Climate change risk management: the challenges and opportunities

With the publication of the Prudential Regulatory Authority's (PRA) Climate Change Adaptation Report, climate change risk management continues its journey from a niche interest to a regulatory requirement.

This report builds on the PRA's Supervisory statement SS3/19, which sets out in broad terms the PRA's expectation that institutions need to take a strategic approach to managing the financial impact of climate risk. The PRA expects institutions to focus on embedding climate risk management into their corporate governance and their wider risk management regime. It also highlights the significance of scenario analysis, in helping manage a complex array of dynamic threats, as well as the need to develop robust climate risk reporting capabilities.  

SS3/19 essentially set the ground rules for the regulatory supervision of climate risk management, offering a roadmap for institutions to follow as they begin to normalise the challenges of climate change.

The Climate Change Adaption Report provides more detailed direction from the PRA on its expectations of managing the financial risks of climate change, and the impact of those risks on institutions' regulatory capital.

The risks it highlights

The PRA highlights two key risks that institutions need to navigate from a risk management perspective: physical risks and transition risks as the world moves towards net-zero. The risk management challenges focus on the systemic risks that climate change poses, as well as the predictable risks, that come with an unforeseeable impact, such as rising sea levels or increasingly volatile weather patterns. Underlying this framework in the recognition that any changes made now will directly impact the scale and nature of future risks, adding another layer of complexity. The report explores how these risks translate into more widely defined credit, operational, market, and other risks.

From a regulatory capital perspective, the existing regulatory capital requirements capture many issues. However, the PRA is aware of gaps in the framework and it will work with industry practitioners to understand how best to bridge them.

This whole situation presents institutions with a range of operational and risk challenges, but it also presents opportunities to provide new products and services that reflect the changing nature of risk in a changing world.   

Firms looking afresh at implementation

Having worked with industry practitioners and customers, it appears to me that institutions are looking afresh at how they implement their risk management practices, not only for climate risk but also other risks.

The increased focus on climate risks by the PRA throws into sharp relief how many institutions, especially the smaller ones, will handle yet another regulatory compliance layer that they will have to accommodate. They work in a context of continued regulatory scrutiny, higher expectations of operational resilience, as well as the continued need to focus on cost management.   

One option being explored is how best to embed risk management and compliance management in standard business processes. For example, when developing new products and services, there is significant 'back and forth', with numerous emails and meetings, between product managers, relationship managers, risk managers, and compliance teams about what product features are going to be appropriate for a product and which will not. Not only is this time-consuming and inefficient, but it is also subject to regular changes as regulators and senior managers change their views on their acceptable risks as market expectations change.   

A more efficient approach

A more efficient approach would be to allow for operational teams at banks to access risk and compliance policies, using a centralised library, to gives a clear, consistent, and up to date view of what they need to be aware of in their day-to-day work.

Policy owners can then offer advice and review processes as needed, rather than constantly reacting to every new demand from the front line. They can use education, training and attestation capabilities to ensure that products and services meet the risk and compliance needs of the business and the regulator.

This centralised approach also allows risk and compliance teams to have a consolidated view of their risks and proactively monitor them as businesses changes, risks change, or regulatory expectations adapt to a changing global environment. It also supports the use of scenario analysis, which the PRA highlights as essential in managing the financial impact of climate risk.

Area of expertise: