Summary
Details
- Brazil
Financial institutions and other entities authorised by BCB, with proportionality by prudential segment.
Proportionality mechanisms (not full exemptions):
Institutions in smaller segments may have simplified governance or reduced expectations for some advanced components like scenario analysis and reputational-perception monitoring, but still must identify and manage the risks within an integrated process.
Deep dive
📩 Stay ahead of climate regulation and reporting shifts
Regulatory updates, reporting standards, and new climate software — distilled into one concise weekly brief for decision-makers.
Thanks for signing up. Please check your inbox to confirm your subscription.
Practical updates. Once per week.
What’s Required
1) Treat social, environmental, and climate risk as prudential risk, not a voluntary ESG initiative
Resolution 4,943 updates the prudential governance framework by requiring that social, environmental, and climate risks be managed within the institution’s formal risk management system. Practically, this means these risks must be handled through the same processes and controls as credit, market, liquidity, and operational risk, subject to governance oversight and supervisory review.
2) Implement an integrated risk management cycle covering ESG-related risks
The resolution’s core operational requirement is integration. Institutions must enable identification, measurement, assessment, monitoring, reporting, control, and mitigation of risks, with documented methodologies and internal reporting. The requirement is not limited to “having a policy”: it is about being able to demonstrate a working system that produces consistent outputs, supports decisions, and can be examined.
3) Governance responsibilities and decision-making escalation
Institutions must embed these risks in governance structures, including clear accountability for decision bodies, reporting lines, and escalation criteria. In practice, compliance teams should ensure:
defined roles and responsibilities for senior management and risk areas
clear mandates and minutes-based evidence of oversight
formal integration with capital and liquidity management decisions, and limits (where applicable)
This is also where alignment with PRSAC (CMN 4,945) matters: PRSAC is the “responsibility policy,” while 4,943 is the “risk governance engine.” Inconsistency between the two is a common supervisory red flag.
4) Scenario analysis and stress testing expectations (segment-based proportionality)
For institutions in larger prudential segments, the regime expects scenario analysis and stress testing that considers hypotheses of physical risks (changes in climate patterns, extreme events) and transition risks (shifts to a low-carbon economy). This is often the hardest implementation component because it requires model governance, documented assumptions, and reproducibility. Some requirements are scaled down for smaller segments (for example, commentary on exemptions for certain segments is commonly discussed by market analyses), but proportionality does not remove the need for a defensible framework.
5) Reputational risk linkage where ESG perception becomes material
The framework requires institutions to consider cases where negative perception by clients, markets, or society can materially impact social, environmental, and climate risks. This creates a compliance expectation that institutions monitor relevant controversies and stakeholder pressures when they can translate into credit losses, funding costs, legal exposure, or operational disruption. For many institutions, this is a new control environment bridging communications, compliance, legal, and risk.
6) Evidence and documentation for supervisory defensibility
A compliance-ready implementation should include:
risk taxonomy and definitions aligned to the CMN/BCB framework
risk appetite statements and limits that explicitly address climate-related factors where material
documented methodologies for sector classification, client screening, and exposure measurement
internal reporting dashboards and governance packs showing periodic monitoring
audit trail from risk identification to mitigation measures and decisions
Supervisors typically test not only whether controls exist, but whether they influence real decisions such as credit approvals, portfolio steering, and capital planning.
Important Deadlines
Date of adoption: 15 September 2021.
Entry into force: the resolution is in force as a prudential requirement; implementation is operationalised through ongoing supervision and connected rules (including reporting duties and public disclosures under related BCB instruments).
Ongoing compliance cadence: continuous operation of the integrated risk framework, plus periodic internal reporting and governance reviews consistent with the institution’s risk governance cycle.
Current Status
In force and central to the BCB sustainability and ESG-related prudential agenda. It functions as the risk management backbone that supports other obligations, such as the PRSAC governance policy and sustainability risk disclosures.
Penalties for Non-Compliance
Non-compliance is handled through prudential supervision. The practical enforcement pathway is:
Supervisory findings and remediation requirements where institutions cannot evidence integrated risk management
escalation to administrative sanctioning if deficiencies are persistent, material, or misrepresented
Capital planning scrutiny if risk management weaknesses undermine the reliability of ICAAP-related processes (where applicable)
The most significant business impact often comes from supervisory restrictions, remediation costs, and governance accountability, not just formal fines.
Examples of Known Violations
Common failure modes seen in institutions implementing CMN 4,943-type regimes:
Siloed ESG risk management: ESG handled outside the risk function, without integration into the formal risk cycle.
Non-reproducible scenario analysis: narrative scenarios presented with no documented assumptions, model governance, or sensitivity testing.
Inconsistent governance evidence: stated board oversight without mandates, minutes, or periodic reporting packs.
Portfolio blind spots: failure to identify sector concentrations exposed to transition risk or physical risk hotspots.
Reputational risk not connected to prudential outcomes: controversies tracked by communications teams but not translated into risk assessments or mitigation plans when financial impact is plausible.
Resources
Cut through the green tape
We don't push agendas. At Net Zero Compare, we cut through the hype and fear to deliver the straightforward facts you need for making informed decisions on green products and services. Whether motivated by compliance, customer demands, or a real passion for the environment, you’re welcome here. We provide reliable information. Why you seek it is not our concern.