The EBA Guidelines on the management of Environmental, Social and Governance (ESG) risks have been in effect for all Significant Institutions since 11 January 2026. For Small and Non-Complex Institutions (SNCIs) and other non-large institutions, the guidelines will apply no later than 11 January 2027.
Contents
Preparing for the ECB’s Next Phase of ESG Supervision
Register now for the online webinar and make sure your organisation is ready for the new reality of European banking ESG risk management.
Institutions that wait run significant strategic, financial, and supervisory risks. The supervisor expects banks to demonstrate firm control of Environmental, Social and Governance (ESG) risks, and to ensure these risks are fully integrated into the business model, capital planning, and scenario analyses.
This article outlines the key developments and explains why joining our webinar is essential for anyone in a bank who works in risk, compliance, sustainability, or strategic planning.
What does this mean in practice?
ESG risks must be embedded in both strategy and the business model.
Banks must review ICAAP/ILAAP, risk appetite and internal controls.
Forward-looking scenario analyses for both the short and long term will become a mandatory part of the risk framework. ECB expects institutions to have adequate data, governance and tooling in place.
Many banks are still looking for a workable approach, but the supervisor is clear: proportionality does not mean optionality.
Scenario analysis: from theoretical exercise to required steering instrument
The EBA and ECB expect banks to quantify Environmental, Social and Governance (ESG) risks in:
short term stress tests (capital and liquidity)
long term climate and nature resilience analyses (minimum 10 years)
dynamic balance sheet models that reflect transition pathways and changes in customer behaviour
Environmental, Social and Governance (ESG) risks have a financial impact across all risk categories:
credit risk (LTV deterioration and higher default rates)
market and liquidity risks
operational risks (physical damage and supply chain impact)
business model sustainability
Scenario analysis is evolving into a strategic steering tool that supports banks’ long-term resilience. It now extends far beyond a pure compliance requirement.
Double materiality: the new foundation for risk management
The ECB looks beyond climate risks alone. Banks must integrate Environmental, Social and Governance (ESG) risks in the same framework. This requires:
structural materiality assessments (annually or when conditions change)
insight into ecosystem dependencies across customers and sectors
datadriven substantiation of risk assessments and reporting
This leads to a more complete view of financial exposures and strategic vulnerabilities. At the same time, it requires new knowledge, new processes, and a different way of working across the bank.
Data, governance, and internal processes: the biggest challenge
Many institutions are not yet sufficiently prepared. The ECB recognises this but no longer accepts it as an excuse.
The ECB expects banks to:
improve data quality and close data gaps
adjust governance structures so climate and nature risks have clear ownership
integrate ESG into credit processes, onboarding, due diligence, and monitoring
develop clear reporting lines and sets of KPI/KRI indicators
The supervisor will actively assess whether institutions are truly in control.
Why this is the moment to accelerate
The central message from the presentation is clear: banks that now invest in a robust ESG risk framework reduce supervisory risk, strengthen their strategic position, and build competitive advantage.
Institutions that postpone action risk falling behind in a market where regulations, clients and investors expect increasingly higher standards.
In short: ESG risk management is no longer a reporting topic, but a prerequisite for a futureproof banking model.
Would you like to discuss these insights? Get in touch with us.
The ECB will strictly apply the new EBA guidelines from 1 April 2026, requiring banks to fundamentally adjust their governance, risk management, and strategic decisionmaking. Institutions that wait face strategic, financial, and supervisory risks. The supervisor expects Environmental, Social and Governance (ESG) risks to be fully integrated into the business model, capital planning, and scenario analyses.
Scenario analysis becomes a mandatory steering instrument. Banks must perform both short-term stress tests (capital and liquidity) and long-term climate and nature resilience analyses, covering at least ten years. These analyses must be dynamic, consider changes in customer behaviour, and provide insight into the financial impact on credit, market, and liquidity risks, as well as the sustainability of the business model.
Because the ECB looks beyond climate alone: Environmental, Social and Governance (ESG) risks need to be structurally embedded. This requires periodic materiality assessments, insight into ecosystem dependencies of clients and sectors and data-driven risk assessments. This leads to a more complete understanding of financial exposures and strategic vulnerabilities, but also demands new knowledge, processes, and collaboration within the bank.
In line with the Dutch National Bank (DNB) licensing requirements, your payment institution is required to have an internal audit function in place. A strong internal audit (IA) function is crucial to creating a structure for risk management, supporting compliance activities, and providing opportunities to improve business performance.
