So as you may have noticed recently, the world is on fire. And being buffeted by hurricanes. And suffering drought. And watching the polar ice caps melt away like Red Sox playoff hopes every summer.
Put simply, mankind is past the point of preventing the deleterious effects of climate change. Those effects are here now. They will only get worse during our lifetimes.
That fact will have huge implications for businesses — and, at long last, U.S. regulators are starting to consider how to respond to it.
Twice in the last three weeks, regulators have warned that climate change poses real risk to the financial system of the United States. First, the Commodities and Futures Trading Commission published a report on Sept. 9 warning about climate change, and specifically saying that right now, regulators don’t have sufficient systems and skills to understand that risk. On Sept. 22, the New York Department of Financial Services published its own warning to the insurance sector that those firms must do more to quantify climate risks — and that the NY-DFS will start examining insurance firms on those efforts, starting next year.
The CFTC and the NY-DFS are only the latest regulators to start talking about climate change. The Securities and Exchange Commission already has a climate change disclosure requirement on the books (not that the agency has ever enforced that rule, but it exists); and the Federal Reserve is at least thinking about how climate change affects financial risk.
So what’s really happening here? And how might corporate risk management functions end up in the eye of the storm?
Climate Change = Volatility = Risk
The regulators fear that the costs of climate change are creeping up on the financial sector (and on Corporate America generally) faster than we understand.
The California wildfires are an excellent example. Eight of the 10 largest fires in state history have happened since 2010; the largest fire in state history was declared on Sept. 9. The wildfires of the 2010s were larger than the wildfires of the 2000s, which were larger than the wildfires of the 1990s.
So whatever historical models insurance firms might have used in years past to model the costs of fires no longer work. Models from the 2010s won’t provide an accurate picture of the next 10 years. Insurance firms need better risk data, to build better models, to price their insurance policies more accurately.
Without that better understanding, the insurance firms could default on massive losses related to climate disasters — defaults that would pass along those losses to the banks, and eventually other players in the financial system. That’s how you get from climate risk to a financial crisis. That’s what a regulator like NY-DFS wants to avoid.
The wildfire example is vivid and pressing, but other types of climate change risk are just as dangerous. What would happen if investors pour billions into an East Coast waterfront redevelopment today, assuming those buildings will be worth more money in the future — but by 2045, the buildings are underwater thanks to rising sea levels? That’s a debate happening in Boston right now.
Climate change will cause physical risks, where extreme weather damages homes, crops, roads, and property; that’s the wildfire example. It will also cause transition risks, where expensive assets today are suddenly worth less than expected tomorrow; that’s the Boston waterfront example.
The bottom line, however, is that businesses will face more risk. Well, when corporations face more risk, that means (a) more risk management to respond to the threat; and (b) more disclosure to investors about how well you have or haven’t managed those risks.
That’s what regulators and investors want to see. Which brings us to corporate risk management functions.
Getting to Better Climate Risk Awareness
Corporate risk officers will need to bring together several types of information and perspective to get an accurate picture of climate risk, such as:
- Good sources of data (both industry comparables and your own historical data) about climate change risks and potential costs.
- A more expansive sense of business continuity risk, to examine the whole supply chain and its exposure to climate change. (The Government Accountability Office published a report on assessing climate risk in the supply chain earlier this summer.)
- Better communication with stakeholders to understand their climate risk concerns — including, where necessary, regulators asking about climate risk exposure.
- A climate change risk management & disclosure framework. One example: the Task Force on Climate-Related Financial Disclosures.
Moreover, businesses will also need to build better modeling and scenario planning for multiple climate risks that might happen at the same time. As the CFTC said in its report:
While understanding about particular kinds of climate risk is advancing quickly, understanding about how different types of climate risk could interact remains in an incipient stage. Physical and transition risks may well unfold in parallel, compounding the challenge.
Even a detail as nerdy as data taxonomy could be a concern here. In accounting, everyone knows what companies mean by revenue, operating income, contingent liabilities, and so forth. We don’t yet have something similar for water consumption, greenhouse gases, recyclable materials, and other climate risk metrics.
The Sustainability Accounting Standards Board is developing such disclosures, but they’re voluntary. Until regulators adopt a standard reporting structure for climate risk across large swaths of the corporate world, we won’t get a complete, full picture of how climate change could affect the whole economy.
Will we get there some day? Yes. (If Democrats come to power in 2021, that day will come sooner.) But the need for better climate risk assessment and reporting is real, and will only get more important.
Bonus: As it happens, I’ll be moderating a panel discussion at the Navex Next virtual conference on ESG reporting issues, including climate change risk. If you want to hear more on what regulators are saying so far and how risk management systems can meet that demand, register. Event is on Oct. 22 — and free!