Response to discussion Paper on management and supervision of ESG risks for credit institutions and investment firms (EBA/DP/2020/03)
Go back
- Report of the European Commission on “Sustainable Finance”, January 2018
- Action Plan “Financing Sustainable Growth”, March 2018
- ECB Guide on climate-related and environmental risks, November 2020
- Consultation of the EU on the new strategy relating to sustainable financing, April 2020
- Regulation (EU) 2019/2088 of the European Parliament and of the Council on sustainability-related disclosures in the financial services sector
- Regulation (EU) 2020/852 of the European Parliament and of the Council on the establishment of a framework to facilitate sustainable investment, and amending Regulation (EU) 2019/2088 (Taxonomy Regulation)
- Consultation Paper RTS ESG Disclosure (Draft regulatory technical standards with regard to the content, methodologies and presentation of ESG disclosures)
- BaFin Guidance Notice on Dealing with Sustainability Risks, December 2019
- Standards of recognised sustainability rating agencies
- IFRS Initiative
Standardisation which takes into consideration aspects of proportionality would be desirable, to avoid overwhelming institutions with a variety of supervisory documents. It is also important that the discussion centres on the same scope and the same effects. If we consider the impact on climate when looking at the inside-out perspective, it is essential to clarify whether Scope 1 and 2 or Scope 1 - 3 is meant regarding the impact of an institution. If the effects of the customer business portfolios must also be included in Scope 1 - 3, we see a considerable increase in the time, effort and expenditure necessary for implementation.
In principle, we can share the definition proposed, because many correct and important issues are discussed here and the definitions are in large parts coherent in our view. Examples of the factors should be incorporated into the definition.
Moreover, there should be made a differentiation in the definition framework between direct and indirect driven risks in order to be able to distinguish clearly in the banking and supervisory process between these two views. This should also be considered in the context of tools (Is it a tool for a factor or a risk?), rules, processes, materiality, governance etc.
By contrast, for the purposes of internal risk management only negative effects should be taken into consideration. Negative effects are those which represent a burden for institutions. ESG risks in particular materialise if the ESG factors influence the customers and business partners of the institutions and thus have a negative effect on the financial performance or solvency of the institutions. In this context, we share the view that institutions and regulator should consider when assessing their inclusion in the practice from the perspective of the negative impact of ESG factors on the counterparties of institutions. This would correspond to the “outside-in” perspective which is also applied today in risk management.
In our opinion, the effects described in paragraph 36 b are too vague to assume a general materiality in relation to the risks of the institution. At least, it should not be expected that institutions must analyse possible effects of the activities of all (individual) business partners on their stakeholders and take this into consideration in their internal risk management.
For this reason, it should be appropriate, as with the established risk types in SREP, to focus on the negative effects on the financial position and results of operations of the institutions in the event of ESG factors becoming striking. However, risks are not entered into in banking activities without corresponding earning potential. According to Section 289(1) German Commercial Code, the so-called opportunities and risks report in the management report of an institution must not only refer to foreseeable risks, but also future opportunities. It also seems appropriate in the context of supervisory action, e.g. in SREP, to consider the positive side of ESG factors. This could be done, for example, within the scope of instructions from the supervisory authority during the business model analysis.
It also appears appropriate taking greater account of the positive side of ESG factors in supervisory action, e.g. in SREP (in the form of a qualitative note).
From our point of view it is correct that the direct impact of the physical risks on the institution is not considered in the context of dealing with ESG risks. These risks, such as extreme weather occurrences, are already part of the management of operational risks today.
As regards social and governance risks, in our view the direct effect of these risks cannot be so clearly subordinated as clearly to the indirect effects as to the environmental risks. This is also the result of the fact that in particular many social risks of business partners will be difficult for institutions to identify and evaluate. However, the argument in paragraph 39 is logical, namely that the ESG risks specific to the institution are already largely covered (e.g. with money-laundering provisions for institutions, etc.).
We agree with the described close interaction between transition and physical risks and the description of the impact of these risks on companies and institutions. We share the EBA’s view that environmental risks in particular arise in the form of physical and transition risks.
For reasons of practicability, the focus of regulatory requirements should nevertheless initially be on climate risks, because this area involves the greatest pressure to act and harbours the greatest risks. A step-by-step approach should be taken. Orientation could be sought in the Taxonomy Regulation. Other environmental risks (in particular biodiversity) too strongly increase the complexity at the first stage through interdependencies.
As described above, the time component plays an important role in particular with transition risks with regard to which methods and measures can be appropriately applied. In this context, transition risks involving greater uncertainty, e.g. because their possible materialisation is far beyond the usual risk observation horizon, should not be included in the short-term risk assessment period. Instead, only those transition risks should be included in risk management which can be anticipated with a certain degree of certainty over a specific assessment period (e.g. announcement of planned political measures, etc.).
Liability risks and legal risks should be considered as a separate (operational) risk and not be integrated into the transition risks, also to avoid overlapping and thus duplications.
It is clearly plausible to strive for a step-by-step approach, although this can result in certain trade-offs in the exclusive assessment of one aspect (E). For example, political intervention in the energy sector by shutting down power plants can affect the area of social aspects. It must be borne in mind that there a conflict may develop, especially between “E” and “S”, which needs to be addressed, also in terms of supervisory specification (definition, standards, etc.).
In our view, the investigation of the entire value chain and contract partners specified in paragraph 40 is too extensive, because a deep analysis of this kind initially presupposes considerable time and effort in data collection and data may not be able to be collected because the reporting is insufficient in this context.
The definition of social risks and governance risks appears to be quite general, but appropriate in connection with the examples and explanations listed before. However, the link between social and environmental risk appears somewhat forced. There will certainly be interfaces between social and environmental risks. In our view, emphasising these boundary risks separately, especially to this extent, is unnecessary and does not appropriately reflect the relationship within the social risks.
The COVID pandemic in principle offers the opportunity for learning in order to assess the extent of unexpected events. However, the extent to which ESG risks can pose a threat to the vulnerability of the financial system can only be determined to a very limited extent. It hast to be taken into consideration that each crisis may manifest itself very differently and therefore does not provide any possibilities for valid conclusions.
In addition, it should be clarified that the entire industry (including the regulators) is still at any early stage. Indicators which are helpful for risk control will emerge in the future (in the coming years) or prove to be less useful over the time and therefore discarded accordingly. In this context, it must be taken into consideration that especially at the beginning qualitative indicators can be useful and the use of quantitative figures/parameters is only introduced subsequently or for the future. In a first step, the identification of the relevant data and data sources is necessary on the basis of which the successive conduct of initially qualitative analyses can be carried out. In view of the initially restricted reliability of the indicators and data, inclusion in the (risk) reporting of the institutions must be carefully considered. In any case, it must be ensured that the perspective (impact vs. risk) is clearly emphasised. Impact indicators (such as the EU taxonomy) may well be helpful for internal control purposes, but can only be used to a very limited extent – if at all – for a risk (!) assessment.
