Overview

On 3 December 2025, the PRA published its final Policy Statement PS25/25 on climate-related financial risks, which follows the earlier consultation launched in April 2025 (CP10/25 on climate-related financial risks). The final expectations now sit in Supervisory Statement SS5/25 ‘Enhancing banks’ and insurers’ approaches to managing climate-related risks’, which immediately replaces the old SS3/19. The changes enhance requirements in areas such as governance, risk management, scenario analysis, data, and disclosure.

For small and medium-sized UK banks, the new requirements are not only about compliance, but also a chance to embed climate resilience in business strategy, protect value, and build long-term competitive strength.

PS25/25 clarifies that a 6-month period starting from 3 December is afforded to firms explicitly to allow them to review and, where necessary, update their frameworks and plans.

Area	High-level SS3/19 Summary	High-level SS5/25 Summary	Key Changes
Governance and Board engagement	Boards to understand risks, set appetite, and oversee integration into strategy (3.2–3.4)	Boards must review strategy/appetite, challenge management using clear MI, and periodically reassess strategy; coherence with climate targets required where adopted (4.2–4.4, 4.14–4.17)	More specific board role; stronger MI and challenge expectations
Risk appetite and cascading	General expectation on risk appetite, linked to metrics and strategy (3.3, 3.9)	Explicit requirement for climate-specific risk appetite at enterprise and business-line levels for material climate risks, informed by scenario analysis (4.7–4.13)	Clarifications to expectations, and more formal expectations on cascade of risk appetite for material risks
SMF accountability	SMF(s) to have responsibility for climate risk oversight (3.4)	SMF responsibilities must be clearly defined and linked to reporting lines, strategy delivery and performance management (4.5–4.6)	Expanded and more detailed accountability framework linked to performance
Risk identification	Firms to identify physical/transition risk using judgement and expert input (3.5, 3.12)	Structured, periodic identification and assessment expected that use transmission channels to map risks into traditional risk types, material risks justified and captured in the central risk register (4.19–4.24, 4.25–4.28, 4.31)	More rigour, clarity on document updates, and periodicity in risk identification
Risk measurement and metrics	Use mix of qualitative/quantitative tools and scenario results (3.3, 3.8–3.9)	Quantitative risk appetite metrics and limits required for material risks; regularly reviewed to reflect evolving risk and capability and informed by CSA (4.32–4.38)	Codifies need for metrics/limits and links them to governance and risk monitoring. The PRA has not specified mandatory metrics.
Internal risk reporting	Boards to receive MI and scenario outputs for decision-making (3.13)	Structured internal risk reporting infrastructure required; frequency aligned to materiality of climate risks and include CSA outputs, limit utilisation, etc. Embed across 3LoD (4.39–4.42)	Clearer standards and expectations for MI content and cadence - alignment with BCBS principles
Scenario use and role	Scenario analysis encouraged for strategy, risk and capital planning; no fixed structure. Proportional approach expected, recognising limitations of early tools (3.6, 3.14–3.17).	Scenario analysis is a core tool: required for strategy, risk appetite, ICAAP (reverse stress testing included); use cases must be tailored and scenarios justified. Firms must understand and challenge model assumptions; assess severity, tailor calibration, and update over time. Fallback requires clear justification and a robust alternative approach to understanding future climate-related risks. (4.46–4.61, 4.62–4.71)	Clear shift towards greater emphasis of climate scenario analysis. Enhanced expectations on methodological rigour and ongoing reviews. Fallback approach would require robust justification and a clear alternative.
Data adequacy and governance	Recognise data gaps and seek improvement; engage with clients and external sources (3.12)	Must define data strategies, identify gaps, plan enhancements; introduce governance for internal and third-party data and interim proxies (4.31, 4.74–4.79)	Full data strategy and governance framework now expected
ICAAP and ILAAP integration	Include climate in ICAAP and justify assessments (3.7, 3.17)	Must identify, quantify and evaluate climate-related risks in ICAAP and ILAAP using CSA as a key tool (4.103–4.107)	More detailed guidance and broader scope across both capital and liquidity planning
Specific risk types	No explicit reference to credit-specific policies; general expectation to embed climate risk in overall risk frameworks (3.5)	Firms must define processes and controls to assess and mitigate climate credit risk; include concentrations and full credit lifecycle. Use scenarios to assess climate-driven market risk (e.g., volatility, correlation breakdown) and reputational/strategic risk (4.108–4.116)	Expanded expectations on credit frameworks and risk-specific mitigation
Disclosures	Firms encouraged to disclose climate risks voluntarily, aligned with TCFD, and in addition to any existing mandatory requirements under Pillar 3, Companies Act, etc. (3.18–3.22)	No material new requirements; TCFD replaced with UK Sustainability Reporting Standards (SRS) - based on ISSB publications - reflecting wider industry developments (4.80–4.84)	Alignment with evolving external frameworks; otherwise, core expectations remain unchanged.
Financial reporting	Not explicitly addressed	New: accounting processes must integrate climate risk into valuations, ECL, and financial disclosures, supported by controls and governance and reflecting accounting standards (4.86–4.102)	Extends expectations to financial reporting processes, eliminating a potential gap in SS3/19

The Road to SS5/25

SS3/19, introduced in 2019, set the UK’s first supervisory expectations on climate-related risks. Progress since has been uneven – the PRA’s 2020 Dear CEO letter and thematic reviews highlighted some key gaps and implementation challenges.

