Region

Jurisdiction

Regulator

2024-03-25

Reserve Bank of New Zealand Guidance on Managing Climate-Related Risks

The Reserve Bank of New Zealand issued this voluntary guidance to help prudentially regulated entities improve their management of climate-related risks to support financial stability. The document outlines best practices across four key areas: governance, strategy, risk management, and metrics, emphasizing the integration of physical and transition risks into core business operations. While non-binding, the guidance informs the Reserve Bank's supervisory approach and aligns with the Aotearoa New Zealand Climate Standards for reporting entities.

New Zealand

Reserve Bank of New Zealand

Managing climate-related risks. Guidance for prudentially regulated entities 26 March 2024

1 Managing climate-related risks Contents 1 Introduction ________________________________________________________________________________ 2 The role of the Reserve Bank of New Zealand 2 An introduction to climate-related risks 2 Why is the Guidance needed? 2 How does the Guidance take proportionality into account? 3 How does the Guidance work alongside the Aotearoa New Zealand Climate Standards? 3 What are the main features of the Guidance? 4 How will the Reserve Bank maintain the Guidance? 5 2 Governance_________________________________________________________________________________ 6 Governance bodies 6 Senior management 7 3 Strategy_____________________________________________________________________________________ 8 Climate-related risks 8 Scenario analysis and stress testing 10 Transition plans 13 4 Risk management _________________________________________________________________________ 13 Risk identification 14 Risk controls and mitigation – policies, procedures and operations 15 Risk controls and mitigation – financial resources 17 Risk reporting and evaluation 18 5 Metrics and targets________________________________________________________________________ 19 Risk measuring and monitoring 19 Further sources of industry-specific metrics 20

2 Managing climate-related risks 1 Introduction

This Guidance document (Guidance) seeks to support each entity that the Reserve Bank of New Zealand (Reserve Bank, our, we) prudentially regulates and supervises in improving how it manages climate-related risks. That includes registered banks, licensed insurers, licensed nonbank deposit-takers and operators of designated financial market infrastructures. We aim to help develop a shared understanding and promote our view of what constitutes better practice management of climate-related risks. The role of the Reserve Bank of New Zealand
A key part of our mandate is protecting and promoting the stability of New Zealand’s financial system (the financial stability objective). This objective is framed within one of the purposes of the Reserve Bank of New Zealand Act 2021, which is to ‘promote the prosperity and well-being of New Zealanders and contribute to a sustainable and productive economy’.
Assessing prudentially regulated entities’ (entities’) material risks, and the financial system as an ecosystem, is at the core of meeting our financial stability objective. Financial stability means having a resilient financial system that can withstand severe but plausible shocks and provide the financial services that we all rely on. This ensures everyone in New Zealand can safely save their money, make everyday transactions, access credit to consume and invest and insure against risks. 1 To meet our financial stability objective, it is important for us to take account of the current and future impacts of climate change. An introduction to climate-related risks
In the New Zealand context climate-related risks are defined as the potential negative impacts of climate change on an entity. 2 Climate-related risks can be classified as physical risks and transition risks.
Physical risks are those related to the physical impacts of climate change. Physical risks emanating from climate change can be event-driven (acute), such as increased severity of extreme weather events. They can also relate to longer-term shifts (chronic) in precipitation and temperature and increased variability in weather patterns, such as sea level rise.
Transition risks are those related to the transition to a low-emissions, climate-resilient global and domestic economy, such as policy, legal, technology, market and reputation changes associated with the mitigation and adaptation requirements relating to climate change.
The above are illustrative examples of climate-related risks rather than a comprehensive list. Understanding of the wide range of physical and transition risks, and feedback loops between them, will increase over time in light of continuing research and experience of crystallised risks. Why is the Guidance needed?
We believe this Guidance contributes toward meeting our financial stability objective. Although mandates and supervisory roles differ, central banks around the world have come to similar conclusions that climate-related risks pose risks to the stability of financial systems through

1 Financial Stability Report. (2023). rbnz.govt.nz/-/media/project/sites/rbnz/files/publications/financial-stability-reports/2023/nov-2023/fsr-nov-23.pdf 2 Aotearoa New Zealand Climate Standard 1 (NZ CS 1). (2022). xrb.govt.nz/dmsdocument/4770

3 Managing climate-related risks various channels. We are therefore one of an increasing number of central banks engaging in the process of developing climate-related risk management guidance in line with the recommendations of the Network for Greening the Financial System (NGFS). 3

In the New Zealand context developing guidance on climate-related risk is specifically referenced in Action 10.4 of the first iteration of the National Adaptation Plan (NAP),4 drafted in response to New Zealand’s first National Climate Change Risk Assessment in 2020.5
Guidance is also one tool that can support entities in meeting their obligations to effectively manage risks. This Guidance is intended to inform and does not impose any enforceable requirements – it is voluntary for each entity to apply and non-binding.
Each entity should be aware that the Guidance will guide and inform our supervisors as we increasingly integrate climate change considerations into our supervisory approach, as also set out in Action 10.4 of the NAP. As with our approach in monitoring and assessing other prudential risks (set out in our Statement of Prudential Policy),6 our aim for supervising climaterelated risks is to take a forward-looking, risk-based approach, that is proportionate, collaborative and consistent. When assessing the prudential risks to regulated entities, supervisors will consider an entity’s exposures to, and management of, climate-related risks in the context of this Guidance. That risk assessment drives subsequent communications, engagements and information requests, amongst other supervisory activities. The Guidance will assist entities and us shape our future discussions. How does the Guidance take proportionality into account?
We supervise risks in a forward-looking, risk-based and proportionate way, and we expect the same of an entity when managing its risks. Entities vary significantly in size, business mix and complexity and also in the extent to which they are, or may in future be, exposed to climaterelated risks.
Accordingly, we recommend that an entity considers how this Guidance best fits its business model and strategy. Not all the practices in this Guidance will be relevant for every entity. In general, we expect that an entity that judges climate-related risks to be material to its business model and strategy likely applies more of the Guidance than an entity which judges climaterelated risks to not be material. We have highlighted some instances throughout the Guidance where approaches could vary depending on materiality. How does the Guidance work alongside the Aotearoa New Zealand Climate Standards?
The target audience for the Guidance includes those who are defined as climate-reporting entities (CREs) under Part 7A of the Financial Markets Conduct Act 2013 (FMC Act), and those who are not. CREs are required to prepare climate-related disclosures that comply with the climate-related disclosure framework. The climate-related disclosure framework is made up of three climate standards issued by the External Reporting Board (XRB) and monitored and

3 Network for Greening the Financial System Technical document Guide for Supervisors Integrating climate-related and environmental risks into prudential supervision. (2020). ngfs.net/sites/default/files/medias/documents/ngfs_guide_for_supervisors.pdf 4 Ministry for the Environment. (2022). Urutau, ka taurikura: Kia tū pakari a Aotearoa i ngā huringa āhuarangi Adapt and thrive: Building a climate-resilient New Zealand. environment.govt.nz/assets/publications/climate-change/MFE-AoG-20664-GF-National-Adaptation-Plan-2022-WEB.pdf 5 Ministry for the Environment. (2022). First national climate change risk assessment for New Zealand. Ministry for the Environment. environment.govt.nz/what-government-isdoing/areas-of-work/climate-change/adapting-to-climate-change/first-national-climate-change-risk-assessment-for-new-zealand/ 6 Statement of Prudential Policy. (2022). https://www.rbnz.govt.nz/-/media/project/sites/rbnz/files/regulation-and-supervision/statements-of-approaches/sopp-2022.pdf

4 Managing climate-related risks enforced by the Financial Markets Authority (FMA). These standards are collectively referred to as the Aotearoa New Zealand Climate Standards (NZ CS). 15. In that context, it is important to be clear that what is required of CREs under part 7A of the FMC Act and NZ CS takes precedence for them over this voluntary, non-binding Guidance. 16. We consider NZ CS as a sound basis for producing information that is useful for an entity's stakeholders, and also as means to structure an entity’s climate-related risk management efforts. We therefore encourage, wherever possible, non-CREs to refer to NZ CS and accompanying guidance. 17. Our Guidance makes no recommendation as to whether non-CREs should disclose climaterelated risk information to their stakeholders or not. Some entities have found that the process of preparing a disclosure is useful not only in communicating climate-related risk management performance to stakeholders, but also in focusing internal attention and resources to the issue of climate-related risk. 18. It is important to note that our Guidance does not instruct entities on how to go about disclosure, as this subject is addressed by the XRB and FMA. Our Guidance instead aims to provide specifically targeted information that we believe to be of relevance to entities regarding how they manage climate-related risks, given the additional perspective we bring as a prudential regulator and supervisor. Accordingly, we have consulted with the XRB and FMA in developing our Guidance and have endeavoured to ensure it does not unnecessarily repeat or contradict their standards or guidance. What are the main features of the Guidance? 19. In preparing the Guidance, we have drawn from a range of sources and refer to many of those throughout the document. Some are international, such as the Principles for the effective management of climate-related risks published by the Basel Committee on Banking Supervision (BCBS). Others are domestic, such as the guidance documents produced by the XRB and the FMA to support CREs to meet the disclosure standards. 20. The Guidance is set out in the following sections, to assist an entity as it applies it. These are a common way to structure climate-related risk management efforts and align with those of NZ CS: a. Governance; b. Strategy; c. Risk management; and d. Metrics and targets. 21. The section of the Guidance headed ‘Governance’ emphasises that climate-related risks are like any other risk in that the ultimate responsibility for its effective management rests with an entity’s governance body.

5 Managing climate-related risks 22. The section of the Guidance headed ‘Strategy’ introduces the concept of climate-related risks and describes examples of how those risks can compound an entity’s business risks. It also describes the differences between scenario analysis and stress testing, refers to other guidance documents on scenario analysis and outlines some principles for climate-related stress testing and highlights the importance of transition planning. 23. The section of the Guidance headed ‘Risk management’ identifies the distinct features that make it essential to give climate-related risks specific analytical consideration and outlines how they should be managed within an entity’s broader risk management framework. 24. The section of the Guidance headed ‘Metrics and targets’ outlines a range of sector-specific metrics for an entity to measure and monitor climate-related risks. Figure 1: Overview of Reserve Bank Guidance on managing climate-related risks How will the Reserve Bank maintain the Guidance? 25. We will update this Guidance as appropriate to reflect the evolving nature and maturity of risk management practices, and also in light of our experience with drawing on the Guidance and other sources in our supervision of climate-related risks. 26. The content of this document and our approach to supervising climate-related risks will also evolve and mature, among other things because of legislative changes such as the Deposit Takers Act 2023 (DTA) and any revisions to the Insurance (Prudential Supervision) Act 2010 (IPSA).

6 Managing climate-related risks 2 Governance Governance bodies 27. Responsibility for the sound and prudent management of an entity’s business operations rests with its governance body. Good governance is essential for all entities. We recommend that the governance body of any entity, not just those of a CRE, plays a role in overseeing climaterelated risks and that they understand the climate-related risks that affect the entity, now and into the future. 28. For the purposes of branches of overseas entities operating in New Zealand (both registered banks and licensed insurers), we suggest replacing the references in this Guidance to ‘governance body’ with the person(s) responsible for the oversight of the branch in New Zealand – for example the New Zealand chief executive officer. 29. Our view is that climate-related risks can be managed within an entity’s broader risk management framework, and furthermore that this is better practice than them being managed separately (discussed in greater detail in section 4). As with other risks if they are identified to be material, we recommend that the governance body documents its ongoing oversight and management of climate-related risks and its actions in testing and challenging the reporting it receives on these risks as a part of its risk management framework. 30. The governance body of an entity may delegate certain functions in managing climate-related risks but, as with other risks, the governance body has to monitor the exercise of this delegated authority. We recommend that a governance body is also responsible for ensuring that it has, and the management team it appoints and oversees has, the requisite skills and experience to effectively identify and manage climate-related risks. Governance body-level engagement is important to ensure that work on climate-related risks is given sufficient attention. The engagement is also important for the governance body to obtain the requisite entity-wide insights to respond to risks strategically. 31. The XRB guidance accompanying NZ CS7 refers in turn to the guidance developed by the World Economic Forum (WEF) for climate-related governance.8 The WEF guidance has eight guiding principles for effective climate governance for governance bodies (with supporting implementation actions), which we recommend an entity adopts:

7 Climate-related Disclosures Staff Guidance Guidance for All Sectors. (2023). xrb.govt.nz/dmsdocument/4844 8 World Economic Forum. (2019). How to Set Up Effective Climate Governance on Corporate Boards Guiding principles and questions In collaboration with PwC. weforum.org/docs/WEF_Creating_effective_climate_governance_on_corporate_boards.pdf

7 Managing climate-related risks Figure 2: Guiding principles for effective climate governance for governance bodies (adapted from WEF) 32. The WEF guiding principles are consistent with the key principles for all governance bodies articulated in the Reserve Bank and FMA Governance Thematic review, published in September 2023.9 The Governance Thematic report also highlighted that we will consider the findings from the review in upcoming policy work including when creating standards under the DTA and the review of IPSA. Senior management 33. In light of the recommendations for governance bodies, an entity’s senior management should typically be responsible for: a. utilising an entity’s risk management framework to assess and manage climate-related risk exposures on an ongoing basis, including developing and implementing appropriate policies; b. regularly reviewing the effectiveness of the framework, policies, tools and metrics, and recommending appropriate revisions for governance body approval; c. providing reporting to the governance body relating to climate-related risks that are assessed to be material. This should include the establishment and use of relevant tools, models and metrics to monitor exposures to climate-related risks and enable the governance body to make informed decisions promptly; and d. ensuring that adequate resources, skills and expertise are allocated across the entity to managing climate-related risks, including through training and capacity building amongst staff at all levels.

9 RBNZ and FMA Governance Thematic Review. (2023). https://www.rbnz.govt.nz/-/media/project/sites/rbnz/files/regulation-and-supervision/thematic-reviews/rbnz-and-fmagovernance-thematic-review-report.pdf

8 Managing climate-related risks 3 Strategy 34. We recommend that an entity takes steps to better understand how climate change is currently impacting it, and how it may do so in the future, including identifying climate-related risks (and the impact of those) which are materially relevant given its business model and strategy. Scenario analysis is a useful tool in this regard and can also help to illustrate how an entity can best position itself as the global and domestic economies transition towards a low-emissions, climate-resilient future. We recommend that, over time, these climate-related risk identification, assessment and management activities are integrated into an entity’s core risk management and strategy development practices. Climate-related risks 35. An entity should understand the interactions between climate-related risks and its business activities, as well as the compounding effect climate-related risks may have on its other business risks. In Figure 3 below we have set out examples of this compounding of other business risks, split into physical risk and transition risk (again, these examples are nonexhaustive): Figure 3: Examples of how physical risk and transition risk can compound business risks Business risk Physical risk Transition risk Credit risk Increase in defaults on loans to businesses and households that may be directly impacted by adverse climate events, for instance through loss of income Assets used as collateral change in value due to being directly impacted by adverse climate events (note: this can go both ways – values can increase for collateral not exposed to physical risk as demand shifts away from assets which are exposed) Increased concentration risk as physical risks may aggregate over time across portfolios Assets used as collateral change in value due to insurance retreat from insurers changing their strategies (note: this can go both ways – values can increase for collateral not exposed to transition risk as demand shifts away from assets which are exposed) Increased counterparty dependency on carbon credit markets Increased concentration risk as transition risks may aggregate over time across portfolios Market risk Asset and liability management impact due to adverse climate events, particularly affecting property, real estate and commodities Investment strategies which focus on sectors exposed to high physical risk may need to be hedged against Re-pricing of financial instruments and corporate debt affect the value of interestsensitive items held on an entity’s balance sheet Stranded assets which could experience a sudden drop in value, for example from new government regulations or changing demand

9 Managing climate-related risks Business risk Physical risk Transition risk Operational risk Full value-chain disruption and forced facility closures Repair and adaptation costs for existing sites, and increased costs of doing business after a severe weather event Outsourced service providers may be exposed to adverse climate events Costs to adapt to ensure the health and safety of customers and employees Changes in energy mix may alter the pricing and/or reliability of energy generation and storage Facilities may need to be upgraded to meet new energy efficiency and thermal standards Insurance risk Increase in insured losses as a result of more frequent and/or severe weather events, with impacts on reserving and pricing. In addition, most physical risks will be known to have occurred or not occurred at the time of valuation, but the ultimate claims cost may be uncertain at the valuation date Impacts on commercial insurance if tourism is affected in certain locations by sites degraded by climate change Impact on policyholders’ health for example changing mortality profiles and demographics, the risk of extreme heat exacerbating pre-existing health conditions and/or ecosystem changes triggering changes in the epidemiology of diseases Insurance retreat and its associated impacts, for instance difficulties in changing coverage for longstanding customers without damaging the relationship Clean energy technologies may have greater uncertainty associated with performance, increasing the risk of selecting inappropriate pricing and reserving assumptions Liquidity risk Increased demand for liquidity to respond to severe weather events Difficulties in liquidating assets negatively impacted by climate-related risks Changing investor, rating agency, or depositor sentiment which could impact funding Reputational risk By association with providing services (or not providing services) to locations that may be affected by adverse climate events If insurance claims are denied, for example erosion risk to domestic properties as sea levels rise (if not covered in policies) Ability to attract and retain customers and employees due to changing expectations Conduct-related implications of higher premiums or loss of access to insurance

10 Managing climate-related risks Business risk Physical risk Transition risk Strategic risk Changes in the risks and opportunities facing primary sector activities may require strategic exploration as wild capture fisheries migrate, horticultural growing areas and timings shift and sensitivity to hazards becomes more fully understood The need to adapt the business model to reflect a more rapidly changing world Increased uncertainty about the possible states of the world that the strategy will need to be ready for (Re)insurers setting specific targets for greenhouse gas exposures could result in a reduction in capacity for covering carbon intensive business activities Legal risk Climate-related litigation, for example from the financing of an asset understood to be exposed to physical risk or an asset which has a high emissions profile Climate-related litigation, for example related to greenwashing or potential fair service provision concerns if risk mitigation measures disproportionately affect communities or households 36. While the exact form and extent to which climate-related risks will materialise is uncertain, there is a high degree of certainty that climate change will have some financial impacts on an entity. Over time, an entity can mitigate the magnitude of these financial impacts through actions, particularly once it has a mature understanding of the climate-related risks it faces. Investing in better risk identification and management should also allow an entity to identify and benefit from opportunities that arise from the transition to a low-emissions, climate resilient economy, including meeting increasing investor demand for sustainable finance and identifying customers that are well-positioned to navigate and respond to the physical and transition-related impacts of climate change. Scenario analysis and stress testing 37. An entity should develop capabilities in climate-related scenario analysis and stress testing, or source external support to facilitate its scenario analysis while internal capacities are developed, to inform its understanding of the resilience of its business model and strategy. We recommend that the use of scenario analysis and stress testing for climate-related risks is proportionate to an entity's size, business mix and complexity. Scenario analysis 38. Scenario analysis in support of disclosure is defined by the XRB as ‘A process for systematically exploring the effects of a range of plausible future events under conditions of uncertainty. Engaging in this process helps an entity to identify its climate-related risks and opportunities and develop a better understanding of the resilience of its business model and strategy’.10 We believe scenario analyses serving this purpose can be a valuable undertaking for both CREs and nonCREs alike. The level of resourcing, sophistication and complexity of the analysis should be proportionate to the size, business mix and complexity of the entity. Relatively high-level,

10 Aotearoa New Zealand Climate Standard 1 (NZ CS 1). (2022). xrb.govt.nz/dmsdocument/4770

11 Managing climate-related risks exploratory scenario analysis undertaken using qualitative data can be a useful input in strategy development processes. 39. As the prudential regulator and supervisor, we recommend that an entity effectively integrates the outcomes of scenario analysis into its processes of review and development of business model and strategy. 40. Useful guidance on scenario development and analysis to assess the impacts of climate-related risks in New Zealand continues to be produced by other New Zealand organisations. We refer an entity to those guidance documents as it undertakes its scenario analysis, particularly those published by the XRB:  Getting started on sector scenario development;11 and  Entity level scenario analysis.12 41. We also highlight useful international guidance regarding scenario analysis that has been published by the Task Force on Climate-related Financial Disclosures (TCFD) 13 and via the NGFS scenarios portal.14 The NGFS published its fourth vintage of scenarios in November 2023, which included updated economic and climate data and revisited assumptions, improved modelling of acute physical risks (with acute physical risks covering droughts and heatwaves in addition to floods and cyclones), new scenario narratives and a focus towards a more ‘disorderly’ orderly transition.15 The NGFS has committed to further enhance the scenarios in the future, incorporating user feedback and the latest scientific advancements. Stress testing 42. Stress testing is a useful prudential tool for identifying anticipated financial impacts (including of climate-related risks). By quantifying the impact of stress test scenarios on balance sheets and profitability, stress testing can provide a benchmark for the adequacy of capital and liquidity levels. It can also provide intrinsically useful information for a governance body and senior management, helping them to understand the risks to their business (including climaterelated risks) and possible ways to mitigate those risks. 43. We define stress testing as ‘A tool that subjects financial institutions to severe but plausible scenarios (and sensitivities) that are deliberately chosen for their potential to threaten the viability of their business model.’16 44. We run our own programme of industry stress tests, for both registered banks and life and general insurers, but also encourage an entity to conduct its own stress testing analysis as part of its risk management practices.17

11 Staff Guidance Sector scenario development Getting started at the sector level. (2023). xrb.govt.nz/dmsdocument/4532 12 Staff Guidance Entity Scenario Development Exploring climate uncertainties for an entity. 2023. xrb.govt.nz/dmsdocument/4994 13 Recommendations of the Task Force on Climate-related Financial Disclosure i The Use of Scenario Analysis in Disclosure of Climate-Related Risks and Opportunities Technical Supplement Technical Supplement | The Use of Scenario Analysis in Disclosure of Climate-Related Risks and Opportunities (2017). assets.bbhub.io/company/sites/60/2021/03/FINAL-TCFD-Technical-Supplement-062917.pdf 14 NGFS Scenarios Portal. ngfs.net/ngfs-scenarios-portal/ 15 Network for Greening the Financial System Workstream on Scenario Design and Analysis NGFS Scenarios for central banks and supervisors. (2023). ngfs.net/sites/default/files/medias/documents/ngfs_climate_scenarios_for_central_banks_and_supervisors_phase_iv.pdf 16 The Reserve Bank’s philosophy and approach to stress testing. (2018). rbnz.govt.nz/- /media/b700b94363a94c59a3a923f8549cca72.ashx#:~:text=Stress%20tests%20play%20an%20important,to%20severe%20but%20plausible%20scenarios 17 Stress testing regulated entities - Reserve Bank of New Zealand - Te Pūtea Matua. rbnz.govt.nz/financial-stability/stress-testing-regulated-entities