The first step is data collection. If no data or information are available, no measurement methods can be used. Consequently, it should once again clarified that the qualitative analyses are completely sufficient. In considering indicators, proportionality must also be borne in mind, because smaller institutions in particular or their small- to medium-sized customers can have difficulty with data procurement.
As regards fig. 93: There is also no reliability and comparability of the data, because it is usually collected individually and there are no comparable criteria. It is also questionable in context of CSR reporting whether the statements made by companies can be compared with one another and lead to reliable statements. It is also doubtful whether the assumptions of the long-term climate scenario can be broken down to the planning horizon.
As regards fig. 94: In spite of all urgency regarding further development, the possibilities of small and medium-sized institutions or institutions with non-complex business should not be ignored. In addition, there must be a grading of the E, S and G components in order to avoid conflicts of interests. A hierarchy must be developed in this context.
The attempt to analyse the entire value chain of a borrower with the aid of ESG indicators appears today to be too ambitious, i.e. in particular appears inappropriate with regard to time, effort, expenditure and benefits. In addition, relevant data and information from data offerors/providers or third parties in our experience are only available for a very small part of the institution’s portfolio. In particular, the reference to investment benchmarks is only suitable for proprietary business; customer loan business cannot be reflected.
The expectation of the supervisory authority should take into consideration this early development stage, the lack of (market) standards and the restricted availability of data/information.
However, the degree of “greenness” of an institution’s activities in a certain part of a loan portfolio does not in our view permit a direct statement about the risk content. For example, financing companies which act sustainably and promote the environment but which do not have an appropriate business management can involve increased risks. In this context, the distinction between impact and risk must be borne in mind. This could be emphasised more strongly in Table 3 in paragraph 146. A further challenge in this context is the differentiation of the emission sources included according to the three scopes (according to the GHG Protocol), for example to measure the carbon dioxide footprint and to analyse a portfolio in this respect (or to check/observe the alignment, for example, with the Paris climate targets). In particular, the involvement of Scope 3 emissions, i.e. emissions caused by the companies’ activities but which are not under the companies’ control, for example from suppliers, service providers or employees, appears sufficiently difficult.
Alignment can only lead to the rough conclusion that the institution is exposed to a lower climate-related risk than others who have not aligned their portfolios to the Paris climate targets. However, as described above a 100 % green portfolio can constitute a significantly higher loan risk than a “brown” portfolio. In this context, it always depends on the individual case and the respective framework parameters. For example, a loan to a coal-fired power plant generates stable cash-flows for the next five years – at least this loan usually does not involve an increased risk. Yet an institution might encounter problems if the business model is based to a large extent on the financing of coal-fired power stations and the loss of this business would lead to lower earnings, or the financing leads to damage in reputation. These thoughts are less a case for short-term risk management, and more for strategic considerations. For this reason, alignment or carbon accounting should not be listed as a risk measurement method, but as a method of generating additional information to the risk concentrations and for strategic positioning.
In addition, we refer to our statements in response to Question 9.
However, these models involve many assumptions. The following uncertainties must be sufficiently interpreted: climate development, political interventions, consequences for the economy, data availability. For these reasons, we consider a quantification or consideration of the stress test results in ICAAP to be premature. We are still at an early stage; initial considerations, in particular with regard to qualitative assessments, are taking place in individual institutions. We therefore consider scenario analyses on a qualitative basis or expert opinions capable of implementation.
The use of the exposure method is essentially based on ESG ratings: a complete cover for the customer portfolio with external ESG ratings does not exist (in particular with medium-sized businesses) in spite of many providers. Standardisation of the methods and a higher transparency/regulation of the (ESG) rating-agencies is necessary because the ratings of the different agencies are not comparable in our view. A “master scale” of ratings would be helpful for a mapping of the ratings.
The development of own (internal) ESG ratings is complex and would further increase banks’ costs.
In detail, there are numerous difficulties in creating ESG ratings, especially when it comes to differentiating them from existing credit ratings.
- Credit ratings should incorporate the ESG aspects relevant to creditworthiness and should not be influenced by (strategic) ESG ratings. The addition of selective criteria that result from ESG aspects (e.g. being affected by increases in the carbon dioxide price) must first be incorporated into the credit rating and validated. This will take some time, because the conventional rating procedures are very well validated and tested. The quality of these ratings should not change in the context of ESG aspects either. Adjusting the rating scales only makes sense if valid data can be taken as a basis which justifies a change.
- There is currently insufficient coverage of external ESG ratings, both in terms of the scope of rated counterparties and the risk factors included within the ratings. This is exacerbated when considering the lending business and rather medium-sized borrowers.
- Modelling the institution’s own ESG rating procedure can be difficult, amongst other things due to the lack of a database.
We consider the point “data issues” in Table 3 in paragraph as a disadvantage for this method as well (in particular for developing the institution’s own scores) and not just for the risk framework method.
Moreover, we want to point out that considering the diversity of ESG (risks) it is important to foster methodological diversity and to juxtapose different results of different approaches to get a full picture.
The statement in paragraph 150 that small institutions are not necessarily be less susceptible than large institutions could apply if they have (higher) concentrations in particularly exposed sectors, regions, etc. Ideally, the institution classifies itself in the course of an initial/simple impact or sensitivity analysis. Specific methodological recommendations should not be made in this context. Suitable approaches still have to be developed which can be implemented in smaller banks. In any case, it should be possible for the ESG risk management approach of smaller institutions to have strong qualitative traits.
The statement that small institutions can be more susceptible to ESG risks because they have fewer resources and experts to deal with them is poorly worded in our view. Would the consequence at this point be that small institutions with fewer resources for the management of ESG risks should classify there risks as higher? In our view, this should be exactly the opposite. Identified ESG risks and their risk content should determine the needs of resources and not the other way around. This would otherwise contradict the idea of proportionality.
In paragraph 205 it is emphasised that ESG risks can be integrated into existing governance structures at smaller and less complex institutions. From our point of view, however, this integration of ESG risks into existing governance structures should be the desired aim regardless of the size of the institution. Isolated treatment of ESG risks in their own governance structures would contradict the classification of ESG risks as risk drivers within existing risk types. For this reason, the handling of ESG risks should be found in the existing governance structures for the existing types of risk on which ESG aspects act as risk drivers (e.g. within the guidelines on credit risk, etc.).
The specific design of methods and procedures in institutions which integrate ESG risks into the overall bank steering and risk management should be derived from relevance impact. This also applies to the recognition of these risks in the long-term/strategic planning, which must always be based on sufficiently likely assumptions, or the institutions’ governance structure. The focus of an institution on the CSR perspective can be appropriate, for example, if for the institution ESG risks are less relevant/if the institution is less affected by ESG risks. With regard to the role of the management and supervisory or administrative board, it must be pointed out that there is clear responsibility for risk control or monitoring which has been tightened over recent years in Europe by stringent regulatory requirements. This responsibility also encompasses ESG risks. In addition, it can be observed that due to very high importance of sustainability aspects, ESG issues are consistently prioritized on the agenda of management bodies.
Likewise, the effort and resources which are, for example, invested in the acquisition of data, the derivation of KPIs or KRIs, the setting up scenario analyses and stress tests must always be viewed in the light of the extent to which the institution is affected by, or sensitive to, these risks (or their business model, (credit)portfolios, etc.). For this reason, we consider general statements about inadequacies in institutions in the area of the use of data to be ineffective, unless they are placed in context of the institutions’ individual (ESG) risk profile.
For this reason, the procedures presented should be identified as exemplary procedures, and the “novelty” of the topic should be reflected in the timeline.
The comments on "Considering the development of sustainable products" do not appear appropriate for a Discussion paper, which focuses on the risk side. The “level of ambition” regarding ESG (inside-out perspective) should be left completely up to the bank.
An extension of the strategic planning calculations to time horizons extending far beyond five years does not appear expedient or reliable, because the degree of uncertainty would prevail. A detailed qualitative examination of the effects of longer-term trends within the strategic planning horizon should be sufficient. This could, for example, avoid investments in sectors which have not a viable future option. In addition, the currently considered horizons of the normative perspective are sufficient and should not be extended, because a sensible quantitative assessment would then not be possible at all.
We consider the recommended integration of requirements into Level 1 regulation (CRD and CRR) premature.
We share the view that ESG is a risk driver which can have effects on the different relevant risk categories.
The comments on the role of management bodies and committees and the internal control functions in principle already correspond to existing recommendations or requirements of the EBA (e.g. in the guidelines on loan origination and monitoring) as well as numerous national competent supervisory authorities. In view of the knowledge, skills and experience of members of the management bodies or those performing key functions, in view of numerous existing requirements, it seems to us to be dispensable to additionally emphasise ESG aspects in particular. In addition, we would like to point out that the institutions’ existing governance framework must also be taken into account. Any further development that may be necessary with regard to ESG aspects must first be examined. If dedicated sustainability units or committees exist or are being established, attention should be paid to their interlinking with regard to roles, tasks and methods in relation to other participants within the framework of overall bank management. As regards the structure of remuneration systems, the numerous existing requirements to avoid inappropriate incentives appear sufficient. We do not consider mandatory adjustment of remuneration guidelines to any separate ESG aims of institutions to be appropriate, because they are generalised and do not take into account the degree of exposure of an institution with regard to risk and business profile.
We do not fully understand points c. and d. of the “policy recommendations”. The risk committee is responsible for risk management: a committee specialised in ESG risks is therefore usually not necessary. The recommended allocation of responsibility to a single member of the management body is formulated in a misleading manner and should be brought into line with the requirements of the EBA guidelines on internal governance.
On the risk management side, the result of impact/sensitivity must be taken into consideration in particular: the requirements formulated here should only apply in the form described (for orientation) if the institution is severely affected.
We take a critical view of the expectation that ESG risks are intended to be limited within the framework of risk appetite and capital should be allocated accordingly (page 112). ESG risks are risk drivers which affects the known risk types. Consequently, capital can only be allocated to risk types, but not to risk drivers. In other words, it makes no sense to allocate capital for a risk driver and this cannot be reflected in the risk-bearing capital calculation. Naturally, there is a limit system for the types of risks and capital is allocated to them. By considering the materiality of the (known) risk types, the risk drivers are indirectly taken into account.
Proportionality and materiality aspects were not sufficiently considered in the “Conclusions and policy recommendations”. For example, qualitative assessment approaches should also be permitted for ESG risks. Point c should be supplemented by an exception for loans to consumers and small enterprises. Not every institution has to design its own comprehensive “climate risk stress programme” either.
In our view, the identification and assessment of social and governance risks of the institution’s business partners is likely to be very difficult due to the nature of the risks and the data necessary for the assessment of these risks. Data and information will often require a certain degree of protection. Social and governance risks will often affect the institution’s business partners through reputation risks and therefore indirectly the institution itself. As reputation risks are themselves difficult to quantify, this again makes the assessment of social and governance risks even more difficult.
There should be stronger emphasis on the aspect that audit procedures always depend on the degree to which a business model is affected by ESG risks at all. It appears worthwhile to base the intensity of the audit on the results of the risk inventory (including with regard to ESG risks). This is not mentioned here. In addition, the analysis of strategy and financial plans should be restricted to a relevant and definable time horizon. In our view, an extension of the economic sustainability analysis beyond the procedure described in the SREP guidelines generally is mostly not expedient due to the associated uncertainties. These uncertainties are evident in the multitude of possible development paths on which the climate scenarios of the climate models are based.
The range of ESG indicators is enormous and it will not be possible to take into consideration all factors at the same time. In our view, the banks should have a margin of discretion to choose the focus and threshold values they use for individual factors.
But ESG aspects are only one of many risk drivers influencing the bank’s business model. Hence a limitation towards those risks in a long-term business model resilience analyses would not make sense. ESG topics should rather be seen as one of many influences with impact on the longer-term business model resilience (alongside other social and technological trends).
Also, the ten-year timeframe of the long-term resilience analysis should rather be seen as orientation than as a fixed point in time for scenario analysis because impact of long-term trends cannot be projected with high accuracy. In addition, the question is raised about the stability of, for example, a ten-year view and the consequence of any defects discovered by the supervisory authority. These could not be addressed with a SREP requirement in the form of additional equity. Measures could merely rely on reference to long-term strategic considerations.
Moreover, this long-term strategic assessment of the business model resilience should not be mixed up with the strategic targeting and planning process which focuses on the next three to five years. The reason is that the pace of change which is effecting the banks business environment has increased significantly in the last years (e. g. innovation & technology cycles). In our current VUCA (high volatility, uncertainty, complexity and ambiguity) business world the strategic targeting and planning process must rather focus on short term capacity for adaptation and agility to respond fast on most recent developments in order to stay relevant for our customers. Trying to plan on a ten-year horizon would not satisfy these requirements.
We also refer to our comments in response to question 23.
The comments on fundamentally relevant considerations regarding the assessment of risks for capital, liquidity and refinancing must be specified more clearly in the direction of specific assessment steps in the sense of clear expectations of the supervisory authority. As regards the types of risk, liability risks are addressed in the context of operational risks, but so are reputational and legal risks which are located elsewhere on the risk map in most institutions and are also taken into consideration separately in the risk-bearing capacity. The initial focus on “climate and environment” is to be welcomed, and that developments in “governance” and “social aspects” are observed, even if these aspects can also be important and can develop interactions. This would be in line with the focus of the ECB on the risks specified first. As regards the refinancing risks, it should be noted that ESG aspects can also open up considerable opportunities for institutions in this context, which are not mentioned at all.
