Skip to main content
All
April 14, 2022

The Rulemaking Climate Heats up for Financial Institutions: New Climate-Related Risk Management Proposals

Advisory

In the last few weeks, US regulators have been very busy with climate-related rulemaking, announcing a raft of proposed mandates related to anticipated climate-related risk management requirements and regulatory expectations for public companies and financial institutions. As has been widely-publicized, on March 21, 2022, the US Securities and Exchange Commission (SEC or Commission) voted to approve proposed rule changes to enhance and standardize climate-related disclosures for investors. The highly anticipated proposal spans over 500 pages and is the first time the Commission has proposed to require public companies to include specific disclosures about climate-related risks. On March 30, 2022, the Federal Deposit Insurance Corporation (FDIC) approved a proposed Statement of Principles for Climate-Related Financial Risk Management for Large Financial Institutions. The FDIC's proposed principles are substantially similar to the Office of the Comptroller of the Currency (OCC)’s proposed principles issued in December 2021. As noted in the FDIC's proposed principles, “[c]limate-related financial risks pose a clear and significant risk to the U.S. financial system and, if unmitigated, may pose a near-term threat to safe and sound banking and financial stability.” As new statements, guidance, and proposed rules are seemingly released every day by various regulators, it can be difficult to keep track of the constantly evolving landscape and the potential implications for financial institutions.

Even though the FDIC and OCC have proposed only “principles” that will lead to “subsequent guidance” intended for large financial institutions (over $100 billion in consolidated assets), the federal banking agencies (FBAs) have indicated that all financial institutions already should consider and, if applicable, incorporate material climate-related risk into their risk management frameworks.1 The SEC's proposed rules would apply only to SEC registrants (including smaller issuers), and not until 2023 at the earliest. The SEC's proposed rules are likely to influence future FBA climate-related risk management guidance and requirements. Because the FBAs and SEC are marching toward similar requirements and expectations that are likely to soon impact the entire financial industry, financial institutions of all sizes should be familiar with these recent regulatory developments and should be considering now how to incorporate climate-related risk into their strategic planning, governance and risk management frameworks.

Below is a summary of the key aspects of the SEC’s proposed rules and the FDIC/OCC's proposed principles. We start with a brief overview of each, and then summarize the primary elements of each proposal: (I) Corporate Governance (II) Strategic Planning, (III) Risk Management, (IV) Emissions Disclosures, and (V) Financial Statement Metrics. Under each element, we provide our view of the steps that financial institutions should be considering now to prepare for new climate-related disclosure and risk management regimes.

Overview of the SEC’s Proposed Rules and FDIC/OCC’s Proposed Principles

The SEC’s proposed rule amendments would require registrants, including foreign private issuers, to include an array of climate-related disclosures in their registration statements and periodic reports. Specifically, the proposed amendments would (1) require a registrant to disclose a considerable amount of climate-related information pursuant to a new subpart to Regulation S-K, including climate-related risks that are reasonably likely to have a material impact on the registrant’s business or consolidated financial statements, in its registration statement and annual reports; and (2) require a registrant to include certain climate-related financial statement metrics and related disclosure in a note to its audited financial statements in accordance with a new article to Regulation S-X. The SEC’s proposed climate-related disclosure rules would apply to companies with Exchange Act reporting obligations pursuant to Exchange Act Section 13(a) or Section 15(d), and companies filing a Securities Act or Exchange Act registration statement. This includes domestic companies and foreign private issuers, regardless of their size. The Commission explains that it is not proposing generally to exempt smaller reporting companies (SRCs), emerging growth companies, or registrants that are foreign private issuers from the entire scope of the disclosure rules “because we agree with commenters who stated that, because of their broad impact across industries and jurisdictions, climate-related risks may pose a significant risk to the operations and financial condition of domestic and foreign issuers, both large and small.” However, the only element of the proposed rules that would not apply to SRCs is the Scope 3 emissions disclosure provision (discussed below). The SEC has proposed phase-in dates for all registrants, with the compliance date dependent on the registrant’s filer status. The SEC also has proposed exempting certain types of issuers from complying with the climate-related disclosure requirements, including, for example, asset-backed issuers and Canadian issuers eligible to report under the Multijurisdictional Disclosure System. The SEC has requested comment from stakeholders on over 200 questions related to the proposed rules. Comments are due by May 20, 2022.

