Learn
  • Malaysia's environmental context: climate commitments, i-ESG, and MSME environmental footprint
  • Common environmental issues for Malaysian SMEs: electricity, fuel, water, waste, and pollution
  • Step 1: qualitative yes/no environmental checklist for immediate quick wins
  • Step 2: basic data capture for electricity, fuel, and water when ready
  • Low-cost, practical improvements: behavioural measures, preventive maintenance, waste reduction
  • Connecting actions to SEDG Basic environmental disclosures: energy use, emissions estimates, waste practices

Malaysia's Environmental Context

Malaysia has committed internationally to reduce the intensity of its greenhouse gas emissions and to move towards carbon neutrality around mid-century. Policy initiatives such as the National Energy Transition Roadmap and the National Industry i-ESG Framework are explicitly framed around improving resource efficiency, encouraging clean energy, and supporting a low-carbon economy. SMEs make up more than 97% of business establishments in Malaysia and contribute significantly to employment and GDP. Because SMEs are so numerous, their collective environmental footprint is large, even if each firm appears small in isolation. The i-ESG framework gives particular attention to helping MSMEs adopt greener practices and reduce their environmental footprint during its "Just Transition" phase from 2024 to 2026. For SMEs, the environmental dimension of ESG is often the most tangible starting point because it connects directly to costs you already pay: electricity bills, fuel, water, and waste disposal. Businesses that reduce their energy use and waste now will be better positioned as environmental regulations tighten. The December 2021 floods across Selangor and Pahang caused billions of ringgit in damage and disrupted supply chains for weeks, demonstrating that environmental resilience is not an abstract concept but directly affects business continuity and the bottom line for businesses of every size.

Key Insight: Malaysia's historically cheap utilities (subsidised electricity and water) have reduced incentives for efficiency. As subsidies adjust, businesses that have already invested in efficiency will be better positioned.

Have you ever experienced a flood, heatwave, or storm that disrupted your business operations? How long did it take to recover, and what would you do differently next time?

Where Does Your Business Touch the Environment?

Environmental impact varies by sector, but several themes recur for Malaysian SMEs: Office and service businesses: Electricity for lighting, air-conditioning, computers, and equipment is typically the dominant cost and emission source. Manufacturing and production: Electricity plus fuel for machinery, vehicles, and forklifts. Raw material use, water consumption, and waste generation (offcuts, packaging, chemicals) are also significant. Food and beverage: Refrigeration, cooking energy, water use, organic waste, and packaging are key. Logistics and transport: Vehicle fuel consumption is the primary environmental footprint, along with vehicle maintenance and tyre disposal. Water, effluent, and chemicals: Businesses in manufacturing, food processing, laundry services, car workshops, and healthcare regularly use water in their processes or generate liquid waste (effluent). Those using cleaning chemicals, lubricants, solvents, or pesticides must consider how these are stored, used, and disposed of. The first step is to walk through your operations from morning to evening and note every point where you consume a resource or produce waste. Common touchpoints include electricity for lighting and cooling, fuel for vehicles and generators, water for cleaning or production, and waste from both general operations and packaging. Mapping these interactions creates a practical foundation for the environmental measures covered in the rest of this module.

Watch video: Where Does Your Business Touch the Environment?

Action step: Walk through your business from opening to closing time. At each step, note what resources you consume - electricity, fuel, water, materials - and what waste you produce. You may be surprised how many touchpoints there are.

Understanding Scope 1, 2, and 3 Emissions

When businesses and frameworks talk about carbon emissions, they use three internationally recognised categories defined by the Greenhouse Gas Protocol, the most widely used international standard for emissions accounting. Understanding these categories helps you respond to data requests from larger customers and track your own environmental performance over time. For most Malaysian SMEs, the practical starting point is Scope 1 and Scope 2 data. Your monthly TNB electricity bill and fuel purchase receipts already contain the numbers you need. Scope 3 is harder to measure but becomes relevant when larger customers ask about your full supply chain impact: Scope 1 - Direct emissions: Emissions from sources your business owns or controls directly. Examples: fuel burned in your own vehicles or generators; gas used in a production furnace; refrigerant leaks from your air-conditioning units. Scope 2 - Indirect energy emissions: Emissions from the generation of electricity, steam, or heat that you purchase and consume. For most Malaysian SMEs, this is the electricity bill - TNB generates electricity using a mix of gas, coal, and renewables, and the carbon associated with that generation is your Scope 2. Scope 3 - Value-chain emissions: All other indirect emissions, both upstream (from suppliers and raw materials) and downstream (from customers using your products). Scope 3 is typically the largest category for most businesses but the hardest to measure.

Watch video: Understanding Scope 1, 2, and 3 Emissions

Key Insight: Start with Scope 2 (your electricity bill) and Scope 1 (your fuel). Together, these two figures give most SMEs their core emissions baseline.

Look at your latest electricity bill. Do you know how many kWh your business used last month? That single number is the starting point for your Scope 2 emissions estimate.

Start Simple, Add Data When Ready

Environmental improvement works best as a two-step progression. Start with what you can do today, then build towards more detailed measurement as your business is ready: Step 1 - Qualitative Checklist (Start Here): A yes/no checklist that asks simple questions without requiring data collection. Examples: "Do you track your monthly electricity bills?", "Do you have a switch-off policy for lights and equipment?", "Do you practice basic waste separation?" Any business can complete this immediately, regardless of size. Step 2 - Basic Data Collection (When Ready): Captures actual numbers for electricity (kWh from utility bills), fuel (litres for vehicles and generators), and water (m³). These figures can then be used for a simple emissions estimate using publicly available conversion factors. This does not require expensive software: a simple spreadsheet recording monthly figures is a solid starting point. These steps are not mutually exclusive. A service business might start with the qualitative checklist while gradually building data collection habits. The key is to begin where you are rather than waiting until you have perfect systems in place. Progress, even small progress, is always better than inaction. The measures you adopt now will compound over time as they become habits across your organisation.

