CONFIDENTIAL

For internal use of ISACA only

Introduction of GRC's Role in Addressing

the Rise of Climate Risk Requirements
PT Deloitte Konsultan Indonesia | 26 September 2023
Document Information

This document is not a proposal. This communication contains general

information only, and none of Deloitte Touche Tohmatsu Limited (“DTTL”), its
global network of member firms or their related entities (collectively, the
“Deloitte organization”) is, by means of this communication, rendering
professional advice or services. Before making any decision or taking any
action that may affect your finances or your business, you should consult a
qualified professional adviser.

No representations, warranties or undertakings (express or implied) are given

as to the accuracy or completeness of the information in this communication,
and none of DTTL, its member firms, related entities, employees or agents
shall be liable or responsible for any loss or damage whatsoever arising
directly or indirectly in connection with any person relying on this
communication.

This document is only intended to provide information for your company and
is not to be used, or made as a reference, or quoted, in whole or in part, in
any form without written approval from DKI. Third parties, including external
auditors or regulators, may not be given a copy of this document without
written approval from DKI.

© 2023 PT Deloitte Konsultan Indonesia This document is only intended to provide information for your company and is not to be used, or made as a reference, or quoted, in whole or in part, in any 2
form without written approval from Deloitte. This document will be shared to the participants in PDF version after the webinar session.
Today’s topics
Topics
Climate change drivers &
trends
Introduction to the IFRS S2 -
Climate-related disclosures
standard: GRC's Role in
Addressing the Rise of
Climate Risk Requirements
© 2023 PT Deloitte Konsultan Indonesia
Objectives
To understand the driver of climate
change, the urgency of climate action,
implication to business and trends of
global & national climate action
To understand the requirements of
disclosing in line with the IFRS S2,
particularly for Governance and Risk
Management pillars, and how
companies can prepare for building
climate resiliency governance
This document is only intended to provide information for your company and is not to be used, or made as a reference, or quoted, in whole or in part, in any 3
form without written approval from Deloitte. This document will be shared to the participants in PDF version after the webinar session.
 Climate change has become a major risk to businesses
Future global climate changes
Global temperatures over the
next 20 years will exceed 1.5°C
At 2°C of warming heat
extremes will more often reach
critical tolerance thresholds
(tipping points)
More intense rainfall, flooding
and droughts
More frequent and intense
hot extremes including
heatwaves
Cold extremes are less
frequent and severe
Global sea level is rising by 3.7
mm/year – twice as fast as the
1971-2006 rise rate
© 2023 PT Deloitte Konsultan Indonesia
Climate change amplifies the
severity of disasters
Sea level is rising around four
times faster than the global
average in Indonesia
Jakarta’s annual flood damage
costs will increase by up to
400% by 2050 due to urban
development, further
exacerbated by climate change
The Category 3 Cyclone Seroja
in April 2021 killed 183 people
in Indonesia, damaged more
than 20,000 houses, and
almost $USD500 million
Indonesian forest fires in 2019
cost over $5.2 billion in
economic losses (0.5% GDP)
This document is only intended to provide information for your company and is not to be used, or made as a reference, or quoted, in whole or in part, in any
Urging the acceleration of Climate change is now
climate actions businesses’ concern
Emerging climate policies and Emerging climate-related risks
agenda such as carbon tax, and opportunities that
carbon market and renewable companies need to manage
energy agenda in Indonesia.
6 of the top 10 global risks in
More investors and major the next decade are
banks incorporate ESG into Environmental according to
funding process and assess the 2023 Global Risks Report
portfolios’ exposure to climate
risks Climate action failure is still #1
risk – Emphasising the needs
Growing stakeholders’
for decarbonisation and
expectation for companies to
climate consideration in
manage climate-related issues
decision making
associated with operations,
e.g., deforestation issues in
palm oil & forestry industry.
Advancement in low carbon
technology and renewable
energy development
4
form without written approval from Deloitte. This document will be shared to the participants in PDF version after the webinar session.
 Climate action key momentum
International and national commitment in accelerating climate action
International commitment & initiatives
The UN Sustainable
Development Goals 2030
Kyoto Protocol (1997) (2015)
International treaty Over 150 world leaders
