ESG Pillar 3 Disclosure reaches next level: New Instructions reshape how banks disclose climate, social and governance risks

  • 13 Minuten Lesezeit

With the revised ITS on ESG disclosures within Pillar 3, the EBA has not only simplified and restructured the requirements, but defined the methodological foundation that underpins the integration of ESG into supervisory reporting under Article 430 (1) lit. h) CRR.

How can institutions turn the regulatory Simplification Package into a strategic advantage and build a unified ESG data architecture, rather than maintaining parallel compliance processes? 

With its Final Report on the amended ITS on ESG disclosures, the EBA delivers a more proportionate and streamlined Pillar 3 framework, reducing duplication with the CSRD and the EU Taxonomy and fewer templates and data points, while simultaneously raising expectations on data consistency, comparability and integration. The proportionate requirements have now been extended to all institutions, from large, listed institutions to small and non-complex institutions (SNCIs).  

At the same time, the revised framework explicitly establishes the methodological foundation for the new ESG Supervisory Reporting module under Article 430 (1) lit. h) CRR, which we have analysed in detail in our dedicated blog on the ESG Reporting module. 

The message is clear: simplification and consistency are two sides of the same coin. Institutions that treat disclosure and supervisory reporting as two outputs of a single, integrated data architecture will be best positioned to capture efficiencies and enhance data quality. Those who approach both frameworks separately risk duplication, misalignment, and limited integration opportunities.

How the EBA reshapes the ESG disclosure landscape through the final ITS 

Last week the EBA finalised its final report on the Draft Implementing Technical Standards (EBA/ITS/2026/02), amending Commission Implementing Regulation (EU) 2024/3172. This revised framework highlights the new disclosure requirements introduced under the CRR3, specifically the amended Article 449a CRR, which now mandates all institutions - not only large listed institutions - to disclose information on ESG risks. 

The CRR3 Level 1 requirements have been in force since 1 January 2025, introducing an extended scope of application, separate disclosure of environmental, social and governance risks, fossil fuel sector transparency and disclosure on ESG integration. The revised ITS requirements have now been transformed into clear templates, formats and instructions for operational use. The revised requirements will apply from 31 December 2026, with a postponed first reference date of 31 December 2027 for SNCIs to align with the Pillar 3 Data Hub. 

For large institutions who have been disclosing ESG information since 2022, the EBA is clear: the core information remains broadly unchanged. The revisions focus on enhanced clarity, usability, and consistency with FINREP and ESG Reporting, reflecting experience gained through Q&As, the ECB SSM Short-Term Exercise (STE), and the EBA's ESG ad-hoc data collection. 

Following extensive stakeholder feedback, four amendments stand out as particularly important for financial institutions: 

  • Deletion of former Templates 4, 6–9: The consultation paper proposed cross-references to the Taxonomy Delegated Act with Template 6-9 with enhanced methodology. In the Final Draft ITS, all five templates are removed entirely, responding to feedback on duplication with EU Taxonomy Reporting, limited prudential relevance, and methodological divergence. This deletion accounts for a substantial share of approximately 37% reduction in data points for large institutions. 
  • Country-level disclosure replaces NUTS 3 for physical risk (EU CRFR2): The consultation paper proposed a Top 10 NUTS level 3 breakdown. Respondents argued this covers only a small fraction of the portfolio and creates comparability issues across Member States. The Final Draft ITS therefore replaces this with a country-by-country disclosure for material exposures. However, institutions must still assess physical risk internally at the highest granularity level (at least NUTS-3), but the public disclosure output is now at country level. The key distinction is therefore between granular internal risk assessment and simplified public disclosure. 
  • Qualitative disclosure removed for SNCIs and large subsidiaries: The consultation paper required SNCIs to disclose Table 1A (qualitative ESG information). The Final Draft ITS limits SNCIs to quantitative information only, while large subsidiaries may reference the parent's qualitative disclosures rather than producing standalone narratives. This reduces duplication and better reflects the principle of proportionality within group structures. However, this does not apply to the requirements under the CRR or the requirements for qualitative descriptions in the EU CRFR1.1 template. 
  • Several changes in Template 1: The consultation paper included column (c) 'Of which environmentally sustainable (CCM)' and as an add on to the previous disclosure template a standalone PCAF proxy row. The EBA agrees with respondents that retaining CCM while suspending GAR templates could create inconsistency, and that proxy coverage is already captured in the narrative. Both elements have therefore been removed from the Final Draft ITS. 