Paragraph 333 expressly states that “fundamental differences” should be made between the standard assessment of credit risks (e.g. assessment of credit-worthiness with the aid of a rating score with a one-year probability of default) and that for ESG risks. This de facto requires an additional assessment procedure suitable for ESG risks due to the credit assessment procedure permitted today under supervisory law. This would not be appropriate and would also contradict paragraph 332, which makes direct reference to the “credit assessments”.
In order to integrate ESG risk factors which are relevant to credit-worthiness into the established credit-worthiness assessment procedures, the institutions must be given sufficient time to establish data series and examine the suitability of the criteria with regard to their selectivity in the credit decision, and the interaction with the existing rating procedures must be clarified. As we know from experience in expanding regulatory recognized rating procedures, this involves very long periods. Otherwise, it must be possible to use procedures based on expert judgement.
The principle of proportionality is also not adhered to at the level of type of transaction (e.g. retail transaction) and scope of transaction (e.g. individual transaction in relation to the entire or partial portfolio). If extensive data is collected from all customers, including for example small amounts of retail financing, all usual threshold values in risk relevance which are usual today will be ignored, along with numerous consumer protection regulations at national and EU level.
In addition, there is no stronger separation of ESG factors that have a significant influence on the types of risk and ESG factors that have a non-material influence on risk types in the possible intensity of audit steps. There may be numerous institutions whose business model is only exposed to ESG factors to a limited extent, if at all. The starting point should be the institution’s individual risk inventory. A differentiation should also be made regarding the intervals for assessing ESG factors and the level of detail and extent of the information to be obtained.
1. Please provide details of other relevant frameworks for ESG factors you use.
No uniform standard has yet emerged. There are very different approaches which are based on different publications:- Report of the European Commission on “Sustainable Finance”, January 2018
- Action Plan “Financing Sustainable Growth”, March 2018
- ECB Guide on climate-related and environmental risks, November 2020
- Consultation of the EU on the new strategy relating to sustainable financing, April 2020
- Regulation (EU) 2019/2088 of the European Parliament and of the Council on sustainability-related disclosures in the financial services sector
- Regulation (EU) 2020/852 of the European Parliament and of the Council on the establishment of a framework to facilitate sustainable investment, and amending Regulation (EU) 2019/2088 (Taxonomy Regulation)
- Consultation Paper RTS ESG Disclosure (Draft regulatory technical standards with regard to the content, methodologies and presentation of ESG disclosures)
- BaFin Guidance Notice on Dealing with Sustainability Risks, December 2019
- Standards of recognised sustainability rating agencies
- IFRS Initiative
Standardisation which takes into consideration aspects of proportionality would be desirable, to avoid overwhelming institutions with a variety of supervisory documents. It is also important that the discussion centres on the same scope and the same effects. If we consider the impact on climate when looking at the inside-out perspective, it is essential to clarify whether Scope 1 and 2 or Scope 1 - 3 is meant regarding the impact of an institution. If the effects of the customer business portfolios must also be included in Scope 1 - 3, we see a considerable increase in the time, effort and expenditure necessary for implementation.
2. Please provide your views on the proposed definition of ESG factors and ESG risks.
There are currently numerous definitions and classifications for sustainable economic activities and ESG-risks (e.g. TCFD, ECB, SASB, European Commission etc.). Harmonised requirements for supervisory and regulatory purposes would be desirable. This would enable a standard and comparable assessment of ESG factors and “ESG risks” by the respective addressees. In addition, standard definitions and classifications create trust and transparency on the capital market.In principle, we can share the definition proposed, because many correct and important issues are discussed here and the definitions are in large parts coherent in our view. Examples of the factors should be incorporated into the definition.
Moreover, there should be made a differentiation in the definition framework between direct and indirect driven risks in order to be able to distinguish clearly in the banking and supervisory process between these two views. This should also be considered in the context of tools (Is it a tool for a factor or a risk?), rules, processes, materiality, governance etc.
3. Do you agree that, for the purpose of assessing their inclusion in institutions’ and supervisors’ practices from a prudential perspective, ESG risks should be approached primarily from the angle of the negative impacts of ESG factors on institutions’ counterparties? Please explain why.
ESG factors do not only have negative implications, but they also create opportunities for business enterprises. In this respect it is correct that EBA describes both effects.By contrast, for the purposes of internal risk management only negative effects should be taken into consideration. Negative effects are those which represent a burden for institutions. ESG risks in particular materialise if the ESG factors influence the customers and business partners of the institutions and thus have a negative effect on the financial performance or solvency of the institutions. In this context, we share the view that institutions and regulator should consider when assessing their inclusion in the practice from the perspective of the negative impact of ESG factors on the counterparties of institutions. This would correspond to the “outside-in” perspective which is also applied today in risk management.
In our opinion, the effects described in paragraph 36 b are too vague to assume a general materiality in relation to the risks of the institution. At least, it should not be expected that institutions must analyse possible effects of the activities of all (individual) business partners on their stakeholders and take this into consideration in their internal risk management.
For this reason, it should be appropriate, as with the established risk types in SREP, to focus on the negative effects on the financial position and results of operations of the institutions in the event of ESG factors becoming striking. However, risks are not entered into in banking activities without corresponding earning potential. According to Section 289(1) German Commercial Code, the so-called opportunities and risks report in the management report of an institution must not only refer to foreseeable risks, but also future opportunities. It also seems appropriate in the context of supervisory action, e.g. in SREP, to consider the positive side of ESG factors. This could be done, for example, within the scope of instructions from the supervisory authority during the business model analysis.
It also appears appropriate taking greater account of the positive side of ESG factors in supervisory action, e.g. in SREP (in the form of a qualitative note).
From our point of view it is correct that the direct impact of the physical risks on the institution is not considered in the context of dealing with ESG risks. These risks, such as extreme weather occurrences, are already part of the management of operational risks today.
As regards social and governance risks, in our view the direct effect of these risks cannot be so clearly subordinated as clearly to the indirect effects as to the environmental risks. This is also the result of the fact that in particular many social risks of business partners will be difficult for institutions to identify and evaluate. However, the argument in paragraph 39 is logical, namely that the ESG risks specific to the institution are already largely covered (e.g. with money-laundering provisions for institutions, etc.).
4. Please provide your views on the proposed definitions of transition risks and physical risks included in section 4.3.
We consider the definitions listed to be correct. We take the view that it is difficult to differentiate between climate and environmental risks, because both topics overlap. In this respect, it is to be welcomed that the EBA does not artificially delimit climate and environmental risks, in contrast to the ECB in its Guide.We agree with the described close interaction between transition and physical risks and the description of the impact of these risks on companies and institutions. We share the EBA’s view that environmental risks in particular arise in the form of physical and transition risks.
For reasons of practicability, the focus of regulatory requirements should nevertheless initially be on climate risks, because this area involves the greatest pressure to act and harbours the greatest risks. A step-by-step approach should be taken. Orientation could be sought in the Taxonomy Regulation. Other environmental risks (in particular biodiversity) too strongly increase the complexity at the first stage through interdependencies.
As described above, the time component plays an important role in particular with transition risks with regard to which methods and measures can be appropriately applied. In this context, transition risks involving greater uncertainty, e.g. because their possible materialisation is far beyond the usual risk observation horizon, should not be included in the short-term risk assessment period. Instead, only those transition risks should be included in risk management which can be anticipated with a certain degree of certainty over a specific assessment period (e.g. announcement of planned political measures, etc.).
Liability risks and legal risks should be considered as a separate (operational) risk and not be integrated into the transition risks, also to avoid overlapping and thus duplications.
It is clearly plausible to strive for a step-by-step approach, although this can result in certain trade-offs in the exclusive assessment of one aspect (E). For example, political intervention in the energy sector by shutting down power plants can affect the area of social aspects. It must be borne in mind that there a conflict may develop, especially between “E” and “S”, which needs to be addressed, also in terms of supervisory specification (definition, standards, etc.).
In our view, the investigation of the entire value chain and contract partners specified in paragraph 40 is too extensive, because a deep analysis of this kind initially presupposes considerable time and effort in data collection and data may not be able to be collected because the reporting is insufficient in this context.
5. Please provide you views on the proposed definition of social risks and governance risks. As an institution, to which extent is the on-going COVID-19 crisis having an impact on your approach to ESG factors and ESG risks?
The definitions are conclusive. A focus on climate and environmental risks as in the ECB Guide does not make sense in our view. At this point we also refer to our comments in question 4.The definition of social risks and governance risks appears to be quite general, but appropriate in connection with the examples and explanations listed before. However, the link between social and environmental risk appears somewhat forced. There will certainly be interfaces between social and environmental risks. In our view, emphasising these boundary risks separately, especially to this extent, is unnecessary and does not appropriately reflect the relationship within the social risks.
The COVID pandemic in principle offers the opportunity for learning in order to assess the extent of unexpected events. However, the extent to which ESG risks can pose a threat to the vulnerability of the financial system can only be determined to a very limited extent. It hast to be taken into consideration that each crisis may manifest itself very differently and therefore does not provide any possibilities for valid conclusions.
6. Do you agree with the description of liability transmission channels/liability risks, including the consideration that liability risks may also arise from social and governance factors? If not, please explain why.
The description of the transfer of liability / liability risks, including the consideration that liability risks can also arise out of social and governance factors, are understandable. However, liability risks should not exclusively be related to ESG risks. As they generally exist, separate assessment in an ESG context appears dispensable and is also not consistent with the risk maps /definitions of many institutions. Legal costs are in particular difficult to anticipate, which can arise due to possible future changes in behaviour. In our view, fears about the threat to financial stability also go too far. Liability risks are in principle already included within the framework of operational risk.8. Please provide your views on the relevance and use of qualitative and quantitative indicators related to the identification of ESG risks.
The indicators specified may be useful as an orientation. However, we would like to point out that sometimes it can be difficult to get a grip on certain ESG-risks, as they seem to translate quite “softly”. Furthermore, new ESG-risks can arise quickly. In so far it is important that supervisory bodies foster the freedom to use different methodological approaches, as practiced in pillar 2. This includes both, qualitative and quantitative ways.In addition, it should be clarified that the entire industry (including the regulators) is still at any early stage. Indicators which are helpful for risk control will emerge in the future (in the coming years) or prove to be less useful over the time and therefore discarded accordingly. In this context, it must be taken into consideration that especially at the beginning qualitative indicators can be useful and the use of quantitative figures/parameters is only introduced subsequently or for the future. In a first step, the identification of the relevant data and data sources is necessary on the basis of which the successive conduct of initially qualitative analyses can be carried out. In view of the initially restricted reliability of the indicators and data, inclusion in the (risk) reporting of the institutions must be carefully considered. In any case, it must be ensured that the perspective (impact vs. risk) is clearly emphasised. Impact indicators (such as the EU taxonomy) may well be helpful for internal control purposes, but can only be used to a very limited extent – if at all – for a risk (!) assessment.
The first step is data collection. If no data or information are available, no measurement methods can be used. Consequently, it should once again clarified that the qualitative analyses are completely sufficient. In considering indicators, proportionality must also be borne in mind, because smaller institutions in particular or their small- to medium-sized customers can have difficulty with data procurement.
As regards fig. 93: There is also no reliability and comparability of the data, because it is usually collected individually and there are no comparable criteria. It is also questionable in context of CSR reporting whether the statements made by companies can be compared with one another and lead to reliable statements. It is also doubtful whether the assumptions of the long-term climate scenario can be broken down to the planning horizon.
As regards fig. 94: In spite of all urgency regarding further development, the possibilities of small and medium-sized institutions or institutions with non-complex business should not be ignored. In addition, there must be a grading of the E, S and G components in order to avoid conflicts of interests. A hierarchy must be developed in this context.
9. As an institution, do you use or plan to use some of the ESG indicators (including taxonomies, standards, labels and benchmarks) described in section 5.1 or any other indicators, inter alia for the purpose of risks management? If yes, please explain which ones.
The use of indicators is currently only planned by a small number of the institutions. Possibly, the Taxonomy Regulation can be taken as a basis for categorisation. The exact design, content and scope will only be shown in practice over the next few months (or years). It is fundamental that the institutions check the relevance of such indicators for risk management purposes as a first step. If there is significant influence on the risk, the institutions should consider the use of the indicators. The expectation of the supervisory authority should, however, take into consideration this early development stage and the lack of (market) standards.The attempt to analyse the entire value chain of a borrower with the aid of ESG indicators appears today to be too ambitious, i.e. in particular appears inappropriate with regard to time, effort, expenditure and benefits. In addition, relevant data and information from data offerors/providers or third parties in our experience are only available for a very small part of the institution’s portfolio. In particular, the reference to investment benchmarks is only suitable for proprietary business; customer loan business cannot be reflected.
The expectation of the supervisory authority should take into consideration this early development stage, the lack of (market) standards and the restricted availability of data/information.
10. As an institution, do you use or plan to use a portfolio alignment method in your approach to measuring and managing ESG risks? Please explain why and provide details on the methodology used.
In our view, the “portfolio alignment method” seems less suitable as a method of assessing risk than the two alternative methods mentioned. This approach is not risk-based, but instead serves as a strategic tool for aligning the institution with a climate target and the associated measurement of target achievement. In addition, there are no established standards. Before investments are made here, more experience is necessary.However, the degree of “greenness” of an institution’s activities in a certain part of a loan portfolio does not in our view permit a direct statement about the risk content. For example, financing companies which act sustainably and promote the environment but which do not have an appropriate business management can involve increased risks. In this context, the distinction between impact and risk must be borne in mind. This could be emphasised more strongly in Table 3 in paragraph 146. A further challenge in this context is the differentiation of the emission sources included according to the three scopes (according to the GHG Protocol), for example to measure the carbon dioxide footprint and to analyse a portfolio in this respect (or to check/observe the alignment, for example, with the Paris climate targets). In particular, the involvement of Scope 3 emissions, i.e. emissions caused by the companies’ activities but which are not under the companies’ control, for example from suppliers, service providers or employees, appears sufficiently difficult.
