December 2023
The EU’s core institutions are strongly committed to prioritising climate-related and environmental (C&E) goals. Ongoing high-profile initiatives include the European Green Deal, the European Climate Law, the Fit for 55 package and the REPowerEU plan.
C&E risks are also a leading concern for European banking regulators, and will likely feature among the ECB’s supervisory priorities for 2024-2026. The ECB’s expectations around the management and disclosure of C&E risks have ramped up rapidly since the publication of its Guide on climate-related and environmental risks (PDF 712 KB) in November 2020. The Guide sets out 13 high level expectations covering areas including strategy, governance, risk appetite, business continuity, stress testing and disclosure.
Over the last three years, the ECB has followed the Guide’s launch with a self-assessment questionnaire for banks, a thematic review of C&E risks (including deep dives at individual institutions), a climate risk stress test and a pilot of targeted on-site inspections (OSIs). This has given supervisors good insights into banks’ alignment with their C&E expectations. A minority of banks saw their SREP scores and Pillar 2 Requirements impacted by 2022’s stress test.
In November 2022 the ECB set staggered deadlines for banks to fully comply with its C&E risks expectations by 2024, even identifying interim milestones by Q1 2023 (C&E risk identification and materiality assessment) and by the end of 2023 (integration of C&E risk in Governance and Risk management framework). However, in June 2023 it warned that - despite improvement – some banks had not met its interim deadlines, and that non-compliance with the Guide would trigger supervisory action, if not met by the end of 2024.
We have now arrived at a crunch point for banks’ treatment of C&E risks. In a November 2023 speech, Frank Elderson made an explicit public warning to banks about non-compliance, stating that daily penalties would be levied on any banks failing to remedy previously identified shortcomings:
“In other words, we have told those banks to remedy the shortcomings by a certain date and, if they don’t comply, they will have to pay a penalty for every day the shortcoming remains unresolved” 1
In October and November 2023 supervisors also set specific improvement goals for around 20 banks that missed interim deadlines in Q1 2023, to be timely addressed and solved within Q1 2024 to avoid sanctions based on daily penalties.
Banks need to act fast. Less advanced institutions need to increase both the quantity and quality of their reporting; even the leading banks should improve the quality of their C&E disclosures to protect themselves against greenwashing risks.
However, despite ECB guidance on good practice, it seems many banks are in a similar position and may be behind their plans when defining their detailed road map for the processes they should establish or the disclosure they need to provide. That could be a real problem given the unique size, complexity and non-linearity of C&E risks – and the fact that some banks are still learning when it comes to environmental risks in particular. From recent discussions, three main themes have emerged around challenges banks face:
- Governance: Most banks have established board oversight and dedicated C&E teams, but coordination remains difficult. Centralised teams often struggle to build detailed insights about client risks, but devolved teams can suffer from ineffective unified oversight.
- Data: Quantifying C&E risks reliably remains extremely challenging – for example, generating tangible, actionable KPIs from a range of scientific estimates, observations and other data.
- Portfolio alignment: To make effective decisions, banks need to be able to compare the C&E risk exposures and concentrations of specific portfolios and books of business, but acquiring and aggregating the necessary data is difficult.
Banks can respond by setting themselves targeted objectives across the areas of good practice identified in the ECB’s Observations from the 2022 thematic review (PDF 744 KB) - materiality, business strategy, governance and risk appetite, risk management and disclosure. Based on our experience, we would suggest that priority actions could include:
- In the short term: Remediating supervisory findings from OSIs and the thematic review; Using findings as the basis for creating action plans; Developing governance frameworks and technical knowledge; Building risk management frameworks; Developing quantitative metrics such as financed emissions, green asset ratios or top 20 emitting counterparties; Conducting materiality assessments; and complying with mandatory disclosures.
- In the medium term: Allocating responsibilities for C&E risks across the 3 lines of defence; Classifying the whole portfolio with the help of external data providers; Complying with additional voluntary disclosures.
- In the long term: Ensuring that C&E risks are fully managed and embedded in all processes; Incorporating C&E factors into business models, strategy, governance, capital allocation and risk management; Targeted enhancements to accelerate the integration of environmental and social risks across the Pillar 1; Automating C&E reporting, stress testing and disclosure; Developing business strategies and commercial offering based on “net zero” target setting and transition planning.
C&E risks are no longer something for the future. The ECB is expecting full compliance with its expectations, and supervisors are losing patience with laggards. Banks should also expect further OSIs and deep dives in 2024 - inaction is not an option. In the words of Frank Elderson:
“Failing to adequately manage C&E risks is no longer compatible with sound risk management”