Since the term ESG (Environmental, Social, Governance) gained prominence in the early 2000s, ESG-related issues have become increasingly relevant for the European financial sector. The year 2026 marks another regulatory milestone: ESG risks are to be embedded even more systematically into banks’ overall governance and strategic orientation.
With the European Banking Authority (EBA) Guidelines on the management of ESG risks, the Capital Requirements Directive VI (CRD VI), and the planned national implementation in Germany via the BRUBEG, ESG risks are becoming a permanent focus of bank steering. From 2026 onwards at the latest, ESG risks are expected to be explicitly addressed in supervisory dialogues, audits, and internal steering processes.
In Germany, these requirements are being specified through the planned amendments to the German Banking Act (Kreditwesengesetz, KWG). The current government draft for the implementation of CRD VI , in particular, the introduction of a distinct ESG risk plan (§ 26d KWG-E) as well as binding requirements for the integration of ESG risk drivers into risk management (§ 26c KWG-E). As a result, the ESG risk plan is, for the first time, explicitly anchored as a prudentially relevant management instrument in national banking supervisory law.
ESG Risks Are Changing the Steering Logic of Regional Financial Institutions
Savings banks (Sparkassen) and other regional financial institutions are facing the challenge of integrating ESG-related risks much more strongly into their existing steering frameworks. ESG factors cut across established structures: they affect credit risk, strategic risk, collateral valuation, governance structures, and long-term business models. As a result, traditional boundaries between risk management, strategy, and sustainability are increasingly being questioned.
From a supervisory perspective, it is important to note that ESG risks are not regarded as a separate risk category, but rather as risk drivers of existing risk types, in particular credit risk, market risk, liquidity risk, operational risk, and strategic risk. This understanding is explicitly anchored both in the EBA Guidelines and in the ECB Guide on climate-related and environmental risks.
This perspective is explicitly reflected in the German implementation framework through the proposed § 26c KWG-E. According to this provision, ESG risk drivers are to be systematically integrated into all relevant risk management processes across short-, medium- and long-term horizons, including the risk inventory, risk strategy and ICAAP.
The core challenge therefore lies less in identifying individual ESG risk drivers and more in embedding them into a coherent overall logic within the framework of sustainable transformation.
ESG Risk Management Is More Than a Regulatory Obligation
In many regional institutions, ESG risk management is currently understood primarily as a regulatory obligation: ESG-related risk drivers are identified, qualitatively described, and documented. This step is necessary and required under supervisory law, for example under the EBA Guidelines on ESG risk management.
The proposed § 26d KWG-E further specifies these expectations by obliging institutions to prepare a dedicated ESG risk plan. This plan is to be embedded in the risk strategy and must include quantitative objectives, governance structures and procedures for the monitoring and management of ESG risk drivers. The ESG risk plan thus becomes an integral element of formal overall bank management.
At the same time, practice often reveals a structural tension: ESG risk drivers are analysed, but their strategic implications frequently remain unclear. Risk analyses exist in parallel to strategy papers, transformation objectives, or sustainability programmes, without being systematically linked.
This brings a new question to the forefront for supervisors: How are identified ESG risk drivers actually translated into steering and decision-making processes?
The Role of Risk Controlling: Integration Instead of Parallel Structures
In this context, risk controlling becomes particularly important for savings banks and other regional financial institutions. While risk management defines the overarching framework, methods, and processes, it is the role of risk controlling to prepare ESG-related risk drivers in such a way that they can be transparently reflected in risk inventories, ICAAP, risk reporting, and strategic steering.
The challenge lies less in introducing new models and more in the consistent linkage of qualitative ESG insights with existing risk-controlling logics. It is precisely here that supervisors increasingly expect plausibility, proportionality, and institution-specific reasoning.
Sustainable Transformation Requires Strategic Embedding of ESG Risk Drivers
The intensified ESG focus of supervisors requires financial institutions to identify structural changes at an early stage and to steer them strategically. ESG risk drivers provide key signals in this regard: physical climate risks indicate regional vulnerabilities, transition risks point to structural changes in sectors and value chains, and social and governance factors affect the long-term stability of business relationships.
It is crucial to embed the management of these risk drivers into a transition logic that links risk analysis, strategic steering, and operational implementation. Such a transition framework does not replace detailed planning, but it provides orientation regarding development paths and priorities.
Key guiding questions include, among others:
- Which business areas, portfolios, or customer segments are particularly affected by ESG-related changes?
- Which adjustments appear realistic and necessary in the medium to long term?
- How can these considerations be integrated into existing steering, risk, and governance processes?
Making Targeted Use of the Specific Characteristics of Regional Financial Institutions
Savings banks and other regional financial institutions operate under specific framework conditions. Their credit portfolios are strongly regionally focused, their proximity to SMEs, municipalities, and local industries is high. At the same time, resources for complex risk modelling or extensive data collection are often limited.
As institutions with a public mandate, savings banks play a particularly important role in financing municipal infrastructure, regional energy transition projects, and SME transformation. As a result, they are often exposed earlier and more directly to ESG risk drivers than supra-regional institutions.
For this reason, proportionality is a central guiding principle that is explicitly provided for in regulation. The EBA emphasises that qualitative approaches for smaller institutions are permissible and appropriate, provided they are designed in a consistent, transparent, and institution-specific manner.
An integrated approach offers particular opportunities here: the strong knowledge of regional economic structures, short decision-making paths, and existing governance formats can be used to embed ESG risk drivers into overall bank steering in a contextualised and practical manner.
From Regulatory Requirement to Strategic Value
If ESG risk management is not treated in isolation but as part of sustainable transformation, a dual benefit emerges. On the one hand, audit and supervisory risks can be reduced because ESG risk drivers are consistently derived and integrated into existing processes, such as risk inventories, ICAAP, risk strategy, and governance.
It is also important to consider the staggered application of the new requirements. While significant institutions must comply as of January 2026, non-significant institutions are granted a transitional period until January 2027. For many savings banks, this means that conceptual preparation will be the focus in 2025/2026, followed by audit-proof implementation in 2026/2027.
On the other hand, the institution gains strategic orientation. ESG-related insights are not merely documented, but provide impulses for prioritisation, portfolio steering, and long-term positioning. ESG risk management thus becomes a steering-relevant element of overall bank management.
Smaller and medium-sized institutions in particular still have development potential in this area. As a 2022 study by BaFin and Deutsche Bundesbank showed, there is a wide range of practices among these institutions in dealing with climate and environmental risks. While basic practices are widespread, many institutions still have room for improvement when it comes to the effective steering of climate and environmental risks based on concrete performance indicators.
Conclusion: Orientation Instead of Perfection
For regional financial institutions, the focus is not on perfection, but on coherence, transparency, and strategic embedding. ESG risk management provides a necessary foundation – but it only unfolds its full effect when ESG risk drivers are linked with a clear transformation logic.
Institutions that recognise ESG-related risks early on as part of sustainable transformation gain orientation in a complex regulatory environment. They strengthen their steering capability, increase supervisory robustness, and at the same time lay the foundation for a resilient long-term business strategy.
Next Steps
The integration of ESG risk drivers into risk controlling, strategy, and transformation planning currently raises fundamental questions for many regional financial institutions, for example how ESG risk planning and transition planning can be meaningfully linked.
If you would like to reflect on these questions in a structured manner, I would be happy to engage in a professional exchange.
👉 Contact me for a free initial consultation.