Key Insight: The right step is the one you can actually complete. A qualitative checklist today is better than perfect data never.

Which step fits your business right now - the qualitative checklist or basic data collection? What is one thing preventing you from starting today, and how could you overcome it?

Low-Cost Environmental Quick Wins

Environmental improvements need not be expensive, and many of the most effective changes cost nothing at all. The principle is simple: start with changes that save money, then reinvest those savings into larger improvements over time. Banks, government guides, and the i-ESG starter toolkit consistently highlight the same set of high-impact, low-cost measures: Behavioural measures: Switch-off policies for lights, computers, and equipment at end of day. Temperature settings for air-conditioning (24-26°C instead of 18-20°C). Reducing idle engine time for delivery vehicles. Preventive maintenance: Servicing air-conditioning units removes dust and ice build-up that forces the compressor to work harder. Maintaining machinery reduces energy waste and extends asset life. Waste reduction and recycling: Basic waste segregation (paper, plastic, organic) reduces waste disposal costs and can generate income through recyclable material sales. For energy, set air conditioning to 24-25°C because every degree lower than necessary increases energy use by roughly six percent. Clean AC filters monthly, switch to LED lighting which uses up to 75 percent less electricity, and turn off equipment when not in use. For water, fix leaks promptly and install low-flow taps. Monitor your utility bills monthly to catch unusual spikes and measure the impact of your changes over time.

Real-World Example: 💡 Example: A Johor Bahru printing company serviced its four air-conditioning units after a simple environmental checklist revealed they hadn't been cleaned in over a year. Within two months, its electricity bill fell by approximately 12%. The checklist took 20 minutes to complete and directly led to a RM 400 monthly saving.

Choose one quick win from this section that you could implement in your business this week. What would the first step be, and who in your team would you involve?

Connecting to SEDG Basic Environmental Disclosures

SEDG structures its environmental chapter around five topics: Emissions, Energy, Water, Waste, and Materials. At Basic level, SMEs are not required to report exhaustively on all five - the standard is transparency about what is material to your business and what actions you are taking. Emissions: Your Scope 1 and Scope 2 figures (fuel and electricity). Energy: Total energy consumption and any renewable energy used. Water: Volume of water consumed, and whether effluent is generated. Waste: Types of waste generated and how each is handled. Materials: Key raw materials or consumables, especially hazardous ones. Businesses starting with the qualitative checklist can often satisfy the most fundamental SEDG disclosure by stating their electricity consumption (from monthly bills), describing their waste practices qualitatively, and noting any environmental management steps taken. CIMB tools that help: MGTC's LCOS (Low Carbon Operating System) calculator, accessible through CIMB's GreenBizReady platform, provides a straightforward way for SMEs to estimate their Scope 1 and 2 emissions using utility bill data. The purpose of these disclosures is not perfection but transparency. Reporting honestly on what you know, and acknowledging gaps where data is incomplete, is more credible than claiming comprehensive coverage. Stakeholders understand that SMEs are on a journey, and starting with Basic disclosures demonstrates genuine commitment to improvement.

Of the five SEDG environmental topics - emissions, energy, water, waste, and materials - which two are most relevant to your business? What information do you already have that could support a basic disclosure for each?

Module 4: Social Practices

People, Work & Community

Fair wages, worker safety, community engagement, and supply-chain social standards for Malaysian MSMEs.

Learning Objectives
  • Distinguish between legal compliance baselines and voluntary ESG social practices
  • Identify key SEDG social disclosures (S1-S5) and how they apply to your business
  • Explain why social performance affects supply-chain access and trade relationships
  • Design practical improvements in worker welfare, safety, and community engagement
  • Connect SME Corp Quick Guide social indicators to everyday business decisions
What You'll Learn
  • Legal baselines: Employment Act 1955, minimum wage (RM 1,700), occupational safety and health regulations
  • Occupational safety challenges in Malaysian SMEs and DOSH injury data
  • Forced labour risks, supply-chain expectations, and the National Action Plan on Forced Labour
  • SEDG social disclosures: human rights, employee management, diversity, OHS, and community engagement
  • Practical steps to improve worker welfare, reduce turnover, and build community relationships
  • How social performance links to market access, productivity, and long-term business resilience

Labour Law: The Hard Floor for Social Practices

Before exploring voluntary ESG social practices, every Malaysian employer must understand the legal baselines that form the non-negotiable foundation. Malaysia has well-developed labour and occupational safety legislation, and failure to comply can result in penalties or legal action. The key statutes include the Employment Act 1955, which now extends protections to virtually all private-sector employees. Recent amendments have raised parental leave provisions and strengthened requirements around working hours and benefits. The national minimum wage increased to RM 1,700 per month from February 2025 for employers with five or more workers, with smaller employers given until August 2025 to comply. This rate applies to both local and foreign workers. Other critical laws include the Occupational Safety and Health Act 1994 (OSHA), social security regulations under SOCSO, and protections for migrant workers. These statutory provisions are not optional - they represent the ground floor upon which ESG social practices are built. The ESG social pillar does not replace these obligations. Instead, it asks: beyond basic compliance, how does your business treat its people? Are working conditions genuinely safe and fair? Do employees have development opportunities? These questions take you from the legal minimum to genuine social performance that builds trust and resilience.

Watch video: Labour Law: The Hard Floor for Social Practices

Key Insight: The minimum wage for Malaysian workers increased to RM 1,700/month from February 2025 for employers with 5+ workers. Smaller employers had until August 2025 to comply. This applies to both local and foreign workers.

Review your own employment practices. Are you fully compliant with the latest minimum wage requirements? Beyond compliance, what is one area where your workers might benefit from improved conditions - for example, more predictable schedules, better onboarding, or clearer career paths?

