“The objective of climate-related financial disclosures on risk management is to enable users of general purpose financial reports to understand an entity’s processes to identify, assess, prioritise and monitor climate-related risks and opportunities, including whether and how those processes are integrated into and inform the entity’s overall risk management process.” (IFRS S2, Paragraph 24)

Climate risk management

Risk management is the process of identifying, assessing and mitigating threats to an entity’s operations or financial performance. These threats include operational, cybersecurity, reputational and financial risks, which may arise either expectedly or unexpectedly from internal factors (e.g., organisational changes) or external factors (e.g., market fluctuations, geopolitical conflicts). 

With climate change emerging as a critical business risk, its impacts are increasingly far-reaching—from physical damage to infrastructure and supply chain disruptions to material effects on financial performance. This creates a growing need to evaluate both physical risks (e.g., extreme weather events) and transition risks (e.g., new regulations, carbon pricing, national emission targets) and their implications for business resilience.

What’s new in IFRS S2 Risk management?

Under TCFD, entities have been reporting how they identify, assess and manage climate-related risks within their overall enterprise risk management (ERM) systems.

While consistent with TCFD, IFRS S2 introduces a new requirement: entities shall also disclose how climate-related opportunities are integrated into the their overall risk management processes. This means not only identifying climate-related opportunities that come with climate-related risks but also assessing how relevant they are and what financial impact they might have. This enhancement strengthens strategic decision-making and business planning by ensuring more effective allocation of both human and financial resources.

When disclosing their processes for identifying climate-related risks and opportunities, entities are also expected to describe:

• Input parameters, such as the data sources used, organisational boundaries considered, and key assumptions made; and
• Details on how climate scenario analysis was applied [See our “Shaping Strategy” article for more guidance].

Together, these requirements illustrate that an effective climate-related risk and opportunity management process should be both systematic and data-driven.

What should my climate risk management process look like?

As IFRS S2 makes clear, entities are not expected to establish a separate climate risk management process. Instead, climate-related risks and opportunities should be integrated into the existing ERM system.

The diagram below maps the standard ERM steps to their application in managing climate-related risks and opportunities:

Next Steps for Reporting

Think of it as managing a grocery—or for businesses, an inventory—list. You need to regularly check which items need restocking and which can be removed if no longer relevant. Similarly, your list of climate-related risks and opportunities must be reviewed continuously to assess exposure levels and identify where strategies should be adjusted, whether to strengthen safeguards against risks or to invest further in emerging opportunities.

This is why integrating climate-related risks and opportunities into your risk management process is essential. It embeds climate considerations into routine decision-making, keeps your business consistently updated on its exposure, and enables timely action planning. By doing so, you not only protect your business from risks and potential losses but also position it to capture opportunities for sustainable growth, even amid disruptions.

For further guidance, refer to the “Risk management” section of IFRS S2.