Please note, your browser is out of date.
For a good browsing experience we recommend using the latest version of Chrome, Firefox, Safari, Opera or Internet Explorer.

CRD VI: The new ESG duties of credit institutions


1. Importance of the Directive; the “Cascade Effect”

The Directive (EU) 2024/1619 (Capital Requirements Directive VI or CRD VI) has been published, changing the prudential and authorisation framework for credit institutions. While this directive has various implications (notably concerning the regime of qualifying holdings and fit and proper requirements), this analysis focuses solely on the new legal duties in the ESG domain. It is believed that these duties will have a significant impact on the national business fabric, especially in the processes of risk assessment for credit agreements, contributing to accelerating the “cascade effect” in the systemic transformation of business models and practices towards sustainable standards. The provisions of the Directive, as discussed here, must be transposed into national law by the 10th of January 2026.


2. Duties of identification, assessment, management and monitoring of ESG risks

Under the new Article 87-A, added by CRD VI to Directive (EU) 2013/36, the competent authorities - in Portugal, the Bank of Portugal - must ensure that credit institutions have a sound governance system, with a risk management framework that includes effective strategies, policies, procedures, and systems for identifying, assessing, managing and monitoring ESG risks in the short, medium and long term (over a horizon of at least 10 years).

The strategies, policies, procedures, and systems to be adopted should be proportionate to the scale, nature, and complexity of the ESG risks of the business model and the scope of the institution’s activities. Thus, the risk identification and management strategies to be adopted by a multinational credit institution with a presence on several continents, for example, will tend to be proportionately more developed than those to be adopted by a credit institution with a presence confined to just one jurisdiction.


3. Resilience tests for ESG impacts

The CRD VI Directive also requires credit institutions to conduct resilience tests for the long-term negative impacts of ESG factors. This duty is essential to ensure that credit institutions are prepared to face the challenges associated with climate change, social changes, and public policies in the business environment.

The resilience tests must consider (i) the baseline scenario, i.e., the one in which normal operating conditions are met, and (ii) the adverse scenario, representing the adverse conditions the financial institution may face. Although resilience tests are not new in the banking sector, they are now expected to be extended to ESG factors.

Based on previous experiences, the European lawmaker has deemed that resilience tests for environmental-related risks, including climate-related risks and risks arising from environmental degradation and biodiversity loss, should be prioritized given their urgency. For these, institutions should start by assessing the direct impacts of extreme weather events, such as floods and storms, on the institution's operations and assets, as well as the changes that climate change and the transition to a low-carbon economy may bring in public policies, regulations, and market preferences.

Other scenarios to consider include (i) the long-term impact of environmental changes, such as biodiversity loss, natural resource scarcity, and pollution; (ii) the impact generated by social changes, such as economic inequalities, demographics, and changes in working conditions; and (iii) the impact on governance structure, management practices, and ethical issues.

Competent authorities must ensure that resilience tests are based on credible scenarios, using projections and models developed by international organisations as references.

Quantifiable Targets and Risk Monitoring

The competent authorities are also responsible for assessing and monitoring the evolution of strategies and risk management in environmental, social, and governance matters adopted by the institutions. The assessment, which may involve cooperation with competent authorities or public bodies responsible for environmental and climate change supervision, should take into account institutions’ sustainability-related product offerings, their transition financing policies, and related lending practices, as well as environmental, social, and governance targets and limits.

As part of its strategy and risk management, the management body of each institution should develop and monitor the execution of specific plans that include quantifiable targets and processes for controlling and responding to financial risks arising in the short, medium, and long term from ESG factors. In small and non-complex institutions[1], Member States may exempt the management body from the duty to draw up plans in certain areas or apply a simplified regime.

The targets and control and response processes included in the plans should consider the latest reports from the European Scientific Advisory Board on Climate Change and the measures it prescribes.

Duty of Consistency Between Informative Disclosures and Risk Management

CRD VI also requires that, whenever relevant, there is consistency between, on the one hand, the methodologies and assumptions underlying the goals, commitments, and strategic decisions disclosed under the plans based on the CSRD or other information or due diligence duties regulations, and, on the other hand, the criteria, methodologies, and risk management goals under CRD VI and their respective assumptions and commitments.

6. Implications for Remuneration Policies

The Directive also determines that credit institutions' remuneration policies and practices must be consistent with and promote sound and prudent risk management, including risk appetite in terms of ESG risks. This will require adjustments to remuneration policies and their implementation. It should be recalled that, in the EU due diligence regime, this issue had been scrapped from the latest version of the CSDDD.

Issuance of Guidelines by the European Banking Authority EBA»)

Finally, CRD VI sets the deadline of 10 January 2026 for EBA to publish guidelines on critical aspects related to the identification, assessment, management and monitoring of ESG risks. The guidelines should cover four main points: minimum standards and reference methodologies; content of ESG risk management plans; criteria for assessing the impact of ESG risks; and definition of scenarios for resilience testing.

[1] As per Article 4(1)(145) of Regulation (EU) No 575/2013 of the European Parliament and of the Council of 26 June 2013 on prudential requirements for credit institutions and amending Regulation (EU) No 648/2012.

Paulo Câmara |

Maria Luísa Borges |

Morgana Grácio |