On 18 January 2024, the European Banking Authority (EBA) launched a public consultation on draft Guidelines on the management of Environmental, Social and Governance (ESG) risks. The consultation contains 26 questions and runs until 18 April 2024, and it is planned that the guideline will be finalized by the end of 2024.
Integration of ESG risk into the conventional risk management frameworks is still at an early stage and practices can differ significantly across institutions. EBA is intended to help institutions integrate ESG risks, and within the draft Guideline, EBA sets out robust governance arrangements that cover:
- minimum standards and reference methodologies for the identification, measurement, management and monitoring of ESG risks;
- qualitative and quantitative criteria for the assessment of the ESG risks in short, medium and long term;
- content of plans which shall include specific timelines and intermediate quantifiable targets and milestones, to monitor and address the financial risks stemming from ESG factors.
The Guideline distinguishes small and non-complex institutions (SNCI) from normal institutions. SNCIs may implement less complex methodologies to incorporate ESG risk into their conventional risk management framework in line with the proportionality principle of the CRD.
Considering risk identification and measurement of ESG risks, institution-specific materiality assessment should be performed on a yearly basis, for SNCIs every two years, or more frequently in case of material change in the business environment. The assessment should consider several time horizons, and the guideline is mapping methodologies for the time horizon. This mapping is summarised in the following table.
Institutions should document ESG risk materiality assessment as part of their ICAAP and the institutions should establish Key Risks Indicators (KRIs).
Institutions should gather current and forward-looking information about the ESG risk profile of counterparties. The guideline sets minimum requirements for large corporate counterparties for environmental and for social and governance risks.
Based on the ESG risk identification and measurement institutions should develop a robust and sound approach to manage and mitigate the ESG risks. The guideline sets minimum requirements that need to be considered. For example, engagement with counterparties to improve their ESG profile, assess their transition plans, or adjust financial terms.
ESG risks should be part of the overall business and risk strategy. Among others, the institutions need to assess the adverse impact of ESG risks on the business model's viability. The risk appetite should specify the type and extent of the ESG risks institutions are willing to assume in their portfolio, and clearly define and address all material ESG risks. The risk appetite should be supported by ESG-related KRIs. Institutions should use backward-looking and forward-looking indicators for KRIs.
The guideline lists metrics for target setting for KRIs. This list is a minimum requirement for non-SNCIs. For SNCIs this is not a compulsory list, but they can consider using them. This list contains metrics like the amount and share of counterparties' operating sectors that highly contribute to climate change or the breakdown of portfolios secured by real estate according to the level of energy efficiency of the collaterals. Other forward-looking metrics should be assessed and could be included in the institutions’ frameworks like ESG-related reputational and concentration risks. In case of data shortcomings, remediation action should be taken and documented.
Institutions should incorporate ESG risk into their internal frameworks across all three lines of defence, ICCAP, ILAAP and all other conventional risk policies and procedures.
Considering monitoring, the guideline sets minimum requirements for non-SNCIs. Non-SNCIs need to monitor ESG risk metrics like financed Scope 3 greenhouse gas emission of material exposures or ESG-related litigation claims.
The guideline sets minimum requirements for the environmental scenarios and pathways. Institutions should assess the potential implications of EU, and Member States objectives for transition pathways, and consider likely pathways originated from the European Green Deal or the EU Climate Law.
The next table contains the number of minimum requirements listed in the guideline.
Identification, measurement, management, and monitoring of ESG risks are still in the early stages and practices can differ significantly across institutions due to their forward-looking nature, distinctive impacts over various time horizons, and interconnection to other conventional risks. With this guideline, EBA intends to harmonize the practices and give a guide to the institutions, but the integration of ESG risk remains a challenging commitment.
For more information contact us.
Get in touch with our experts
Krisztina S. Nagy
Krisztina helps banks transform their Risk Management to enhance the accuracy of their capital and impairment estimates, improve business outcomes and increase cost-efficiency. Krisztina has expertise across all aspects of credit risk and credit process change, including modelling, data, IT, governance, policies, controls, reports and organization design. She has experience leading both traditional waterfall-style and agile implementation programmes to success. Prior to her current role, Krisztina spent a decade with Deloitte in the UK, focusing Credit Risk and Regulation.
Ottó Sebestyén
Ottó Sebestyén is a Senior Manager in the Financial Risks Advisory team. He supports firms across the Financial Services industry, focusing on sustainable finance, risk management strategy and regulatory compliance, including the implementation of future-proof Risk Technology solutions for reporting and regulatory compliance, while supporting the Change Management aspects of these projects. Ottó’s experience spans across credit risk assessment, project management of risk software development as well as ESG trainings and workshops for CE banks' Board of Directors and for broad employee groups across business, risk management, compliance, reporting and controls.
