In January 2025, the MFSA issued a letter to Maltese Less Significant Institutions (LSIs) in the form of a ‘Dear CEO letter’ around its thematic review of the climate and environmental-related (C&E) risk management practices in LSIs.
MFSA has recognised that some LSIs have been making progress to manage the impact of C&E risks. However, it still recognises certain gaps. Moreover, the MFSA has requested a new set of deliverables for LSIs to be submitted by the end June 2025, and it provides further clarity on satisfying the requirements and expectations set by the ECB, the EBA and the MFSA itself.
The MFSA highlights a lack of clear identification, quantification and evaluation of C&E risks, predominantly as a result of lack of identification of these risks in the appropriate transmission channels. The MFSA expects all C&E risk drivers to be mapped and transmission channels to be clearly identified and linked to the prudential risks (i.e. credit, operational, market and liquidity risk). It requires thresholds to determine when risk drivers become material. In addition, the MFSA expects LSIs to integrate qualitative and quantitative metrics into the materiality assessment.
The MFSA also expects LSIs to follow a structured approach in assessing the impact of climate change and environmental degradation on their business environment and strategy. Additionally, it recommends banks to translate their strategy into climate related KPIs, with clear forward-looking resilience strategies being implemented to cover off any threats from the banks' competitive and environmental landscape.
The review highlighted four key deficiencies with regards to LSIs’ governance and risk appetite. The MFSA expects LSIs to define roles and responsibilities to the appropriate individual or functions. It recommends LSIs to enhance their data infrastructure to collect C&E related data effectively. Furthermore, it expects that LSIs allocate KPIs and KRIs related to C&E risks in their remuneration policies. Most importantly, the MFSA underlines the importance that LSIs effectively manage these risks, by defining specific KRIs within their risk appetite statement.
Lastly, the MFSA recommends that LSIs incorporate C&E risks into the risk management framework by identifying mitigation measures to combat such risks. Furthermore, through quantification of C&E risks as part of the ICAAP and ILAAP is key to ensure that LSIs consider how C&E risks impact prudential risks.
PwC Malta’s banking team is equipped to assist banks in meeting these supervisory expectations and ensuring alignment with regulatory requirements. Get in touch with us to learn more.
