Our client asked us to implement a risk inventory assessment that considers ESG risks. Having mapped the entire risk inventory process for traditional risk categories, our challenge was to implement an additional assessment for all ESG-related risks. 

ESG risks play a larger role in the overall risk of businesses today. Incorporating them into the risk management program improves a firm's understanding of the full range of risks and enhances overall performance. Enterprise risk management and ESG risk have a significant intersection, such as in identifying risk drivers. 


The Basel Committee on Banking Supervision (BCBS) considers the mapping and measurement of risk exposures to be an essential part of effective risk management. Therefore, the risk inventory is a key step (starting point) in the identification and classification of ESG risks. 
In line with AT 2.2 MaRisk (BaFin’s Minimum Requirements for Risk Management), financial institutions are obliged to conduct a regular and ad hoc risk inventories of all material risks to obtain an overview of their overall risk profile. Material risks must include but are not limited to market price risks, liquidity risks, and operational risks. Non-material risks equally must be determined, and appropriate precautions taken. 

The increasing relevance of climate-related risks is reflected in the 7th amendment to MaRisk, which challenges the existing approach to conducting risk inventories, requiring to broaden the initial materiality assessment and to consider the timeframe for potential risk events. In contrast to conventional risk classification systems, ESG risks are characterized by their dynamic and changing nature, which requires a forward-looking approach to risk classification, with new models and measurements. Financial institutions are tasked with identifying and classifying climate and environmental risks, thereby developing known risk measurement and control mechanisms and adjusting them to the challenges that ESG risks imply.


As a first step, we defined the assessment criteria for ESG-related risks. If, according to the pre-defined criteria, the risk was considered ESG-relevant (as determined jointly with the client), it was flagged at the beginning of the assessment. The final workflow (below) of the successfully implemented Target Operating Model shows the risk inventory assessment and its steps.    

The results of the assessment were compared to enterprise risk ratings and adjusted to a higher level where the ESG risk rating was higher. Where the ESG risk rating was lower or equal, no adjustment was needed, as the highest rating was automatically applied to the overall assessment.


Our client was able to identify and integrate ESG into their risk inventory and the overall enterprise risk management framework, thus facilitating the mitigation of ESG-related risks. 

Such integrations allow our clients to better understand and manage risks associated with sustainability and responsible business practices. As the integration of ESG is an ongoing process that requires commitment from senior leadership and a culture of sustainability and risk awareness, Capco can help refine your approach to effective risk management, ensuring long-term success.