Together, these changes reflect three guiding principles:  

  • simplification,
  • proportionality and
  • consistency.

These principles are aligned with the broader EU simplification agenda under the Omnibus proposals and the Basel Committee on Banking Supervision (BCBS) voluntary climate-related disclosures framework.  

At the same time, the CRR3 explicitly anchors the ESG disclosure framework to supervisory reporting: Article 449a CRR states that disclosure formats shall not require information beyond what is reported to competent authorities under Article 430 (1) lit. h) CRR.

This establishes an important architectural principle: Pillar 3 ESG disclosures and ESG supervisory reporting should not be treated as separate reporting exercises, but as two outputs based on the same underlying ESG data basis. We have analysed this alignment in more detail in our dedicated blog on the ESG Reporting module.  

Proportionate scope: A tailored framework for all institutions 

One of the most significant structural changes introduced by CRR3 is the explicit embedding of proportionality into the ESG disclosure framework. Article 449a CRR requires ESG disclosures to reflect the size, nature and complexity of institutions, avoid unnecessary duplication with other EU legislation and remain aligned with supervisory reporting under Article 430 (1) lit. h) CRR. The revised ITS translates these principles into a differentiated disclosure framework covering three categories of institutions. 

Large institutions (listed and non-listed) disclose the comprehensive set of templates. Large, listed institutions are subject to semi-annual disclosure frequency, with the possibility to reduce certain templates annually based on the materiality principle in Article 432 (1) CRR. This applies to qualitative tables and EU CRFR4, where targets are typically set annually. Institutions choosing reduced frequency must provide a brief explanation that information remains materially unchanged since the previous reporting period. 

Other listed institutions and large subsidiaries are subject to a simplified template set, reported annually. Large subsidiaries are exempt from mandatory qualitative disclosures and may voluntarily apply the full large institution templates where appropriate, enhancing consistency with parent-level disclosure. 

SNCIs and other non-listed institutions benefit from the most proportionate approach. Their disclosure obligations are limited to a single aggregated quantitative template (EU CRFR1.1), covering transition and physical risks, and a qualitative template (EU Table 1A) for other non-listed institutions, reported annually. The first reference date for SNCIs has been postponed to 31 December 2027, ensuring alignment with the Pillar 3 Data Hub (P3DH) framework and providing sufficient time for technical implementation. 

To illustrate the proportionate structure, the following table maps each template to its applicable institution type and disclosure frequency: 

SuS Blog_ESG Disclosure.jpg [id=242952]

Beyond the proportionality of the disclosure requirements, the revised ITS also places considerable emphasis on consistency across regulatory frameworks. The instructions for completing the disclosure templates explicitly reference FINREP data concepts and definitions, particularly for the totals in Templates, collateral valuation, the classification of loans collateralised by immovable property, and the consistent application of NACE Rev 2.1 across frameworks. This alignment ensures that the same underlying data can be used for both disclosure and financial reporting purposes, enabling reuse rather than requiring parallel data streams. 

Having outlined which institutions are subject to which templates, the following section examines the individual disclosure templates in more detail, highlighting the key amendments introduced by the revised ITS, the rationale behind these changes and their practical implications for implementation. 

Key amendments of qualitative and quantitative ESG disclosure requirements:

While the qualitative ESG disclosure framework remains largely unchanged, the quantitative templates have undergone more substantive revisions. Across the individual templates, three overarching trends emerge: 
 
First, the EBA further strengthens methodological consistency, aligning terminology, classifications and calculation methodologies across disclosure, supervisory reporting and international standards. Second, the revised templates reflect the principle of proportionality, introducing simplified disclosure requirements for smaller institutions while maintaining comparability. Third, the framework places greater emphasis on the reusability of data, enabling institutions to leverage the same underlying data foundation across multiple regulatory reporting frameworks. 

  Template Key amendments 
Qualitative

EU CRFRA: Environmental Risk 

Table 2: Social Risk 

Table 3: Governance Risk 

Table 1A: ESG risks (simplified) 

  • No major amendments

  • Update to templates based on Q&As / practical experience from ECB Short-Term Exercise and EBA ad hoc data collection 

Quantitative
EU CRFR1: Credit quality of exposures by sector, emissions and residual maturity
  • Expanded fossil-fuel sector breakdown and refined NACE mapping (ETH Zurich CPRS methodology)

  • Update to NACE Rev. 2.1 across all sector descriptions 

  • NACE K.63 (data centers / cloud / AI infrastructure) added

  • “Companies excluded from EU Paris-aligned Benchmarks" column deleted – redundant given the enhanced fossil-fuel breakdown

  • Full GHG financed emissions breakdown added: Scope 1, Scope 2 (and Scope 3) now disclosed separately

  • Column "CCM” no longer Taxonomy-specific but considering all mitigating actions" (aligned with Template 10)

  • PCAF proxy row deleted and considered in the narrative

EU CRFR1.1 (simplified): For SNCIs and other non-listed institutions – transition and physical risk 
  • NACE sector breakdown aligned with EU CRFR1

  • Physical risk disclosure on the level of Country ISO codes for the top four geographies for physical risks

  • Addition of non-performing exposures and accumulated impairments

  • Simplified residual maturity (single bucket: ≤5 years) 

EU CRFR2: Exposures subject to physical risk
  • Country-level breakdown instead of NUTS-3; disclosure requires a country-by-country breakdown for material exposures, plus 'Other EU exposures' 

  • Physical risk disclosure with a separate aligned with FINREP 

  • Instructions clarified how exposures sensitive to multiple climate-related hazards should be disclosed 

  EU CRFR2.1 (simplified): For other listed institutions and large subsidiaries 
  • A streamlined version excluding: Stage 2 gross carrying amount, detailed residual maturity buckets, separate hazard-type columns

  • Geographic breakdown aligned with EU CRFR2 

  EU CRFR3: Energy performance of the collateral 
  • Covered bonds removed from the scope of the template

  • The energy-performance score is to be determined on the basis of primary energy demand / consumption 

  EU CRFR4: Emission intensity per physical output and by sector
  • Expanded sector breakdown for more carbon-intensive sub-industries

  • Standardised intensity metrics and units introduced plus a minimum set of prescribed metrics per sector

  • Baseline and reference year added to show the starting point and progress of the transition

  • Short-term and long-term targets added  

  Template 10: Mitigating actions – Exposures contributing to sustainability objectives
  • Scope broadened beyond the EU Taxonomy incl. all exposures mitigating climate-related risks, regardless of Taxonomy alignment

  • Wide environmental coverage capturing investments in assets and activities contributing to CCM & CCA and other environmental objectives (incl. nature & biodiv.)

  • Revised row structure

Beyond the individual template amendments, the revised ITS reflects a broader strategic objective: aligning the European ESG disclosure framework with international standards while avoiding unnecessary duplication across regulatory regimes. 
 
To this end, the EBA has aligned the quantitative disclosure templates (EU CRFR1–EU CRFR4) with the BCBS voluntary Pillar 3 climate-related disclosure framework, adapting the international recommendations to the proportionality requirements of the CRR. At the same time, the EBA has carefully assessed interaction with CSRD, ESRS, and the Taxonomy Regulation. Meeting ESRS disclosure requirements is possible by incorporating information in the sustainability statement by reference to Pillar 3 disclosures – avoiding duplication.  

