In today's fast evolving financial landscape, credit institutions must integrate Environmental, Social, and Governance ("ESG") risk management into their internal governance frameworks. This shift is not merely a regulatory requirement but a strategic necessity to mitigate financial risks and enhance long-term resilience. CRD VI1 was published on 19 June 2024 with an implementation deadline until 10 January 2026. It sets out a comprehensive framework for ESG risk management for credit institutions and certain investment firms.
Why ESG risks matter?
Environmental risks, such as those stemming from climate change, social factors like health and working conditions, and governance elements, including leadership qualities and diversity, can have a significant impact on the financial stability of institutions. These risks may affect counterparties and, consequently, the institutions themselves. Moreover, consideration of ESG factors is necessary to ensure compliance with other regulatory frameworks such as MiFID or SFDR. Therefore, understanding, assessing and measuring these risks is crucial for all financial sector players.
The European Banking Authority ("EBA") published the "Report on management and supervision of ESG risks for credit institutions and investment firms" in June 2021 outlining an initial framework for ESG risk management. This framework was aimed at integrating ESG risks into business strategies, processes, and governance of institutions. CRD VI has further solidified the framework by introducing new, mandatory provisions in the CRD 2021 banking package.
Accordingly, institutions will now be required to establish robust internal governance arrangements to manage ESG risks over the short, medium, and long term (at least 10 years). This includes developing comprehensive strategies, policies, processes, and systems, the management body approving and reviewing them.
Embedding ESG in strategic leadership
The management body must develop and monitor transition plans addressing financial risks from ESG factors. These plans are designed to enhance the institution's resilience towards ESG risks and must be aligned, if applicable, with transition plans elaborated pursuant to the CSRD (for more information about the CSRD framework, please refer to this firm's recent newsflash published on 26 April 2024).
In order to ensure sound risk culture and "tone from the top", the management body will be collectively required to understand ESG risks for the institution (outside in) and ESG impacts that the institution creates (inside out), with mandatory training to be organised on these topics. Aligning managerial behaviour with long-term sustainability strategies is also considered essential by CRD VI, making ESG risk appetite a part of remuneration policies and processes.
ESG mandate and powers for supervisors
According to the new provisions of CRD VI, the national competent authorities ("NCAs"), such as the CSSF in Luxembourg, will be tasked with reviewing and evaluating institutions' governance and ESG risk management processes. NCAs will also assess prudential transition plans and progress towards regulatory objectives such as climate neutrality. They will have the power to enforce compliance through ESG risk reduction requirements, business strategy adjustments, governance changes, and risk management improvements as well as reinforcements to the targets, measures and actions included in the transition plans. According to the Single Supervisory Mechanism's supervisory priorities and as announced by the CSSF in its communication of March 2024 on its supervisory priorities in the area of sustainable finance, supervisors will focus on climate-related and environmental risks by conducting targeted on-site inspections as from 2024.
Conclusion
Institutions must act now to integrate ESG risk management into their governance frameworks. This proactive approach will not only ensure regulatory compliance but also position them for sustainable success in an increasingly ESG-focused world.
Footnotes
1. Directive (EU) 2024/1619 of the European Parliament and of the Council of 31 May 2024 amending Directive 2013/36/EU as regards supervisory powers, sanctions, third-country branches, and environmental, social and governance risks.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.