aimed at reducing GHG agreed on the adoption of
emissions. Currently, the 17 SDGs with 169
there are 192 Parties to specific targets, including
the Kyoto Protocol on climate (SDG 13)
1997 2015
Ratification of the UN
SDGs 2030 (2015)
The UN SDGs 2030 was
adopted in Indonesia in
2015 to support the global
agenda to end poverty,
protect the planet and
ensure that by 2030 all
people enjoy peace and
prosperity.
National commitment & initiatives
© 2023 PT Deloitte Konsultan Indonesia
Paris Agreement (2016)
Countries agreed to maintain
the increase in global
temperatures well below 2°C
above pre-industrial levels,
whilst making efforts to limit
the increase to 1.5°C
2016
Ratification of the Paris
Agreement (2016)
Indonesia has ratified Paris
Agreement through Law
No. 16/2016, which sets
the National Commitment
on Emission Reduction for
29% reduction target by
own effort and 41% by
international support.
2017
Sustainable Finance Roadmap
and Regulation (2017)
POJK No. 51/POJK.03.2017
mandates financial service
institutions to submit
sustainable finance action plan
(RAKB) and sustainability
reporting for publicly listed
companies
National Energy General Plan
for renewable energy mix
target (2017)
Presidential Decree No.
22/2017 establishes the
commitment for increasing
renewable energy mix by 50%
of national energy mix by 2050
Glasgow Pact – COP 26 (2021)
Nations reaffirmed their duty
for US$100 billion/year climate
financing from developed to
developing countries,
collectively agreed to
accelerate decarbonization and
coal-phase out
2021
RPJMN 2020-2024 “RPJMN
Hijau” (2021)
Alignment between
sustainability and low carbon
development to the national
medium-term development
planning (BAPPENAS)
Long-term Strategy for Low
Carbon and Climate Resilience
2050 (2021)
LTS-LCCR 2050 provides long-
term national policy direction
on climate change, built upon
three different scenario
pathways for mitigation
This document is only intended to provide information for your company and is not to be used, or made as a reference, or quoted, in whole or in part, in any
form without written approval from Deloitte. This document will be shared to the participants in PDF version after the webinar session.
European Central Bank (ECB) Climate Risk
COP 27 in Egypt (2022)
Stress Test (2023)
Agreement on the Loss and Damage funding for vulnerable
The ECB launched its first climate risk
countries, rainforest protection pact by Brazil, Indonesia,
stress test as part of the annual
and Republic of Congo
supervisory stress test
G20/B20 Summit (2022) IFRS Sustainability Disclosure (2023)
Focusing on the sustainable energy transition agenda, including The ISSB Foundation launched the IFRS
industrial alternative fuels, namely hydrogen and biofuels, and Sustainability Disclosure standards
financing options consisting of IFRS S1 for general
sustainability and IFRS S2 for climate-
related disclosure
The Basel Committee on Banking Supervision (2022)
The Basel Committee issued 18 principles for the effective SEC Climate Disclosure Proposal (Ongoing)
management and supervision of climate-related financial risks, The Securities and Exchange Commission (SEC)
covering corporate governance, internal controls, risk proposed rules for US companies to report
assessment, management and reporting climate-related disclosures aligned to TCFD
2022 2023
Procedures for the Implementation of Carbon Economic Values Carbon Market (2023)
for Utility Subsector (2022) The Indonesia Stock Exchange (IDX) has
The Ministry of Energy and Mineral Resources (MEMR) has launched Indonesia Carbon Exchange (IDX
issued the MEMR Regulation No. 16/2022 to regulate carbon Carbon) that will serve as the platform for
trading and offset mechanisms for coal-fired power plants, carbon trading in Indonesia
other fossil fuel-fired power plants, and New and Renewable
Energy (NRE) power plants
POJK No. 14/2023 Regarding Carbon Trading through the
Carbon Market (2022)
The Indonesian Financial Services Authority (OJK) as the
governing body of the national carbon market issued this policy
to regulate registration, management, requirements and
supervision of the carbon exchange
Enhanced Nationally Determined Contribution (NDC) Republic
of Indonesia (2022)
Indonesia submitted the Enhanced NDC to the UNFCCC on 23
September 2022, officialised the updated GHG emission
reduction target of 31.89% unconditionally and 43.20%
conditionally
5
The IFRS S2: Climate-related disclosures standard
The ISSB has published the IFRS S2 Climate-related Disclosure standards which will supersede the widely adopted TCFD recommendations. The standard sets the
requirements for climate governance and risk management, which upon implementation could contribute to building corporate climate resiliency.
Objective: to inform climate-related risks and opportunities that Reporting info: Follows financial reporting period and can be reported separately/within existing
could reasonably be expected to affect the entity’s prospects reporting channel (i.e., sustainability/annual report)

