1. Should entities report their own non-financial risks arising from its own operations, or only the non-financial risks related to the operations of its counterparts and customers?
2. If “counterparts” includes the latter then; what is the definition of a “counterpart” ? Does it include the third party value chain e.g. suppliers and outsourcing agreements?
It is unclear whether the financial institutions (banks) are expected to report the non-financial risks arising from its own operations or only from its counterparts and customers.
Also if the “counterparts” include only customer portfolio or third party value chain for the financial institutions (banks) e.g. banking operations outsourcing agreements.
Article 449a of Regulation (EU) No 575/2013 (CRR), which is the basis for Regulation (EU) 2022/2453 (ITS on prudential disclosures on ESG risks), requires large institutions with securities traded on a regulated market of any Member State to disclose prudential information on environmental, social and governance risks, including physical risks and transition risks, as defined in the report referred to in Article 98(8) of Directive (EU) 2013/36/EU (i.e. “EBA report on management and supervision of ESG risks for credit institutions and investment firms”, EBA/REP/2021/18).
According to the EBA report on management and supervision of ESG risks (EBA/REP/2021/18) and to Article 2 of the Annex II to Implementing Regulation (EU) 2022/2453, transition and physical risks are risks:
Therefore the ITS on prudential disclosures on ESG risks focuses on institutions’ exposures to their counterparties or their invested assets, not own operations of an institution.
According to the EBA/REP/2021/18, par. 43, depending on the business activities, the counterparty may be understood to be a borrower, a client (e.g. an entity, individual) or an issuer (e.g. sovereign, entity).