Understanding risks related to the climate and environment, also known as CRE risks, and managing them will be a key challenge for banks over coming decades. Luxembourg’s banking association ABBL has sought to provide a framework for this in a new publication which also features some guidance related to strategy and governance, integration of CRE concerns within risk management frameworks and disclosure.
The ABBL report, produced with the support of Deloitte, began by underlining the scale of the challenge, noting how the European Central Bank “highlighted that 80 percent of European banks’ loan exposures are towards firms facing, at least to some extent, climate-related physical risks.”
Range of risk
The report was keen to highlight banks’ exposure to all environmental risk, not just that related to climate change, hence the insistence on the use of the acronym CRE. This risk has two main roots. There is the physical risk that extreme weather and environmental degradation will have, in terms of damaged property and reduced productivity from things such as disrupted supply chains. Then there is transition risk during the adjustment towards a more environmentally sustainable economy, particularly if market sentiment, consumer behaviour, regulation or technology change quickly.
Then, with clear definitions in place and the application of data, existing risk management frameworks and models can be adapted. Ten local banks from across the spectrum were interviewed for the publication.
Data, skills, strategy challenges
However, even before strategic questions could be examined, those surveyed highlighted how a lack of data and the difficulty developing the required skills is “slowing down the effort made in the integration and quantification of ESG risks.”
There is also the challenge of Luxembourg entities being dependent on group wide ESG initiatives, thus making it more difficult to meet local needs, particularly when the head office is outside the EU.
In strategic terms, the survey found management has given ESG governance significant attention, such as with the creation of dedicated committees.
However, “from a methodological point of view, practises are still very heterogeneous.” What’s more “the level of maturity appears greater from a product development perspective,” with the risk management framework requiring more effort.
Three dimensions of risk
“It is delusional to think that when risks become perceptible, everyone will be able to cut their exposures at the same time and in an orderly fashion,” said the Governor of the Bank of France, François Villeroy de Galhau, quoted in the publication. This highlights a key challenge of the financial risks that come from exposure to counterparties and invested assets.
There are three broad dimensions. An example of credit risk is how California wildfires in 2020 reduced revenues from non-financial firms. For operational risk, an example is how extreme climate change in places like India could put outsourcing arrangements in jeopardy. Then there is the reputational and legal risk from taking insufficient steps to head off potential dangers.
Strategy and governance steps
After this diagnosis, the report looked at how banks can respond. Regarding strategy and governance, the first step is to take a long-term view. This features monitoring change and evaluating resilience, working with counterparties and other stakeholders, setting ESG risk objectives, and the development of sustainable products.
Risk controls also need to be in place and remuneration policy aligned with CRE objectives. Secondly, banks must “walk the talk” because “as of today, few banks in Luxembourg have engaged in developing long-term scenarios as most are still in the early stages of their ESG/CRE journey”. Goal setting and monitoring are key.
Once this latter step is completed, then banks “need to decide on the level of granularity of their assessment and how far they should go” regarding the ESG nature of projects. For example, how far down the supply chain must you go when making judgements on sustainability.
Throughout, governance should be at a high level to set the tone, either from the top or via a well monitored decentralised approach that features high levels of training. Finally, outsourcing oversight and governance of the ESG risks is required, with assessments taking account of internal processes and relationships with service providers.
Integrate risk in to management
CRE risk must then be integrated into risk management frameworks. The first step is to conduct on-going materiality assessments. The report says that a lack of data should not prevent this. It is expected that these risks are to be integrated into internal capital and liquidity adequacy assessment process (ICAAP/ILAAP).
This will allow the positioning of CRE risks on their own but also in terms of how they interact with other risk categories. “One interviewed bank considers CRE risks as not risks per se but rather drivers that modify the exposure to other categories of risk.”
Integrating data requires finetuning
Data is key, whether from internal client sources or externally sourced. Accuracy of external data can be a challenge, so decisions have to be taken on whether to use just one provider, or some form of aggregation and weighting of several data sources. Increasingly, some Luxembourg players are using ESG questionnaires to fill gaps. How this data is integrated into risk mitigation also requires fine tuning.
Finally comes the question of disclosure, with the goal of fostering transparency on ESG risk exposure. Under CRD III, all institutions will have to disclose this from 2025, not just large institutions as at present.
“In Luxembourg, most banks are either included in group‑wide disclosure or intend to adopt a safe and low‑profile communication strategy to mitigate reputational risk,” said the report.