Navigating AASB S2 Pillar 3: Streamlining climate risk policies
Navigating AASB S2 Pillar 3: Streamlining climate risk policies
Our sustainability webinar series breaks down the complex world of sustainability, making it a little easier for you to understand the basics and begin driving change within your organisation.
As organisations continue to respond to the evolving climate reporting landscape, Pillar 3 of Climate-related Disclosures AASB S2 (AASB S2) brings the spotlight to a critical area: risk management. While previous webinars have explored climate strategy and scenario planning under Pillar 2, Pillar 3 shifts the focus to how climate-related risks are identified, assessed, prioritised, and managed, and how these processes are integrated into broader enterprise risk frameworks.
Understanding Pillar 3: Risk Management
Put simply, Pillar 3 (paragraphs 24-26) of AASB S2 asks organisations to explain how they identify, assess, prioritise, and monitor climate-related risks and opportunities, and how these efforts fit into their broader risk management approach. This integration is critical; it ensures that climate risks are not treated in isolation but are evaluated alongside other strategic and operational risks, reinforcing a more cohesive and resilient approach to enterprise risk management.
Unique characteristics of climate risks
Climate-related risks differ from traditional business risks in several keyways, they are systemic, long-term, and often non-linear in their impacts. These risks can manifest physically through extreme weather, sea-level rise, or heatwaves—or through transition pathways such as regulatory shifts and market disruptions.
The table below illustrates this vividly. For example, under a 3°C warming scenario, the frequency of extreme rainfall events increases by 70 per cent, the extent of wildfires more than doubles, and the number of people exposed to extreme heatwaves increases eightyfold. At 5°C, these impacts become even more severe, with wildfire extent nearly tripling and extreme heat affecting more people than today. These escalating impacts underscore the importance of assessing climate risks across multiple time horizons and scenarios.
Source: Task Force on Climate-Related Financial Disclosures Figure: C1
This kind of forward-looking, scenario-based analysis is essential for understanding the full spectrum of climate-related risks, and for integrating them meaningfully into enterprise risk management.
Transition risks: A closer look
Transition risks arise from the global shift toward a low-carbon economy. These risks are dynamic and often interrelated, spanning regulatory, market, and reputational domains:
- Regulatory risks: New emissions limits, carbon pricing mechanisms, or mandatory disclosure requirements can significantly impact operations and compliance costs.
- Market risks: Changing consumer preferences, technological disruption, and investor expectations can alter demand patterns and asset valuations.
- Reputational risks: Public and stakeholder scrutiny of an organisation’s climate performance can influence brand value and social licence to operate.
Managing transition risks requires more than just awareness, it demands structured, forward-looking processes. Organisations are encouraged to:
- Conduct horizon scanning to anticipate emerging regulations and policy shifts.
- Engage cross-functional teams to assess how transition risks affect different parts of the business.
- Use scenario analysis to test the resilience of strategies under various policy and market futures.
- Integrate findings into strategic planning, risk appetite statements, and capital allocation decisions.
By embedding transition risk considerations into enterprise risk management, organisations can better navigate uncertainty, meet stakeholder expectations, and position themselves for long-term success in a decarbonising economy.
Applying TCFD guidance: From theory to practice
The Task Force on Climate-related Financial Disclosures (TCFD) provides practical guidance on embedding climate risk into enterprise risk management. Key principles include:
- Inherent vs. residual risk ratings: Understanding the baseline risk before controls, and what remains after mitigation.
- Control environment: Evaluating the effectiveness of existing controls in managing climate risks.
- Risk registers: Documenting and tracking climate risks using structured tools that align with broader risk registers.
These tools help organisations move from qualitative assessments to more structured, decision-useful disclosures.
Integration in practice: Key principles and initial steps
Effectively integrating climate-related risks into enterprise risk management as part of business as usual requires more than just awareness, it demands structured action across governance, strategy, and operations. It’s recommended that organisations should start with these four key areas:
1. Governance and culture
Integration begins with leadership. Board and executive support is essential, alongside clear accountability structures. This includes identifying which subcommittees oversee climate risk, assigning responsibilities, and ensuring relevant teams receive training. Incentives aligned with climate objectives can further embed climate considerations into decision-making.
2. Risk identification and assessment
Climate-related risks should be explicitly included in the organisation’s risk inventory. This involves updating risk identification approaches to reflect climate-specific drivers, applying prioritisation criteria, and conducting materiality assessments. These insights should be embedded into existing policies and procedures to ensure consistency and traceability.
3. Strategy and risk appetite
Organisations must determine how climate risks influence their risk appetite and tolerance levels. Scenario analysis plays a critical role here, helping to test strategic resilience under different climate futures. The outcomes of these analyses should inform strategic planning, capital allocation, and risk mitigation strategies.
4. Tools and reporting
Robust tools and data are essential for effective climate risk management. This includes assessing the adequacy of current systems, integrating climate risk into internal reporting, and understanding the limitations of available data and metrics. Transparent disclosures aligned with AASB S2 and other frameworks, round out the process, ensuring stakeholders are informed and engaged.
These steps are not linear; they are iterative and interconnected. As organisations mature in their climate risk practices, revisiting and refining each area will be key to building resilience and credibility.
Key takeaways
Integrating climate-related risks into enterprise risk management starts with building a shared understanding across the organisation and extends into how risks are assessed, prioritised and embedded into decision making. The following principles from the TCFD offer a foundation to help you get started:
- Common understanding: Before integration begins, organisations need to ensure that teams and leadership share a baseline understanding of climate risks and opportunities. This often involves targeted training and internal engagement to build climate literacy across the business.
- Interconnections: Climate risk management is a cross-functional effort. It requires collaboration between the sustainability, finance, operations, legal, and risk teams, ensuring that climate considerations are embedded throughout the organisation, not siloed in one department.
- Temporal orientation: Climate risks must be assessed across short, medium, and long-term horizons. This may extend beyond traditional planning cycles and is essential for both operational and strategic decision-making.
- Proportionality: Integration should be scaled to the organisation’s exposure and the materiality of climate-related risks. A proportionate approach ensures relevance and avoids overburdening existing systems.
- Consistency: Methodologies used to assess and manage climate risks should be applied consistently across the organisation. This supports clarity in tracking developments and enables more reliable analysis over time.
Ultimately, embedding climate risk into enterprise risk management is not just about meeting disclosure requirements; it’s about building organisational resilience and enabling an informed, forward-looking strategy.
How BDO can support your climate risk integration approach
If you’re mapping climate risks across your value chain, refining your risk registers, or integrating scenario analysis into strategic planning, our sustainability specialists can help. We support organisations at every stage of their climate reporting journey, from governance and risk identification to disclosure alignment and stakeholder engagement.