The FDIC/OCC’s proposed principles provide a “high-level framework” for management of climate-related financial risks, and are targeted at financial institutions with over $100 billion in total consolidated assets. Unlike the SEC’s proposed rules, which take a “one-size-fits-all” approach, the FDIC’s proposed principles note that the FDIC intends to “appropriately tailor any resulting supervisory expectations to reflect differences in institutions’ circumstances such as complexity of operations and business models.” Nonetheless, both the SEC's proposed rules and the FDIC/OCC's proposed principles are modeled in large part on the Task Force on Climate-related Financial Disclosures (TCFD) framework established by the Financial Stability Board (FSB)2, and therefore have substantial overlap, as discussed below. The FDIC has requested comments no later than June 3, 2022.

Governance

SEC’s Proposed Rules. The SEC’s proposed rules would require companies to disclose certain information regarding (1) the board’s oversight of climate-related risks, and (2) management’s role in assessing and managing those risks. The Commission defines “climate-related risks” as the actual or potential negative impacts of climate-related events and conditions on a company’s consolidated financial statements, business operations, or value chains3, as a whole.

Companies may, but are not required to, discuss the board’s oversight of and management’s role in assessing and managing “climate-related opportunities.” The SEC’s proposed rules define “climate-related opportunities” as the actual or potential positive impacts of climate-related conditions and events on a registrant’s consolidated financial statements, business operations, or value chains, as a whole. The Commission has requested comment on whether it should require companies to disclose climate-related opportunities, and noted commentators’ concern with anti-competitive effects of disclosing such information.

With respect to the board’s oversight, companies would be required to disclose, among other matters, any board members or board committee responsible for overseeing climate-related risks; the process and frequency by which the board or board committee discusses climate-related risks; and the board’s process in establishing and monitoring climate-related targets or goals.

With respect to management, companies would similarly need to disclose whether certain management positions or committees are responsible for assessing and managing climate-related risks, as well as the processes by which the responsible individuals or committees are informed about and monitor climate-related risks (such as the use of third-party climate consultants); and whether and how frequently such individuals or committees report to the board about climate-related risks.

FDIC/OCC’s Proposed Principles. Likewise, the FDIC/OCC’s proposed principles provide that a financial institution’s board and management should demonstrate knowledge of climate-related financial risk, and the potential impact of those risks on the institution’s strategy and risk appetite. The FDIC and OCC look to the board for overseeing climate-related risks, and to management for managing and regularly reporting to the board on such risks. The FDIC/OCC’s proposed principles also provide that management should incorporate climate-related risks into “policies, procedures, and limits to provide detailed guidance on the bank’s approach to these risks in line with the strategy and risk appetite set by the board. Policies, procedures, and limits should be modified when necessary to reflect the distinctive characteristics of climate-related risks and changes to the bank’s activities.”

Observations:

  • If not already done, financial institutions should consider assigning responsibility to one or more board committees to define and assess the institution’s climate-related risks, opportunities, strategies and risk mitigation plans, as well as the institution’s disclosures of such matters.
  • Consideration also should be given to the type of climate-related data to be reported to the appropriate board committee, the management positions responsible for reporting such data, and the regularity with which the data is reported. Because the regulators likely will expect board-level ownership of climate-related risk management, it is imperative that financial institutions can demonstrate that the board is receiving meaningful information required to effectively conduct its oversight responsibilities.
  • Most banks have the corporate governance infrastructure in place for assessing and managing material risks to the institution and should consider leveraging their existing infrastructure for these new climate-related regulatory expectations.

Strategic Planning

SEC’s Proposed Rules. The SEC’s proposed rules would require companies to disclose whether any climate-related risks are reasonably likely to have a material impact on the company, including its business or consolidated financial statements, in the short, medium and long term. The Commission considers a matter material “if there is a substantial likelihood that a reasonable investor would consider it important when determining whether to buy or sell securities or how to vote.”4 Moreover, with respect to potential future events, the materiality determination requires an evaluation of the likelihood that an event will occur, and its potential magnitude or significance to the company.

Consistent with the TCFD, these climate-related risks include both physical5 and transition risks,6 and encompass a company’s business operations and value chain as a whole, including upstream and downstream activities.7 We would expect the SEC would clarify what “value chain” means in the context of financial institutions should commenters from the banking industry press the SEC. Companies would be required to differentiate between physical and transition risks, and describe whether the risk is acute or chronic. In addition, for physical risks, companies would be required to identify the physical location(s) of the assets subject to the risk. Finally, companies may, but are not required to, disclose climate-related opportunities, such as any cost savings associated with reduced energy usage or greater demand for a company’s services as climate policy influences market behavior.

If a company has identified any such climate-related risks, the company must also disclose the actual and potential impacts those risks have on its strategy, business model, and outlook. This includes, among other disclosures, impacts on the company’s operations, products or services, and suppliers or other parties in its value chain. Similar to the disclosures required with respect to whether any such material climate-related risks exist, companies would also be required to disclose the time horizon for each disclosed impact.

In the event a company uses carbon offsets or renewable energy credits or certificates (RECs)8 as part of its net emissions reduction strategy, the proposed rules would require disclosure of the role that carbon offsets or RECs play in the company’s climate-related business strategy. In addition, a company must disclose, if used, its internal carbon price(s)9 and the rationale for selecting the carbon price used, as well as any climate-related targets or goals (e.g., net zero goals) and information regarding how the company intends to achieve those goals.

The proposed rules would require a company to disclose any analytical tools it uses to assess the impact of climate-related risks on the company’s business and financial statements, or to support the resilience of the company’s business model in light of foreseeable climate-related risks. One such tool is scenario analysis, a process for analyzing possible outcomes of future events under conditions of uncertainty.10 Arguably, scenario analysis is not unlike the capital stress tests to which the largest financial institutions are already subject, though we do not believe the SEC is seeking to usurp the FBA’s role in setting capital standards for the banking industry.

FDIC/OCC’s Proposed Principles. The FDIC/OCC’s proposed principles similarly provide that a company’s board and management should take climate-related financial risk exposures into account when addressing the institution’s overall business strategy, risk appetite and operational plans, and should assess the potential ways in which such risks might evolve over various time horizons and scenarios. Such analysis includes addressing the potential impact of climate-related financial risk exposures on the institution’s operations (including geographic locations), financial condition and business objectives. The FDIC/OCC’s proposed principles state that financial institutions should consider the impacts of climate-related financial risk on its reputation, stakeholders’ expectations, and low- to moderate- income and other disadvantaged households and communities (which includes physical harm or access to bank services and products). In addition, institutions that publicly communicate their climate-related strategies would be required to ensure that any public statements about commitments and strategies align with its internal strategies and risk appetite statements.

The FDIC and OCC propose that management implement climate scenario analyses to forecast the potential impact on the institution of changes in the economy or financial systems resulting from climate-related risk. Management should identify and measure, for example, the institution’s vulnerability to physical risk (e.g., considering a portfolio of mortgaged properties in a flood plain) and transition risk (e.g., considering a portfolio of loans heavily concentrated in diesel-fueled vehicles) over an extended period of time. The scenario analysis, according to the FDIC and OCC, will allow financial institutions to better manage their climate-related financial risks. For now, at least, the FBAs have distinguished climate scenario analysis which are meant to be an “exploratory” mechanism to test resiliency, from traditional regulatory stress tests, which assess and, perhaps, require adjustments to capital adequacy.

Observations:

  • Banks will need to become better educated in the various tools used by energy and manufacturing companies in assessing the impact of climate related risk and proactively work with the FBAs to determine the tools that are most appropriate for the banking industry.
  • The banking industry should not anticipate that the FBAs will dictate specific analytical tools but will more likely rely on the industry and specific institutions to identify and evaluate available tools in the marketplace, such as the Global GHG Accounting and Reporting Standard for the Financial Industry established by the Partnership for Carbon Accounting Financials. This process very likely will involve the use of consultants.
  • The FBAs have signaled that, initially, their expectations for climate scenario analysis will be tailored to the size, complexity, and risk profile of the institution. The FBAs also have indicated an understanding that climate scenario analysis, by its nature, is an uncertain science and modeling can be extremely challenging. Despite the FBA’s disclaimers, financial institutions of all sizes should be prepared to demonstrate effort towards implementing some form of climate scenario analysis.

Risk Management Disclosures

SEC’s Proposed Rules. The SEC’s proposed rules would require companies to make certain risk management disclosures, including (1) disclosure of any processes the company utilizes for identifying, assessing, and managing climate-related risks11, and (2) certain disclosures if the company has adopted a transition plan. As proposed, a “transition plan” means a company’s strategy and implementation plan to reduce climate-related risks. The proposed rules would require companies which have adopted transition plans to describe the plan, including relevant metrics and targets used to identify and manage physical and transition risks, among other requirements. The SEC’s proposed rules state that since transition planning “inherently requires judgments and predictions about the future,” companies may be eligible to rely on the Private Securities Litigation Reform Act (PSLRA) forward-looking statement safe harbors for forward-looking statements in discussion of its transition plan, provided that all other statutory requirements for the safe harbor are met.

FDIC/OCC’s Proposed Principles. The FDIC/OCC’s proposed principles address management of risk areas, including assessment of credit, liquidity, operational, legal/compliance, and other financial and non-financial risk. With respect to credit risk, the FDIC and OCC expect that financial institutions will take into account climate-related financial risks as part of their underwriting and ongoing monitoring of portfolios, as well as in determining their credit risk appetite. The FDIC and OCC suggest that risk management practices could include credit risk concentrations resulting from physical and transition risks, and, once a financial institution undertakes concentration risk analysis, it should assess potential changes in correlations across exposures or asset classes.

Observations:

  • In its discussion of climate-related risk management, the FDIC—without delving into the nuances of GHG Protocol scopes like the SEC (discussed in Section IV below)—in essence focuses directly on Scope 3 emissions. The FDIC also comes dangerously close to landing on a principle that could be used to restrict lending to high carbon emission industries through the supervisory process. However, the FDIC, like the OCC in December, does not yet cross into the realm of dictating unacceptable credit risk based on climate risk.
  • Once discussed, the FDIC and OCC will expect financial institutions to assess potential changes in correlations across exposures or asset classes, and determine credit risk appetite and lending limits related to these risks.
  • Climate-related risk regulations and supervisory expectations are further developed in Europe than in the US and can be a helpful source for US financial institutions seeking to identify and model the specifics of climate-related risk management. For instance, the European Banking Authority recently published draft ESG disclosure standards that will require EU financial institutions to disclose, among other items: (i) the gross carrying amount of loans and advances, debt securities, and equity instruments provided to non-financial companies in defined sectors that highly contribute to climate change and to companies in carbon-related sectors (other than such investments in the institution’s held-for-trading or held-for-sale portfolios); (ii) loans collateralized by commercial and residential real estate and the energy efficiency of such collateral; (iii) financed GHG emissions, i.e., scope 1, 2, and 3 emissions of the institution’s counterparties, and the distance of those emissions to a Paris-aligned net-zero scenario; and (iv) exposure in banking book to the top 20 carbon-intensive firms globally.12

Emissions Disclosures

SEC’s Proposed Rules. The SEC’s proposed emissions disclosure requirement is primarily based on GHG Protocol13 concepts. The proposed rules would require companies to disclose Scope 1 and 2 emissions. Scope 1 emissions are direct GHG emissions from operations owned/controlled by the company, and Scope 2 emissions are indirect emissions from generation of purchased/acquired electricity used by the company’s owned/controlled operations. Of note, Scope 1 and 2 emissions disclosure is not tethered to a materiality requirement, unlike Scope 3, discussed below. Disclosure of total Scope 1 emissions must be separate from total Scope 2 emissions, and all scopes of emissions must be disaggregated as between constituent GHGs. The proposed rules require reporting of emissions in gross terms, excluding any offsets purchased.

The SEC’s proposed rules include a disclosure requirement for Scope 3 emissions if material or if the company has set an emissions reduction target that includes these emissions. Consistent with the GHG Protocol, the proposed rules define Scope 3 emissions as indirect GHG emissions that occur in upstream and downstream activities in a company’s value chain that are not Scope 2 emissions. For financial institutions, the GHG Protocol defines Scope 3 emissions, or “financed emissions,” to include the GHG emissions from which they lend to or invest in. The Commission notes that emissions disclosures would likely include the emissions from companies thatto which the registrant provides debt or equity financing, thus including disclosures regarding all the corporate borrowers of a bank.

The Commission notes that a registrant’s assessment of the materiality of Scope 3 emissions should include consideration of whether those emissions make up a large portion of its overall GHG impact. The SEC’s proposed rules do not require a specific quantitative threshold, but the SEC notes that some companies use 40% as a benchmark for determining whether Scope 3 emissions are material. As previously noted, SRCs are exempt from the Scope 3 disclosure requirements under the SEC’s proposed rules. The proposed rules include a safe harbor for Scope 3 emission disclosure (e.g., Scope 3 emissions disclosures will not be deemed fraudulent statements unless made without a reasonable basis or in bad faith).

For Scope 1 and 2 emissions, a company would also be required to include an attestation report and disclose information regarding the attestation service provider. The proposed rules do not require attestation and assurances for Scope 3 emissions to the extent those must be disclosed. In years two and three after the Scope 1 and 2 emissions requirement takes effect, filers must provide limited assurance (e.g., equivalent to the review of a registrant’s interim financial statements), and in years four and beyond, reasonable assurance (e.g., the audit rigor applied to a registrant’s 10-K). The rules would specify minimum attestation report requirements, minimum standards for acceptable attestation frameworks, and would require an attestation service provider to meet certain minimum qualifications. Requirements for the attestation provider include that it is “an expert in GHG emissions by virtue of having significant experience in measuring, analyzing, reporting, or attesting to GHG emissions” and independent of the registrant.

Observations:

  • Scope 3 emissions disclosure is likely the most controversial aspect of the SEC’s proposed rules due to the the SEC view that a bank’s borrowers are likely part of the value chain. Should that interpretation come to pass, banks will be hard pressed to collect the GHG data on all of their outstanding credits. Further, the GHG output of all the companies and individuals to which a bank lends money would very likely vastly overshadow the bank’s direct GHG output.

Financial Statement Metrics

SEC’s Proposed Rules. The SEC’s proposed rules would require companies to disclose climate-related financial statement metrics that are mainly derived from existing financial statement line items. The three categories of information comprising this disclosure are: (1) financial impact metrics, (2) expenditure metrics, and (3) financial estimates and assumptions. In each case, registrants would calculate the proposed metrics using financial information consistent with the scope, and applying the same accounting principles otherwise required in the preparation, of the consolidated financial statements. Because the proposed financial statement metrics would be in the financial statements, they would be included in the scope of and subject to any required audit of the financial statements by an independent registered public accounting firm and within the purview of the registrant’s internal control over financial reporting.

The SEC’s proposed financial impact metrics include disaggregated information about the impact of (i) climate-related conditions and events and (ii) transition activities, in each case on any relevant line item in the financial statements. As proposed, a registrant would be required to disclose the impact of climate-related events or transition activities on each line item of its financial statements unless the aggregate impact of such events is less than 1% of the total line item for the relevant fiscal year, determined by aggregating the absolute value of the positive and negative impacts on a line-by-line basis. Within each category (i.e., climate-related events or transition activities), impacts would be disclosed on an aggregated, line-by-line basis for all negative and positive impacts (separately).

The proposed expenditure metrics refer to the aggregate amounts of expenditure expensed and capitalized costs incurred to (i) mitigate the risks from severe weather and other natural conditions and (ii) reduce GHG emissions or otherwise mitigate exposure to transition risks.

Finally, registrants would be required to disclose whether any estimates and assumptions used to produce the financial statements were impacted by exposures to risks and uncertainties associated with, or known impacts from, climate-related events and transition risks (separately), and if so provide a qualitative description of how, particularly where the estimates and assumptions were impacted by risks and uncertainties associated with, or known impacts from, a potential transition to a lower carbon economy or any climate-related targets it has disclosed. In each of the three categories of information, registrants may disclose the impact of any climate-related opportunities, but must do so consistently and apply the same presentation and disclosure threshold requirements.

FDIC/OCC's Proposed Principles. Similarly, the FDIC/OCC’s proposed principles provide that material climate-related financial risk exposures should be supported by appropriate metrics (e.g., risk limits and key risk indicators), and that climate-related risks should be incorporated into an institution’s internal control frameworks, including internal audit.

The FDIC has requested comment on what, if any, specific climate-related data, metrics, tools and models financial institutions need from borrowers and other counterparties in order to identify, measure, monitor and control their own climate-related financial risks.

Observations

  • For financial institutions, we expect estimates and assumptions with respect to financial impact metrics affected by climate-related events and transition risks to most likely affect fair value measurements and allowances for loan losses.

Conclusion

Arnold & Porter’s Financial Services, Corporate and Securities Practice groups continue to work with the Environmental Practice Group to monitor climate-related and other ESG developments in the financial services sector and to develop best practices for the firm’s financial institution clients. If financial institutions or other companies are seeking to comment on the SEC proposed rule or FDIC proposed principles, or are seeking advice on how to incorporate ESG factors—including climate-related considerations—into their business strategy, risk management, or disclosure processes, please contact any author of this Advisory or your regular Arnold & Porter contact.

© Arnold & Porter Kaye Scholer LLP 2022 All Rights Reserved. This Advisory is intended to be a general summary of the law and does not constitute legal advice. You should consult with counsel to determine applicable legal requirements in a specific fact situation.

  1. See, e.g., Federal Reserve Governor Lael Brainard, Strengthening the Financial System to Meet the Challenge of Climate Change, delivered at the at the "The Financial System & Climate Change: A Regulatory Imperative," hosted by the Center for American Progress, Washington, D.C., December 18, 2020.

  2.  The FSB established the TCFD for purposes of promoting better-informed investment, credit and insurance underwriting decisions. The TCFD published disclosure recommendations in 2017, which provide a framework for the assessment, management and disclosure of climate-related financial risks, including governance, risk management, strategy, and metrics and targets. The TCFD is an international framework that has been widely endorsed by companies, regulators and standard-setters in the US and around the world, including by over 1,000 financial institutions managing assets of $194 trillion.

  3. The SEC defines “value chain” as the upstream and downstream activities related to a registrant’s operations. The value chain concept utilized by the SEC seems more applicable to manufacturing companies than to financial institutions, and the SEC has not yet provided guidance to the banking industry on this issue. However, for a financial institution, participants in the value chain could include third party vendors that provide critical services to the institution such as a loan service or data processing company.

  4. The SEC notes that the “materiality determination is largely fact specific and one that requires both quantitative and qualitative considerations.”

  5.  “Physical risks” are defined as “both acute risks and chronic risks to the registrant’s business operations or the operations of those with whom it does business.” “Acute risks” are “event-driven and may relate to shorter term extreme weather events, such as hurricanes, floods, and tornadoes, among other events.” “Chronic risks” relate to “longer term weather patterns and related effects, such as sustained higher temperatures, sea level rise, drought, and increased wildfires, as well as related effects such as decreased arability of farmland, decreased habitability of land, and decreased availability of fresh water.”

  6. “Transition risks” are defined as “the actual or potential negative impacts on a registrant’s consolidated financial statements, business operations, or value chains attributable to regulatory, technological, and market changes to address the mitigation of, or adaptation to, climate-related risks, such as increased costs attributable to changes in law or policy, reduced market demand for carbon-intensive products leading to decreased prices or profits for such products, the devaluation or abandonment of assets, risk of legal liability and litigation defense costs, competitive pressures associated with the adoption of new technologies, reputational impacts (including those stemming from a registrant’s customers or business counterparties) that might trigger changes to market behavior, consumer preferences or behavior, and registrant behavior.”

  7.  The SEC states that “{u}pstream activities in connection with a value chain may include activities by a party other than the registrant that relate to the initial stages of a registrant’s production of a good or service” (such as supplier activities), whereas “{d}ownstream activities in connection with a value chain may include activities by a party other than the registrant that relate to processing materials into a finished product and delivering it or providing a service to the end user” (such as processing of sold products and investments).

  8. The SEC’s proposed rules define a REC as “a credit or certificate representing each megawatt-hour (1 MWh or 1,000 kilowatt-hours) of renewable electricity generated and delivered to a power grid.”

  9.  “Internal carbon price” is defined as “an estimated cost of carbon emissions used internally within an organization.”

  10. The SEC’s proposed rules would require disclosure of certain information about scenario analysis if used, but would not mandate that companies use scenario analysis.

  11.  For example, a company would be required to disclose, as applicable, how it considers shifts in counterparty preferences or changes in market prices in assessing potential transition risks, and, with respect to processes for managing climate-related risks, how it determines whether to mitigate, accept or adapt to a particular risk.

  12.  See “Final Draft Implementing Technical Standards on Prudential Disclosures on ESG Risks in Accordance with Article 449a CRR,” European Banking Authority, January 24, 2022.

  13. The GHG Protocol was established through a partnership between the World Resources Institute and the World Business Council for Sustainable Development, and has created a widely used greenhouse gas accounting standards. Through its Corporate Accounting and Reporting Standard, the GHG Protocol provides uniform methods to measure and report the seven greenhouse gases covered by the Kyoto Protocol (which include carbon dioxide, methane, nitrous oxide, hydrofluorocarbons, perfluorocarbons, sulfur hexafluoride, and nitrogen trifluoride).