Net Zero Compare
Australia APRA’s Climate Financial Risk Guidance CPG 229

Australia APRA’s Climate Financial Risk Guidance CPG 229: APRA’s climate financial risk guidance (CPG 229) embeds climate risk expectations into prudential governance

Maílis Carrilho
Written by Maílis Carrilho
Updated on February 4th, 2026

Summary

APRA’s Prudential Practice Guide CPG 229 sets out how APRA-regulated entities should manage climate change financial risks within existing governance and risk frameworks. The guidance is current and establishes supervisory expectations that translate into compliance obligations through prudential standards, board oversight, risk management practices, and disclosure discipline.

Details

Jurisdictions
  • Australia
Exemptions

Mandatory for:

APRA-regulated entities as a supervisory expectation and as a practical interpretation of prudential standards.

Exceptions: none meaningful.

Proportionality may apply based on entity size and complexity, but the expectation to address climate risk is not optional.

Deep dive

3 min read
Updated Feb 4, 2026

📩 Stay ahead of climate regulation and reporting shifts

Regulatory updates, reporting standards, and new climate software — distilled into one concise weekly brief for decision-makers.

Thanks for signing up. Please check your inbox to confirm your subscription.

Practical updates. Once per week.

What’s Required

1) Governance and accountability for climate risk as a financial risk: CPG 229 frames climate risk as financially material, requiring boards and senior management to ensure governance structures can identify and manage climate-related risks and opportunities. Practical compliance includes:

  • board-approved risk appetite statements covering climate risk;

  • clear delegation and accountability;

  • management information systems that surface climate risk exposures.

2) Integration into risk management frameworks: CPG 229 is designed to fit within existing risk management and governance frameworks, not as a parallel ESG program. Institutions should integrate climate risk into:

  • credit risk (counterparty exposures, collateral impairment, transition risk);

  • insurance risk (claims volatility, underwriting assumptions);

  • operational risk (business continuity, physical risk impacts);

  • investment risk (portfolio transition and valuation impacts).

3) Scenario analysis and stress testing capability: APRA’s guidance emphasises scenario analysis as a tool to understand exposure under different physical and transition pathways. Compliance in practice requires:

  • defensible scenario selection;

  • documented assumptions;

  • model governance, validation, and change control;

  • clear use of results in decision-making (capital allocation, underwriting, risk appetite updates).

4) Data, measurement, and evidence: Institutions must govern data quality for climate risk and ensure traceability of key metrics. Common requirements include: sector classification, geography exposure, emissions proxies, and borrower transition plans. Weak data governance undermines both supervision and public disclosure credibility.

5) Disclosure and consistency with other reporting regimes: CPG 229 interacts with broader disclosure expectations: institutions must ensure climate risk statements are consistent across prudential reporting, annual reports, and sustainability disclosures. Inconsistency increases both supervisory and market conduct risk.

Important Deadlines

  • Status and publication: APRA lists CPG 229 as current and dated 26 November 2021, and institutions should treat it as active supervisory guidance.

  • Supervisory cycles: practical deadlines are examination cycles, internal audit plans, and board reporting timetables, because APRA expects ongoing capability development.

Current Status

CPG 229 is current APRA guidance and is intended to shape how APRA-regulated entities implement climate risk management and governance within prudential expectations.

Penalties for Non-Compliance

APRA enforcement typically occurs via supervisory intervention: remediation plans, increased scrutiny, governance findings, and potentially capital or risk management consequences. The most material “penalty” is regulatory intervention affecting business strategy and operations.

Examples of Known Violations

  1. climate risk treated as CSR rather than integrated risk management;

  2. scenario analysis conducted but not linked to decisions;

  3. undocumented assumptions and weak model governance;

  4. poor data lineage for climate metrics;

  5. inconsistent climate risk statements across public disclosures.

Resources

Maílis Carrilho
Added by:
Maílis Carrilho
Sustainability Research Analyst
Maílis Carrilho is a Sustainability Research Analyst (Intern) at Net Zero Compare, contributing research and analysis on climate tech, carbon policies, and sustainable solutions. She supports the team in developing fact-based content and insights to help companies and readers navigate the evolving sustainability landscape.
Our principle

Cut through the green tape

We don't push agendas. At Net Zero Compare, we cut through the hype and fear to deliver the straightforward facts you need for making informed decisions on green products and services. Whether motivated by compliance, customer demands, or a real passion for the environment, you’re welcome here. We provide reliable information. Why you seek it is not our concern.

Added on Feb 3, 2026 by Maílis Carrilho · Updated on Feb 4, 2026
Suggest an edit