CP10/25 responded with more detailed, actionable guidance while retaining flexibility through the application of proportionality, which has now been finalised following consultation feedback in SS5/25.

Key Changes

Governance

Boards should approve firm-wide climate-specific risk appetite statements for material climate-related risks and review them periodically, with triggers for earlier review where needed.
There should be a clear link between the firm’s strategy and its climate goals (if set by the bank).
Management information (MI) provided to the Board must be relevant and support decision-making processes. On CSA, boards should understand how scenario outputs inform this MI.
Firms must cascade their climate risk appetite and associated metrics and limits across the organisation, including as appropriate to business lines.

Risk Management

Firms must undertake structured, periodic climate risk identification processes to ensure all material risks are captured and understood.
Material risks must be substantiated (i.e., the rationale for the assessment of materiality) and recorded in the central risk register with mapping to transmission channels and existing risk categories: these will require re-assessment over time. Litigation risk can be treated as a distinct transmission channel if appropriate.
Risk metrics and limits are to be established, reviewed and evolved.
Climate-related operational risks should be reflected in the firm’s operational resilience planning including impact tolerances, business continuity and contingency planning, and third-party/outsourcing risk management.

Climate Scenario Analysis

Firms must explore a range of scenarios considering factors such as time-horizon and reflecting physical and transition risks; they should be tailored for the specific purpose (e.g., strategic planning, stress testing, etc.)
CSA should support decisions on strategy, risk appetite, capital, and liquidity. It should form part of the ICAAP and ILAAP and be incorporated within reverse stress testing processes.
Boards must understand the limitations linked to climate stress testing – which are likely to change over time – and ensure that sufficient resources are in place.
Methodologies, scenarios and models should be periodically reviewed and updated as scientific evidence, data and tools evolve, and as the firm’s understanding of climate-related risks develops
As a fallback, where a firm elects not to conduct CSA, it must have a clear justification and should demonstrate a robust alternative approach to understanding future climate-related risks

Data

Data gaps are widely recognised but should not stop banks from developing their approach to climate risks; accordingly, banks should look to develop structured plans to manage and close these gaps including through further investment.
Where reliable or comparable climate data are not available, firms should use appropriate proxies or assumptions, documenting their rationale and limitations and interpreting the resulting information in a way that reflects embedded uncertainty.
Where reliance is placed on data from external providers, it must be subject to governance by the firm.
Banks’ internal systems should support climate risk data aggregation and reporting.

Disclosures

Owing to the disbandment of the TCFD, and the establishing of the ISSB – focus as to the benchmark for disclosures is replaced with UK Sustainability Reporting Standards (UK SRS), which are based upon the ISSB’s publications.
The PRA has not introduced a separate prudential climate disclosure regime as it expects firms to enhance disclosures within existing requirements and to engage with UK SRS or other relevant initiatives,

Other Banking-specific Issues

Integrate climate risk into financial reporting, including ECL, closing a gap from SS3/19.
Further clarification on the need to integrate climate risk into the ILAAP and funding and liquidity frameworks.
Credit risk management must span the full lifecycle, with clear assessment of any concentrations.
Market risk frameworks must consider climate-driven volatility and structural changes in markets.
Banks should understand and manage climate-related litigation and reputational risks,

Conclusion

SS5/25 now marks the latest evolution in the PRA’s supervisory approach to climate-related financial risks. While the new expectations certainly build on the foundations of SS3/19, they reflect the regulator’s initiative to provide further clarity in order to prompt banks towards further action.

For small and medium-sized UK banks, it’s a timely opportunity to clarify how climate risks affect the business model, inform better decision-making, and align internal capabilities with growing stakeholder expectations.

How We Can Help

At Katalysys, we support firms in embedding climate-related financial risks into core risk management practices, helping translate regulatory guidance into practical, scalable solutions.

Our team works closely with small and medium-sized banks to:

Integrate climate risks into the Risk Management Framework including linkage to existing risk categories and risk registers.
Develop climate-related risk appetite and risk dashboards, designing actionable qualitative and quantitative metrics, thresholds, and escalation triggers that support strong understanding, governance and oversight.
Design and deliver climate scenario analysis supporting capital assessments, strategy, and risk appetite decisions.
Enhance risk coverage in the ICAAP and ILAAP by identifying climate exposures relevant to internal assessments and reflecting these risks proportionately and credibly.
Support Boards and senior management through targeted workshops and briefings that build understanding and enable effective challenge and strategic input.

Whether you're refining an existing established framework or developing climate-related risk management capabilities from scratch, we can offer hands-on, proportionate support to help you respond with clarity and confidence.

For further information please contact:

Evolving Climate Risk Expectations for UK Banks (SS5/25 via PS25/25)