Alignment can only lead to the rough conclusion that the institution is exposed to a lower climate-related risk than others who have not aligned their portfolios to the Paris climate targets. However, as described above a 100 % green portfolio can constitute a significantly higher loan risk than a “brown” portfolio. In this context, it always depends on the individual case and the respective framework parameters. For example, a loan to a coal-fired power plant generates stable cash-flows for the next five years – at least this loan usually does not involve an increased risk. Yet an institution might encounter problems if the business model is based to a large extent on the financing of coal-fired power stations and the loss of this business would lead to lower earnings, or the financing leads to damage in reputation. These thoughts are less a case for short-term risk management, and more for strategic considerations. For this reason, alignment or carbon accounting should not be listed as a risk measurement method, but as a method of generating additional information to the risk concentrations and for strategic positioning.
In addition, we refer to our statements in response to Question 9.
11. As an institution, do you use or plan to use a risk framework method (including climate stress testing and climate sensitivity analysis) in your approach to measuring and managing ESG risks? Please explain why and provide details on the methodology used.
The “risk framework method” in the sense of using stress tests and scenario analyses currently appears to us being the most suitable method of the three alternatives mentioned. Scenario analyses are a targeted-oriented method on the risk side; this can be used to control the follow-up effort even if an institution is only midly affected. It is also positive that the EBA explicitly emphasises the challenges such as the increased complexity as well as the uncertainty of “climate stress tests” in contrast to other stress tests (paragraph 123 et seq.).However, these models involve many assumptions. The following uncertainties must be sufficiently interpreted: climate development, political interventions, consequences for the economy, data availability. For these reasons, we consider a quantification or consideration of the stress test results in ICAAP to be premature. We are still at an early stage; initial considerations, in particular with regard to qualitative assessments, are taking place in individual institutions. We therefore consider scenario analyses on a qualitative basis or expert opinions capable of implementation.
12. .As an institution, do you use or plan to use an exposure method in your approach to measuring and managing ESG risks? Please explain why and provide details on the methodology used.
The exposure method, including a glance at ESG risks which affect the individual exposure or the borrower, can be sensible depending on the business model and the degree to which the bank is affected. As the exposure methods mentioned in the EBA-paper do not necessarily have a risk-impact (ESG ratings, ESG scoring models), institutions should check materiality of such indicators. If a material correlation to risk is shown, those indicators should be used. Consequently, a distinction should be made between risk-relevant and non-risk-relevant aspects (aspects which contribute to an institution’s own ESG objective, but do not have an effect on the customer’s solvency). First cautious steps are currently being made by classification, e.g. classification into taxonomy-conform and non-taxonomy-conform.The use of the exposure method is essentially based on ESG ratings: a complete cover for the customer portfolio with external ESG ratings does not exist (in particular with medium-sized businesses) in spite of many providers. Standardisation of the methods and a higher transparency/regulation of the (ESG) rating-agencies is necessary because the ratings of the different agencies are not comparable in our view. A “master scale” of ratings would be helpful for a mapping of the ratings.
The development of own (internal) ESG ratings is complex and would further increase banks’ costs.
In detail, there are numerous difficulties in creating ESG ratings, especially when it comes to differentiating them from existing credit ratings.
- Credit ratings should incorporate the ESG aspects relevant to creditworthiness and should not be influenced by (strategic) ESG ratings. The addition of selective criteria that result from ESG aspects (e.g. being affected by increases in the carbon dioxide price) must first be incorporated into the credit rating and validated. This will take some time, because the conventional rating procedures are very well validated and tested. The quality of these ratings should not change in the context of ESG aspects either. Adjusting the rating scales only makes sense if valid data can be taken as a basis which justifies a change.
- There is currently insufficient coverage of external ESG ratings, both in terms of the scope of rated counterparties and the risk factors included within the ratings. This is exacerbated when considering the lending business and rather medium-sized borrowers.
- Modelling the institution’s own ESG rating procedure can be difficult, amongst other things due to the lack of a database.
We consider the point “data issues” in Table 3 in paragraph as a disadvantage for this method as well (in particular for developing the institution’s own scores) and not just for the risk framework method.
13. As an institution, do you use or plan to use any different approaches in relation to ESG risk management than the ones included in chapter 5? If yes, please provide details.
It must be taken into consideration that the entire banking industry is in an early phase of dealing with ESG risks approaches and so far no approaches or procedures have yet been able to establish themselves as standards. This is closely associated with the challenge that the approaches (still) involve a high degree of subjective assessment. Although an institute itself, or institutes amongst themselves, are methodically working on objectivity and therefore also comparability of results, there is still a long way to go. We therefore propose that the regulator should currently only make recommendations.Moreover, we want to point out that considering the diversity of ESG (risks) it is important to foster methodological diversity and to juxtapose different results of different approaches to get a full picture.
15. Please provide your views on the extent to which smaller institutions can be vulnerable to ESG risks and on the criteria that should be used to design and implement a proportionate ESG risks management approach.
The idea of proportionality in paragraph 149 is important. Proportionality as described esp. refers to the size and the business model as well as the complexity of the activities of the banks. But it should also apply at the transaction level, i.e. less stringent requirements should apply to smaller loans (e .g. retail). It should be also noted here that the procurement of relevant data from customers in the sector of small- and medium-sized businesses poses particular challenges. The standards to be developed may not incur any disproportionate expenses for small- and medium-sized businesses in the context of lending. Recommendations in this context are difficult. Suitable methods still have to be found, otherwise there is a risk of mistaken investments.The statement in paragraph 150 that small institutions are not necessarily be less susceptible than large institutions could apply if they have (higher) concentrations in particularly exposed sectors, regions, etc. Ideally, the institution classifies itself in the course of an initial/simple impact or sensitivity analysis. Specific methodological recommendations should not be made in this context. Suitable approaches still have to be developed which can be implemented in smaller banks. In any case, it should be possible for the ESG risk management approach of smaller institutions to have strong qualitative traits.
The statement that small institutions can be more susceptible to ESG risks because they have fewer resources and experts to deal with them is poorly worded in our view. Would the consequence at this point be that small institutions with fewer resources for the management of ESG risks should classify there risks as higher? In our view, this should be exactly the opposite. Identified ESG risks and their risk content should determine the needs of resources and not the other way around. This would otherwise contradict the idea of proportionality.
In paragraph 205 it is emphasised that ESG risks can be integrated into existing governance structures at smaller and less complex institutions. From our point of view, however, this integration of ESG risks into existing governance structures should be the desired aim regardless of the size of the institution. Isolated treatment of ESG risks in their own governance structures would contradict the classification of ESG risks as risk drivers within existing risk types. For this reason, the handling of ESG risks should be found in the existing governance structures for the existing types of risk on which ESG aspects act as risk drivers (e.g. within the guidelines on credit risk, etc.).
16. Through which measures could the adoption of strategic ESG risk-related objectives and/or limits be further supported?
Here again, consideration must be given to the “novelty” of this topic: banks will need a “start-up phase” in order to anchor this topic appropriately throughout the organisation (depending on how strongly it is affected). In this content, the strengthening of the credit risk culture, lived responsibilities and knowledge of the topic will play a special role. Simple qualitative considerations should be the starting point here.The specific design of methods and procedures in institutions which integrate ESG risks into the overall bank steering and risk management should be derived from relevance impact. This also applies to the recognition of these risks in the long-term/strategic planning, which must always be based on sufficiently likely assumptions, or the institutions’ governance structure. The focus of an institution on the CSR perspective can be appropriate, for example, if for the institution ESG risks are less relevant/if the institution is less affected by ESG risks. With regard to the role of the management and supervisory or administrative board, it must be pointed out that there is clear responsibility for risk control or monitoring which has been tightened over recent years in Europe by stringent regulatory requirements. This responsibility also encompasses ESG risks. In addition, it can be observed that due to very high importance of sustainability aspects, ESG issues are consistently prioritized on the agenda of management bodies.
Likewise, the effort and resources which are, for example, invested in the acquisition of data, the derivation of KPIs or KRIs, the setting up scenario analyses and stress tests must always be viewed in the light of the extent to which the institution is affected by, or sensitive to, these risks (or their business model, (credit)portfolios, etc.). For this reason, we consider general statements about inadequacies in institutions in the area of the use of data to be ineffective, unless they are placed in context of the institutions’ individual (ESG) risk profile.
17. Please provide your views on the proposed ways how to integrate ESG risks into the business strategies and processes of institutions.
The procedures presented in the Discussion paper are mainly comprehensible. However, we would like to refer to our comments on questions 8 and 10. There is no clear link between pursuing SDGs or taxonomy-conform products and low risks. Whether ESG is integrated or not into the business strategy should not be a supervisory duty. Institutions themselves must examine their business strategy against the background of the supervisory requirements and decide whether it needs adjustments or not. Certain “Green” or “ESG-friendly” sectors could have a lower PD than other sectors, but this still has to be proven (by quantitative analysis). The risk strategy of an institution however is relevant. Quantitative or qualitative methods, bottom-up or top-down methods, should all be permitted.For this reason, the procedures presented should be identified as exemplary procedures, and the “novelty” of the topic should be reflected in the timeline.
The comments on "Considering the development of sustainable products" do not appear appropriate for a Discussion paper, which focuses on the risk side. The “level of ambition” regarding ESG (inside-out perspective) should be left completely up to the bank.
An extension of the strategic planning calculations to time horizons extending far beyond five years does not appear expedient or reliable, because the degree of uncertainty would prevail. A detailed qualitative examination of the effects of longer-term trends within the strategic planning horizon should be sufficient. This could, for example, avoid investments in sectors which have not a viable future option. In addition, the currently considered horizons of the normative perspective are sufficient and should not be extended, because a sensible quantitative assessment would then not be possible at all.
We consider the recommended integration of requirements into Level 1 regulation (CRD and CRR) premature.
We share the view that ESG is a risk driver which can have effects on the different relevant risk categories.
18. Please provide your views on the proposed ways how to integrate ESG risks into the internal governance of institutions.
To integrate ESG-risks into the existing governance should be suitable and allowed for every institution (whether small or big).The comments on the role of management bodies and committees and the internal control functions in principle already correspond to existing recommendations or requirements of the EBA (e.g. in the guidelines on loan origination and monitoring) as well as numerous national competent supervisory authorities. In view of the knowledge, skills and experience of members of the management bodies or those performing key functions, in view of numerous existing requirements, it seems to us to be dispensable to additionally emphasise ESG aspects in particular. In addition, we would like to point out that the institutions’ existing governance framework must also be taken into account. Any further development that may be necessary with regard to ESG aspects must first be examined. If dedicated sustainability units or committees exist or are being established, attention should be paid to their interlinking with regard to roles, tasks and methods in relation to other participants within the framework of overall bank management. As regards the structure of remuneration systems, the numerous existing requirements to avoid inappropriate incentives appear sufficient. We do not consider mandatory adjustment of remuneration guidelines to any separate ESG aims of institutions to be appropriate, because they are generalised and do not take into account the degree of exposure of an institution with regard to risk and business profile.
We do not fully understand points c. and d. of the “policy recommendations”. The risk committee is responsible for risk management: a committee specialised in ESG risks is therefore usually not necessary. The recommended allocation of responsibility to a single member of the management body is formulated in a misleading manner and should be brought into line with the requirements of the EBA guidelines on internal governance.
19. Please provide your views on the proposed ways how to integrate ESG risks into the risk management framework of institutions.
We welcome the statement on page 113 f. that stress tests for ESG risks initially contribute in particular to improving the understanding of the effects of ESG aspects and therefore are intended to support the consideration of ESG risks in the strategies and processes of institutions, and that the focus should not be on capital adequacy for ESG risks.On the risk management side, the result of impact/sensitivity must be taken into consideration in particular: the requirements formulated here should only apply in the form described (for orientation) if the institution is severely affected.
We take a critical view of the expectation that ESG risks are intended to be limited within the framework of risk appetite and capital should be allocated accordingly (page 112). ESG risks are risk drivers which affects the known risk types. Consequently, capital can only be allocated to risk types, but not to risk drivers. In other words, it makes no sense to allocate capital for a risk driver and this cannot be reflected in the risk-bearing capital calculation. Naturally, there is a limit system for the types of risks and capital is allocated to them. By considering the materiality of the (known) risk types, the risk drivers are indirectly taken into account.
Proportionality and materiality aspects were not sufficiently considered in the “Conclusions and policy recommendations”. For example, qualitative assessment approaches should also be permitted for ESG risks. Point c should be supplemented by an exception for loans to consumers and small enterprises. Not every institution has to design its own comprehensive “climate risk stress programme” either.
20. The EBA acknowledges that institutions’ approaches to environmental, and particularly climate-related, risks might be more advanced compared to social and governance risks, and gives particular prominence in this report to the former type of risks. To what extent do you support this approach? Please also provide your views on any specificities associated with the management of social and governance risks.
In a first step, a concentration of regulatory requirements on climate and environmental risks, or perhaps better solely on climate risks, primarily seems sensible and understandable. The otherwise high complexity of this regulation could especially pose major challenges to smaller and medium-sized institutions. A proportional approach appears advisable here. We refer to our comments in answer to question 1 here.In our view, the identification and assessment of social and governance risks of the institution’s business partners is likely to be very difficult due to the nature of the risks and the data necessary for the assessment of these risks. Data and information will often require a certain degree of protection. Social and governance risks will often affect the institution’s business partners through reputation risks and therefore indirectly the institution itself. As reputation risks are themselves difficult to quantify, this again makes the assessment of social and governance risks even more difficult.
