Final guidelines on the management of ESG risks

European Banking Authority (EBA)

The European Banking Authority (EBA) has published its final guidelines on the management of environmental, social, and governance (ESG) risks in the context of the CRD 6 mandates. With this publication, it establishes detailed guidelines for the identification, management and supervision of  ESG risks by entities, with the aim of ensuring their resilience in the short, medium, and long term.


Final guidelines on the management of ESG risks

Watch video

Executive summary

The EBA has published its final guidelines on ESG risk management, thus complying with the related CRD 6 mandate. These guidelines emphasize aspects such as materiality analysis, data quality, and the integration of ESG factors into overall risk management, strategy, business plans, risk appetite, and corporate culture. Likewise, through these guidelines, the EBA establishes how institutions should develop prudential transition plans to address the risk arising from ESG regulatory objectives in the jurisdictions where they operate, with the aim of ensuring the resilience of their business models and risk profiles in the short, medium and long term.

The guidelines will be generally applicable from 11 January 2026 for institutions subject to CRD 6, except for small and non-complex institutions (SNCIs), for which alignment with these guidelines is expected from 11 January 2027.

Main content

  • Reference methodology for the identification and measurement of ESG risks. Institutions should assess the materiality of ESG risks on an annual basis (or every two years for SNCIs), integrating these risks into traditional financial categories and into the ICAAP process. Risk management and measurement methods should be aligned with these assessments, allowing SNCIs to adopt simpler arrangements if they are proportionate. ESG risk metrics should guide the updating of  materiality assessments. In addition, institutions should have tools and methodologies in place to identify and measure ESG risks, using robust data and a combination of methodologies (e.g. based on exposure, portfolio, sector and scenarios).
  • Minimum standards and reference methodology for ESG risk management and monitoring. Institutions should consider ESG risks as drivers of all financial risk categories, and manage them over the short, medium and long term. They should integrate these risks into their business and risk strategies, assessing their impact on the viability of the model, profitability and strategic objectives, as well as on risk appetite, internal controls and capital and liquidity self-assessment processes (ICAAP/ILAAP). Finally, they must establish appropriate risk indicators and carry out continuous monitoring using internal information systems and retrospective and prospective ESG metrics.
  • Transitions plans in accordance with CRD 6. The final version of the guidelines broadens the definition of transition planning to include preparing for risks and potential changes in business models, as well as the implementation of objectives for monitoring and addressing ESG risks. Institutions should develop specific plans to address these risks and the process of economic adjustment to   regulatory objectives related to ESG factors, incorporating forward-looking considerations into their short-, medium- and long-term risk management strategies, policies and processes. These plans should be consistent with the transition plans developed or disclosed by the institutions under other EU legislative acts. As a minimum, these plans should include strategic objectives and roadmap, objectives and metrics, governance, implementation strategy and engagement strategy.

Download the technical note on the Final guidelines on the management of ESG risks.