12 Managing climate-related risks 45. An entity should incorporate climate-related elements into its stress testing approach, particularly if climate-related risks are material. The stress test can either be climate-focused (for example our 2023 Climate Stress Test for the five largest banks) 18 or a broader stress with climate-related elements (for example our 2021 exercise for the five largest New Zealand incorporated general insurers which included severe weather events alongside a severe economic downturn and a shock to the reinsurance market).19 46. In either case, the previously referenced guidance on scenario analysis, and an entity’s existing stress testing methodologies, should assist an entity in designing and conducting its climaterelated stress testing exercises. 47. When undertaking climate-related stress testing, an entity should refer to the general principles of stress testing such as those outlined in the BCBS Stress testing principles.20 However, there are some differences in approach when focussing on climate-related risks as outlined in paragraph 58 of this Guidance and in our climate stress test scenario.21 For example, data requirements for modelling are different; in analysing flooding risk, a bank ideally has the exact location of a property, characteristics of the structure and reliable indicators of flood hazards at that location and how it may change over time. But availability and quality of climate data, particularly publicly available data, is currently limited for some risks. An entity relying on models or data, including that sourced from external providers, should recognise the limitations, gaps and uncertainties in those models and data. 48. We consider it better practice for an entity to maintain appropriate documentation of the methodology, process and results of its climate-related risk stress testing. Although the FMA’s record-keeping guidance applies to NZ CS, we still recommend it as a good place to start regarding the general practice of stress testing. 22 49. Material results from stress testing should be communicated to the entity's governance body and senior management. We encourage the entity to use the results of the stress testing, and more broadly lessons learned from carrying out the exercise, to set and review its overall climate-related risk management approach. We also encourage each entity to use the results of the stress test to inform its capital and liquidity planning and to update the transition plan aspects of its strategy as necessary, covering actions and associated targets to maintain a resilient business model. 50. As is widely anticipated for scenario analysis, we expect an entity’s capabilities in climaterelated stress testing should improve the more stress testing it carries out over time. We encourage an entity to use the sources available to help accelerate that progress.

18 Too little, too late. 2023 climate stress test scenario. (2023). rbnz.govt.nz/-/media/project/sites/rbnz/files/financial-stability/climate-change/2023-cst-scenario.pdf 19 Outcomes of the 2021 General Insurance Industry Stress Test. (2021). rbnz.govt.nz/-/media/project/sites/rbnz/files/publications/bulletins/2021/rbb2021-84-02.pdf 20 Basel Committee on Banking Supervision Stress testing principles. (2018). bis.org/bcbs/publ/d450.pdf 21 Too little, too late. 2023 climate stress test scenario. (2023). rbnz.govt.nz/-/media/project/sites/rbnz/files/financial-stability/climate-change/2023-cst-scenario.pdf 22 Guidance for keeping proper climate-related disclosure records. (2023). fma.govt.nz/assets/Guidance/Guidance-for-keeping-proper-climate-related-disclosure-records.pdf

13 Managing climate-related risks Transition plans 51. A climate transition plan is one way that an entity can demonstrate how its business model and strategy can thrive in a low-emissions, climate resilient economy. 52. In the New Zealand context NZ CS1 defines a transition plan as ‘an aspect of an entity’s overall strategy that describes an entity’s targets, including any interim targets, and actions for its transition towards a low-emissions, climate-resilient future’. 23 53. Good practice with respect to transition planning is currently evolving, with documentation available from several sources that an entity may wish to refer to, including:  XRB; 24  Science Based Targets Initiative; 25  Glasgow Financial Alliance for Net Zero; 26  TCFD; 27 and  Carbon Disclosure Project. 28 54. If an entity is engaging in a wider strategy review or development process in the normal course of its activities, it should begin considering the transition plan aspects of its strategy. As the prudential regulator and supervisor, we will pay particularly close attention to the risk-related parts of an entity’s transition plan and expect an entity to demonstrate effective management of risks associated with real economy transition. 55. A prudent transition plan should incorporate the transition of both the entity’s customers and its own business model and strategy. If an entity is a CRE, we recognise it may not want or need some of this additional detail to be publicly available in its disclosure. However, we can request this information (and/or any other information relating to climate-related risks that enables us to effectively carry out prudential supervision) as part of our supervisory approach. 4 Risk management 56. An entity should take a strategic and risk-based approach to identifying and managing climate-related risks. 57. We consider it is better practice for an entity to manage climate-related risks within its broader risk management framework. This includes the governance body-approved risk management strategy and risk appetite statement, governance body and senior management oversight and reporting arrangements, information systems and record keeping and risk management functions. When doing this however, an entity should recognise the unique nature and farreaching potential impacts of climate change and the socioeconomic responses to it.

23 Aotearoa New Zealand Climate Standard 1 (NZ CS 1). (2022). xrb.govt.nz/dmsdocument/4770 24 Staff Guidance Transition planning Questions to get started. (2023). xrb.govt.nz/dmsdocument/4986#:~:text=Transition%20planning%20is%20about%20the,identified%2C%20and%20taking%20tangible%20actions. 25 SBTI CORPORATE NET-ZERO STANDARD VERSION 1.1. (2023). sciencebasedtargets.org/resources/files/Net-Zero-Standard.pdf 26 Target-Setting Protocol Third Edition. (2023). unepfi.org/industries/target-setting-protocol-third-edition/ 27 Task Force on Climate-related Financial Disclosures Guidance on Metrics, Targets, and Transition Plans. (2021). assets.bbhub.io/company/sites/60/2021/07/2021- Metrics_Targets_Guidance-1.pdf 28 Climate transition plan: discussion paper. (CDP). (2021). cdn.cdp.net/cdp-production/cms/guidance_docs/pdfs/000/002/840/original/Climate-Transition-Plans.pdf?1636038499

14 Managing climate-related risks 58. Climate-related risks have several elements that distinguish them from other risks and make it essential to give them specific analytical consideration within an entity’s broader risk management framework. These elements include:  the non-linear nature of many climate-related risks, social cascading effects triggered by climate change and climate-related and economic tipping points, leading to impacts that may not be easily mitigated or reversed;  the potential for irreversible changes in climate, leading to impacts that may not be easily mitigated or reversed;  the far-reaching impact that climate-related risks pose to all parts of the financial system, including different business types, geographical locations and economic sectors, as well as the potential for risks to manifest across multiple lines of business at the same time, potentially disrupting financial stability;  the uncertain and extended time horizon over which climate-related risks may materialise (which is likely to extend beyond typical business planning cycles and investment processes); and  the unprecedented nature of climate change, meaning that traditional risk assessment methods that rely solely on historical data have the potential to systematically underestimate or even entirely fail to predict the impacts of climate-related risks. This is because of the complex dynamics of interconnected lines of business, non-linear and unprecedented levels of disruption and compounding of risk when multiple climate impacts collide (or multiple climate and non-climate impacts). 59. We encourage each entity to have a comprehensive risk management process to identify, measure and monitor, control and mitigate, and evaluate and report on its risks on a timely basis. We set out more detail on each of those in a climate-related context in the rest of this section, with the exception of measurement and monitoring which is captured within the next section on ‘Metrics and targets’. 60. An entity should arrange its risk management appropriately to its size, business mix and the complexity of its business operations. We consider it better practice for an entity to embed such arrangements appropriately across all three lines (the risk-taking function, the risk management function and the internal audit function respectively). Risk identification 61. An entity should first seek to identify climate-related risks and how they may affect its business model and strategy. 62. An entity in the early stages of climate-related risk analysis is likely to begin by understanding the material risks to which it is exposed, including identifying industries and regions with particular risks within the entity's portfolio. An entity should seek to understand its exposure to both physical risks (acute and chronic) and transition risks, including how they compound the range of business risks to the entity. 63. A range of analytical approaches, from simple to complex, are available to support an entity's understanding of its material climate-related risks; an entity should choose methods

15 Managing climate-related risks appropriate to its circumstances. The TCFD published guidance giving an overview of tools and methods of climate-related risk identification and analysis. 29 As the TCFD highlighted, scenario analysis (both quantitative and qualitative) is considered the most appropriate risk identification tool and is also a useful means of encouraging structured exploratory thinking on how risks might emerge, evolve and intersect. Where data are limited and uncertainty unavoidable, scenario analysis may be one of the only tools available to help an entity think through the implications of risk in a structured manner. 64. We view it as better practice for an entity to seek to identify the parts of its business model with higher or lower exposures to physical and transition risks. It is important to understand counterparties' vulnerabilities to identify and where possible quantify the risk borne by the entity, not just at the sectoral and regional level but also at the individual counterparty/collateral level. The risk criteria for this identification may include a range of factors, such as:  vulnerability to extreme weather events (including whether these are insured and will continue to be so);  vulnerability to climate-related full value chain changes or disruption;  vulnerability to climate-related disruption of business activities;  the level of greenhouse gas emissions and vulnerability to changes in the level of emissions pricing;  vulnerability to changes in climate-related policy or technology;  vulnerability to changing customer preferences and reputational risk; and  linkages to unsustainable practices. Risk controls and mitigation – policies, procedures and operations 65. An entity may use the climate-related risk identification process to facilitate the development of sector-specific policies and procedures for when it is undertaking business engagements (such as investing, insuring or lending) with that sector. For example, an entity should assess climaterelated risks during client onboarding, product application and product review processes. Better practice sees an integrated approach to climate-related risks taken across different business lines (such as underwriting, investment, product development and lending functions). 66. We consider it better practice for an entity to evidence the management of climate-related risks within its written risk management policies, management information and governance body risk reports. This is especially pertinent if climate-related risks are material for that entity. 67. Where it has identified material climate-related risks, an entity should establish and implement plans to mitigate these risks and manage exposures in line with the governance bodyapproved risk appetite.

29 Task Force on Climate-related Financial Disclosures Guidance on Risk Management Integration and Disclosure. (2020). assets.bbhub.io/company/sites/60/2020/09/2020- TCFD_Guidance-Risk-Management-Integration-and-Disclosure.pdf

16 Managing climate-related risks 68. For example, an entity may develop strategies to manage concentrations in its portfolio to specific geographic locations or economic sectors with higher climate-related risks, and this could include setting climate-related exposure limits at counterparty or sector level. An entity may go even further and rule out providing certain products altogether, such as mortgages or insurance on new developments in areas highly exposed to physical risks (in recognition of the broader efforts across New Zealand to improve natural hazard risk management) or loans to customers highly vulnerable to transition risk who have failed to develop a credible transition plan. 69. As a matter of better practice, the policies and procedures developed under the risk management framework should include a clear articulation of the responsibilities of business lines and risk functions for managing climate-related risks. 70. In most cases, an entity should work with a customer, counterparty or organisation that faces higher climate-related risks, to improve their risk profile. Providing finance to assist customers to adapt to climate change and mitigate physical and transition risk is an important function of the financial system. An entity should work with others across sectors where appropriate, for example a deposit-taker seeking to understand the extent of insurance coverage on its collateral. 71. Where the entity considers this engagement will not result in a customer adequately addressing the climate-related risks it faces, the entity may consider mitigation options, such as:  reflecting the cost of the additional risk through risk-based pricing measures;  applying limits on its exposure to such a customer or sector; and  where the risks cannot be adequately addressed through other measures, considering the entity’s ability to continue the customer relationship. 72. In addition to the policies and processes regarding the climate-related risks of its customers and counterparties, an entity should ensure its own operational continuity if a severe weather event occurs. As highlighted in our cyber guidance, response and recovery plans are essential to an entity’s ability to return to business as usual.30 These plans are also fundamental in ensuring continued stability of the financial system as a whole. It is therefore incumbent upon an entity to have arrangements in place to return to business as usual as quickly and accurately as can be safely achieved. Post-incident analysis is important in drawing lessons from severe weather events and integrating them back into the response and recovery plans. 73. An entity should have controls in place which allow it to achieve its objectives and meet business requirements while minimising the potential impact of a severe weather event. The entity should identify, classify according to criticality and sensitivity, record and regularly update all of its critical functions, including the information assets, key personnel roles and processes that support these functions. This can help enable the entity to prioritise the processes of protection, response and recovery for each of these functions.

30 Guidance on Cyber Resilience. (April 2021). rbnz.govt.nz/-/media/project/sites/rbnz/files/consultations/cyber-resilience/guidance-on-cyber-resilience.pdf

17 Managing climate-related risks Risk controls and mitigation – financial resources 74. An entity should also ensure it has the appropriate financial resources to account for climaterelated risks. Regarding liquidity, we have qualitative liquidity requirements that require registered banks to have an internal process for liquidity risk management. Any bank that has identified climate-related risks that materially impact its liquidity risk profile should adequately manage that risk within its internal framework for liquidity risk management. 75. Regarding capital, the Bulletin article we published in March 2024 highlights how there are mechanisms to incorporate climate-related risks within the approach to minimum capital requirements for Basel Pillar 1 credit risk for registered banks. 31 Those mechanisms are important for risk and capital management purposes, and registered banks should consider them as part of their Basel Pillar 1 calculations. Some of those mechanisms are also applicable to a licensed non-bank deposit taker under the Deposit Takers (Credit Ratings, Capital Ratios, and Related Party Exposures) Regulations 2010.32 76. For example, we highlight that a registered bank may consider the loss of building insurance on a property to be a credit event for the purpose of resetting origination. If this is the case and an entity subsequently undertakes a new property valuation for the purposes of an accurate loan-to-value ratio (LVR) calculation, this could result in a higher LVR (from a falling property value) and potentially a higher credit risk weight for the affected property. 77. For non-residential mortgage exposures, we also highlight that, for defined exposure classes, if a ratings agency’s climate-related assessment is material enough to change its overall rating of an exposure then that will change the risk weight (increased for a rating downgrade and decreased for a rating upgrade). The exact size of the risk weight differential varies by defined exposure class.33 78. Other elements of the Bulletin article are only relevant for a subset of registered banks, namely the incorporation of climate-related risks into internal ratings-based models. 79. In addition, a registered bank should ensure that its Basel Pillar 1 operational risk and market risk calculations adequately consider climate-related risks. For example, a domestic systemically important bank (D-SIB) whose approach to operational risk measurement is required to capture potentially severe low-frequency, high-impact loss events, should consider the impact of severe weather events within its calculations for loss events specified in Part B of BPR151. These should include ‘client, products, and business practices’, ‘damage to physical assets’ and ‘business disruption and system failures’. In doing so a D-SIB should also consider the extent that climate-related risks impact upon insurance provision, which affects the mitigation part of the operational risk calculations. 34 80. Regarding Basel Pillar 2 capital, we require some deposit-taking entities to complete an Internal Capital Adequacy Assessment Process (ICAAP). 35 Any such entity that has identified

31 Bulletin: The yse of credit risk weights for climate-related purposes. (March 2024). https://www.rbnz.govt.nz/-/media/project/sites/rbnz/files/publications/bulletins/2024/rbb2024-87-02.pdf 32 Deposit Takers (Credit Ratings, Capital Ratios, and Related Party Exposures) Regulations 2010 (SR 2010/167) (as at 12 April 2017) 12 Calculation of risk-weighted amount for onbalance sheet exposures – New Zealand Legislation. legislation.govt.nz/regulation/public/2010/0167/latest/DLM3031962.html 33 BPR131 Standardised Credit Risk RWAs. (July 2021). rbnz.govt.nz/-/media/project/sites/rbnz/files/consultations/banks/review-capital-adequacy-framework-for-registeredbanks/bpr-documents/bpr131-standardised-credit-risk-rwas.pdf 34 BPR151 AMA Operational Risk. (2021). rbnz.govt.nz/-/media/project/sites/rbnz/files/consultations/banks/review-capital-adequacy-framework-for-registered-banks/bprdocuments/bpr151-ama-operational-risk.pdf 35 BPR100 Capital Adequacy. (2021). rbnz.govt.nz/-/media/project/sites/rbnz/files/consultations/banks/review-capital-adequacy-framework-for-registered-banks/bprdocuments/bpr100-capital-adequacy-oct-21.pdf

18 Managing climate-related risks climate-related risks as material within its Basel Pillar 2 assessment (beyond those already captured within Basel Pillar 1) should determine whether to allocate internal capital against them, in line with the requirements for ‘other material risks’ set out in Part D of BPR100. Activities to do this include stress testing, which is discussed more in the previous section of the Guidance. As a matter of better practice, we encourage an entity not required to complete an ICAAP to undertake similar exercises to ensure it has sufficient capital in the event material climate-related risks manifest. 81. The interim solvency standard published in October 2022 relates to the minimum capital requirements for a licensed insurer, which include some aspects relevant to climate-related risks. 36 The standard, for a non-exempted insurer, requires capital to be held for uncertainty in respect of claims that have already occurred and for the risk of catastrophes in the year ahead. Climate-related catastrophes can include cyclones, storms, floods, droughts, heatwaves, wildfires and disease outbreaks. Climate change is affecting the severity, frequency and locations of these types of events in New Zealand and insurers should consider this when conducting activities to calculate the amount of capital they should hold. However, we recognise that the catastrophe requirement is often based on more material potential costs associated with earthquakes (for a property insurer) and pandemics (for a life insurer). An exempted insurer is subject to home jurisdiction solvency requirements, which typically have similar requirements. 82. In the context of managing capital and solvency to always exceed regulatory minimums as part of the requirement to have a risk management programme, a licensed insurer should consider the implications of climate change on future capital and solvency positions. Such implications could include, for example, claims (severity and frequency), reinsurance (availability and pricing), market dynamics (insurability and affordability) and government/regulatory changes or interventions. Risk reporting and evaluation 83. To facilitate well-informed decision-making, we encourage an entity to establish procedures to routinely provide relevant information on its material climate-related risk exposures, including monitoring and mitigation actions, to the governance body and senior management. 84. This information should allow the governance body and senior management to understand and review the activities and make decisions consistent with the entity's overall risk appetite and management approach. 85. The extent and frequency of reporting may be tailored to the nature and magnitude of the risks to which the entity is exposed. 86. The entity should regularly review and assess the appropriateness and effectiveness of its climate-related risk management arrangements.

36 Interim Solvency Standard 2023. (2022). https://www.rbnz.govt.nz/-/media/project/sites/rbnz/files/consultations/insurers/iss-review/interim-solvency-standard-oct2022.pdf?sc_lang=en&hash=8083B89B188F55ECD2DE12CA930DB7C9

19 Managing climate-related risks 5 Metrics and targets Risk measuring and monitoring 87. Better practice in measuring and monitoring climate-related risks involves incorporating both qualitative and quantitative approaches. This includes employing metrics to measure climaterelated risks appropriate to an entity’s size, business mix and complexity of business operations and appropriate to the availability and quality of data on relevant risks. 88. Quantitative metrics help entities understand the potential current and future impacts of climate-related risks on their customers, counterparties and other organisations to which an entity has exposure. Better practice extends to measuring the impacts of climate-related risks on outsourcing arrangements, service providers, full value chains and business continuity planning. 89. An entity may use data from both publicly available and proprietary sources, and potentially seeks assistance from external experts (including academics, specialist consultants and scientific bodies). This should help it better understand the potential impacts of climate change on its operations as well as those of its customers, counterparties and other organisations to which it is exposed. Before engaging with third party providers (for this purpose and on climate-related matters more broadly), we encourage an entity to utilise the information sheet provided by the FMA in June 2023. 37 90. Metrics should be relevant, accurate and verifiable, and comparable and consistent. It is helpful for an entity to use the same metrics from year to year to facilitate comparisons and trend analysis to support better risk management outcomes. The XRB guidance contains a wide range of example metrics across physical risks (acute and chronic) and transition risks, along with further links for an entity to explore.38 91. We recognise that data presents challenges, often varying by entity (depending on its size, business mix and complexity) but including data availability, comparability and consistency. Some of these are exacerbated by the unprecedented and non-linear nature of climate change. The quality of climate data and information is improving over time, but it is important to make progress with whatever data are currently available. 92. The limitations on quantitative information are one of several reasons why we encourage an entity to supplement its risk measurement with additional qualitative information and judgments. 93. For example, entities should better understand their portfolios and services through close engagement with their customers and counterparties. In addition to holding conversations or conducting surveys, an entity should examine customer and counterparty transition plans which can provide valuable information on their future trajectories. There are many sources to help an entity do this, including the XRB, 39 the TCFD40 and the Transition TPT.41 Through such proactive engagement, an entity can seek to support and drive its customers and

37 Climate-related disclosures regime and the use of third-party providers. (2023). https://www.fma.govt.nz/assets/Guidance/CRD-and-the-use-of-third-party-providers.pdf 38 Climate-related Disclosures Staff Guidance: Guidance for All Sectors. (2023). https://www.xrb.govt.nz/dmsdocument/4844 39 Staff Guidance Transition planning Questions to get started. (2023). https://www.xrb.govt.nz/dmsdocument/4986 40 Task Force on Climate-related Financial Disclosures Guidance on Metrics, Targets, and Transition Plans. (2021). https://assets.bbhub.io/company/sites/60/2021/07/2021- Metrics_Targets_Guidance-1.pdf 41 Sector Guidance. Transition Taskforce. https://transitiontaskforce.net/sector-guidance/

20 Managing climate-related risks counterparties to transition to sustainable activities, that are compatible with the entity’s own business objectives and risk management practices. Further sources of industry-specific metrics 94. In addition to the sources already referenced in this section, below we provide some links to other external providers for an entity to refer to regarding industry-specific metrics (note this is non-exhaustive): Figure 4: Further sources of industry-specific metrics All Banking Insurance PCAF Financed Emissions42 Net Zero Banking Alliance Commitment Statement and Guidelines for Climate Target Setting43 PCAF Insurance-Associated Emissions44 IFRS - Appendix B - Industrybased disclosure requirements45 Basel Committee on Banking Supervision consultation on 'Disclosure of climate-related financial risks’46 European Banking Authority consultation on ‘Draft Guidelines on the management of ESG risks’47

42 Financed Emissions: The Global Standard Part A. (2022). carbonaccountingfinancials.com/files/downloads/PCAF-Global-GHG-Standard.pdf 43 The Commitment – United Nations Environment – Finance Initiative. unepfi.org/net-zero-banking/commitment/ 44 Insurance-Associated Emissions. (2022). carbonaccountingfinancials.com/files/downloads/pcaf-standard-part-c-insurance-associated-emissions-nov-2022.pdf 45 IFRS - Appendix B—Industry-based disclosure requirements. ifrs.org/projects/completed-projects/2023/climate-related-disclosures/appendix-b-industry-based-disclosurerequirements/ 46 Basel Committee on Banking Supervision Consultative document Disclosure of climate-related financial risks. (2023). bis.org/bcbs/publ/d560.pdf 47 Consultation paper Draft Guidelines on the management of ESG risks. (2024). eba.europa.eu/sites/default/files/2024-01/c94fd865-6990-4ba8-b74e6d8ef73d8ea5/Consultation%20papaer%20on%20draft%20Guidelines%20on%20ESG%20risks%20management.pdf