As discussed in our Credit Ratings Deserve ESG Risk Analysis, Not ESG Scores report, KBRA embraces numerous ESG initiatives including efforts to improve the quality and frequency of issuers’ disclosures. KBRA also reiterates our belief that the role of analysts at a credit rating agency is to remain focused on ESG factors that are material to credit, and we believe the best way to analyze the relevance of ESG factors in credit ratings is through fundamental credit risk analysis. As we have explored these various topics as they relate to credit risk analyses of financial institutions, we have developed a framework for identifying the most relevant ESG factors as they pertain to our rated universe, while also striving to identify and understand ESG factors unique to each rating and issuer.
Recent headlines confirm that cybersecurity attacks are an ever-present and growing risk to corporations, financial institutions, governments, and other entities. According to Specops Software research, the U.S. was the most targeted country for cyberattacks between May 2006 and June 2020, followed by the United Kingdom and India. Even corporations and countries in which key economic agents and the government spend a substantial amount of time and resources on comprehensive cybersecurity plans and infrastructure are exposed to significant risks.