Workplace Safety: A Critical SME Challenge

Occupational health and safety (OHS) is one of the most pressing social issues for Malaysian SMEs. Data from the Department of Occupational Safety and Health (DOSH) show that occupational injuries rose sharply in 2022, with 34,216 reported cases - an increase of nearly 59% compared with the previous year. SMEs account for a high proportion of these incidents. Researchers emphasise that many accidents could be prevented through basic hazard identification, training, and enforcement of safe work procedures. However, SMEs frequently lack dedicated safety personnel and formal systems. In labour-intensive manufacturing, construction, and agriculture, safety hazards include falls, machinery accidents, chemical exposures, and ergonomic issues. The International Labour Organization (ILO) has called for stronger attention to safe and healthy working conditions across all tiers of Malaysian supply chains, drawing particular attention to long hours, OHS hazards, and inadequate living conditions in migrant worker dormitories. Under SEDG, occupational health and safety is a distinct social topic with specific disclosures on fatalities, injuries (SEDG-S4.1), and the proportion of employees who receive health and safety training. For an SME, these may seem demanding at first, but in practice they map closely to record-keeping and training requirements that already exist under OHS regulations.

Does your business track workplace injuries and near-misses? If not, what simple system could you put in place this month - for example, a logbook at the front desk or a shared spreadsheet?

Supply Chains, Forced Labour, and Trade

The social pillar of ESG has become a trade issue, not just an ethical question. International organisations, civil society groups, and trading partners have documented serious problems with forced labour in some Malaysian industries, particularly those relying heavily on migrant workers. A comprehensive study by the organisation Verité found that nearly one in three foreign workers surveyed in Malaysian electronics manufacturing was in a situation that met their criteria for forced labour, often linked to excessive recruitment fees, debt bondage, and retention of passports. In the rubber glove and palm oil sectors, the United States Customs and Border Protection has imposed Withhold Release Orders (import bans) on several Malaysian companies over forced labour allegations. In response, the Malaysian government launched a National Action Plan on Forced Labour aimed at eliminating the practice by 2030 and has proposed amendments to strengthen penalties. This directly affects SMEs. When buyers in the US, Europe, or elsewhere face regulatory pressure to ensure their supply chains are free of forced labour, they pass those expectations down to their Malaysian suppliers - regardless of company size. The SEDG Human Rights and Labour Practices Guide recommends that companies identify operations and suppliers at higher risk, record incidents, and report preventive, corrective, and remedial actions. Even for domestically oriented SMEs, these expectations are filtering through. Major Malaysian corporates and government agencies increasingly require suppliers to demonstrate that their labour practices meet basic standards.

Watch video: Supply Chains, Forced Labour, and Trade

Real-World Example: 💡 Example: A medium-sized rubber glove manufacturer found that its largest international customers tightened their supplier codes of conduct after industry-wide forced labour concerns. Using SEDG’s human rights guidance, the company reviewed its recruitment agencies, prohibited excessive fees, returned confiscated passports to workers with secure locker storage, and strengthened overtime monitoring. These changes were not easy, but they were cheaper than losing major export markets.

Think about your supply chain relationships. Have any of your customers - local or international - ever asked about your labour practices, worker conditions, or recruitment policies? How would you respond if they did?

Practical Social Improvements for SMEs

For many domestically oriented SMEs, social improvements start not with dramatic reforms but with modest, practical steps that address real business problems. Consider a family-owned retail company with fifty employees across several outlets. Turnover is high, shifts are unpredictable, benefits are minimal, and customer complaints about service are increasing. Using SME Corp’s Quick Guide social indicators and SEDG’s employee management disclosures as a reference, management can take structured action: Step 1 - Understand what you have: Start monitoring average training hours per employee (SEDG-S2.1), employee turnover rates, and simple diversity data such as gender and age distribution (SEDG-S3.1). These numbers reveal patterns you may not have noticed. Step 2 - Make targeted improvements: Offer structured onboarding for new staff. Provide a small training allowance for long-tenured employees. Introduce more predictable shift rosters. These are low-cost changes that directly address turnover and service quality. Step 3 - Track and report: After 6-12 months, you can truthfully state that you have increased training hours, monitored turnover, and made incremental improvements - all reflected in SEDG-aligned social metrics. SME Corp’s Quick Guide highlights that employee benefits and organisational culture are among the indicators “less practised” by MSMEs but essential for business sustainability. The Quick Guide encourages owners to ask: “Do our workers have basic benefits and development opportunities?” and “Is our workplace culture healthy enough to sustain us through change?”

What is one low-cost change you could implement in the next month to improve how your employees experience their workplace - for example, a structured onboarding process, more predictable scheduling, or a simple training session?

Community Engagement and the Big Picture

Community engagement is an element of the social pillar that often resonates with Malaysian SMEs because many smaller businesses already support local communities informally - through donations to schools, sponsoring religious institutions, or supporting community events. SEDG acknowledges this by including a basic disclosure on the total amount of community investment and donations (SEDG-S5.1) and by encouraging companies to describe significant impacts, positive or negative, on local communities. While community contributions cannot substitute for responsible labour and safety practices, they can reinforce a positive relationship with the surrounding community and sometimes help address grievances before they escalate. For example, a small manufacturing firm experiencing complaints about noise and lorry movements might pair operational adjustments - such as limiting certain activities at night - with dialogue and support for local initiatives, documenting both as part of its community engagement. The social pillar, then, is both demanding and opportunity-rich. It demands that SMEs confront difficult questions about how workers are recruited, treated, and protected. Ignoring these questions carries risks: potential sanctions from regulators, exclusion from supply chains, reputational damage, and loss of trust among employees and customers. But it also offers opportunities. Businesses that invest thoughtfully in their people and relationships often enjoy lower staff turnover, higher productivity, better service quality, and greater resilience. Growing evidence suggests that a focus on “decent work” - fair pay, safe conditions, reasonable hours, voice, and development opportunities - is not a charitable burden but a driver of long-term performance. In later modules, when you build your 12-month ESG roadmap, you will be encouraged to include social actions alongside environmental and governance ones: perhaps a commitment to meet or exceed minimum wage and overtime rules, reduce injury rates, provide a minimum level of training, or formalise a simple grievance mechanism.