The four pillars of core content disclosure Climate-related risks

Built upon the TCFD recommendations
Physical Risks Climate scenario analysis to
Governance the governance processes, Acute Chronic assess climate risks
controls and procedures to Risk of increasing Risk of longer-term
monitor and manage climate- severity of weather changes in climate Physical climate
related risks and opportunities events and weather scenario analysis
patterns, and sea Assess potential
level rise exposure & impact from
Strategy the approach used to manage
Transition Risks climate hazards under
climate-related risks and low & high emission
opportunities Policy & Legal Market scenarios
Risk from existing Risk from changing
and emerging supply and demand
the processes the entity uses to climate-related as economies react
Risk identify, assess, prioritise and regulations to climate change Transition climate
management monitor climate-related risks scenario analysis
and opportunities Assess potential
Technology Reputation exposure & impact from
Risk from emerging Risks of damage to the transition towards
performance in relation to its low carbon economy
Metrics and climate-related risks and technologies to brand value and loss
under rapid
support the global of customer base
targets opportunities, including progress
transition to low from shifting public decarbonisation and
towards any targets set carbon sentiment about current policy scenarios
Source: IFRS, 2023.
TCFD, 2021 climate change
© 2023 PT Deloitte Konsultan Indonesia This document is only intended to provide information for your company and is not to be used, or made as a reference, or quoted, in whole or in part, in any 6
form without written approval from Deloitte. This document will be shared to the participants in PDF version after the webinar session.
The IFRS S2: Governance disclosure
Governance
Objective
Inform report users about the governance processes, controls
and procedures an entity uses to monitor, manage and
oversee climate-related risks and opportunities (ROs)
Required disclosure
a) Board governance: Governance body or individual
responsible for oversight of climate-related ROs, with details
on:
• The roles and formalization of responsibilities in written
document/policy
• Skills and competencies (resource development)
• Frequency and process to inform board on climate ROs
• How the board considers climate ROs in decision-making and
oversees the target and monitoring of relevant
performances
b) Management’s role: management’s role in the governance
processes, controls and procedures used to monitor, manage
and oversee climate ROs, with details on:
• Information about role delegation and the oversight
exercised on the position/committee
• Controls and procedures to support the oversight of climate
ROs and the integration in other internal functions
© 2023 PT Deloitte Konsultan Indonesia
Common practice in establishing climate governance
• Climate governance structure Example of climate governance structure and role &
responsibilities of climate-related matters1
• Statement of board/board committee’s climate commitment
• Member(s) of the Board of Director (BOD) in charge of climate
and the competencies/skills relating to climate
• Defining climate-related governing bodies, individual board, and
key management personnel’s roles & responsibilities, such as:
‒ how the board considers climate-related issues when
overseeing major capital expenditures, acquisitions, and
divestitures, reviewing and guiding strategy and policy
‒ How climate is embedded into existing responsibilities of each
division, e.g., relating to the role in investment, operations,
audit over climate risk, financial and tax planning, R&D etc.
• Monetary incentives/remuneration linked to climate-related
targets and metrics
• Monitoring, review & feedback mechanisms, incl. the frequency
of update, major discussion items, review on current progress,
consideration in internal audit activities, and plan for future
implementation
• Training and capacity development for the Board/Management
1Source: 1, 2, 3
This document is only intended to provide information for your company and is not to be used, or made as a reference, or quoted, in whole or in part, in any 7
form without written approval from Deloitte. This document will be shared to the participants in PDF version after the webinar session.
The IFRS S2: Risk Management disclosure
Risk Management
Objective
to enable users to understand an entity’s processes to identify,
assess, prioritise and monitor climate-related risks and
opportunities (ROs), including its integration into the entity’s
overall risk management process
Required disclosure
a) The processes and related policies the entity uses to
identify, assess, prioritise and monitor climate-related risks,
including:
• Inputs and parameters the entity uses for scoping
• How the entity assesses the nature, likelihood and
magnitude of the effects of those risks
• Whether and how the entity prioritises climate-related risks
• How the entity monitors climate-related risks
• Whether and how the entity has changed the processes it
uses compared with the previous reporting period
b) The entity’s use climate-related scenario analysis to
inform its identification of climate-related risks and
opportunities
c) The extent to which, and how, the processes for identifying,
assessing, prioritising and monitoring climate-related risks and
opportunities are integrated into the entity’s overall risk
management process.
© 2023 PT Deloitte Konsultan Indonesia
Common practice in establishing climate risk management
• Risk management process/framework including the risk Example of climate-related risk management1
modelling, used to identify climate-related risks and
opportunities.
• The responsibility and roles of risk officers and other relevant
members of the organization as well as the communication line
within the organization
• Explanation on the interconnectivity between climate change
and other risk types
• Climate-related risk management, which may contain:
− Plans to mitigate the identified risks and secure
opportunities
− Actionable initiatives within the group and the value chain,
for example resiliency planning workshop for the company,
stakeholder engagement to establish a resilient enterprise
risk management program for the value chain.
− How it is considered for future organizational planning, for
example investment, strategic planning and asset planning
• The process of integrating climate-related risks into the
company’s overall enterprise risk management process, i.e.:
− Risk appetite and threshold for climate-related risks
− Credit due diligence and collateral
− Documentation and data collection of metrics associated
with climate risks
1Source: 1, 2, 3
This document is only intended to provide information for your company and is not to be used, or made as a reference, or quoted, in whole or in part, in any 8
form without written approval from Deloitte. This document will be shared to the participants in PDF version after the webinar session.
10 steps to align climate & Governance, Risk Management & Compliance (GRC)
Step 1
Assess the current state of climate program
Understand current
and GRC framework, associated policies,
state
and identify gaps or misalignments.
Step 2
Define the goals for aligning the climate
Set Alignment Goals
program with GRC - in line with overall
strategy and stakeholder expectations.
Step 3 Identify the key internal and external
Identify & Engage stakeholders involved or affected by climate
Key Stakeholders and GRC activities and establish open lines
of communication and engagement.
Identify and prioritise climate-related risks
Step 4 and opportunities by assessing the
Assess Key Climate- significancy on business continuity, level of
related Risks & urgency to manage, and relevancy to
Opportunities business operations
Assess how climate-related risks and
Step 5 opportunities can impact risk profile and
Integrate Climate ensure they are considered in risk
into Risk assessments, mitigation strategies, and
Management reporting.
© 2023 PT Deloitte Konsultan Indonesia
Step 6 Update existing / develop new policies to cover
Review and Align prioritised areas relating to the identified climate-
Policies and Procedures related risks and/or opportunities. Align these
policies with your GRC framework.
Step 7 Develop a comprehensive climate reporting and
Establish Reporting and disclosure framework aligned with relevant reporting
Disclosure Frameworks standards (i.e., TCFD, IFRS S2). Integrate with your
existing GRC reporting framework
Step 8 Define climate performance metrics and targets in line
Align with Metrics and with key climate-related risks & opportunities. These
Targets metrics should be measurable, time-bound, and
supported by relevant data and stakeholder engagement.
Conduct training and awareness programs for
Step 9 employees and stakeholders to improve their
Enhance Training and understanding of climate-related issues, the
Awareness importance of alignment with GRC, and their roles in
implementing the integrated program.
Step 10 Regularly assess progress, review achievements
Continuous against targets, and report transparently to
Improvement stakeholders through relevant channels.
This document is only intended to provide information for your company and is not to be used, or made as a reference, or quoted, in whole or in part, in any 9
form without written approval from Deloitte. This document will be shared to the participants in PDF version after the webinar session.
Terima Kasih
Thank You

