Climate risk is no longer treated as a niche ESG topic or a voluntary disclosure exercise.
With the Prudential Regulation Authority (PRA) issuing its 2025 update on managing climate-related financial risks, the UK has reinforced a simple message: climate risk is now a core part of prudential supervision, as fundamental as credit, market, and operational risk.
For UK banks and insurers, this means expectations are rising across governance, risk management, internal controls, and scenario analysis. And while large institutions already have well-developed frameworks, many small and mid-sized firms are still building foundational capabilities.
This article provides a clear overview of what the PRA expects from 2025 onwards, how these expectations connect to wider UK and international regulations, and what smaller institutions can do today to prepare.
What the PRA’s 2025 update covers: 10 key points
The 2025 supervisory statement replaces the PRA’s 2019 guidance (SS3/19) and strengthens expectations in several areas.
Here are the 10 elements risk and compliance teams should be aware of:
1. Replaces and expands the 2019 climate risk guidance
Climate risk is no longer “emerging.” It’s expected to be fully integrated into prudential risk frameworks.
2. Full integration across governance, risk management, capital, liquidity, and disclosure
Firms must embed climate considerations across ICAAP/ILAAP (for banks) and ORSA/Solvency II (for insurers).
3. Proportionate, risk-based application
Sophistication should match the firm’s size, business model, and material exposures, but all firms must demonstrate action where risks are material.
4. Scenario analysis, including reverse stress testing
The PRA emphasises forward-looking analysis, narrative justification, and the ability to assess extreme but plausible climate outcomes.
5. Acknowledgement of data and model limitations
Firms may integrate climate risk into existing risk registers while methodologies mature. The PRA expects transparency about uncertainty and assumptions.
6. Board and senior management accountability
Climate oversight must be demonstrable, documented, and embedded into decision-making, not treated as a standalone exercise.
7. Clearer expectations on proportionality
It’s not about firm size, it’s about actual climate exposure. Smaller firms with concentrated portfolios may face greater expectations than larger diversified ones.
8. Enhanced expectations for capital and solvency planning
Climate scenario analysis must inform ICAAP/ILAAP and ORSA. This includes understanding transmission channels and quantifying impacts where appropriate.
9. Recognition of litigation and reputational risk
The PRA explicitly highlights these as credible climate-related risk channels, not ESG adjacency issues.
10. Ongoing supervisory engagement
Firms are encouraged to draw from best practice via CFRF (Climate Financial Risk Forum) and maintain dialogue with supervisors.
Why the PRA update matters? Short-term and long-term implications
Short-term implications
Banks and insurers will need to:
- Review existing climate risk frameworks against the refined PRA expectations
- Strengthen Governance Statements, ICAAP/ILAAP or ORSA documentation
- Improve scenario analysis, including severe but plausible pathways
- Evidence board-level challenge, escalation processes, and internal decision-usefulness
- Document modelling limitations, use of proxies, and data sourcing
Supervisors are expected to increase the depth of challenge, especially around methodology defensibility.
Long-term implications
Over the medium to long term:
- Climate risk becomes fully embedded into prudential and strategic processes
- Capital planning increasingly incorporates physical and transition risks
- Scenario analysis becomes more quantitative and institution-specific
- Firms are assessed on continuous improvement, not static compliance
- Business model resilience under climate scenarios becomes a supervisory focal point
For many organisations, the PRA update accelerates the transition from “compliance reporting” toward a strategic, risk-based approach to climate resilience.
What this means for smaller and mid-sized firms
Proportionality is now clearer, but expectations remain meaningful:
- Smaller firms may need new processes, climate data sources, or external tooling
- Concentrated portfolios (e.g., regional lenders) may face higher material climate exposure
- Even without large modelling teams, firms must show credible assessment and governance
The PRA does not expect perfection. It expects progress, transparency, and defensible methods.
The wider regulatory landscape: FCA, IFRS S2, Pillar 3, SFDR, CSRD, and TPT
The PRA update sits within a broader regulatory ecosystem that UK banks and insurers must navigate. Here’s how the pieces fit together without overwhelming your internal teams.
FCA rules: Conduct and ESG disclosures
The FCA focuses on:
- sustainability-labelled products
- anti-greenwashing expectations
- transition plan transparency
- decision-useful disclosures for consumers and investors
The FCA does not supervise capital or prudential climate risk. That remains the PRA’s domain.
TPT (Transition Plan Taskforce)
Provides the blueprint for credible climate transition plans.
Its expectation of governance, strategy, and scenario analysis aligns closely with PRA requirements, meaning banks and insurers can use one capability set to satisfy both.
IFRS S2 / TCFD
- IFRS S2 is now the global baseline for climate disclosures
- TCFD has been formally absorbed into IFRS S2
- UK regulators intend to adopt IFRS-aligned UK SRS standards
- IFRS S2 reinforces scenario analysis, financial materiality, and physical + transition risk visibility
Firms already producing TCFD reports will find the transition manageable, but must prepare for more granular risk assessments.
Pillar 3 disclosures (banks only)
The EU’s EBA framework continues to shape expectations for climate-related transparency, even for UK-based banks.
Under Pillar 3, banks must disclose:
- exposures to climate-related risks
- results of climate stress tests
- scenario analysis methodologies
- governance and risk-management processes
For UK banks with EU operations, these disclosures already apply. And enforcement has begun.
The ECB recently fined ABANCA for inadequate climate-risk oversight, a clear signal that supervisors are moving from guidance to active supervision.
This case illustrates what UK banks should expect as climate risk becomes embedded in prudential regulation: greater scrutiny of methods, assumptions, and board-level oversight.
SFDR and CSRD (for cross-border firms)
These do not apply to all UK institutions. They apply if:
- the firm operates products in the EU (SFDR), or
- has EU subsidiaries or listings above size thresholds (CSRD).
Physical climate risk (ESRS E1) becomes essential for UK banks/insurers with EU clients or operations.
What UK banks & insurers should do next: Practical steps
The PRA recognises the challenges, limited data, emerging methodologies, and uncertainty. But firms must still act.
Here are proportionate, actionable next steps:
1. Conduct a climate risk gap assessment
Identify where current frameworks meet or fall short of the PRA’s expectations.
2. Integrate physical climate risk into existing risk registers
Start with material exposures. You don’t need a separate register. Reinforcement is acceptable.
3. Strengthen scenario analysis
Use a mix of narrative and quantitative scenarios aligned with:
- PRA expectations for forward-looking, multi-scenario climate analysis
- IFRS S2/TCFD guidance, which requires scenario analysis and disclosure of assumptions
- IPCC-aligned climate pathways (SSPs/RCPs)
Mitiga Solutions’ climate intelligence products model future risk across three widely used IPCC scenarios:
- SSP1–2.6 (Paris-aligned): strong mitigation, lower warming trajectory
- SSP2–4.5 (intermediate): delayed transition with moderate warming
- SSP5–8.5 (business-as-usual): high emissions, severe physical impacts
These scenarios allow banks and insurers to assess risk across near-term (2025–2035), mid-century, and end-century horizons, supporting PRA expectations for credible, decision-useful scenario analysis.
4. Improve governance evidence
Boards must evidence challenge, oversight, and decision-usefulness; not just awareness.
5. Prepare for cross-regulatory convergence
Especially for firms with EU or international exposure.
6. Leverage modular tools
Small and mid-sized firms are unlikely to build internal scientific teams using external, science-based tools reduces the burden.
This includes:
- asset-level physical climate risk data
- uncertainty quantification
- scenario-based projections
- disclosure-ready outputs aligned with IFRS S2, TCFD, and CSRD
How Mitiga Solutions supports UK banks and insurers
UK regulators emphasise 3 pillars: uncertainty, proportionality, and defensible modelling. Mitiga Solutions’ EarthScan and Disclose give banks and insurers exactly what PRA supervisors are asking for and what most platforms cannot provide.
Here’s how Mitiga Solutions stands out:
- Full probabilistic modelling with quantified uncertainty: EarthScan provides 5th / 50th / 95th percentile projections for every hazard, enabling firms to evidence uncertainty, a core PRA expectation for ICAAP/ILAAP and ORSA. This makes methodologies transparent, defensible, and auditor-ready.
- Return periods for both frequent and extreme climate events: All hazards include return periods from 2 to 100 years, with extended return periods up to 200, 500 and 1,000 years for flood and extreme wind. This allows banks and insurers to model tail-risk events, essential for capital planning, underwriting, catastrophe modelling, and reverse stress testing.
- Scenario-aligned projections for prudential frameworks: Outputs align to key PRA expectations and support ICAAP/ILAAP (banks) and ORSA/Solvency II (insurers). Scenarios follow IPCC SSPs used across the industry.
- Disclosure-ready reporting for IFRS S2, TCFD, and CSRD: Disclose turns asset locations into audit-ready climate risk reports within minutes, including hazard exposure, uncertainty ranges, return periods, and narrative language mapped to disclosure requirements.
- Scientific transparency designed for scrutiny: Built on CMIP6, CORDEX, ERA5, observational datasets, and machine learning techniques such as Gaussian Process Regression, enabling supervisors, internal model governance teams, and auditors to trace assumptions and justify approaches.
- Modular, proportionate deployment: Supports early-stage firms with limited resources while scaling easily for complex portfolios.
For PRA-regulated firms, Mitiga Solutions’ biggest advantages lie in its ability to quantify uncertainty and model tail-risk events, capabilities increasingly expected under 2025 supervision and essential for defensible climate risk assessments.
Conclusion
Climate risk is now firmly embedded in the UK’s prudential landscape. The PRA’s 2025 update clarifies what supervisors expect: meaningful integration, credible methods, and ongoing improvement.
For UK banks and insurers, especially smaller institutions, this is both a challenge and an opportunity.
Firms that start now, even with proportionate steps, will be better prepared for supervisory scrutiny, better positioned to protect their portfolios, and better aligned with the global shift toward forward-looking climate risk management.
If you’d like guidance on integrating physical climate risk data, building scenario analysis workflows, or preparing for IFRS S2, TCFD, or UK SRS–aligned disclosures, our team can help.
Book a demo to explore EarthScan and see how science-based climate intelligence can support your next regulatory cycle.
