ASIC has recently written to several companies that have come to their attention as potential "laggards" in the area of managing climate risk to remind them of their statutory obligations.
ASIC's Report 593 on Climate Risk Disclosure by Australia's Listed Companies concluded that a listed entity must disclose any material business risks, including where relevant, climate-related risks, affecting future prospects in its operating and financial review in accordance with s299A(1)(c) of the Corporations Act. ASIC's two Regulatory Guides published in 2019, RG228 Prospectuses: Effective disclosure for retail investors and RG 247: Effective disclosure in an operating and financial review, provide additional guidance on climate-risk disclosure and include ASIC's recommendation that listed companies with material exposure to climate risk consider reporting under the Taskforce for Climate-related Financial Disclosures (TCFD) framework.
In the first half of 2019-2020, ASIC began looking at a selection of listed companies to assess how they were managing and disclosing climate-risk. It found that the voluntary adoption of TCFD reporting by some companies had materially improved standards of climate-related governance and disclosure in the market.
ASIC has confirmed last month that it intends to adopt "a consultative approach" as it continues to monitor the adoption of TCFD reporting and the development of climate-risk disclosure practices. Notwithstanding it's said consultative approach, ASIC has warned that it will consider enforcement action should there be serious disclosure failures.
ASIC encourages directors and advisors of listed companies to consider its four high-level recommendations relating to climate-risk management and disclosure, being:
This consultative and educational approach being adopted by ASIC – and by APRA, as to which see below – is consistent with the way in which the regulators previously sought to increase the level of board and senior management engagement and involvement in the then emerging field of cyber security and cyber risk.
Specifically, regulators will increasingly expect that an organisation’s response to and management of operational, financial and governance/risk management of climate change risks and opportunities will be driven by the “tone from the top” adopted on these issues at board level and driven by boards. However, the collaborative approach may well be superseded by a more interventionist and specific set of requirements in which regulators set out their expectations of boards and senior management in ensuring organisational capacity, capability, and competence to address climate change risks. Boards and senior personnel should therefore expect to be able to demonstrate to regulators the steps that are being taken by the organisation to develop and achieve such capabilities.
The full article by Commissioner Cathie Armour of ASIC can be found here.
APRA has also reported in February this year that it is currently completing a supervisory review of the regulated entities that participated in its 2018 climate risk survey. The outcomes of these reviews are being used to inform the development of APRA’s climate risk guidance which it intends to release for consultation in the first half of 2021. The guidance is scheduled to be finalised by the end of this year.
Additionally APRA is leading work on a climate vulnerability assessment (CVA) together with the Council of Financial Regulators. Beginning with large Authorised Deposit-taking Institutions (ADIs) in 2021, the CVA will:
The CVA presents an opportunity for enhanced consistency across ADIs in their approach to assessing climate-related risks, improving the value of the climate risk analysis for both individual ADIs and the wider market.
APRA continues to encourage regulated entities to consider climate risks within their risk management frameworks, consistent with APRA’s risk management prudential standards (Prudential Standard CPS 220 Risk Management (CPS 220) and Prudential Standard SPS 220 Risk Management (SPS 220)). Any material or significant breaches from the published risk management framework must be reported to APRA within 10 business days.
APRA's Policy Priorities – 2021 and APRA's Supervision Priorities – 2021 can be found here.
It is important for businesses to consider and monitor regulators’ comments and requirements on climate change related risks. As a firm Clyde & Co remains committed to mapping and understanding climate change risk alongside a growing network of cross-sector experts and collaborators, to help our clients navigate the rapidly evolving risk landscape they face. If you would like to understand how we can help you in this regard please contact Jacinta Studdert and Dean Carrigan.
Clyde & Co regularly publishes articles on identifying and managing risks resulting from climate change, which can be found at the Resilience Hub.