© 2023 PT Deloitte Konsultan Indonesia This document is only intended to provide information for your company and is not to be used, or made as a reference, or quoted, in whole or in part, in any 10
form without written approval from Deloitte. This document will be shared to the participants in PDF version after the webinar session.
Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited (“DTTL”), its global network of member firms, and their related entities (collectively, the “Deloitte organization”).
DTTL (also referred to as “Deloitte Global”) and each of its member firms and related entities are legally separate and independent entities, which cannot obligate or bind each other in
respect of third parties. DTTL and each DTTL member firm and related entity is liable only for its own acts and omissions, and not those of each other. DTTL does not provide services to
clients. Please see www.deloitte.com/about to learn more.

Deloitte Asia Pacific Limited is a company limited by guarantee and a member firm of DTTL. Members of Deloitte Asia Pacific Limited and their related entities, each of which are
separate and independent legal entities, provide services from more than 100 cities across the region, including Auckland, Bangkok, Beijing, Hanoi, Hong Kong, Jakarta, Kuala Lumpur,
Manila, Melbourne, Osaka, Seoul, Shanghai, Singapore, Sydney, Taipei and Tokyo.

About Deloitte Indonesia

In Indonesia, services are provided by PT Deloitte Konsultan Indonesia.

This communication and any attachment to it is for internal distribution among personnel of Deloitte Touche Tohmatsu Limited (“DTTL”), its global network of member firms and their
related entities (collectively, the “Deloitte organization”).
It may contain confidential information and is intended solely for the use of the individual or entity to whom it is addressed. If you are not the intended recipient, please notify us
immediately by replying to this email and then please delete this communication and all copies of it on your system. Please do not use this communication in any way.
None of DTTL, its member firms, related entities, employees or agents shall be responsible for any loss or damage whatsoever arising directly or indirectly in connection with any
person relying on this communication. DTTL and each of its member firms, and their related entities, are legally separate and independent entities.

© 2023 PT Deloitte Konsultan Indonesia