Skip to main content

ESG in Credit Risk: Our points of view on the EBA’s Report and Deloitte’s ESG Risk Scoring Approach

Recommendations made by the EBA; industry insights and an overview of our ESG risk scoring approach

The ESG risk management and quantification landscape continues to evolve and intensify. The European Banking Authority (EBA) released their latest report last month, focussing on the prudential treatment of environmental and social (E&S) risks. Further, a recent news article reported that the European Central Bank (ECB) has issued letters to as many as 20 banks in Europe warning them that fines will be imposed unless they address shortcomings in their management of climate risk.

In this blog, we highlight some of the key recommendations made by the EBA in their recent report; offer our insights on observed practises and the core challenges; and provide an overview of the key features and benefits of Deloitte’s ESG risk scoring model. 

Latest regulatory report on E&S risks published by the EBA

In their most recent report released in October 2023, the EBA identified E&S factors “to be significantly contributing to (credit) risks to both individual institutions and financial stability as a whole". This has prompted the EBA to “reassess if and how environment-related adjustment factors could be designed as part of a prudentially sound and risk-based prudential treatment of individual exposures, while ensuring that the overall level of capital requirements remains adequate to respond to all risks”. The EBA’s report explores the appropriateness and feasibility of targeted enhancements to the prudential framework for accelerating the integration of E&S related risks in the credit risk framework.

The EBA make the following recommendations (amongst others) for Internal Rating Based (IRB) approaches over the short- and medium-to-long-term:

  • In the short-term, the report advises firms to assess and account for E&S risks while assigning credit ratings. The use of expert judgement can be applied where observed data does not accurately reflect E&S risk, without materially decreasing the overall performance of the model.  They also expect firms to consider E&S when quantifying these risks, for example, in the downturn component, through margin of conservativism (MoC), and calibration segments.
    • The guidelines for Loss Given Default (LGD) and Credit Conversion Factors (CCF) estimation require these estimates to be adequate for downturn conditions. For the downturn component, the EBA’s current view is that the nature of the economic downturn should not be amended in the context of E&S risks. They expect an E&S induced downturn to be quite different in nature to an economic downturn that is expected to have some cyclicality. Therefore, E&S risks can only be considered to the extent those risks have an impact on the economic indicators used in the downturn assessment.
    • The current CRR requires institutions to apply a MoC to address any deficiencies and uncertainties in data or modelling methodologies. The EBA’s current view is that any deficiencies resulting from E&S risks have to be treated in a similar manner to all other deficiencies, in accordance with the current guidelines. For consistency and efficiency, existing MoC quantification frameworks are likely to be adapted and extended by modellers to include E&S risks.
    • One of the desired features of a rating system is homogeneity within grades or pools. Exposures within a grade or pool is unlikely to be impacted by the same E&S factors. Therefore, the EBA proposes firms use calibration segments where the risk quantification would be performed separately for exposures that are exposed to E&S risk, and those that are not. Naturally, this requires firm to be able to clearly identify exposures that are exposed to E&S risks. Firms can leverage their materiality assessments to perform a top-down assessment, which can be complemented with a bottom-up assessment for high-risk segments.
  • The EBA recommends that over a medium-to-long-term firms should reflect E&S risks in their PD and LGD estimates respectively, via a redevelopment or recalibration of their rating system as the impact of these risks become observable across default and loss rates. This could involve steps such as, (a) identifying the relevant E&S risks that are relevant to their portfolios, (b) collecting counterparty level E&S data, and (c) incorporating the impact of E&S risks into credit risk models, which would involve development of new models or modifying existing models.
  • In the medium-to-long-term, the EBA will further investigate and reassess whether E&S risk drivers across different types of exposure should be added to the list of risk drivers used for estimating PD, LGD, and Expected Loss Best Estimate (ELBE). 
Our points of view:
  • Regulators now expect firms to measure and mitigate E&S risks, not just climate-related risks. The ECB is intensifying their review against their expectations, and challenges such as the lack of data and resource constraints cannot be used to justify a lack of progress.
  • While the PRA have issued a Dear CEO letter in 2022, and are assessing the progress against SS3/19 for select firms, it will be interesting to see how they respond to the ECB’s increased scrutiny.
  • The short-term guidance prompts firms to start gathering additional data to be able to identify the realisation of E&S risks on their entire portfolio. Firms should then be able to identify transmission channels more reliably and link E&S data to credit defaults that have materialised in their portfolio.
  • As such, this data will not only support their requirement to assess E&S risks in the short-term, but also position the firm to address the longer-term recommendations of the EBA of reflecting E&S risks in PD and LGD estimates, via a redevelopment or recalibration of their rating system. This additional data will also reduce the reliance on expert judgement, thereby aiding the ESG risk quantification exercise by enabling statistical modelling approaches.
  • One of the primary challenges when analysing default data and calibrating models, will be to identify a clear link between specific E&S risk drivers and a credit risk driver via appropriate transmission channels. For example, one can argue whether observed issues of modern slavery (a typical ‘S’ risk driver) led to significant fines and subsequent lower profitability (i.e., channel 1), or did it also lead to changes in consumer behaviour that led to lower profitability (i.e., channel 2).
  • When collecting and analysing default data, firms need to ensure that the observation period is long enough to accurately capture the E&S related default flags. It also creates a need for firms to adapt data systems to capture this new data. Firms will also need to ensure that data teams are sufficiently well-trained to understand how E&S factors impact borrowers.

Observed industry practice for capturing E&S risks

Given that E&S risks are still novel, one of the preliminary approaches has been to apply ‘umbrella-overlays’ or expert driven adjustments to existing ratings. In some cases, these ‘umbrella-overlays’ tend to apply a broad assessment of the potential risk factors at a sector-level using a subjective criterion that may vary between credit risk officers. 

Our point of view:

We note that there is an absence of a more robust E&S risk scoring methodologies to measure such risks. Whilst ‘umbrella-overlays’ and expert driven manual overrides may be a quick way to assess and measure E&S risks, it introduces inherent model risk management challenges. These challenges stem from the fact that subjective assessments and manual model overrides become very difficult to replicate as there is a dependency on the subjective opinions of different credit risk officers. This may lead to inconsistent risk-rankings across counterparties over time, which may require margins of conservatism to address uncertainty.

Market dynamics pose additional challenges in quantifying E&S risks

The current industry dynamics pose many additional challenges, including knowledge gaps, resource constraints, and lack of complete and accurate data, amongst others. In particular, the current methodologies and tools available in the market may not provide an optimal solution. For instance, inconsistency and non-comparability of ESG scores provided by external vendors due to different definitions and approaches adopted. Additionally, there is a lack of transparency in the methodologies used by external vendors, making ESG scores a black box. These challenges make it difficult for firms to explain the scoring methodology to stakeholders, including regulators. It also makes it difficult for firms to perform vendor assessments.

There is also the question regarding the longevity of vendor produced ESG scores in the future. For example, a leading credit rating agency has recently removed ESG scores from their debt ratings amid scrutiny and litigation, as reported in a recent Financial Times report. This further supports the need for firms to develop their own ESG risk scores.

Our point of view:

Given the current industry dynamics and regulatory pressure, firms need to start developing their own internal capabilities to quantify and measure ESG risks for their credit portfolios. The challenge to measure these risks is heightened given the societal focus on greenwashing. As such, there is significant reputational risk from misreporting and mismeasurement, along with the risk of criticism around explainability and interpretability of methods used to quantify ESG risks from regulators. Therefore, having a proprietary methodology developed in-house could reduce this risk for the firms.

How can Deloitte help?

Deloitte has developed a methodology that produces ESG risk scores and addresses some of the challenges of quantifying E&S risks in the short-term. The EBA’s most recent report (EBA/REP/2023/34) focuses on the ‘E’ & ‘S’. However, in their earlier report, i.e., EBA REP 2021/18, the EBA had also included ‘G’ or Governance risks while outlining their approach towards ESG risks in their supervisory review and evaluation performed by competent authorities.

