December 2023
The EU鈥檚 core institutions are strongly committed to prioritising climate-related and environmental (C&E) goals. Ongoing high-profile initiatives include the European Green Deal, the European Climate Law, the Fit for 55 package and the REPowerEU plan.
C&E risks are also a leading concern for European banking regulators, and will likely feature among the ECB鈥檚 supervisory priorities for 2024-2026. The ECB鈥檚 expectations around the management and disclosure of C&E risks have ramped up rapidly since the publication of its听听(PDF 712 KB) in November 2020. The Guide sets out 13 high level expectations covering areas including strategy, governance, risk appetite, business continuity, stress testing and disclosure.
Over the last three years, the ECB has followed the Guide鈥檚 launch with a self-assessment questionnaire for banks, a thematic review of C&E risks (including deep dives at individual institutions), a climate risk stress test and a pilot of targeted on-site inspections (OSIs). This has given supervisors good insights into banks鈥� alignment with their C&E expectations. A minority of banks saw their SREP scores and Pillar 2 Requirements impacted by 2022鈥檚 stress test.
In November 2022 the ECB set staggered deadlines for banks to fully comply with its C&E risks expectations by 2024, even identifying interim milestones by Q1 2023 (C&E risk identification and materiality assessment) and by the end of 2023 (integration of C&E risk in Governance and Risk management framework). However, in June 2023 it warned that - despite improvement 鈥� some banks had not met its interim deadlines, and that non-compliance with the Guide would trigger supervisory action, if not met by the end of 2024.
We have now arrived at a crunch point for banks鈥� treatment of C&E risks. In a November 2023 speech, Frank Elderson made an explicit public warning to banks about non-compliance, stating that daily penalties would be levied on any banks failing to remedy previously identified shortcomings:
鈥淚n other words, we have told those banks to remedy the shortcomings by a certain date and, if they don鈥檛 comply, they will have to pay a penalty for every day the shortcoming remains unresolved鈥澨�1
In October and November 2023 supervisors also set specific improvement goals for around 20 banks that missed interim deadlines in Q1 2023, to be timely addressed and solved within Q1 2024 to avoid sanctions based on daily penalties.
Banks need to act fast. Less advanced institutions need to increase both the quantity and quality of their reporting; even the leading banks should improve the quality of their C&E disclosures to protect themselves against greenwashing risks.
However, despite ECB guidance on good practice, it seems many banks are in a similar position and may be behind their plans when defining their detailed road map for the processes they should establish or the disclosure they need to provide. That could be a real problem given the unique size, complexity and non-linearity of C&E risks 鈥� and the fact that some banks are still learning when it comes to environmental risks in particular. From recent discussions, three main themes have emerged around challenges banks face:
- Governance: Most banks have established board oversight and dedicated C&E teams, but coordination remains difficult. Centralised teams often struggle to build detailed insights about client risks, but devolved teams can suffer from ineffective unified oversight.
- Data:听Quantifying C&E risks reliably remains extremely challenging 鈥� for example, generating tangible, actionable KPIs from a range of scientific estimates, observations and other data.
- Portfolio alignment: To make effective decisions, banks need to be able to compare the C&E risk exposures and concentrations of specific portfolios and books of business, but acquiring and aggregating the necessary data is difficult.
Banks can respond by setting themselves targeted objectives across the areas of good practice identified in the ECB鈥檚听听(PDF 744 KB) - materiality, business strategy, governance and risk appetite, risk management and disclosure. Based on our experience, we would suggest that priority actions could include:
- In the short term:听Remediating supervisory findings from OSIs and the thematic review; Using findings as the basis for creating action plans; Developing governance frameworks and technical knowledge; Building risk management frameworks; Developing quantitative metrics such as financed emissions, green asset ratios or top 20 emitting counterparties; Conducting materiality assessments; and complying with mandatory disclosures.
- In the medium term:听Allocating responsibilities for C&E risks across the 3 lines of defence; Classifying the whole portfolio with the help of external data providers; Complying with additional voluntary disclosures.
- In the long term:听Ensuring that C&E risks are fully managed and embedded in all processes; Incorporating C&E factors into business models, strategy, governance, capital allocation and risk management;听; Automating C&E reporting, stress testing and disclosure; Developing business strategies and commercial offering based on 鈥渘et zero鈥� target setting and transition planning.
C&E risks are no longer something for the future. The ECB is expecting full compliance with its expectations, and supervisors are losing patience with laggards. Banks should also expect further OSIs and deep dives in 2024 - inaction is not an option. In the words of Frank Elderson:
鈥淔ailing to adequately manage C&E risks is no longer compatible with sound risk management鈥�
