Effective Risk Management Crucial in Growing Climate Threat

Managing climate-related risks as part of a company’s ESG strategy means more than just building resilience at vulnerable locations. The risks are woven through a company’s entire value chain and this interconnectivity has to be addressed if the organization is to avoid potentially serious disruptions and losses.

Failing to do the hard work to ensure sustainability could have significant consequences. As the effects of climate change become more pronounced, losses are growing. Wildfires, for example, have increased in frequency and severity, and in at least one case led to losses so large that the company held responsible for a fire was forced to declare bankruptcy. Wind, hail, flooding and other hazard events are also causing increasing amounts of damage.

Climate change is going to impact all industries, and that is why there is much effort to ensure that companies are properly addressing the growing threat to their operations. Public companies are under particular pressure to get it right not only because it is relevant for their operations, but because investors are making decisions around companies’ commitments to sustainability.

Regulators recognized early on the importance of managing climate-related risks and building resilience that creates sustainable operations as part of an ESG framework. As a result, there are voluntary frameworks such as the Task Force on Climate-Related Financial Disclosures (TCFD) available to help companies with climate change-related disclosures. And, a number of compulsory regimes are in place or under development.

All of this puts the responsibility to address such an enormous and evolving risk largely on the risk manager and sustainability officer. They must guide the work to create a well-defined climate strategy and adaptation measures that will strengthen their operations’ resilience.

Early moves to create sustainability

What steps should risk managers undertake to identify and manage climate-related risks? That depends partly on how much work has already been done in establishing an ESG strategy and addressing the climate component.

Existing frameworks such as the TCFD are a good starting place for smaller companies working on a climate risk strategy but without a lot of in-house risk management firepower to rely on. The TCFD provides guidance on identifying the risks and addressing them through a risk management framework that establishes metrics and targets, integrates climate risk into an overall strategy and monitors the risk, among other guidance.

It is important to note early on that understanding the risk is a critical first step. You cannot build resilience or identify insurance solutions without a thorough understanding of the potential threat to your operations and value chain.

In order to begin quantifying the risk and its potential physical and financial impact, a climate risk assessment has to be completed, prioritizing the sites or parts of the business that are highly exposed to hazards associated with climate change. With that information in hand, work can begin on developing adaptation measures.

Collecting data is part of the early work in addressing climate risk as part of an ESG framework. It starts with basic data such as defining the extent of the exposure. From there, complexity can increase to include information on suppliers and the value chain. It is an ongoing process that provides information that can be used in decisions around strengthening resilience.

Data comes from external suppliers, as there are no standard methodologies or common data sources for risk managers to use to assess climate risk. It takes effort to investigate the options offered by data suppliers and to carefully consider, among other things, the quality of data they provide, the metrics in their analysis and how the data will be used to reach conclusions on climate risk.

Reaching out to stakeholders

Larger companies with dedicated risk management departments will be further along than some smaller operations that may lack the same in-house expertise. In this case, they have the added advantage of working with the company’s sustainability officer to integrate climate risk management into the overall ESG strategy and risk management framework.

The two should work closely together, with the sustainability department helping integrate physical risk into the strategy. They will collaborate to define the future course of the company’s approach to managing climate risk and strengthening its resilience against potential losses.

In addition, the sustainability officer will determine who will be in charge of regulatory reporting in cooperation with the company’s finance department. They will make sure that reporting aligns with strategy and properly addresses areas that a risk management assessment has identified.

Risk managers must seek out other stakeholders as well. That may mean overcoming reticence to enlist internal stakeholders they are unfamiliar with but who could contribute detailed knowledge of the company’s value chain and provide other expertise that would make them valuable partners in crafting and implementing a sustainability strategy.

Regulators are watching

Regardless of where a company might be in developing its climate-risk strategy, it should operate on the premise that the risk has two main components: How business operations might impact the environment – which is addressed through mitigation measures - and how the environment could affect the business, which calls for a thorough understanding of the risk and how adaptation measures can be adopted to strengthen resilience.

This double materiality mindset is important partly because regulators are requiring it. In the European Union, companies are asked to assess the physical risk of all business activities and report whether they can be considered sustainable. And, regulators want to know that businesses not only understand the physical risk, but also the financial impact of potential climate events.

While the EU has the most comprehensive regulatory approach towards disclosures, other geographies such as Asia and Australia are catching up. In the U.S., disclosure regulation is in its formative stages but adoption has been pushed back.

Regulations around disclosure and other elements of ESG strategy are not authoritarian mandates written by bureaucrats. Risk managers are routinely asked for their views in shaping regulations, and organizations such as Airmic in the UK and FERMA in Europe have worked with regulators to develop rules and standards.

Whether they are starting out or well down the road in their effort to identify, quantify and manage climate risk as part of an ESG strategy, businesses will find the journey smoother through collaboration with all of these stakeholders, making it easier to reach the destination – a thriving and resilient company that has done the hard work to address climate-related risk and help ensure ongoing operations.

Originally published in Commercial Risk on June 18, 2024.