Watch video: Community Engagement and the Big Picture

List two ways your business already contributes to the local community - even informally. Now think of one additional way you could strengthen that relationship while also generating goodwill for your business.

Module 5: Governance & Integrity

Decisions, Controls & Trust

Anti-corruption policies, internal controls, data protection, and ethical decision-making for owner-managed businesses.

Learning Objectives
  • Explain why governance matters for owner-managed MSMEs, not just listed companies
  • Describe the five principles of the MSME Governance Code (Securities Commission, 2024)
  • Identify practical anti-corruption measures and understand MACC Act 2009 Section 17A corporate liability
  • Design a basic risk register and business continuity plan suited to your business
  • Connect SEDG governance disclosures (G1-G4) to everyday management decisions
What You'll Learn
  • Malaysian Code on Corporate Governance (MCCG): principles for board leadership, audit, and integrity
  • MSME Governance Code 2024: five principles - decision-making, culture, risk governance, sustainability, disclosure
  • Anti-corruption: MACC Act 2009 Section 17A corporate liability, codes of ethics, and gift policies
  • Risk management: risk registers, business continuity plans, and cyber security for SMEs
  • Data protection under PDPA 2010 and practical measures for safeguarding personal data
  • SEDG governance disclosures G1-G4 and how to satisfy them at Basic level

Why Governance Matters for Owner-Managed Businesses

For many owner-managed businesses, the word “governance” sounds abstract or bureaucratic, as if it belongs only in the boardrooms of listed companies. In reality, governance is about something very familiar to every entrepreneur: how decisions are made, who has authority to do what, how money and information are controlled, and how the business maintains integrity and trust over time. These questions are central to survival and growth, regardless of company size. At the national level, Malaysia has long recognised the importance of governance. The Malaysian Code on Corporate Governance (MCCG), first introduced in 2000 and most recently updated in 2021, sets out principles and best practices for companies listed on Bursa Malaysia. The MCCG is organised around three main principles: board leadership and effectiveness, effective audit and risk management, and integrity in corporate reporting and meaningful relationships with stakeholders. Most MSMEs, however, are not listed and do not have the same governance architecture. Recognising this, the Securities Commission Malaysia and its partners developed a Governance Code specifically for Malaysian MSMEs. Released in draft form for public consultation in March 2024 and now finalised, this code aims to improve transparency, integrity and business resilience across the SME sector, in line with the 12th Malaysia Plan and the National Entrepreneurship Policy 2030.

In your own business, who makes the major decisions - purchasing, hiring, contracts? Are these roles and authorities clearly documented, or does everything flow through one person? What risks does that create?

Anti-Corruption and Ethical Conduct

Ethical conduct and anti-corruption are a cornerstone of governance. The MCCG explicitly calls on boards to establish a code of conduct and ethics that addresses conflicts of interest, abuse of power, corruption, insider trading and money laundering. While MSMEs may not face the same capital-market risks, they are not immune to corruption and fraud. Small bribes or kickbacks in procurement, unofficial “commissions” to secure contracts, or misuse of company funds for personal purposes can be particularly damaging in a small business. The MSME Governance Code reinforces the expectation that companies adopt anti-corruption policies and control mechanisms appropriate to their size. Critically, the Malaysian Anti-Corruption Commission (MACC) Act 2009, Section 17A, imposes corporate liability for corruption by associated persons. This means even smaller companies can be held accountable if they fail to prevent bribery. The defence is to show that the company had “adequate procedures” in place to prevent corrupt practices. In practice, an SME might respond by drafting a short code of ethics: no bribery, no facilitation payments, no undisclosed conflicts of interest, and clear rules on accepting gifts and hospitality. This code can be communicated at staff briefings, included in employment contracts, and applied in procurement by requiring suppliers to confirm their own compliance. These measures need not be complex to be effective - the key is that expectations are explicit and consistently enforced.

Watch video: Anti-Corruption and Ethical Conduct

Key Insight: MACC Act 2009 Section 17A creates corporate liability for corruption by associated persons. Even small companies can be held accountable if they fail to prevent bribery. Having “adequate procedures” is the legal defence.

Real-World Example: 💡 Example: A small engineering firm discovered that a procurement officer was accepting gifts from a supplier in exchange for favourable treatment. After the incident, the owner drafted a two-page code of ethics covering gifts, conflicts of interest, and reporting procedures. Staff were briefed, the code was added to employment contracts, and a simple anonymous reporting channel was established via a shared email address.

Does your business have any written rules about gifts, conflicts of interest, or bribes? If a new employee started tomorrow, would they know what is and isn’t acceptable? What one step could you take to make expectations clearer?

Risk Management and Business Continuity

Risk management and internal controls are perhaps the most technical-sounding aspects of governance, but at SME level they boil down to a simple question: how do you avoid nasty surprises? The MSME Governance Code recommends that companies assess their business risks, establish formal processes for identifying significant risks, and adopt control mechanisms. It also recommends developing a business continuity plan to safeguard operations during unforeseen disruptions. For a micro-enterprise, this might mean identifying the handful of risks that could critically damage the business - such as the sudden loss of a major customer, a fire at the premises, key staff resignations, or a cyber-attack - and thinking through basic mitigation measures. One medium-sized professional services firm learned this the hard way when it suffered a ransomware attack that encrypted client files and disrupted operations for weeks. After the incident, the company invested in basic cyber-security measures: regular data backups, strong password policies, updated antivirus software, and limited administrative access. It also implemented a simple incident response procedure and included cyber risk in its risk register. A practical risk register for an SME can be as simple as a spreadsheet with four columns: Risk Description (what could go wrong), Likelihood (high/medium/low), Impact (high/medium/low), and Mitigation (what you are doing about it). Reviewing this quarterly keeps risks visible and ensures that basic controls remain in place.

Real-World Example: 💡 Example: A small catering company identified three critical risks: food poisoning from contaminated ingredients, loss of its commercial kitchen lease, and the sudden departure of its head chef. For each risk, it documented simple mitigations: supplier quality checks and temperature logs, a backup kitchen arrangement with a partner caterer, and cross-training of two assistant chefs. This exercise took one afternoon but gave the owner confidence and a reference document for staff.

What are the three biggest risks that could seriously disrupt your business tomorrow? For each one, do you have any mitigation in place, or would you be starting from scratch?

Data Protection and the PDPA 2010

Data protection is increasingly important for businesses of all sizes. The Personal Data Protection Act 2010 (PDPA) governs how personal data is collected, processed, and stored in Malaysia. It applies to any commercial transaction involving personal data and establishes seven principles: General, Notice and Choice, Disclosure, Security, Retention, Data Integrity, and Access. For SMEs, this means that customer databases, employee records, supplier contact lists, and any other personal information must be handled responsibly. Common practical measures include: • Informing individuals why their data is being collected and obtaining consent • Limiting access to personal data to authorised staff only • Using strong passwords and encryption for digital records • Not retaining personal data longer than necessary • Having a simple procedure for individuals to request access to or correction of their data The MSME Governance Code and SME Corp’s Quick Guide both single out data protection as vital for business sustainability but “less practised” among MSMEs. Under SEDG, governance disclosures include measures taken to protect personal and business data, making data protection a reportable topic. With cyber threats growing - from phishing emails to ransomware - even basic measures like regular backups, two-factor authentication, and staff awareness training significantly reduce risk. The cost of a data breach, whether in fines, lost customer trust, or operational disruption, typically far exceeds the cost of prevention.

Watch video: Data Protection and the PDPA 2010

Think about the personal data your business holds - customer details, employee records, supplier contacts. How is this data stored and protected? Could you explain your data practices if a customer asked?

SEDG Governance Disclosures and Governance Culture

The Simplified ESG Disclosure Guide (SEDG) expects companies to provide governance information across four Basic-level topics: SEDG-G1: Number of directors in the company SEDG-G2: List of company policies (code of conduct, anti-corruption, whistleblowing, health and safety) SEDG-G3: Year of last submitted audited financial report SEDG-G4: Number and nature of confirmed incidents of corruption These disclosures are straightforward. If your company has adopted a code of ethics and an anti-corruption policy, maintained financial records, and had no corruption incidents, you can fill in SEDG-G1 to G4 with confidence. These governance disclosures provide stakeholders with assurance that your environmental and social promises are backed by systems, not just words. But governance is not just about structures and documents - it is also about culture. The MSME Governance Code includes “culture and commitments” as one of its five pillars, recognising that the behaviour of owners and managers shapes how staff perceive and respond to rules. This is often called “tone from the top.” A company that has a code of ethics on paper but tolerates favouritism, unsafe shortcuts, or casual misuse of funds in practice is unlikely to gain trust. Conversely, when owners model ethical conduct, listen to staff concerns, and act consistently with declared values, formal governance measures are more likely to succeed. SME Corp’s Quick Guide reinforces this by identifying company culture as one of the key indicators for MSMEs - a healthy culture contributes to sustainability in ways not easily captured in checklists. Within the structure of this programme, Module 5 performs an important integrative function. Environmental and social practices from Modules 3 and 4 depend on governance arrangements for their effectiveness. Sound governance amplifies ESG efforts: it ensures that policies are implemented, risks are monitored, data is collected and reported, and stakeholders are engaged in meaningful ways.

Watch video: SEDG Governance Disclosures and Governance Culture

Think about the “tone from the top” in your own business. If you asked your employees whether you practise what you preach on ethics and fairness, what would they say? What one behaviour could you model more consistently?

Module 6: Building Your ESG Plan

12-Month ESG Roadmap

Setting priorities, targets, and a 12-month action roadmap for your business using materiality assessment and SEDG.

Learning Objectives
  • Conduct a simple materiality assessment to prioritise ESG topics for your business
  • Translate material topics into objectives, indicators, and quarterly actions using SME Corp’s 8-step approach
  • Align your roadmap with SEDG maturity levels (Basic/Intermediate/Advanced) for phased planning
  • Design a realistic 12-month ESG roadmap covering environmental, social, and governance actions
  • Identify an ESG champion and establish a quarterly review process
What You'll Learn
  • Materiality assessment: prioritising ESG topics by business impact and stakeholder concern
  • SME Corp Quick Guide 8-step approach and its 13 basic indicators
  • SEDG maturity levels (Basic/Intermediate/Advanced) for phased ESG planning
  • 12-month roadmap design: quarterly milestones across E, S, and G pillars
  • The ESG champion role, leadership support, and change management for SMEs
  • CIMB MSME ESG Assessment and other tools for automatic roadmap generation

Materiality: Focusing on What Matters Most

A central concept in modern ESG practice is materiality. Materiality is a way of prioritising. Rather than attempting to address every possible ESG topic, businesses are encouraged to focus on those issues that matter most - to the business itself and to its stakeholders. In ESG reporting frameworks such as the Global Reporting Initiative and in guidance for Malaysian companies, a material topic is one that reflects the organisation’s significant economic, environmental or social impacts, or substantially influences the decisions of stakeholders. Consultants who work with Malaysian firms emphasise that materiality assessment is the cornerstone of an effective ESG strategy: by identifying and ranking issues based on business impact and stakeholder concern, companies can direct their limited resources to the areas where they can make the biggest difference. For an SME, materiality assessment can be simpler but still structured. You have already reflected on your business model, cost drivers, revenue sources and key risks in earlier modules. Module 6 builds on this by encouraging you to pull these threads together. Practically, this involves listing potential ESG topics (such as energy efficiency, waste management, worker safety, fair wages, anti-corruption, data protection) and then scoring them along two dimensions: how much they affect your business success, and how important they are to your key stakeholders. A small food manufacturing company might identify rising energy costs, food safety and worker safety as highly material topics because they affect both profitability and customers’ trust. A logistics SME might find that fuel efficiency, driver safety and anti-corruption in procurement are top priorities. By going through this exercise, SMEs can avoid the common mistake of spreading their efforts thinly across many ESG themes without significant impact.

