The new threshold is set at a 5% decline of Tier 1 capital, replacing the previous level of 2.5%. The EBA plans to review and update the threshold regularly and may revise the methodology in the longer term. The NII SOT is an additional metric in the supervisory review of institutions’ exposures to interest rate risk in the banking book (IRRBB). The EBA states that a breach would not lead to automatic supervisory measures. Integrating the threshold into institutions’ internal systems would not necessarily require recalibration actions.

This increase in the threshold is not deemed sufficient, however, by the banking sector. According to Risk.net, the sector proposes a 7.5% limit. The EBA has calibrated the limit such that the number of banks violating the Economic Value of Equity (EVE) SOT should be similar as for the NII SOT. The sector claims that a 7.5% NII SOT will ensure this, as the original 2.5% was estimated in a low interest rate environment. The new threshold must still be approved by the European Commission (EC). Without this approval, the status of both the SOT for Economic Value of Equity (EVE) and NII is unclear.

Meanwhile, the European Central Bank (ECB) has started to analyse the unrealized losses that banks (could) face due to the recent interest rate movements. The ECB has requested banks to provide detailed information on their interest rate risk models and how they are affected by rising rates. The ECB states that it will use, among other, the results of the ongoing stress test to analyze the resilience of the banks.

In the broader context of banking supervision, the Financial Stability Institute (FSI) of the Bank for International Settlements (BIS) has highlighted the impact of rapid interest rate hikes on banks’ solvency and liquidity positions. Banks’ accounting choices, balance sheet characteristics, and business models play a role in how these effects are experienced. While Pillar 1 sets baseline requirements, rising interest rates and declining asset values expose vulnerabilities that require robust supervision under Pillar 2. Supervisors need to assess risks such as IRRBB and unsustainable business models. Market turmoil has emphasized the need for additional measures, both quantitative and qualitative, to address bank-specific vulnerabilities and enhance risk management. Implementing Pillar 2 consistently across jurisdictions is a challenge, however, that may require further guidance.

The CSP helps reinforce the controls protecting participants from cyberattack and ensures their effectivity and that they adhere to the current Swift security requirements.

*Swift does not certify, warrant, endorse or recommend any service provider listed in its directory and Swift customers are not required to use providers listed in the directory. 

Swift Customer Security Programme 

A new attestation must be submitted at least once a year between July and December, and also any time a change in architecture or compliance status occurs. Customer attestation and independent assessment of the CSCF v2023 version is now open and valid until 31 December 2023. July 2023 also marks the release of Swifts CSCF v2024 for early consultation, which is valid until 31 December 2024.   

Swift introduced the Customer Security Programme to promote cybersecurity amongst its customers with the core component of the CSP being the Customer Security Controls Framework (CSCF).​ Independent assessment has been introduced as a prerequisite for attestation to enhance the integrity, consistency, and accuracy of attestations. Each year, Swift releases an updated version of the CSCF that needs to be attested to with support of an independent assessment.  

The Attestation is a declaration of compliance with the Swift Customer Security Controls Policy and is submitted via the Swift KYC-SA tool. Dependent on the Swift Architecture used, the number of controls to be implemented vary; of which certain are mandatory, and others advisory.​ 

Further details on the Swift CSCF can be found on their website:

• https://www.swift.com/myswift/customer-security-programme-csp 
• https://www.swift.com/myswift/customer-security-programme-csp/find-external-support/directory-csp-assessment-providers

Our services 

Do you have arrangements in place to complete the independent assessment required to support the attestation?  

Zanders has experience with and can support the completion of an independent external assessment of your compliance to the Swift Customer Security Control Framework that can then be used to fully complete and sign-off the Swift attestation for this year.​  

With an extensive track record of designing and deploying bank integrations, our intricate knowledge of treasury systems across both IT architecture as well as business processes positions us well to be a trusted independent assessor. We draw on past projects and assessments to ask the right questions during the assessment phase, aligning our customers with the framework provided by Swift.  

The Swift attestation can also form part of a wider initiative to further optimise your banking landscape, whether that be increasing the use of Swift within your organisation, bank rationalization or improving your existing processes. The availability of your published attestation and its possible consultation with counterparties (upon request) helps equally in performing day-to-day risk management. 

Approach 

Planning 

We start with rigorous planning of the assessment project, developing a scope of work and planning resources accordingly. Our team of experts will work with clients to formulate an Impact Assessment based on the most recent version of the Swift Customer Security Controls Framework. 

Architecture Classification 

A key part of our support will be working with the client to formulate a comprehensive overview of the system architecture and identify the applicable controls dictated by the CSCF.  

Perform Assessment 

Using our wide-ranging experience, we will test the individual controls against specific scenarios designed to root out any weaknesses and document evidence of their compliance or where they can be improved.  

Independent Assessment Report 

Based on the evidence collected, we will prepare an Independent Assessment report which includes status of the compliance against individual controls, baselining them against the CSCF and recommendations for improvement areas within the system architecture.  

Post Assessment Activities 

Once completed, the Independent Assessment report will support you with the submission of the Attestation in line with the requirements of the CSCF version in force, which is required annually by Swift. In tandem, Zanders can deliver a plan for implementation of the recommendations within the report to ensure compliance with current and future years’ attestations. Swift expects controls compliance annually, together with the submission of the attestation by 31 December at the latest, in order to avoid being reported to your supervisor. Non-compliant status is visible to your counterparties. 

Do you need support with your Swift CSP Independent Assessment?  

We are thrilled to offer a Swift CSP Independent Assessment service and look forward to supporting our clients with their attestations, continuing their commitment to protecting the integrity of the Swift network, and in doing so supporting their businesses too. If you are interested in learning more about our services, please contact us directly.  

As a result of the growing importance of this transformative technology and its applications, various regulatory initiatives and frameworks have emerged, such as Markets in Crypto-Assets Regulation (MiCAR), the Distributed Ledger Technology (DLT) Pilot Regime, and the Basel Committee on Banking Supervision (BCBS) crypto standard were launched, demonstrating the growing importance and adoption at both a global and national level. Given these trends, treasuries will be impacted by Blockchain one way or the other – if they aren’t already.

With the advent of cryptocurrencies and digital assets, it is important for treasurers to understand the issues at hand and have a strategy in place to deal with them. Based on our experience, typical questions that a treasurer faces are how to deal with the volatility of cryptocurrencies, how cryptocurrencies impact FX management, the accounting treatment for cryptocurrencies as well as KYC considerations. These developments are summarized in this article. 

FX Risk Management and Volatility

History has shown that cryptocurrencies such as Bitcoin and Ether are highly volatile assets, which implies that the Euro value of 1 BTC can fluctuate significantly. Based on our experience, treasurers opt to sell their cryptocurrencies as quickly as possible in order to convert them into fiat currency – the currencies that they are familiar and which their cost basis is typically in. However, other solutions exist such as hedging positions via derivatives traded on regulated financial markets or conversions into so-called stablecoins¹. 

Accounting Treatment and Regulatory Compliance 

Cryptocurrencies, including stablecoins, require careful accounting treatment and compliance with regulations. In most cases cryptocurrencies are classified as “intangible assets” under IFRS. For broker-traders they are, however, classified as inventory, depending on the circumstances. Inventory is measured at the lower of cost and net realizable value, while intangible assets are measured at cost or revaluation. Under GAAP, most cryptocurrencies are treated as indefinite-lived intangible assets and are impaired when the fair value falls below the carrying value. These impairments cannot be reversed. CBDCs, however, are not considered cryptocurrencies. Similarly, and the classification of stablecoins depends on their status as financial assets or instruments. 

KYC/KYT Considerations

The adoption of cryptocurrencies and Blockchain technology introduces challenges for corporate treasurers in verifying counterparties and tracking transactions. When it comes to B2C transactions, treasurers may need to implement KYC (Know Your Customer) processes to verify the age and identity of individuals, ensuring compliance with age restrictions and preventing under-aged purchases, among other regulatory requirements. Whilst the process differs for B2B (business-to-business) transactions, the need for KYC exists nevertheless. However in the B2B space, the KYC process is less likely to be made more complex by transactions done in cryptocurrencies, since the parties involved are typically well-established companies or organizations with known identities and reputations. 