22. Please provide your views on the incorporation of ESG factors and ESG risks considerations in the business model analysis of credit institutions.
The test steps listed regarding the inclusion of ESG aspects in the business model analysis are understandable. However, the inclusion of ESG factors and risk considerations should above all extend to the analysis of the business environment and current business model. It is important that the analyses or information requirement specified are merely provided as an example. For example, not every institution will have (to have) an ESG-rating. Not all institutions have an obligation to produce non-financial reports either.There should be stronger emphasis on the aspect that audit procedures always depend on the degree to which a business model is affected by ESG risks at all. It appears worthwhile to base the intensity of the audit on the results of the risk inventory (including with regard to ESG risks). This is not mentioned here. In addition, the analysis of strategy and financial plans should be restricted to a relevant and definable time horizon. In our view, an extension of the economic sustainability analysis beyond the procedure described in the SREP guidelines generally is mostly not expedient due to the associated uncertainties. These uncertainties are evident in the multitude of possible development paths on which the climate scenarios of the climate models are based.
The range of ESG indicators is enormous and it will not be possible to take into consideration all factors at the same time. In our view, the banks should have a margin of discretion to choose the focus and threshold values they use for individual factors.
23. Do you agree with the need to extend the time horizon of the supervisory assessment of the business model and introduce as a new area of analysis the assessment of the long term resilience of credit institutions in accordance with relevant public policies? Please explain why.
Generally, stronger differentiation seems necessary at the institutions regarding the actual influence of ESG factors on the risk types in the form of a step-by-step approach. Currently banks are already monitoring long term trends (including ESG) which might have an influence on the long-term resilience of our business model during the business environment analysis of the strategy process. The rationale is that a bank must always consider long term trends to identify shorter term business model changes needed. A distinction must be made in this context between a longer-term vision and consistent, reliable detailed planning on the way there for a period of 3 to 5 years.But ESG aspects are only one of many risk drivers influencing the bank’s business model. Hence a limitation towards those risks in a long-term business model resilience analyses would not make sense. ESG topics should rather be seen as one of many influences with impact on the longer-term business model resilience (alongside other social and technological trends).
Also, the ten-year timeframe of the long-term resilience analysis should rather be seen as orientation than as a fixed point in time for scenario analysis because impact of long-term trends cannot be projected with high accuracy. In addition, the question is raised about the stability of, for example, a ten-year view and the consequence of any defects discovered by the supervisory authority. These could not be addressed with a SREP requirement in the form of additional equity. Measures could merely rely on reference to long-term strategic considerations.
Moreover, this long-term strategic assessment of the business model resilience should not be mixed up with the strategic targeting and planning process which focuses on the next three to five years. The reason is that the pace of change which is effecting the banks business environment has increased significantly in the last years (e. g. innovation & technology cycles). In our current VUCA (high volatility, uncertainty, complexity and ambiguity) business world the strategic targeting and planning process must rather focus on short term capacity for adaptation and agility to respond fast on most recent developments in order to stay relevant for our customers. Trying to plan on a ten-year horizon would not satisfy these requirements.
24. Please provide your views on the incorporation of ESG risks considerations into the assessment of the credit institution’s internal governance and wide controls.
The audit approaches described can also be derived from existing publications by BaFin and ECB, i.e. the comments about this are deemed conclusive. However, here too there should be a stronger differentiation whether the ESG factors have a significant influence on the risk types or not. There is also frequent reference to the quantification of ESG risks. However, a qualitative assessment should also be possible without leading to a deficiency in supervisory assessment.We also refer to our comments in response to question 23.
25. Please provide your views on the incorporation of ESG risks considerations in the assessment of risks to capital, liquidity and funding.
EBA and other supervisory authorities confirm that ESG risks are risk drivers and are included in the known prudential risk types. This means that all ESG risks which became relevant in the period forming the basis for the calibration of the procedure to measure these risks are already fully reflected in these risks. The assessment should then mainly concentrate on the question of the extent to which a different realisation of the risk factors can be expected as a result of the dynamics of the ESG factors in the future than in the past. Instead, the assessment of the impacts on the types of risk should be decisive.The comments on fundamentally relevant considerations regarding the assessment of risks for capital, liquidity and refinancing must be specified more clearly in the direction of specific assessment steps in the sense of clear expectations of the supervisory authority. As regards the types of risk, liability risks are addressed in the context of operational risks, but so are reputational and legal risks which are located elsewhere on the risk map in most institutions and are also taken into consideration separately in the risk-bearing capacity. The initial focus on “climate and environment” is to be welcomed, and that developments in “governance” and “social aspects” are observed, even if these aspects can also be important and can develop interactions. This would be in line with the focus of the ECB on the risks specified first. As regards the refinancing risks, it should be noted that ESG aspects can also open up considerable opportunities for institutions in this context, which are not mentioned at all.
Paragraph 333 expressly states that “fundamental differences” should be made between the standard assessment of credit risks (e.g. assessment of credit-worthiness with the aid of a rating score with a one-year probability of default) and that for ESG risks. This de facto requires an additional assessment procedure suitable for ESG risks due to the credit assessment procedure permitted today under supervisory law. This would not be appropriate and would also contradict paragraph 332, which makes direct reference to the “credit assessments”.
In order to integrate ESG risk factors which are relevant to credit-worthiness into the established credit-worthiness assessment procedures, the institutions must be given sufficient time to establish data series and examine the suitability of the criteria with regard to their selectivity in the credit decision, and the interaction with the existing rating procedures must be clarified. As we know from experience in expanding regulatory recognized rating procedures, this involves very long periods. Otherwise, it must be possible to use procedures based on expert judgement.
26. If not covered in your previous answers, please provide your views on whether the principle of proportionality is appropriately reflected in the discussion paper, and your suggestions in this respect keeping in mind the need to ensure consistency with a risk-based approach.
The principle of proportionality is not adequately addressed, because reference is made almost exclusively to methods and data which are at best available to the largest institutions with the most intensive research. As evaluation of materiality is a key aspect, this must be emphasised more strongly in the paper. For this reason, we advocate that it must be possible to permit largely qualitative procedures for the treatment of ESG risks and also to discuss this possibility appropriately in the final guidelines.The principle of proportionality is also not adhered to at the level of type of transaction (e.g. retail transaction) and scope of transaction (e.g. individual transaction in relation to the entire or partial portfolio). If extensive data is collected from all customers, including for example small amounts of retail financing, all usual threshold values in risk relevance which are usual today will be ignored, along with numerous consumer protection regulations at national and EU level.
In addition, there is no stronger separation of ESG factors that have a significant influence on the types of risk and ESG factors that have a non-material influence on risk types in the possible intensity of audit steps. There may be numerous institutions whose business model is only exposed to ESG factors to a limited extent, if at all. The starting point should be the institution’s individual risk inventory. A differentiation should also be made regarding the intervals for assessing ESG factors and the level of detail and extent of the information to be obtained.