A Season of Scrutiny
With the upcoming finalization of the Principles for Climate-Related Financial Risk Management from each of the Office of the Comptroller of the Currency (OCC), Federal Deposit Insurance Corporation (FDIC), and The Federal Reserve Board (FRB), the call for climate risk management continues to grow and more banks are expected to respond. Institutions with over $100 billion in assets may soon be facing an exam from the OCC concerning the new requirements for identifying, assessing, measuring, and monitoring climate risk.
These regulators have been working towards climate-related risk reform for the past few years; however, without regulation and clearly defined standards, there continues to be confusion and inconsistency across climate risk management efforts at financial institutions. Noting these challenges, the OCC, FDIC, and FRB have drafted principles regarding climate-related financial risk management for large financial institutions, stating an intent to support and clarify existing actions to incorporate climate-related financial risks into financial institutions’ risk management frameworks.1 The principles seek to articulate how large institutions should tie climate impacts to financial risk management and establish specific expectations for roles and responsibilities throughout an organization, citing the importance of effective climate risk management to an organization’s safety and soundness.
It is important to note that the regulatory community is not alone in pursuing increased awareness and action in climate risk from financial institutions. In February, BNP Paribas faced a lawsuit from activist groups over financing of large oil and gas companies. The combined groups’ complaint is that BNP Paribas continues unrestricted financing of large oil and gas companies, contradictory to BNP Paribas’ commitments and responsibility to ensure their activities are not harmful to the environment.2
The Expanding Conversation on Climate-Related Financial Risks
The principles provide a framework for which institutions can assess their current activities, as well as incorporate climate-related financial risk management into the larger risk management infrastructure. While some have argued that climate risk makes more sense as its own risk vertical, the principles imply a different approach, discussing climate-related financial risks as a horizontal, transverse risk reflected in the current risk verticals of credit, liquidity, legal/compliance, operational, and reputational risk.
|Risk type||Examples of climate-related impacts|
|Credit||Collateral valuations decrease as more areas become severely impacted by climate change|
|Liquidity||Market conditions impact access to capital as borrowing activity slows|
|Other Financial||Increasing/volatile interest rates, instability/volatility in pricing due to macroeconomic stressors|
|Operational||Interruptions to operation, resiliency concerns, workforce instability/availability from climate events|
|Legal/Compliance||Legal actions for non-compliance or financing decision, fair lending considerations|
|Other Non-financial||Impacts to operating environment, strategy misalignment with future climate conditions|
Banks will also be expected to not only evaluate physical risks, both acute and chronic, but also transition risks as well, considering potential market, macro, and socioeconomic shifts and anticipating impacts to the balance sheet, income statement, or other financial statements.
Those familiar with the Task Force on Climate-related Financial Disclosures (TCFD) will not be surprised by the topics included in the principles, as much of it has direct parallels to the framework, including discussing processes for identifying and assessing climate-related risks, risk management approach, and integration into overall risk management strategy.
The principles highlight six focused activities for banks: governance; policies, procedures, and limits; strategic planning; risk management; data, risk measurement, and reporting; and scenario analysis. For each activity, the principles have defined key roles and responsibilities for the board/governing body and management. While the principles do not clearly define “management,” reviewing the included expectations indicates that management will include anyone from a risk owner, to control functions, and even senior management responsible for board reporting and strategy implementation.
- Governance: The Board of Directors bears responsibility to understand the risks of climate change on the organization and oversee management's implementation of strategy, risk profile, and risk appetite considering these impacts.
- Policies, Procedures, & Limits: Management should incorporate climate-related financial risks into policies, procedures, and limits ensuring alignment with institutional strategy and risk appetites established by the board.
- Strategic Planning: The Board of Directors and management should consider climate-related risk when developing strategy, risk appetite, and capital plan and take into account the interaction of climate-related financial risks on operational and legal risks and impacts to stakeholders.
- Risk Management: Management should oversee development and implementation of business processes to recognize, quantify, and detect climate-related financial risk exposures, establish related risk management efforts, including internal controls and audits, and communicate material risks to stakeholders.
- Data, Risk Measurement, & Reporting: Management should include climate-related financial risk information in its internal reporting, monitoring, and escalation processes in addition to monitoring data, risk measurement, modeling methods, and reporting approaches to incorporate findings into climate-related financial risk management.
- Scenario Analysis: Management should create a range of climate-related scenario analysis, including extreme but plausible scenarios, to assess potential impacts on the institution as a result of climate-related risks and inform clearly defined objectives, such as estimating climate-related exposures and potential losses.3
Recognizing that financial institutions and banks are at differing stages of addressing climate risk, each organization will face unique challenges, questions, and opportunities. For banks who have already taken steps to integrate climate-related financial risks into operations, this may be an exercise in gathering existing documentation, procedures, and reporting cadence. Ensuring full compliance with these principles will facilitate drawing connections between climate events and their corresponding risks. Banks that have not started incorporating climate risk considerations into the business may require a complete overhaul of risk management processes to incorporate climate concerns adequately and completely. Synchronizing approaches, appetites, and assessments across an organization’s first and second line of defense is an exercise in project management. Whatever the starting point, banks will need to perform comprehensive current state and gap assessments to understand where to spend their time and efforts.
Roadmap to Compliance
A successful plan ensuring full compliance with the principles should begin with a roadmap. The principles open with a discussion of governance processes, beginning with the expectations for and responsibilities of the board or governing body. Mature risk management functions are described as a top-down approach, so assessing the current state at the top of house and driving down through the levels of management will be critical. For each reporting or management level, having set expectations and outcomes and then assessing current state against them will provide a clear overview of the current situation and actions needed for compliance. Identifying gaps in compliance, documenting clear roles and responsibilities, and looking for opportunities for enhancement, and then developing a roadmap and timeline for remediation will be critical. Gaps can be prioritized in order of importance to ensure effective allocation of time and resources. For each step and requirement, there will be unique documentation and data requirements that should be assessed as you continue through the journey. Some things to consider as you begin assessing your current state include:
- Identify any tools, technologies, talents that may be needed to perform the current state and gap analysis to accelerate and streamline the process, relying on established project management routines (internal and external) to monitor progress and ensure alignment.
- Anticipate any training or education needs around climate-related risks and financial impacts to ensure that any risk identification and assessment activities are capturing all potential risks, as climate risk may impact more than just the obvious activities.
- Seek expert advice and guidance wherever possible to ensure that you are considering all potential angles and aspects of climate risk management.
The earlier institutions get started, the better equipped they will be when climate factors become completely unavoidable, increasing business resiliency and opportunities to capitalize on early transition benefits.