Tuesday, December 15, 2009

Emerging Regulation of Credit Rating Agencies

Posted on FinReg21 by Daniel M. Gallagher, Jr., Randall W. Roy, and Rebekah E. Goshorn:

Credit rating agencies have been heavily criticized regarding the performance of their structured finance ratings, especially ratings on securities linked to subprime residential mortgages. They have been faulted for initially assigning ratings that were too high; for failing to adjust those ratings sooner as the performance of the underlying assets deteriorated; and for not maintaining appropriate independence from the issuers and underwriters of those securities.[2]

The intense scrutiny of credit rating agencies in the U.S. and abroad is a reflection of the prominent role they play in the securities markets. Notwithstanding the criticism, their ratings continue to be widely used by investors to evaluate whether to purchase securities. Additionally, regulators continue to favor credit ratings over more idiosyncratic, subjective standards when needing to classify debt instruments for regulatory purposes.[3]

Brief History of Credit Rating Agencies and the Term “NRSRO”

Nationally Recognized Statistical Rating Organization, or “NRSRO” is a relatively recent term, but credit rating agencies have existed for over a hundred years. In fact Standard & Poor's traces its origins to the 1860 publication of Henry Poor'sHistory of Railroads and Canals in the United States, a precursor of modern stock reporting and analysis.[4] John Moody & Company published Moody'sManual of Industrial and Miscellaneous Securities in 1900, the company's founding year. [5] The manual provided information and statistics on stocks and bonds of financial institutions, government agencies, manufacturing, mining, utilities, and food companies.[6] Fitch Ratings was founded in 1913 and began as a publisher of financial statistics; in 1924, the Fitch Publishing Company introduced the “AAA” to “D” rating scale. [7] When the rating agencies were first established they did not operate under the “issuer-pay” model – their ratings were purchased by subscribers.

It was in the 1970s that the largest rating agencies began the practice of charging issuers as well as investors for rating services. The stated rationale for this change was based on the belief that issuers should pay for the substantial value that objective ratings provide in terms of market access. In addition, some rating agencies believed that the complexity of the capital markets required a more sophisticated level of staffing and compensation than could be supported only by issuer fees.[8]

It was also in the 1970s that the term NRSRO was first used by the Commission. Specifically, in 1975 the Commission adopted the broker-dealer net capital rule and used the term NRSRO to classify debt instruments in terms of the amount they would be haircut for regulatory capital purposes. However, that concept to distinguish between debt instruments was already in use before the Commission adopted this rule. The New York Stock Exchange had its own net capital rule, which distinguished between investment grade and non-investment grade instruments.

Despite using the NRSRO concept in its rules, the Commission had no explicit authority to regulate credit rating agencies as such. For example, they were not required to register with the Commission with respect to their credit rating activities. Consequently, the Commission staff identified the credit rating agencies that could be treated as NRSROs for the purposes of the net capital rule through the staff no-action letter process. In that process, the staff would review information and documents submitted by the credit rating agency, including how broadly its credit ratings were used in the securities markets, to determine whether the agency had achieved broad market acceptance for ratings. If in the staff’s view such acceptance was evident, the staff would issue a letter stating that it would not recommend enforcement action against broker-dealers who used the agency’s credit ratings for purposes of complying with the Commission’s net capital rule. In the years since 1975, the Commission issued a concept release and rule proposals designed to formalize the NRSRO definition.[9] Without clear statutory authority, however, these efforts were compromised.

Over time, the NRSRO concept was incorporated into additional SEC rules, including rules adopted under the Securities Act of 1933, the Securities Exchange Act of 1934, and the Investment Company Act of 1940. Congress has used the NRSRO concept in legislation as have other supervisors, including banking regulators, at home and abroad. Additionally, a number of other federal, state, and foreign laws and regulations today employ the NRSRO concept. For example, the U.S. Department of Education uses ratings from NRSROs to set standards of financial responsibility for institutions that wish to participate in student financial assistance. While the staff’s no-action letters only referenced the Commission’s net capital rule, they effectively “conferred” NRSRO status for the purposes of all U.S. statutes and regulations using that term. In the 1970s the three largest rating agencies were identified as NRSROs in staff no-action letters. Subsequently, the staff identified additional credit rating agencies as NRSROs. [10]

NRSRO Legislation

In September 2006, Congress enacted the Credit Rating Agency Reform Act of 2006, which established a registration and oversight regime for NRSROs (i.e., for credit rating agencies that want to be treated as NRSROs). The Rating Agency Act replaced the staff no-action letter process and, in fact, voided existing staff no-action letters.[11] In lieu of national recognition, the Rating Agency Act requires a credit rating agency applying to register with the Commission to provide certifications from 10 qualified institutional buyers that they have used the ratings of the applicant to make investment decisions for the proceeding three years.

While the Rating Agency Act lowered barriers to becoming an NRSRO, it provided the Commission with broad authority to oversee NRSROs. In particular, the statute provided the Commission with authority to require NRSROs to disclose information about their activities, to make and retain records, to furnish annual reports to the Commission, to implement procedures to protect material nonpublic information, to implement procedures to disclose and manage conflicts of interest, to refrain from engaging in activities that the Commission determined created unmanageable conflicts of interest, and to refrain from activities that the Congress and the Commission determined were unfair, coercive, or abusive. The Rating Agency Act amended Section 17 of the Exchange Act to provide the Commission with authority to examine all books and records of an NRSRO and to bring enforcement action against NRSROs for violations of the federal securities laws.

Commission NRSRO Oversight

Since September 2006, the Commission has engaged in several rounds of rulemaking and has conducted examinations of NRSROs under its new authority. The first round of rulemaking established the Commission’s rating agency oversight program. Specifically, in June 2007 the Commission adopted six rules and an application and public disclosure form.

The first rule, among other things, requires an NRSRO to publicly disclose information about the firm’s: (1) ratings performance statistics (e.g., default and transition statistics); (2) methodologies for determining credit ratings; (3) policies for preventing the misuse of material non-public information; (4) organizational structure; (5) code of ethics; (6) conflicts of interests; (7) policies for managing conflicts of interest; (8) credit analysts; and (9) designated compliance officer.[12]

The second rule, among other things, requires an NRSRO to make and retain certain financial records; document the identities of the credit analysts who determine a rating action and persons who approve the rating action; document the identities of issuers that have paid for ratings and the ratings determined for them; and document all ratings methodologies. NRSROs also are required to retain records such as compliance and internal audit reports, marketing materials, and communications (e.g., emails) relating to determining ratings actions. [13]

The third rule, among other things, requires an NRSRO, on a confidential basis, to furnish the SEC with annual reports that include: (1) audited financial statements; (2) an unaudited report of revenues received from the different types of rating services offered by the NRSRO; (3) an unaudited report of the aggregate and median compensation of the NRSRO’s credit analysts; and (4) an unaudited report of the 20 largest clients of the NRSRO as determined by revenues received.[14]

The fourth rule, among other things, requires an NRSRO to establish, maintain, and enforce procedures reasonably designed to prevent: the inappropriate dissemination of material, non-public information received during the rating process; the trading of securities while in possession of material, non-public information; and the selective disclosure of a pending ratings decision.[15]

The fifth rule, among other things, requires an NRSRO to disclose and manage each conflict of interest resulting from its business activities, including from the issuer-pay and the subscriber-pay models. It also prohibits an NRSRO from having the following conflicts: (1) receiving more than 10% of its annual revenues from a single client; (2) having an analyst rate or approve the rating for a security the analyst owns; (3) rating an affiliate; and (4) having an analyst rate or approve the rating for a security of a company where the analyst is a director or officer of the company. [16]

Lastly, the sixth rule, among other things, prohibits an NRSRO from engaging in certain practices that are unfair, coercive, or abusive. Such practices include: (1) conditioning a rating on the rated person buying another service of the NRSRO; (2) deviating or threatening to deviate from established methodologies for determining credit ratings because an issuer did not agree to pay for the rating; (3) modifying or threatening to modify a rating because the issuer does not agree to continue to pay for the rating; and (4) employing a methodology for rating structured finance products that discounts or “notches,” for anticompetitive purposes, the ratings of other NRSROs for assets underlying the structured finance product. [17]

In September 2007, the first seven credit rating agencies were registered with the Commission as NRSROs. Around that time, and in response to gradually worsening market conditions, the Commission used its new oversight authority to initiate examinations of the three largest NRSROs. Specifically, the Commission staff examined Fitch, Moody’s, and Standard & Poor’s and reviewed their policies and practices relating to ratings of structured finance products linked to aggressively underwritten mortgages. The period reviewed by the examination generally covered January 2004 through July 2008. All three NRSROs agreed to undertake remedial actions as a result of the examinations. The staff published a summary of their findings and observations in July 2008.[18]

The examinations revealed a number of troubling results. In particular, the examinations raised serious questions about the NRSROs’ management of: (1) conflicts of interest, (2) internal audit processes, and (3) due diligence activities.[19]

For example, the examiners found that analysts appeared to be aware, when rating an issuer, of the firm’s business interest in securing the rating of the deal; that there did not appear to be any internal effort to shield analysts from emails and other communications that discussed fees and revenues from the issuers; and that, in some instances, analysts were involved in fee discussions for a rating. In addition, the NRSROs did not appear to take steps to prevent the possibility that considerations of market share and other business interests could influence ratings or ratings criteria. Accordingly, the staff recommended that each NRSRO consider and implement steps that would insulate or prevent the possibility that considerations of market share and other business interests could influence ratings or ratings criteria.

The examiners found that the internal audits of the ratings processes of two NRSROs appeared to be inadequate. For example, at one NRSRO, the internal audits of its RMBS and CDO groups constituted a one-page checklist to evaluate the completeness of deal files. As a consequence of the examinations, the staff recommended that two of the NRSROs review whether their internal audit functions are adequate and whether they provide for proper management follow-up.

The staff found that the NRSROs did not engage in due diligence or otherwise seek to verify the accuracy or quality of the loan data underlying the RMBS pools they rated during the review period. The NRSROs each relied on the information provided to them by the sponsor of the RMBS.

The findings from these initial examinations informed another round of rule amendments, which the Commission proposed in June 2008 and adopted in February 2009.[20] These amendments enhanced requirements to disclose ratings performance statistics and ratings methodologies, and imposed additional recordkeeping and reporting requirements. They also prohibited additional conflicts of interest; in particular, the conflict of rating a product that the NRSRO or its affiliate had provided advice on how to structure.

In September 2009, the Commission adopted additional amendments.[21] One amendment is designed to create a mechanism for NRSROs not hired to rate structured finance products to nonetheless determine and monitor credit ratings for these instruments. To this end, the new amendments require an NRSRO that is hired to provide an initial credit rating for a structured finance product to disclose on a password-protected Internet website: (1) that it is in the process of determining such a credit rating; and (2) the location where information provided by the issuer to determine and monitor the credit rating can be located. The hired NRSRO must make this information available to any other NRSRO that provides it with a copy of a certain certification. The hired NRSRO also is required to obtain representations from the arranger that, among other things, the arranger will provide the same information to the non-hired NRSROs.

The design of this rule is to enable non-hired NRSROs to provide unsolicited ratings in the structured finance market, just as is done in the corporate debt market. NRSROs can determine unsolicited ratings in the corporate debt market using information filed with the Commission by public companies. There have been calls to make the structured finance market more transparent by enhancing issuer disclosure requirements. This new rule – by requiring issuers to disclose information to all NRSROs – is an incremental step in that direction. The goal is to improve the quality of credit ratings by increasing the number of NRSROs (hired and not hired) that rate structured finance products.

The second amendment adopted by the Commission requires an NRSRO to disclose, on a delayed basis, ratings history information in a downloadable format for all credit ratings initially determined on or after June 26, 2007.[22] This new disclosure requirement is designed to foster greater transparency of ratings quality as well as increase accountability among NRSROs, by making it easier for persons to analyze the actual performance of credit ratings. To this end, the ratings history information will generate “raw data” that market observers can use to statistically analyze performance across NRSROs.

Proposed Legislation

Congress also is considering measures to enhance the oversight of NRSROs and efforts in this regard are underway in the House and Senate. One area the Congressional proposals may address is how to make it easier for private litigants to sue credit rating agencies. Congressional proposals also would provide the Commission with additional enforcement mechanisms with respect to NRSROs, by, for example, establishing a “failure to supervise” provision.

International Initiatives

Internationally, policymakers also are establishing supervisory regimes from credit rating agencies. Laws governing the conduct of credit rating agencies will go into effect in 2010 in the European Union (“EU”). The EU laws set forth conditions for the use of credit ratings and rules on the organization and conduct of credit rating agencies.

Japan also recently released for public consultation a new set of rules regarding credit rating agency regulation, and several other countries are also planning to introduce new credit rating agency legislation soon.

Recognizing the importance of international dialogue, staff from the Commission’s Division of Trading and Markets currently chair Standing Committee 6 of the Technical Committee of the International Organization of Securities Commissions (“IOSCO”). This committee, comprised of supervisors from jurisdictions in Europe, Asia, and the Americas, has two primary responsibilities: (1) to discuss, evaluate, and consider regulatory and policy initiatives vis-à-vis credit rating agency activities and oversight, in an effort to seek cross-border regulatory consensus through such means as the IOSCO credit rating agency code; and (2) to facilitate regular dialogue between securities regulators and the credit rating industry.


Over the last several years, credit rating agencies have moved from an environment where they were largely unsupervised to now being subject to rigorous oversight with initiatives at home and abroad still underway. The next year will be a busy time for supervisors as new proposals are implemented and take effect.

[1] Daniel M. Gallagher, Jr. is Co-Acting Director of the Division of Trading and Markets, Securities and Exchange Commission; Randall W. Roy is an Assistant Director in the Division of Trading and Markets, Securities and Exchange Commission; and Rebekah E. Goshorn is an attorney in the Division of Trading and Markets, Securities and Exchange Commission.

[2] The Securities and Exchange Commission, as a matter of policy, disclaims responsibility for any private publication or statement by any of its employees. The views expressed herein are those of the author and do not necessarily reflect the views of the Commission or of the author's colleagues on the staff of the Commission.

[3] For example, just last month the Federal Reserve proposed a process for the New York Fed to determine the eligibility of credit rating agencies and the ratings they issue for use in the Term Asset-Backed Securities Loan Facility (“TALF”). The threshold requirement for eligibility is that the credit rating agency be registered with the Commission as a nationally recognized statistical rating organization.

[4] “A History of Standard and Poor’s,” available at http://www.standardandpoors.com/about-sp/timeline/en/us/.

[5] “Moody’s History: A Century of Market Leadership,” available at http://www.moodys.com/moodys/cust/AboutMoodys/AboutMoodys.aspx?topic=history .

[6] Id.

[7] “The History of Fitch Ratings,” available at http://www.fitchratings.com/jsp/creditdesk/AboutFitch.faces?context=1&detail=3

[8] See supra note 5.

[9] See, e.g., Securities Exchange Release No. 47972 (June 4, 2003); 68 FR 35258 (June 12, 2003) (“Concept Release”).

[10] See “Report on the Role and Function of Credit Rating Agencies in the Operation of the Securities Markets,” January 2003, available at http://www.sec.gov/news/studies/credratingreport0103.pdf .

[11] Pub. L. No. 109-291 (2006).

[12] See 17 CFR 240.17g-1; see also 17 CFR 249b.300 (“Form NRSRO”).

[13] See 17 CFR 240.17g-2.

[14] See 17 CFR 240.17g-3.

[15] See 17 CFR 240.17g-4.

[16] See 17 CFR 240.17g-5.

[17] See 17 CFR 240.17g-6.

[18] See “Summary Report of Issues Identified in the Commission Staff’s Examinations of Select Credit Rating Agencies,” available at http://www.sec.gov/news/studies/2008/craexamination070808.pdf.

[19] See Daniel M. Gallagher, "Reforming Credit Rating Agencies" (testimony before the United States House of Representatives Committee on Financial Services and Subcommittee on Capital Markets, Insurance and Government-Sponsored Enterprises, September 30, 2009).

[20] See Securities Exchange Act Release No. 59342 (February 2, 2009); 74 FR 6456 (February 9, 2009).

[21] See Securities Exchange Act Release No. 61050 (November 23, 2009).

[22] Id.

No comments: