FINMA Issues Guide on Climate Risk Disclosures, Identifies Key Risks

The Guidance on Climate Risk Disclosures sets out the key findings from the first disclosures on climate-related financial risks by large banks and insurance companies, in accordance with disclosure Circulars 2016/1 “Disclosure—banks” and 2016/2 “Disclosure—insurers”, issued in 2021. FINMA analyzed these disclosures on climate-related financial risks that were included in the annual reporting on the financial year 2021. The FINMA disclosure circulars states that the largest banks and insurance companies (institutions in supervisory categories 1 and 2) must describe their significant climate-related financial risks, their impact on the business and risk strategy, and effects on existing risk categories. In addition, institutions must disclose the risk management structures and processes for identifying, measuring, and addressing these risks as well as relevant quantitative data, including a description of the methodology used. Institutions must also explain the governance structure in relation to climate-related financial risks and disclose the criteria and methods used to evaluate the materiality of risks. FINMA findings indicate that the said institutions have largely met their disclosure obligations and transparency has improved; however, the disclosures present a mixed picture with regard to scope, degree of detail, and relevance of the information. FINMA has discussed the institution-specific results in its supervisory dialog with the concerned institutions and communicated the improvements expected for the next climate risk-related disclosures. FINMA plans to conduct an ex-post evaluation after evaluating the second disclosures in 2023 to identify whether and to what extent future adjustments to disclosure practice are appropriate. FINMA will take into account various national and international developments in the area of climate risk reporting.

In its 2022 Risk Monitor, FINMA has identified seven key risks that are significant for the financial sector. These risks are interest rate risks, credit risks with mortgages, credit risks with other loans, risks from cyber attacks, risks in the area of ​​combating money laundering and risks due to more difficult cross-border market access. FINMA identified increase in risk premiums (credit spreads) as one of the key risks that has been listed for the first time in the risk monitor. FINMA also examined decentralized finance applications on open-access blockchain infrastructures and its associated risks such as loss of assets due to significant market fluctuations, input errors, bugs in the applications, hacking or fraud as well as operational, legal, and reputational risks in case of institutional investors. In addition, the risk of money laundering is high due to the anonymity of decentralized financial applications. With the risk monitor, FINMA intends to ensure that the financial institutions under supervision remain stable in the future with regard to possible risks.

The Swiss Federal Council has amended the Information Security Act and submitted a proposal that intends to create a legal basis for the reporting obligation for the operators of critical infrastructures and defines the tasks of the National Cybersecurity Center (NCSC), which is intended to be the central reporting office for cyberattacks. Mandatory reporting will provide the NCSC with a clearer picture of the cyberattacks that have occurred in Switzerland and the modus operandi of the attackers. This will allow the threat situation to be assessed more accurately, and the operators of critical infrastructures can be warned at an early stage. Moreover, the proposal not only obliges companies to help protect against cyberattacks, it also requires the NCSC to offer subsidiary support in dealing with cyberattacks. The proposal sets out the NCSC's functions as a contact point for questions on cyberthreats and a reporting office for vulnerabilities. The NCSC will provide an electronic reporting form to make reporting as simple as possible.

Related Links

• Press Release on Climate Risk Disclosures
• Guidance on Climate Risk Disclosures (PDF)
• Press Release on Risk Monitor
• Risk Monitor 2022 (PDF)
• Proposal on Reporting of Cyberattacks

Keywords: Europe, Switzerland, Banking, Climate Change Risk, ESG, Disclosures, Risk Monitor, Credit Risk, Cyber Risk, Interest Rate Risk, ML TF Risk, Operational Risk, Reputational Risk, Reporting, Cybersecurity, NCSC, Regtech, FINMA, Swiss Federal Council