New rating agency code may avert tougher regulations
Regulatory treatment of credit rating agencies is being mulled in the US and EU. Agencies hope any onerous regime will be averted, but Basel II requires a recognition process By Melvyn Westlake
Credit rating agencies are resigned to complying with some form of registration system in Europe before long. But agency executives are still hoping to avoid any really onerous or burdensome regulation, or new rules that vary widely between countries. The final Code of Conduct Fundamentals for Credit Rating Agencies, published just before Christmas by the International Organisation of Securities Commissions (IOSCO), the Madrid-based umbrella body for more than 100 securities regulators around the world, has been widely welcomed as a possible basis for new supervisory regimes now under consideration in both the US and the European Union.
Change inevitable
It will be several months before the outcomes of these two separate exercises are known. But some changes in the regulatory status of credit rating agencies (CRAs) now seem inevitable on both sides of the Atlantic. The case for change is being complicated by the prominent role given to these agencies' credit ratings under the new Basel accord governing bank capital, which starts to come into effect in Europe from 2007.
Banks opting to measure their credit risks and capital requirements using the new accord's simpler (standardised) approach will have to rely, in many cases, on the external credit ratings issued by CRAs and other credit assessment bodies. At a minimum, this will involve some "recognition" process to establish the "eligibility" of the rating institutions that are used for this purpose.
For its part, the EU Commission is looking at a spectrum of options that ranges from CRA registration with a European authority and hands-on regulation, to doing nothing and allowing market forces to apply their own discipline. Other options include a "lighter touch" regulation, and a system that combines both the IOSCO code and the "recognition" process required under the new capital adequacy rules for banks and investment firms.
The worst possible outcome of all these initiatives would be a regime that "created a patchwork of different regulations in different countries, or intruded on the conduct of our work," says Raymond McDaniel, president of Moody's Investors Services, the global rating agency. "Those are the two most critical factors for us," he says. "We do not have an objection to additional oversight if it is measured and not overly intrusive. That would be a positive outcome for the industry and the market," McDaniel tells Global Risk Regulator in an interview.
He is hopeful that the IOSCO code can be the "basis for thinking about oversight and review of the rating agencies, both in Europe and the US." That is important in avoiding a fragmented approach to regulation. Many of the individuals and regulatory authorities involved in designing the code are also those undertaking the examination of the CRA industry in their home jurisdictions, McDaniel notes.
The 12-page code, drawn up by an IOSCO technical committee chaired by Roel Campos, a commissioner at the US Securities and Exchange Commission, covers the quality and integrity of the rating process; CRA independence and the avoidance of conflicts of interest; and rating agencies' responsibilities to the investing public and bond issuers.
IOSCO is asking rating agencies to include the Code Fundamentals in their own individual codes of conduct. And CRA management is urged to give them full support, backed by thorough compliance and enforcement mechanisms.
Central to the Code Fundamentals is a disclosure mechanism, which requires rating agencies to describe how they are addressing each provision. If a particular provision has not been included in the CRA's own code, the agency must explain why not, and how the objectives of that provision are otherwise being addressed. However, it is left up to regulators in different jurisdictions to decide how to react if codes are not published or followed.
The three largest CRAs - Moody's, Standard & Poor's and Fitch Ratings - have all either recently published their own codes of conduct or are about to do so.
Commissioner Roel Campos says the IOSCO code, which his technical committee has drawn up, can be the "backbone" of the current regulatory review of credit rating agencies. It "strikes exactly the right balance," he says. It makes CRAs accountable and requires them to explain themselves. So it certainly has teeth. But, at the same time, "it does not get involved in the direct operational aspects of the agencies' business, and does not tie their hands. It allows them to get on with their work," Campos adds.
He notes that it was the CRAs themselves that asked IOSCO and Campos to examine their role and develop a code that would satisfy market participants and, perhaps, regulators. The exercise was unique, says Campos. It's the only case where private sector firms have actually sought some kind of regulatory framework for their activities.
There have been growing calls in recent years for stronger regulation of CRAs, notable in Germany where their activities have become a political issue. So, it is in the rating agencies self-interest to defuse the issue, and try and prevent individual countries introducing national regulations for CRAs. Germany, which is incorporating the IOSCO code into its regulation, will now have an approach based on expertise rather than political considerations, says Campos.
He also hints that the IOSCO code will be an influence on the review of CRA regulation now being undertaken by the US Securities and Exchange Commission (SEC). For some 30 years, the SEC has operated a system of "nationally recognised statistical rating organisations" or NRSROs, for identifying rating agencies that have wide market recognition and credibility.
Opaque process
The process for obtaining NRSRO status is somewhat opaque, and it is currently applied to only four agencies - Moody's, S&P, Fitch and the Canadian agency Dominion Bond Rating Service. The NRSRO system is less about regulating the rating agencies than the use of their credit ratings as a reference for regulation more widely. Today, the ratings of NRSROs are widely used as benchmarks in federal and state legislation, in rules issued by other regulators, and in private financial contracts.
However, this system is viewed as a barrier to new agencies entering in to the market. At least one of the NRSROs would be happy to see the system abandoned. In the summer of 2003, the SEC issued a "concept release" asking for comments on how the system could be improved, or whether it should be scrapped altogether. The SEC is still considering what to do.
Hard to scrap
Although nothing has been finally decided, the prevailing view within the Washington-based SEC is that it would be difficult to scrap the NRSRO system, says Campos. "It has come to serve an important purpose. So, it will probably be kept. But the process of getting that designation will become much more open. There is likely to be a greater willingness to recognise credit ratings agencies with particular regional or geographic specialities - for example, an agency that can demonstrate a special expertise in, say, US mid-west retail banks," explains Campos. "My goal is to make the NRSRO process more open and transparent, allowing agencies with specialities to get the designation." However, for the main agencies, the process is likely to become mandatory. At present, they can theoretically opt out.
The IOSCO code will also be an important element of what emerges from the SEC review of rating agencies. Commission staff were involved in the drafting, and "it reflects our best thinking," the commissioner says. A final rule for ratings agencies could be issued by the autumn.
Majority want NRSRO kept
A majority of market participants who responded to the SEC's 2003 concept release on rating agency regulation supported the retention of the NRSRO system, although Moody's proposed its elimination. Moody's president McDaniel, who refers to the recognition process as "licensing" says the use of ratings in regulation has become a "very distractive issue." It gives rise to the perception that the "nature and structure of our industry is a result of the regulatory use of ratings, and that competition is guided by the use of ratings in regulation. We think there are economic factors shaping this industry, and would prefer to compete in a marketplace were economic forces determine who is successful," he says.
McDaniels fear that "if the ratings industry is perceived to be a beneficiary of regulation [this will provoke the response] that it should be controlled by regulation."
Meanwhile, in Europe, a taskforce on credit rating agencies, set up by the Committee of European Securities Regulators (CESR), has an April 1 deadline to prepare its advice to the Brussels-based European Commission on a range of regulatory options for the ratings industry. CESR, which coordinates securities supervisors in the 25-nation EU, and advises on the preparation of draft implementing measures, has been consulting market practitioners on the issue. Comments are required before February 1.
As in the US, the IOSCO code is set to have an important bearing on the final decision about the regulatory treatment of rating agencies. "The code is something that has been agreed by [many of Europe's securities regulators]. It will be one of the key elements in CESR's advice," says Javier Ruiz, rapporteur for the rating agency taskforce, and deputy director of the primary markets division at Spain's national securities commission, in Madrid.
CESR has been asked to advise on four aspects of the credit ratings industry: potential conflicts of interest; the lack of competition; transparency of rating methodologies; and the legal treatment of the agencies' access to inside information. As well as keeping contact with the SEC, the European body has been instructed to take account of the IOSCO code and the role envisioned for rating agencies in the Capital Requirement Directive, which will transpose the new Basel capital accord for banks into EU law.
"We want to avoid the need for duplicative sets of requirements," says Ruiz.
However, the IOSCO code does not say anything precise about enforcement. And, the scope of CESR's brief is much wider than the calculation of bank capital. It has to consider the financial markets more widely, Ruiz adds.
Cutting across all these initiatives is the important part credit ratings are set to play in determining the solvency of thousands of banks and investment firms. Under Europe's Capital Requirements Directive and, more globally, the new Basel accord - Basel II - many financial firms will calculate their risk capital using the published ratings of what are called External Credit Assessment Institutions (ECAIs). In addition to credit rating agencies, ECAIs includes some export credit agencies, as well as some credit registries.
Basel eligibility criteria
Both the directive and Basel II set out eligibility criteria for the ECAIs whose ratings are to be used, including their credibility, independence, objectivity, resources and methodology disclosure. And a recognition process will be required to establish such eligibility. The question for rating agencies is who will carry out this recognition process and whether it will vary between countries. The directive says eligibility should be determined by "competent authorities," which must publicly explain their recognition process and provide a list of eligible ECAIs. Those ECAIs deemed eligible in one country may be recognised in another.
However, working out the precise details of how this will be done is being left to the Committee of European Banking Supervisors (CEBS), the London-based sister organisation of CESR that promotes banking supervisory convergence in the EU.
European Commission officials dealing with the capital requirements directive insist that the process of "recognition" and the establishment of eligibility for ECAIs should not be viewed as regulation. "The directive is only concerned to ensure that the capital held by banks accurately reflects their risk distribution. CEBS is looking at ECAI recognition for a very specific and narrow purpose. This does not constitute regulation," says one official.
"Recognition is not the same as regulation or licensing," says a CEBS official, in London. It is a different process, with different objectives and different scope," the official says.
Some observers draw parallels between what is proposed in the directive and the NRSRO system in the US, seeing recognition as a sort of half-way house to regulation. Others see less of a distinction. "It is hard to see how rating agencies can remain unregulated when Basel II [comes into effect]. The accord gives the agencies a very important role. Once there is a mechanism to check whether ratings agencies comply with the criteria, you already have regulation," says Ruiz. "There will, presumably, also have to be some
on-going supervision. It is inevitable," he adds.
Theoretically, CRAs could choose not to seek recognition for purposes of Basel II and Europe's Capital Requirements Directive. McDaniel says that, as Moody's sees little commercial benefit from recognition, only potential burdens and additional control, remaining outside of the recognition process "is always a possibility." However, he hopes that "any form of regulation will not be so intrusive that we feel that it is a realistic choice that has to be made."
CRA independence valued
Paul Taylor, group managing director of Fitch Ratings, in London, says he would not be concerned by a recognition process in Europe that was no more onerous than the existing NRSRO system in the US. He does not expect to see burdensome regulation introduced. The majority of participants in the capital markets have made it very clear that they value independent ratings opinions, he says.
"The reason that bank regulators chose to incorporate the use of external ratings in the Basel II framework in the first place was because ratings were the best tool they had available for assessing the adequacy of bank capital. If they now say: `because we use them we must change them, because we need to control and regulate them', they will simply `blow out' the product. That will be a pretty silly thing for them to do," Taylor concludes.
