ESMA Updates its Guidelines on Internal Controls for Credit Rating Agencies


Since January 2019, the European Securities and Markets Authority (ESMA) has been conducting a public consultation on the issue of internal controls within credit rating agencies operating within the jurisdiction. Based on observations between 2017 and 2018 that identified a number of shortcomings in this area of the CRAs practices, ESMA has been working at providing clear guidelines to help the industry move forward. Today, that report was released.

 

Based on the CRA Regulation (CRAR), ESMA are required to ensure that regulations are developed and implemented relating to the internal control systems of the CRAs, which they must have in place ‘in order to prevent or mitigate any possible conflicts of interest and ensure the integrity of its credit rating activities’. As we know, this is a common, but no less important objective of rating agency regulators, and it is interesting to note that, more than a decade after the Financial Crisis, regulators are still attempting to provide some sort of standard within CRAs. However, ESMA makes clear that the common consensus is that many of the CRAs are already implementing many of the standards that the report advances, and then some. The amendments made by the report will be applied from the 1st July 2021, owing to disruption from the COVID-19 pandemic (it was originally planned for October 2020). There are number of key elements, and what follows is a collection of stand-out elements from the public consultation and subsequent amendments by ESMA.

 

Initially, the report starts by making clear that there were concerns raised regarding how prescriptive the originally planned guideline amendments were. This is to be expected, of course, and is why ESMA has a public consultation process. Also, predictably, smaller CRAs have been requested more clarity on how the guidelines affect their practices, owing to the lesser capability they have to conform (maybe owing to resources, or just a different operating structure from the larger CRAs). One of the largest issues raised was clarification that was needed regarding the understanding of the Board and Management within a CRA. Respondents worried that the two were not made clear enough by ESMA, and clear separation was needed within the wording. ESMA duly responded, declaring that, under the new wording, ‘it is the role of the CRA’s management to develop and implement the internal control framework, while it is the role of the board to approve the components of the framework and oversee their implementation’. Moving forward to how the CRAs should manage the risks that could affect their ability to meet the obligations under CRAR, ESMA have ‘removed reference to the requirement for it to take into account international standards and industry-leading practices as this could indirectly introduce standards or practices not approved by ESMA into the Guidelines’. ESMA declares later in the report that the inclusion of international standards in the field of elements like internal audits can also cause issues, and has subsequently removed any reference to a standard; the regulator will continue to monitor the appropriateness of such activities via its inspections and overarching supervision.

 

One of the most important aspects of post-Crisis regulation in the credit rating sector has been enforcing and maintaining the separation between analysts and commercial employees, and also separation between those tasked with developing methodologies, and those who are tasked with approving them. To that end, ESMA declares that ‘the goal of ESMA has been to ensure that staff members who conduct the analytical work of a credit rating should not be solely responsible for the approval of that credit rating. Likewise, staff members who conduct the development of methodologies, models or criteria should not be solely responsible for the approval of those methodologies, and staff members who conduct the validation or review of a credit rating methodology should not be solely responsible for the approval of that validation or review’. This is particularly clear and should, in theory, be easy to identify when breaches occur just by analysing the documentation that must be kept during said processes. In line with this, ESMA had originally pushed for the ‘real time monitoring’ of credit rating activities, which was argued against by respondents who suggested it is more efficient to conduct such monitoring on an ex-post basis. Whilst maintaining that compliance should have a role in the monitoring of credit rating activities, ESMA have relented and declared that ‘ESMA has removed reference to the real-time element of the monitoring requirement. The revised wording now that states that CRAs should instead build ongoing evaluations into their processes, which can include, for example, the timely monitoring of e-mail interactions between analysts and issuers. This could also be done on an ex-post basis’. Similar calls to enforce the ‘participation’ of compliance officers in rating committees were watered down to now emphasising ‘attendance rather than participation’. With further regard to the compliance function, clarification was sought by respondents concerning who could fulfil such roles (in the event that others outside of the compliance function were better suited). On this, ESMA maintained its course and clarified that compliance officers must be involved, although they can (and should) work with others to aid them with the delivery of their role.

 

Enforcing the separation between analysts and the development of methodologies is of key regulatory concern. To that end, ESMA stated that ‘the revised wording states that while analytical staff may participate in the approval of methodologies by the review function, they should not participate in the approval of methodologies developed themselves’. Furthermore, staff who participate in the review of a methodology cannot alone be involved in the approval process and/or be responsible for the final decision.

 

The amended guidelines are, for the most part, appropriate. There are elements of retreat since the public consultation but, for better or worse, that is part of the regulatory process. What remains to be seen is whether the updated guidelines have any effect. Many CRAs already meet these standards and go much further. For the smaller CRAs, there will need to be consideration. However, they do allow for ESMA to be clear in their regulatory actions moving forward, because there is plenty of clarity contained in this update; fall foul of clear instruction and the subsequent penalty (should be) awarded. Overall however, it is so interesting to note that such developments are still being undertaken, so long after the Financial Crisis. It is potentially remarkable that, elements such as those who develop methodologies cannot alone be responsible for their authorisation, are still needing to be clarified; it should be clear immediately that layers of responsibility are fundamentally required. Time will tell how these amendments fare.

 

Keywords – ESMA, Internal controls, business, @finregmatters 

Comments

Post a Comment

Popular posts from this blog

Lloyds Bank and the PPI Scandal: The Premature ‘Out of the Woods’ Rhetoric

Image
Today’s very short post focuses upon the news that the Financial Conduct Authority (FCA) has recently extended the deadline to claim compensation for mis-sold ‘Payment Protection Insurance’ (PPI). Whilst a lot of financial institutions will have to prepare to offset the extended deadline, it is Lloyds that has grabbed the business headlines by apportioning an extra £350 million to offset any further claims that may be made of it – however, this comes only a week or two after the Bank posted its best performance figures in over a decade, as was previously discussed in Financial Regulation Matters . This post will therefore argue that the rhetoric being advanced recently regarding Lloyds – rhetoric like Lloyds represents ‘ a modern day success story ’ is wide of the mark and creates a false sense of security that we simply cannot afford to believe in. The ‘ robust recovery ’ was heralded far and wide upon the publication of Lloyds Bank’s financial performance for the previous fi
Read more

The Analytical Credit Rating Agency: A New Entrant That Will Further Enhance Russia’s Isolation

Image
This short post is based upon a forthcoming article by this author that examines the viability of the latest entrant into the credit rating arena, the Analytical Credit Rating Agency (ACRA). The article, which is due to be published in the European Company Law Journal (and is available here in a pre-published version), looks at the chances of the ACRA succeeding when viewed within the parameters of perception , an aspect that underpins the credit rating sector. For this post, the focus will be upon introducing the ACRA, and then on examining the effect it may have upon the wider political issues affecting the Russian Federation. The Analytical Credit Rating Agency was established in November 2015 and comprises of 27 major Russian companies and financial institutions that serve as its shareholders. The agency, which became the first rating agency to receive accreditation from the Russian Central Bank under the new N 222-FZ Law which was designed to protect investors, has a re
Read more

The Case of Purdue Pharma, the Sackler Family, and the Opioid Crisis

Image
In the first of two short posts today, we will look at the case of the billionaire Sackler Family and their remarkable effect upon American society. The family, who own Purdue Pharma amongst a list of other ventures, have this week seen a massive legal action taken against them by the State of New York who argue that the company is ‘ responsible for the opioid epidemic ’ sweeping through the United States. The attorney-general for New York has called the lawsuit the ‘ nation’s most extensive ’ with respect to the pharmaceutical industry and comes right on the heels of a $270 million suit that was settled in the State of Oklahoma on exactly the same grounds. Whilst the company and the billionaire family who own it did not admit guilt (settling parties rarely do, hence why they settle outside of court) it has potentially opened the trapdoors for litigation. It comes as no surprise then that the company is reportedly considering bankruptcy proceedings in the face of such an onsl
Read more