Our ESG risk score enables risk-ranking of the counterparties in a firm’s portfolio and allows firms to easily identify high ESG risk customers who can be evaluated for a more detailed risk assessment. 

Deloitte’s ESG risk scoring model methodology:

While designing the methodology for our ESG risk scoring model we have navigated through the challenges that firms are likely to face. In our methodology, we have managed to overcome the key challenges of the sparsity of ESG data for Small & Medium Enterprises (SMEs) and addressed the regulatory guidance of producing a forward-looking outlook while measuring E&S risks.

Figure 1 below presents the characteristics and benefits of Deloitte’s ESG risk scoring model.

Figure 1: Deloitte's ESG risk scoring model

Developing the ESG risk score:

Our approach includes measuring ESG risks using quantitative and qualitative components, both of which are applied at a counterparty level. This approach is customisable such that it can handle data from different sources.

The quantitative component has been designed to compensate for data limitations and coverage constraints. Further, the quantitative component uses a machine learning (ML) technique to obtain forward-looking ESG scores for counterparties across the portfolio with inputs from a range of ESG risk drivers and climate scenarios. Potential drivers include environmental factors, for instance Green House Gases (GHG) emissions, air pollution, waste, and water consumption or social factors, such as gender diversity targets of the counterparty. The ML algorithm chosen for model development is simple to comprehend and interpret, with results that are explainable, thereby providing a glass-box methodology with lower complexity and model risk.

The qualitative component allows for expert judgement to supplement the qualitative scores and cover risk factors where standardised quantitative metrics have not yet been established, such as upholding ethical labour practices. The weights between the quantitative and qualitative components can be tailored to reflect business confidence in each component along with a desired level of model risk. Figure 2 illustrates an overview of our approach. 

Figure 2: ESG risk scoring model methodology

Application of ESG risk scores across the credit risk lifecycle

To facilitate robust risk management, ESG risks needs to be considered across the credit risk lifecycle, for example, the EBA Guidelines on “Loan Origination and Monitoring” specify that ESG factors should be considered in a firms’ credit risk appetite, policies, and procedures1 specifying and tracking the appropriate metrics to assess alignment. Additionally, traditional credit risk models such as PD and LGD, are based on historical data, which in most cases do not fully reflect the expected impact of environmental or social factors on the counterparty’s credit risk profile. As such, ESG risk scores have a wide range of applications across the firm’s credit risk framework as illustrated in Figure 3. 

Figure 3: Application of ESG risk scores

The integration of ESG risk scores into credit risk models requires careful calibration, specific to the firm’s portfolio and traditional models.  Our ESG risk scoring model produces a standardised metric to measure ESG risks and facilitates risk-ranking of counterparties in the short-term based on the EBA’s recent guidance. However, calibrating the impact on PD for example, would require careful consideration to ensure an accurate estimate of the financial impact for the borrower and subsequently the borrower’s PD.


In conclusion, integrating ESG risks into a credit risk framework is crucial for managing these risks and ensuring a responsible future. The regulatory expectations for firms to identify and manage these risks continues to intensify and requires firms to invest into building robust models to quantify ESG impacts on credit risk.

It is important for firms to capture ESG attributes as part of the customer on-boarding, annual review process and in default data collection. Despite concerns about friction in the customer engagement process, capturing accurate and complete data, and recording it in the firm’s systems is vital.

Deloitte's ESG risk scoring methodology offers a transparent, interpretable, explainable, comprehensive, and scalable approach to measure ESG risks. This methodology has been designed to comply with the current regulatory guidance and has the capability to integrate with a firm’s existing credit risk framework. With such a risk scoring model, firms can improve their credit origination and underwriting, incorporate ESG into strategic decisions on risk appetite, reporting and disclosures, and contribute to a more sustainable future.

Acknowledgement is given to the extended team whose contributions have been instrumental in bringing this article and project to fruition: Levinthran Kuruparam, Ryan Ramasamy, Kareem Ahmed, Rahul Naithan Basra, Vickram Maycock and Akshay Mungroo.



1 EBA Guidelines on Loan Origination and Monitoring (Sections 4.3.5 and 4.3.6)