Implications for institutions

The revised ITS is more than a regulatory update, it reshapes how institutions need to source, govern and use their ESG data. Beyond the individual template changes, a number of cross-cutting consequences emerge that should guide implementation planning. The most relevant for financial institutions are: 

  • Simplification is an opportunity, not a reason for complacency. Fewer templates and around 37% fewer data points free up capacity, best reinvested in robust data architectures and closing remaining data gaps rather than scaling back ambition.
  • Proportionality is built in, not optional. The three templates ensure structure and materiality-based frequency reductions are deliberate design features; institutions must document their proportionality decisions and justify any reduced disclosure frequency in their narratives.
  • The new sectoral focus highlights where supervision is heading. Adding computing infrastructure as a high-climate-contributing sector reflects growing attention to AI, data centers and digitalization, relevant for institutions with significant technology-financing portfolios.
  • Physical risk disclosure has moved to country level. Replacing the granular NUTS-3 view improves comparability but requires institutions to re-engineer geographic allocation methodologies previously built around NUTS-3 logic.
  • For SNCIs, the P3DH framework will be the operational infrastructure for disclosure. Investment in ESG supervisory reporting is essential for P3DH readiness before December 2027
  • One data foundation serves both disclosure and reporting. As CRR3 mandates align, institutions running separate data streams for Article 449a and Article 430(1) lit. h) CRR will face avoidable duplication and inconsistency risk. 

Conclusion

The real change is not in the templates - it is in the operating model behind them. While the preceding sections examined the amendments template by template, their combined effect is best understood from an implementation perspective. The reforms shift the focus from disclosure to data governance: anchored to FINREP definitions and NACE Rev. 2.1, the task moves from completing individual outputs to operating the single, governed ESG data foundation already described. Because this foundation feeds multiple templates from common definitions, it touches the entire data value chain and cuts across risk, finance, ESG and IT, making clear governance ownership the decisive implementation factor. 

The differing reporting frequencies and reference dates create different starting points but point to the same conclusion: institutions should use their respective lead times to consolidate their data architecture rather than remediate individual outputs in isolation. The reuse of FINREP-anchored definitions and a common NACE taxonomy means that investment in data quality, lineage and automation is leveraged across all affected templates simultaneously. It is this reusability that determines the outcome - whether the simplification delivers a structural, repeatable efficiency gain or merely a one-off reduction in manual effort that recurs each reporting cycle. Institutions that build the foundation once, and govern it properly, convert a regulatory obligation into a durable, reusable asset.  

The following points set out, in practical terms, what this means for institutions.

How PwC can support 

The revised ESG disclosure framework requires institutions to look beyond individual templates and establish a consistent ESG data foundation across disclosures and supervisory reporting.  

PwC supports financial institutions in interpreting the new regulatory requirements, assessing implementation impacts and translating them into pragmatic implementation roadmaps. 

Combining deep regulatory expertise with extensive experience in data, reporting and technology transformation, we help clients design integrated ESG target operating models, strengthen data quality and governance, and implement scalable reporting architectures. Beyond the operating model, we help institutions address the implementation challenges introduced by the revised ITS - across data sourcing, classification, geographic allocation, disclosure and reporting readiness. Our approach ensures that Pillar 3 disclosures and supervisory reporting are generated from one common data foundation, reducing duplication while increasing consistency and efficiency. This enables institutions not only to meet today’s regulatory requirements but also to prepare for future reporting initiatives in a sustainable and future-proof manner. 

Further information: 

Get ongoing updates on the topic via regulatory horizon scanning in our research application, PwC Plus. Read more about the opportunities and offerings here.

To further PwC Blogs

Kontakt

Martin Weirich

Martin Weirich

Partner

Frankfurt am Main