Ch 8. ASIC and APRA – Climate Guidance in Australia
Introductory articles on emerging exposures, risk mitigation
and insurance risk transfer for clients of Omnisure.
A compendium of introductory ESG articles on emerging exposures, risk mitigation and
insurance risk transfer for clients of Omnisure with claims examples.
Martin Birch – March 2022
Climate risk and disclosure have become a shared focus of Australian financial regulatory bodies.1
- In 2021, ASIC signalled that disclosing and managing climate-related risk is a key director responsibility
- APRA has included climate risk initiatives as supervision priorities for 2021.
- It released its final prudential guidance on 26 November 2021 to assist APRA-regulated banks, insurers and super trustees to manage financial risk of climate change.
Prudentially regulated entities in the financial services sector are focussing on the challenges that come with navigating climate risks, particularly as they relate to compliance with existing duties.2 ASIC’s new and evolving position on climate change risks and disclosures in corporate governance, and the increasing climate change-related discussions led by the RBA has culminated in APRA releasing new prudential guidance (CPG 229). This is to provide clarity on its expectations of APRA-regulated institutions around the management of climate change financial risks in their risk management and corporate governance practices.3
CPG 229 is intended to assist entities in complying with APRA’s existing:
- risk management (CPS 220 Risk Management and SPS 220 Risk Management) and
- governance (CPS 510 Governance and SPS 510 Governance) prudential standards
by outlining APRA’s views about prudent practices in relation to APRA-regulated entities’
- risk management,
- scenario analysis, and
- disclosure of climate-related financial risks.
APRA has maintained a principles-based approach and CPG 229 is not prescriptive in nature. It does not impose new regulatory requirements or obligations. It is instead intended to be flexible, adaptable, and applicable to a wide range of institutions. It recognises the evolving external market and the guidance provided in other prudential standards around risk management and governance. Please see our Foundation Document for fulsome information4 .
Identifying financial risks of climate change
As early as 2019 APRA produced an Information Paper on climate change entitled ‘Awareness to action” and in Nov 2021 released a joint statement with the RBA. APRA recommends (CPG 229)5 that all APRA-regulated entities adequately consider and tailor their risk management systems to meet the unique financial risks of climate change. For example, the unique nature of climate change risks means that these risks:
- may not be easily mitigated or reversed in circumstances where climate change climate is irreversible.
- have global impact, across all business types, geographical locations and economic sectors (as we have seen with COVID-19); and
- pose uncertainty in planning for the future across business planning cycles due to the uncertain timeframes in which climate risks may materialise, and due to the unprecedented nature of climate change.
The financial risks of climate change may result in increased credit, market, operational, insurance, and liquidity risks for APRA-regulated entities. Reputational risk may also arise for those financial institutions which are seen to contribute to climate change, or do not take appropriate action in respect to climate change. APRA expects that a prudent board would include the following factors in its criteria for identifying climate risks:
- vulnerability to extreme weather events, and climate-related disruption of business activities, supply chain changes or disruption generally;
- greenhouse gas emission levels;
- potential exposure to evolving climate-related policies or technologies; and/or
- linkages to unsustainable practices.
APRA states that an institution can mitigate the magnitude of the impacts of these financial risks through governance, risk management, scenario analysis and disclosure.
Corrs Chambers Westgarth (“CCW”) explain that APRA-regulated institutions are required to adhere to the minimum governance standards set out in prudential standards CPS 510 and SPS 510. The board is responsible for ensuring its compliance with these standards, although it may delegate its compliance to another entity (with supervision). The same applies for managing climate risks. Climate risks can and should be managed within an institution’s overall business strategy and risk appetite. APRA has noted that it expects the board to be able to evidence its ongoing oversight of climate change financial risks.
In line with prudential standards CPS 510 and SPS 510, which set out the minimum governance standards, APRA expects that a prudent board will have oversight so as to ensure that climate risks are understood and managed. Please refer to our Foundation Document for a fuller discussion. CCW explain very real issues that arise from this position. The challenge is reflects a tension between principles-based regulatory guidance and the lived experience of regulated entities trying to give meaning and effect to the guidance, especially where such guidance lacks a degree of prescription about what the regulator requires in practice. APRA’s reluctance to be overly prescriptive in CPG 229 is likely to exacerbate this tension for regulated entities.
APRA-regulated institutions are required to identify categories of risks in their risk management framework, as set out in prudential standards CPS 220 and SPS 220. In line with these standards, the board bears the ultimate responsibility for ensuring the appropriateness of the entity’s risk management framework to the entity or group’s size, business mix, and complexity. To this end, APRA has noted that it expects an entity will establish procedures to routinely provide material climate risk exposure information (including monitoring and mitigation actions) to its board and senior management.
Please refer to our Foundation Document which sets out a range of requirements with which boards should comply (including the materiality of climate risk6 within each of the risk categories in prudential standards CPS 220 and SPS 220, and also ensuring that material climate risks that impact capital adequacy are considered and recorded similar to the Internal Capital Adequacy Assessment Process (ICAAP) 7)
To manage risks, and fulfil their obligations under CPS 220, APRA states that it would be prudent for entities to ‘develop capabilities in climate risk scenario analysis and stress testing, or to have access to external scenario analysis and stress testing capabilities’. It instead states that climate risk disclosures should be produced in line with the framework established by the Recommendations of the Task Force on Climate-related Financial Disclosures: Final Report (June 2017) which covers disclosures relating to governance, strategy, risk management and metrics and targets.
CCW suggest many banks, insurers and superannuation trustees in Australia consider themselves to be an important part of the responsible investment industry and will welcome APRA’s finalisation of CPG 229. The guidance provided by APRA will serve as a useful benchmark for the superannuation sector in Australia. Please see or Foundation Document for further including how one the key duties for superannuation trustees has changed from acting in the ‘best interests of beneficiaries’ to acting in the ‘best financial interests of beneficiaries’. CCW explain how this new duty can potentially be inconsistent with acting in the best social or environmental manner or promoting responsible investment activity. See our Foundation Document for more information.
4 Our Foundation Document is the original full text version of “ESG Discussions – Introductory articles on emerging exposures, risk mitigation & insurance risk transfer” for clients of Omnisure, compiled by Martin Birch. Register on our website for a full copy.
Please contact Martin Birch for a copy of the full-text Foundation Document at firstname.lastname@example.org