Watch video: Materiality: Focusing on What Matters Most

List three ESG topics that are most relevant to your business. For each one, rate it as high, medium, or low on two scales: (1) how much it affects your business success, and (2) how important it is to your key stakeholders.

From Priorities to Plan: SME Corp’s 8-Step Approach

Once material topics have been identified, they can be translated into objectives and actions. Here, SME Corp’s ESG Quick Guide offers a useful structure. The Quick Guide’s eight steps are designed to help MSMEs understand why ESG matters, set objectives, identify relevant indicators, create a sustainability action plan and use a simple template for reporting. In practice, this means that after deciding which ESG issues are most important, you should articulate what you want to achieve in each area over the next year, how you will measure progress, and what concrete steps you will take. The Quick Guide recommends a limited set of indicators - thirteen basic ones - that MSMEs across sectors can adopt, keeping things manageable. Bank-driven resources reinforce this message. CIMB’s ESG Simplified Playbook for SMEs, launched in 2024 as part of the GreenBizReady programme, emphasises that ESG “doesn’t have to be complex or costly” and that done right, it can become a business advantage. In partnership with SME Corp, CIMB also offers an MSME ESG Assessment that gives SMEs an instant readiness score and, crucially, a “draft roadmap” with recommended next steps aligned to their current maturity level. The SEDG framework adds a further dimension: it explicitly recognises different stages of ESG maturity. Those just starting out focus on Basic disclosures only, while those with one to two years’ experience address both Basic and Intermediate, and more mature firms consider all three levels. From a roadmap perspective, this layered structure means an SME can design its 12-month plan around achieving credible performance and data for a subset of Basic disclosures, without feeling pressured to comply immediately with every element of SEDG.

Watch video: From Priorities to Plan: SME Corp’s 8-Step Approach

Key Insight: CIMB’s MSME ESG Assessment (developed with SME Corp) gives SMEs an instant readiness score and a “draft roadmap” with recommended next steps. It effectively acts as an automatic starting point that you can then refine.

Have you explored any of the tools mentioned - CIMB’s MSME ESG Assessment, SME Corp’s Quick Guide, or the SEDG framework? If not, which one would be the most useful starting point for your business?

A Realistic 12-Month Roadmap Example

A realistic roadmap emerges from the intersection of materiality assessment, SME Corp’s Quick Guide, and the tiered structure of SEDG. For many SMEs, a 12-month horizon is a practical planning period - short enough to feel tangible and reflect budget cycles, but long enough to make meaningful changes. Consider a realistic example. A medium-sized metal fabrication company supplies components to a multinational manufacturer and employs about eighty staff. Through training and internal discussions, management identifies energy use, worker safety and anti-corruption as key material topics. The company decides to build a 12-month ESG roadmap with three pillars: Environmental (Q1-Q4): Q1 - Collect 12 months of electricity bills and production data, identify waste sources. Q2-Q3 - Implement measures: better maintenance of compressed air systems, improved switching-off routines. Q4 - Consolidate data and review progress. Align data with SEDG Basic environmental disclosures. Social (Q1-Q4): Q1 - Establish a simple incident log and reporting procedure for injuries. Q2 - Run introductory safety training sessions. Q3 - Integrate safety topics into daily toolbox talks. Q4 - Review injury patterns after 12 months. Track SEDG metrics: injuries (S4.1) and training hours (S2.1). Governance (Q1-Q4): Q1 - Draft a code of ethics with anti-corruption provisions and discuss with staff. Q2 - Implement procurement controls: dual sign-offs above a threshold, clearer records. Q3-Q4 - Monitor adherence and update the risk register. Support SEDG Basic governance disclosures (G1-G4). This roadmap does not attempt to address every ESG topic. Instead, it chooses a small number of material issues, sets modest but concrete objectives, and outlines a sequence of actions. More importantly, it positions these actions within the structures offered by SME Corp’s Quick Guide, SEDG and national governance guidance.

Watch video: A Realistic 12-Month Roadmap Example

Real-World Example: 💡 Example: The metal fabrication company’s first quarterly review revealed that electricity data was easier to collect than expected (utility bills were already filed monthly) but safety training faced resistance from shift supervisors worried about production time. Management responded by scheduling 15-minute “toolbox talks” at shift changeovers rather than pulling workers off the line. By month 9, the company could report a 7% reduction in electricity cost per unit and zero lost-time injuries for two consecutive quarters.

Draft a rough outline of your own 12-month ESG roadmap. For each pillar (Environmental, Social, Governance), write down one objective and one concrete action you could take in the first quarter.

The ESG Champion and Change Management

Even simple ESG initiatives - turning off unused machines, wearing personal protective equipment, recording incidents, following new procurement procedures - require changes in behaviour. Experience from Malaysian banks and advisory firms suggests that SMEs are most successful when they designate a specific person or small team to act as an ESG champion, even if this role is part-time. The ESG champion coordinates data collection, follows up on action items, and serves as a point of contact for customers or financiers asking ESG-related questions. This person does not need to be an external consultant or a senior executive - it could be an operations manager, an admin lead, or even the business owner in a micro-enterprise. Guidance on ESG for SMEs generally emphasises that leadership support is critical: when owners and senior managers take ESG objectives seriously and integrate them into regular meetings, staff are more likely to follow. Conversely, if ESG is treated as a side project that nobody checks on, implementation stalls. Tools and external support can ease implementation. The MSME ESG Assessment provided by CIMB and SME Corp not only gives an initial readiness score but also suggests practical next steps, effectively acting as an automatic roadmap. Advisory firms and platforms in Malaysia offer templates for materiality assessments, risk registers, and ESG dashboards. Using standard templates aligns internal documentation with external expectations, reducing the need to “translate” between different formats.

Who in your organisation could serve as an ESG champion? What skills or qualities would make them effective in this role? If you are a sole proprietor, how would you carve out time for this function?

Monitoring, Review, and Adapting Your Plan

A good roadmap includes some notion of monitoring and review. This does not have to be complex. For many SMEs, a simple quarterly review is sufficient: management and the ESG champion meet to discuss what has been done, what obstacles have emerged, and whether objectives or timelines need adjustment. Materiality itself should be revisited periodically, especially if the business undergoes significant changes in strategy, operations or stakeholder expectations. If, for example, an SME that previously served only domestic customers begins to export, or if a major new customer introduces stricter ESG requirements, the roadmap may need updating mid-cycle. Throughout this process, it is important to remember that the roadmap is a tool, not an end in itself. It should help you integrate ESG considerations into day-to-day decisions, not stand apart from operations. In an SME, this might mean something as simple as putting ESG topics on the agenda of monthly meetings, linking energy savings to production KPIs, or including safety and ethics in performance discussions. Module 6 serves as a bridge between understanding and practice. It takes the concepts and frameworks explored in earlier modules and shapes them into a practical planning exercise that fits the scale and reality of Malaysian MSMEs. By the time you complete this module, you should have the skeleton of a 12-month ESG roadmap: a short list of material topics, clear objectives and indicators for each, a sequence of actions aligned with SEDG Basic disclosures and SME Corp’s guidance, and a sense of who in your organisation will champion and oversee implementation. In Module 7, you will learn how to turn the progress from this roadmap into simple, credible ESG disclosures and reports that can be shared with your stakeholders, closing the loop between planning, action and communication.

Imagine it is the end of your first quarter of ESG roadmap implementation. What would success look like? What is one concrete indicator you could use to show that you are making progress on your most important ESG topic?

Module 7: Reporting & Disclosure

Simple ESG Reporting & Greenwashing

Writing your first ESG disclosure using SEDG templates and communicating with stakeholders while avoiding greenwashing.

Learning Objectives
  • Explain how NSRF and ISSB S1/S2 create indirect reporting demand on SMEs through supply chains
  • Use the SEDG Disclosure Table to structure a Basic-level ESG report
  • Apply SME Corp’s Quick Guide 8-step reporting route and its 13 basic indicators
  • Identify greenwashing risks and apply the rule: “let the data lead the narrative”
  • Repeat the ESG readiness assessment to measure progress and plan next steps
What You'll Learn
  • NSRF and ISSB S1/S2: how listed-company reporting requirements cascade to SME suppliers
  • SEDG Disclosure Table: 35 disclosures with Basic-level governance items G1-G4
  • SME Corp Quick Guide 8-step reporting route and its 13 basic indicators
  • Greenwashing: vague claims, selective disclosure, and the Consumer Protection Act
  • The rule: “let the data lead the narrative” - honest, proportionate ESG communication
  • Readiness reassessment, SEDG Adopter Programme, and ASEDG regional harmonisation

Why SMEs Need to Report: The Supply-Chain Effect

For many micro, small and medium enterprises, “reporting” sounds like something only large listed companies would do. Yet in practice, even the smallest firms are already reporting in some form when they fill in supplier questionnaires, answer bank ESG assessments, or respond to customers’ due-diligence emails. ESG reporting is increasingly regulated for large companies. Malaysia’s National Sustainability Reporting Framework (NSRF) will require organisations in the capital markets to report using the IFRS Sustainability Disclosure Standards ISSB S1 and S2. These standards require disclosures about governance, strategy and business model, risk management, and metrics and targets, particularly in relation to climate change. Although most MSMEs are not directly subject to these requirements, they feel the effects indirectly. NSRF-aligned disclosures and Bursa requirements drive large companies to collect ESG data from their supply chains. When they come knocking, SMEs that can respond with structured, consistent information stand out. Recognising this challenge, Malaysian institutions have developed simplified tools to help SMEs report without navigating the full complexity of international standards. The Simplified ESG Disclosure Guide (SEDG), launched by Capital Markets Malaysia, is central among these. SEDG is explicitly designed to “provide SMEs with a simple and standard set of disclosures to track and report” and to give stakeholders a common set of disclosures to ask for.

Watch video: Why SMEs Need to Report: The Supply-Chain Effect

Has any customer, bank, or large buyer ever asked you for ESG-related information? If so, how did you respond? If not, how prepared would you be if a major customer sent you an ESG questionnaire tomorrow?

The SEDG Disclosure Table: Your Reporting Template

The SEDG template illustrates how simple ESG reporting can be in practice. It starts with general information - name of organisation, reporting period, location - and then provides a “SEDG Disclosure Table” where each disclosure is listed in rows with corresponding data fields. At the Basic governance level, SEDG asks SMEs to report: SEDG-G1: Number of directors in the company SEDG-G2: List of company policies (code of conduct, anti-corruption, whistleblowing, health and safety) SEDG-G3: Year of last submitted audited financial report SEDG-G4: Number and nature of confirmed incidents of corruption Environmental and social Basic disclosures have similarly straightforward expectations: total energy use, basic emissions estimates where available, injury and fatality counts, training hours, and community contributions. At the bottom of the template, a standard declaration states that “this data report represents our company’s disclosures as guided by the Simplified ESG Disclosure Guide (SEDG)” and that the information is true to the best of the company’s knowledge. SME Corp’s ESG Quick Guide offers a complementary route. Its eight steps include setting objectives, identifying relevant indicators, creating a sustainability action plan, and “utilising a user-friendly template for ESG reporting.” The guide’s 13 basic indicators give MSMEs a concise menu of topics to report on.

Key Insight: The SEDG Adopter Programme, which includes institutions like Funding Societies, offers training, tutorials and workshops to help SMEs understand and implement SEDG disclosures. ESGpedia provides a digital platform for tracking and reporting.

Look at the four SEDG Basic governance disclosures (G1-G4). Could you fill them in right now for your business? Which ones would be easy, and which would require you to put something in place first?

From Roadmap to Report: A Practical Example

Module 7 encourages you to treat ESG reporting as the natural outcome of the work you have already done. The 12-month roadmap you developed in Module 6 contains your objectives, actions and indicators. Modules 3-5 have helped you generate environmental data (electricity use, fuel consumption), social data (injuries, training hours, staff composition) and governance information (policies, risk management practices). ESG reporting, at its simplest, is the act of bringing these pieces together in a structured way and sharing them with the right audiences. Imagine a small electronics component supplier that has completed its first year of ESG roadmap implementation. On the environmental side, it tracked electricity consumption monthly, used a simple emissions calculator, and implemented lighting and equipment maintenance improvements. On the social side, it maintained an incident log for workplace injuries, carried out safety training, and began recording training hours per employee. On the governance side, it adopted a code of ethics, created a basic risk register, and instituted data protection measures. To turn this into an ESG disclosure, the company uses the SEDG template for Basic disclosures. In the environmental section, it reports total electricity consumption in kilowatt-hours, an estimated emissions figure, and a brief narrative describing efficiency measures. In the social section, it reports recordable injuries, average training hours, and staff gender and age distribution. In the governance section, it fills in SEDG-G1 to G4. The result is a short, data-centric disclosure that reflects real actions taken over the year and relates directly to a recognised framework. It can be shared with customers who request ESG information, attached to financing applications, or used as an internal reference for the next planning cycle.

Watch video: From Roadmap to Report: A Practical Example

Real-World Example: 💡 Example: The electronics supplier shared its 4-page SEDG Basic disclosure with its largest customer - a multinational that had sent an ESG questionnaire. The procurement manager responded: “This is exactly what we needed. Most of our smaller suppliers just send us a paragraph saying they care about the environment. You’ve given us actual numbers.” The supplier was subsequently shortlisted for a larger contract.

Think about the ESG data you have been collecting through your roadmap. If you had to produce a simple SEDG Basic disclosure today, which sections would be easy to fill in, and where would you have gaps?

Greenwashing: The Risk of Overstating Your Story

How ESG information is described in words also matters. Greenwashing is the practice of exaggerating or misrepresenting the environmental (or broader ESG) benefits of products, services or operations in order to present a misleading image of responsibility. Greenwashing can take many forms: vague claims such as “eco-friendly” without evidence, selective disclosure that highlights minor positive features while hiding major negative impacts, misuse of labels or unverified certifications, and overstated carbon neutrality claims based solely on offsets. In Malaysia, there is no stand-alone “greenwashing law”, but general consumer-protection provisions, such as those in the Consumer Protection Act against false or misleading representations, apply to environmental claims as well. A 2025 feature in The Edge reported that the environmental group RimbaWatch had identified fourteen instances of suspected greenwashing by nine companies operating in Malaysia, most in the automotive and oil and gas industries. The allegations involved services advertised as sustainable without sufficient evidence, carbon-neutral claims based on offsets without explanation, and vague use of “green” language. For SMEs, the risk of greenwashing may not lie in sophisticated marketing campaigns but in over-enthusiastic statements in websites, proposals or ESG summaries. A small firm might claim to be “carbon neutral” simply because it planted a few trees, or describe its workplace as “world-class safe” despite a lack of formal safety systems. These claims can backfire if customers, investors or regulators probe deeper.

Watch video: Greenwashing: The Risk of Overstating Your Story

Look at your company’s website, marketing materials, or recent proposals. Are there any environmental or sustainability claims that might be considered vague or unsupported? How could you make them more specific and evidence-based?

Let the Data Lead: Honest Reporting and Next Steps

This course encourages a simple rule for SMEs: let the data lead the narrative. Claims should be specific, proportionate and supported by evidence. If your SEDG table shows that you have only started tracking injuries this year and have one training session under your belt, it is appropriate to describe your safety programme as “at an early stage, with plans to expand training and improve systems next year.” If you have put in place a code of ethics and a whistleblowing channel but have not yet tested them, you can say that they “have been adopted and are being socialised among staff.” Such wording aligns with the NSRF’s broader push for accurate, decision-useful sustainability information. Module 7 also returns to the idea of readiness assessment introduced in Module 1. At the beginning of the programme, you completed a simple ESG self-assessment to gauge your initial position. At the end of your first roadmap cycle, repeating this assessment provides a useful internal “report” even before any external disclosure is made. It allows you to see whether the practices and systems you set out to establish have actually taken hold and to identify new gaps. In the Malaysian context, there is growing support for SME reporting. The SEDG Adopter Programme offers training and workshops. SME Corp’s Quick Guide provides MSME-friendly reporting templates. Regional initiatives such as the ASEAN Simplified ESG Disclosure Guide (ASEDG) aim to harmonise disclosures for SMEs across the region. Together with NSRF and the gradual integration of ISSB standards, these resources form an ecosystem that will increasingly shape how Malaysian SMEs are asked to report. A simple SEDG-aligned disclosure may only be a few pages long, but if grounded in real data, clear objectives and genuine achievements, it can help you maintain relationships with key customers, support financing applications, communicate internally with employees, and serve as your own reference point for the next iteration of your ESG roadmap.

As you complete this programme, what is the single most important ESG action you will take in the next 30 days? Write it down, along with how you will measure whether it has been done.

Course Leader

Kyoik.com offers free interactive courses and builds mini course websites for professional trainers, coaches, and consultants.

Disclaimer: This course is for general educational and illustrative purposes only. It does not constitute professional medical, legal, or financial advice. Always consult a qualified professional for specific guidance.

Message on WhatsApp Visit Website
Course by Kyoik | Lead a Course