Central Bank Digital Currencies

(CBDCs) are emerging as potential alternatives to privately issued stablecoins and other cryptocurrencies. Central banks, including the European Central Bank and the Peoples Banks of China, are actively exploring the development of CBDCs. These currencies, backed by central banks, introduce a new dimension to the financial landscape and will be another arrow in the quiver of end-customers – along with cash, credit and debit cards or PayPal. Corporate treasurers must prepare for the potential implications and opportunities that CBDCs may bring, such as changes in payment options, governance processes, and working capital management.

Adapting to the Future

Corporate treasurers should proactively prepare for the impact of cryptocurrencies and Blockchain technology on their business operations. This includes educating themselves on the basics of cryptocurrencies, stablecoins, and CBDCs, and investigating how these assets can be integrated into their treasury functions. Understanding the infrastructure, processes, and potential hedging strategies is crucial for treasurers to make informed decisions regarding their balance sheets. Furthermore, treasurers must evaluate the impact of new payment options on working capital and adjust their strategies accordingly. 

Zanders understands the importance of keeping up with emerging technologies and trends, which is why we offer a comprehensive range of Blockchain services. Our Blockchain offering covers supporting our clients in developing their Blockchain strategy including developing proofs of concept, cryptocurrency integration into Corporate Treasury, support on vendor selection as well as regulatory advice. For decades Zanders has helped corporate treasurers navigate the choppy seas of change and disruption. We are ready to support you during this new era of disruption, so reach out to us today.  

Meet the team 

Zanders already has a well-positioned, diversified Blockchain team in place, consisting of Blockchain developers, Blockchain experts and business experts in their respective fields. In the following you will find a brief introduction of our lead Blockchain consultants. 

However, possibly the most important point for corporates to be aware of is the planned move towards explicit use of the structured address block. In this second article in the ISO 20022 series, Zanders experts Eliane Eysackers and Mark Sutton provide some valuable insights around this industry requirement, the challenges that exists and an important update on this core topic. 

What is actually happening with the address information? 

One of the key drivers around the MT-MX migration are the significant benefits that can be achieved through the use of structured data. E.g., stronger compliance validation and support STP processing.  The SWIFT PMPG¹ (Payment Market Practice Group) had advised that a number of market infrastructures²  are planning  to mandate the full structured address with the SWIFT ISO migration. The SWIFT PMPG had also planned to make the full structured address mandatory for the interbank messages – so effectively all cross-border payments. The most important point to note is that the SWIFT PMPG had also advised of the plan to reject non-compliant cross border payment messages from November 2025 in line with the end of the MT-MX migration. So, if a cross border payment did not include a full structured address, the payment instruction would be rejected. 

What are the current challenges around supporting a full structured address? 

Whilst the benefits of structured data are broadly recognised and accepted within the industry, a one size approach does not always work, and detailed analysis conducted by the Zanders team revealed mandating a full structured address would create significant friction and may ultimately be unworkable. 

Diagram 1: Challenges around the implementation of the full structured address. 

From the detailed analysis performed by the Zanders team, we have identified multiple problems that are all interconnected, and need to be addressed if the industry is to achieve its stated objective of a full structured address. These challenges are summarized below:  

• Cost of change: The 2021 online TMI poll highlighted that 70% of respondents confirmed they currently merge the building name, building number, and street name in the same address line field. The key point to note is that the data is not currently separated within the ERP (Enterprise Resource Planning) system. Furthermore, 52% of these respondents highlighted a high impact to change this data, while 26% highlighted a medium impact. As part of Zanders’ continued research, we spoke to two major corporates to gain a better sense of their concerns. Both provided a high-level estimate of the development effort required for them to adapt to the new standard: ½ million euros. 
• Fit for Purpose: From the ISO 20022 expert group discussions, it was recognized that the current XML Version 9 message would need a significant re-design to support the level of complexity that exists around the address structure globally.  
• Vendor Support: Whilst we have not researched every ERP and TMS (Treasury Management System) system, if you compare the current structured address points including field length in the XML Version 9 message with the master data records currently available in the ERP and TMS systems, you will see gaps in terms of the fields that are supported and the actual field length. This means ERP and TMS software vendors will need to update the current address logic to fully align with the ISO standard for payments – but this software development cannot logically start until the ISO address block has been updated to avoid the need for multiple software upgrades.
• Industry Guidelines: Whilst industry level implementation guidelines are always a positive step, the current published SWIFT PMPG guidelines have primarily focused on the simpler mainstream address structures for which the current address structure is fine. By correctly including the more complex local country address options, it will quickly highlight the gaps that exist, which mean compliance by the November 2025 deadline looks unrealistic at this stage. 
• Regulatory Drivers: At this stage, there is still no evidence that any of the in-country payments regulators have actually requested a full structured address. However, we have seen some countries start to request minimum address information (but not structured due to the MT file format), such as Canada and US. 
• Time to Implement: We must consider the above dependencies that need to be addressed first before full compliance can logically be considered, which means a new message version would be required. Whilst industry discussions are ongoing, the next ISO maintenance release is November 2023, which will result in XML version 13 being published. If we factor in time for banks to adopt this new version (XML Version 13), time for software vendors to develop the new full structured address including field length and finally, for the corporates to then implement this latest software upgrade and test with their banking partners, the November 2025 timeline looks unrealistic at this point in time.

A very important update 

Following a series of focused discussions around the potential address block changes to the XML Version 9 message, including the feedback from the GLEIF³ the ISO payment expert group questioned the need to support a significant redesign of the address block to enable the full structured address to be mandated. The Wolfsberg Group⁴ also raised concerns about scale of the changes required within the interbank messaging space.

Given this feedback, the SWIFT PMPG completed a survey with the corporate community in April. The survey feedback highlighted a number of the above concerns, and a change request has now been raised with the SWIFT standards working group for discussion at the end of June. The expectation is that the mandatory structured address elements will now be limited to just the Town/City, Postcode, and country, with typical address line 1 complexity continuing to be supported in the unstructured address element. This means a blended address structure will be supported.    

Is Corporate Treasury Impacted by this structured address compliance requirement? 

There are a number of aspects that need to be considered in answering this question. But at a high level, if you are currently maintaining your address data in a structured format within the ERP/TMS and you are currently providing the core structured address elements to your banking partners, then the impact should be low. However, Zanders recommends each corporate complete a more detailed review of the current address logic as soon as possible, given the current anticipated November 2025 compliance deadline. 

In Summary 

The ISO 20022 XML financial messages offer significant benefits to the corporate treasury community in terms more structured and richer data combined with a more globally standardised design. The timing is now right to commence the initial analysis so a more informed decision can be made around the key questions. 

Notes: 

1. The PMPG (payment market practice group) is a SWIFT advisory group that reports into the Banking Services Committee (BSC) for all topics related to SWIFT. 

2. A Market Infrastructure is a system that provides services to the financial industry for trading, clearing and settlement, matching of financial transactions, and depository functions. For example, in-country real-time gross settlement (RTGS) operators (FED, ECB, BoE). 

3. Global Legal Entity Identifier Foundation (Established by the Financial Stability Board in June 2014, the GLEIF is tasked to support the implementation and use of the Legal Entity Identifier (LEI). 

4. https://www.wolfsberg-principles.com/sites/default/files/wb/pdfs/wolfsberg-standards/1.%20Wolfsberg-Payment-Transparency-Standards-October-2017.pdf 

Over the past decades, banks significantly increased their efforts to implement adequate frameworks for managing interest rate risk in the banking book (IRRBB). These efforts typically focus on defining an IRRBB strategy and a corresponding Risk Appetite Statement (RAS), translating this into policies and procedures, defining the how of the selected risk metrics, and designing the required (behavioral) models. Aspects like data quality, governance and risk reporting are (further) improved to facilitate effective management of IRRBB.

Main causes of volatility in SOT outcomes

The severely changed market circumstances evidence that, despite all efforts, the impact on the IRRBB framework could not be fully foreseen. The challenge of certain banks to comply with one of the key regulatory metrics defined in the context of IRRBB, the SOT on EVE, illustrates this. Indeed, even if regularities are assumed, there are still several key model choices that turn out to materialize in today’s interest rate environment:

• Interest rate dependency in behavioral models: Behavioral models, in particular when these include interest rate-dependent relationships, typically exhibit a large amount of convexity. In some cases, convexity can be (significantly) overstated due to particular modeling choices, in turn contributing to a violation of the EVE SOT criterium. Some (small and mid-sized) banks, for example, apply the so-called ‘scenario multipliers’ and/or ‘scalar multipliers’ defined within the BCBS-standardized framework for incorporating interest rate-dependent relationships in their behavioral models. These multipliers assume a linear relationship between the modeled variable (e.g., prepayment rate) and the scenario, whereas in practice this relationship is not always linear. In other cases, the calibration approach of certain behavioral models is based on interest rates that have been decreasing for 10 to 15 years, and therefore may not be capable to handle a scenario in which a severe upward shock is added to a significantly increased base case yield curve.
• Level and shape of the yield curve: Related to the previous point, some behavioral models are based on the steepness (defined as the difference between a ‘long tenor’ rate and a ‘short tenor’ rate) of the yield curve. As can be seen in Figure 1, the steepness changed significantly over the past two years, potentially leading to a high impact associated with the behavioral models that are based on it. Further, as illustrated in Figure 2, the yield curve has flattened over time and recently even turned into an inverse yield curve. When calculating the respective forward rates that define the steepness within a particular behavioral model, the downward trend of this variable that results due to the inverse yield curve potentially aggravates this effect.

Figure 1: Development of 3M EURIBOR rate and 10Y swap rate (vs. 3M EURIBOR) and the corresponding 'Steepness'

Figure 2: Development of the yield curve over the period December 2021 to March 2023.

• Hidden vulnerability to ‘down’ scenarios: Previously, the interest rates were relatively close to, or even below, the EBA floor that is imposed on the SOT. Consequently, the ‘at-risk’ figures corresponding to scenarios in which (part of) the yield curve is shocked downward, were relatively small. Now that interest rates have moved away from the EBA floor, hidden vulnerability to ‘down’ scenarios become visible and likely the dominating scenario for the SOT on EVE.
• Including ‘margin’ cashflows: Some banks determine their SOT on EVE including the margin cashflows (i.e., the spread added to the swap rate), while discounting at risk-free rates. While this approach is regulatory compliant, the inclusion of margin cashflows leads to higher (shocked) EVE values, and potentially leads to, or at least contributes to, a violation of the EVE threshold.

What can banks do?

Having identified the above issues, the question arises as to what measures banks should consider. Roughly speaking, two categories of actions can be distinguished. The first category encompasses actions that resolve an inadequate reflection of the actual risk. Examples of such actions include:

• Identify and re-solve unintended effects in behavioral models: As mentioned above, behavioral models are key to determine appropriate EVE SOT figures. Next to revisiting the calibration approach, which typically is based on historical data, banks should assess to what extent there are unintended effects present in their behavioral models that adversely impact convexity and lead to unrepresentative sensitivities and unreliably shocked EVE values.
• Adopt a pure IRR approach: An obvious candidate action for banks that still include margins in their cashflows used for the EVE SOT, is to adopt a pure interest rate risk view. In other words, align the cashflows with its discounting. This requires an adequate approach to remove the margin components from the interest cashflows.

The second category of actions addresses the actual, i.e., economic, risk position of bank. One could think of the following aspects that contribute to steering the EVE SOT within regulatory thresholds:

• Evaluate target mismatch: As we wrote in our article ‘What can banks do to address the challenges posed by rising interest rates’, a bank’s EVE is most likely negatively affected by the rise in rates. The impact is dependent on the duration of equity taken by the bank: the higher the equity duration, the larger the decline in EVE when rates rise (and hence a higher EVE risk). In light of the challenges described above, a bank should consider re-evaluating the target mismatch (i.e. the duration of equity).
• Consider swaptions as an additional hedge instrument: Convexity, in essence, cannot be hedged with plain vanilla swaps. Therefore, several banks have entered into ‘far out of the money’ swaptions to manage negative convexity in the SOT on EVE. From a business perspective, these swaptions result in additional, but accepted costs and P&L volatility. In case of an upward-sloping yield curve, the costs can be partly offset since the bank can increase its linear risk position (increase duration), without exceeding the EVE SOT threshold. This being said, swaptions can be considered a complex instrument that presents certain challenges. First, it requires valuation models – and expertise on these models – to be embedded within the organization. Second, setting up a heuristic that adequately matches the sensitivities of the swaptions to those of the commercial products (e.g., mortgages) is not a straightforward task.

How can Zanders support?

Zanders is thought leader in supporting banks with IRRBB-related topics. We enable banks to achieve both regulatory compliance and strategic risk goals, by offering support from strategy to implementation. This includes risk identification, formulating a risk strategy, setting up an IRRBB governance and framework, policy or risk appetite statements. Moreover, we have an extensive track record in IRRBB and behavioral models, hedging strategies, and calculating risk metrics, both from a model development as well as a model validation perspective.

Are you interested in IRRBB related topics? Contact Jaap Karelse, Erik Vijlbrief (Netherlands, Belgium and Nordic countries) or Martijn Wycisk (DACH region) for more information.

The Zanders purpose

Our purpose is to deliver financial performance when it counts, to propel organizations, economies, and the world forward.

With every improvement, fraudsters look for and find new opportunities to exploit. When the opportunity arises, some people see a big incentive or pressure to commit fraud, and most will be able to justify to themselves why it is acceptable to commit fraud (as shown in the Fraud triangle – Figure 1). Unfortunately, the impact of fraud on organizations, individuals and society in general is substantial.

More simply put, the EBA was asked to investigate whether the current prudential framework properly captures environmental and social risks. In response, the EBA published a Discussion Paper (DP) [1] in May 2022 to collect input from stakeholders such as academia and banking professionals.

These risks stem from the transition towards a low carbon economy and from the physical risks of damages due to extreme weather events. To address climate-related financial risks within the banking sector, the Basel Committee on Banking Supervision (BCBS) established a high-level Task Force on Climate-related Financial Risks in 2020. It contributes to the BCBS’s mandate to strengthen the regulation, supervision and practices of banks worldwide with the purpose of enhancing financial stability.

Both the BCBS’s Core principles for effective banking supervision¹ and the Supervisory Review and Evaluation Process (SREP) within the existing Basel Framework are considered sufficiently broad and flexible to accommodate additional supervisory responses to climate-related financial risks. It was felt, however, that supervisors and banks could benefit from the publication of the Principles for the effective management and supervision of climate-related financial risks². Through this publication, the BCBS seeks to promote a principles-based approach to improving risk management and supervisory practices regarding climate-related financial risks. The document contains principles directed to banks and principles directed to supervisory authorities. In this article, we present an overview of the principles directed to banks.

The BCBS published a draft of their Principles in November 2021. During the consultation phase, which lasted until February 2022, banks and supervisors could provide feedback. The BCBS incorporated their feedback in the final version of the Principles that were published in June 2022.

Principles for the management of climate-related financial risks

In total, twelve bank-focused principles are presented and grouped in eight categories. Each of the eight categories is briefly discussed below:

Corporate governance – Principles 1 to 3

The principles related to corporate governance state that banks first need to understand and assess the potential impact of climate risks on all fields they operate in. Subsequently, appropriate policies, procedures and controls need to be implemented to ensure effective management of the identified risks. Furthermore, roles and responsibilities need to be clearly defined and assigned throughout the bank. To successfully manage climate-related risks, banks should ensure an adequate understanding of climate-related financial risks and as well as adequate resources and skills at all relevant functions and business units within the bank. Finally, the board and senior management should ensure that all climate-related strategies are consistent with the bank’s stated goals and objectives.

Internal control framework – Principle 4

The fourth principle within the internal control framework subcategory requires banks to include clear definitions and assignment of climate-related responsibilities and reporting lines across all three lines of defense. Further requirements are then presented for each line of defense.

Capital and liquidity adequacy – Principle 5

After the identification and quantification of the climate-related financial risks, these risks need to be incorporated into banks’ Internal Capital (and Liquidity) Adequacy Assessment Process (ICLAAP). Banks should provide insights in which climate-related financial risks affect their capital and liquidity position. In addition, physical and transition risks relevant to a bank’s business model assessed as material over relevant time horizons, should be incorporated into their stress testing programs in order to evaluate the bank’s financial position under severe but plausible scenarios. Furthermore, the described incorporation in the ICLAAP to handle such financial risks, should be done iteratively and progressively, as the methodologies and data used to analyze these risks continue to mature over time.

Risk management process – Principle 6

The sixth principle connects to the previous one, as it states that a bank needs to identify, monitor and manage all climate-related financial risks that could materially impair their financial condition, including their capital resources and liquidity positions. The bank’s risk management framework should be comprehensive with respect to the (material) climate-related financial risks they are exposed to. Clear definitions and thresholds should be set for materiality. These need to be monitored closely and adjusted, if necessary, as climate-related risks are evolving.

Management monitoring and reporting – Principle 7

After ensuring that the risk framework is comprehensive, banks need to implement the monitoring and reporting of climate-related financial risks in a timely manner to facilitate effective decision-making. To achieve such reporting, a good data infrastructure should be in place at the bank. This allows it to identify, collect, cleanse, and centralize the data necessary to assess material climate-related financial risks. Furthermore, banks should actively collect additional data from clients and counterparties in order to develop a better understanding of their client’s transition strategies and risk profiles.

Management of credit, market, liquidity, operational risk – Principles 8 to 11

Banks should understand the impact of climate-related risk drivers on their credit risk profiles, market positions, liquidity risk profiles and operational risks. Clearly articulated credit policies and processes to identify, measure, evaluate, monitor, report and control or mitigate the impacts of material climate-related risk drivers on banks’ credit risk exposures should be in place. From a market risk perspective, banks should consider the potential losses in their portfolios due to climate-related risks. On the business operation and strategy side of banking activities, the impact of climate-related risks also plays a large role. For example, physical risks have to be taken into account when drafting business continuity plans. After understanding the different risks and their impacts, a range of risk mitigation options to control or mitigate climate-related financial risks need to be considered.

Scenario analysis – Principle 12

The final principle states that banks need to use scenario analysis to assess the resilience of their business models and strategies to a range of plausible climate-related pathways, and to determine the impact of climate-related risk drivers on their overall risk profile. Scenario analysis should reflect the overall relevant climate-related financial risks for banks, including both physical and transition risks. This analysis should be performed for different time horizons, both short- and long-term, and should be highly dynamic.

Changes to the BCBS risk framework draft and related publications

The final Principles have not changed much compared to the November 2021 consultation document. The most important changes are that the first principle, concerning corporate governance of banks, and the fifth principle, concerning capital and liquidity adequacy, have been extended. The corporate governance principle, for example, now also includes that banks should ensure that their internal strategies and risk appetite statements are consistent with any publicly communicated climate-related strategies and commitments. The capital and liquidity adequacy principle now includes a section requiring banks to incorporate material climate-related financial risks in their stress testing programs.

These twelve bank-focused principles, providing banks guidance on effective risk management of climate-related financial risks, can also be linked to the initiatives of other regulators such as the ECB. In November 2020, for example, the ECB provided a guide that describes how it expects institutions to consider climate-related and environmental risks, when formulating and implementing their business strategy, governance and risk management frameworks (the ECB expectations). These ECB expectations are in line with the BCBS Principles (and often more elaborate).

Zanders has gained relevant experience in implementing the ECB expectations at several Dutch banks. This experience ranges from risk identification and materiality assessments to the quantification of climate-related risks, ESG data frameworks, model validations, and scenario analysis. Please reach out to us if your bank is seeking support in implementing the BCBS Principles.

References
1) Basel Committee on Banking Supervision (2012). Core Principles for Effective Banking Supervision.
2) Basel Committee on Banking Supervision (2022). Principles for the effective management and supervision of climate-related financial risks.

In the below overview, we present an overview of the main ESG-related publications from the European Commission (EC), the European Central Bank (ECB), and the European Banking Authority (EBA).

This is complemented by the most important timelines that are stipulated in these regulations and guidelines. Additional regulations and guidelines that are expected for the next couple of years are also highlighted.

If you want to discuss any of them, don’t hesitate to reach out to our subject matter experts.