52008PC0704

[pic] | COMMISSION OF THE EUROPEAN COMMUNITIES |

Brussels, 12.11.2008

COM(2008) 704 final

2008/0217 (COD)

Proposal for a

REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

on Credit Rating Agencies

{SEC(2008) 2745}{SEC(2008) 2746}

EXPLANATORY MEMORANDUM

1. CONTEXT OF THE PROPOSAL

1.1. General context, grounds for and objectives of the proposal

Credit rating agencies provide independent opinions on the probability of default or expected losses of companies, governments and a wide range of financial instruments. These ‘credit ratings’ are used by investors, borrowers, issuers and governments, and so play an important role in financial markets.

In 2006 the Commission set out its regulatory approach to credit rating agencies[1] and stated that it would monitor the developments in this area very carefully. Credit rating agencies active in the EU are mainly governed by the International Organisation of Securities Commissions (IOSCO) code of conduct[2], which is based on voluntary compliance, and are subject to a yearly assessment by the Committee of European Securities Regulators (CESR)[3]. The Commission stated that it would consider new proposals if compliance with existing EU rules or the IOSCO Code was clearly unsatisfactory or if new circumstances were to arise — including serious problems of market failure.

It is commonly agreed that credit rating agencies contributed significantly to recent market turmoil by underestimating the credit risk of structured credit products. The great majority of subprime products were given the highest ratings, thereby clearly underestimating the major risks inherent in those instruments. Furthermore, when market conditions worsened, the agencies failed to adapt the ratings promptly.

The current crisis has revealed weaknesses in the methods and models used by credit rating agencies. One reason may be that credit rating agencies operate in an oligopolistic market that offers limited incentives to compete on the quality of the ratings produced. The sometimes poor quality of ratings of structured finance instruments has considerably contributed to the current crisis. In addition, shortcomings in the agencies’ communication with users of credit ratings became evident. As a result, market participants’ confidence in the performance of credit rating agencies and in the reliability of ratings has suffered.

In October 2007 EU Finance Ministers agreed to a set of conclusions on the crisis (the ‘Ecofin Roadmap’)[4] which included a proposal to assess the role played by credit rating agencies and to address any relevant deficiencies. Specifically, the Commission was asked to examine possible conflicts of interest in the rating process, transparency of rating methods, time-lags in rating reassessments and regulatory approval processes.

To clarify the role of the agencies and assess the need for regulatory measures, in autumn 2007 the Commission requested the advice of the CESR and the European Securities Markets Expert Group (ESME)[5]. At around the same time, other countries also started reforms in this field (US, Japan), and since then, important reports by IOSCO[6], the Financial Stability Forum[7] and the Committee on the Global Financial System[8] have addressed the issue. Meanwhile, credit rating agencies themselves have outlined some reforms they are prepared to undertake[9].

Self-regulation based on voluntary compliance with the IOSCO code does not appear to offer an adequate, reliable solution to the structural deficiencies of the business. While the industry has come up with several schemes for self-regulation, most of these have not been robust and or stringent enough to cope with the severe problems and restore the confidence in the markets. Moreover, individual approaches by some of the credit rating agencies would not have the market-wide effect necessary to establish a level playing field across the EU and preferably worldwide. In terms of substantive requirements, the Commission considers the revised IOSCO code of conduct to be the global benchmark. However, the code has some limitations that need to be overcome to make its rules fully operational. Some IOSCO rules are quite abstract and generic; they need to be concretised, and consolidated in some cases, to make them easier to apply in practice and more efficient. Most importantly, the code provides no enforcement mechanism but only invites credit rating agencies to give reasons if they do not comply with it (the ‘comply or explain’ approach). The code itself is open to being complemented by enforceable rules. It explicitly states that credit rating agencies should obey the laws and regulations of the jurisdictions in which they operate and that these laws may include direct regulation of credit rating agencies that may incorporate elements of the code.

In the US, where most of the credit rating agencies with significant EU activities have their parent companies, credit rating agencies have been subject to regulation and supervision since summer 2007[10]. Given the global nature of the rating business, it is important to level the playing field between the EU and the US by setting up a regulatory framework in the EU comparable to that applied in the US and based on the same principles.

In the light of these considerations, this proposal for a regulation has four overall objectives aiming at improving the process of issuance of credit ratings:

- first, to ensure that credit rating agencies avoid conflicts of interest in the rating process or at least manage them adequately;

- second, to improve the quality of the methodologies used by credit rating agencies and the quality of ratings;

- third, to increase transparency by setting disclosure obligations for credit rating agencies;

- fourth, to ensure an efficient registration and surveillance framework, avoiding ‘forum shopping’ and regulatory arbitrage between EU jurisdictions.

The Commission intends to develop the regulatory framework for the issuance of credit ratings in order to ensure a high level of investor confidence and consumer protection.

1.2. Existing provisions in the area of the proposal

Community law addresses only two specific aspects of credit rating:

- While credit ratings are not recommendations within the meaning of Directive 2003/125/EC[11] implementing the Market Abuse Directive[12], recital 10 of Directive 2003/125/EC states that agencies should consider adopting internal policies and procedures designed to ensure that their credit ratings are fairly presented and that they appropriately disclose any significant interests or conflicts of interest concerning the financial instruments or the issuers to which their credit ratings relate.

- The Capital Requirements Directive[13] (2006/48/EC) provides for the use of external credit assessments to determine risk weights and the resulting capital requirements applied to a bank or investment firm’s exposure. An external credit assessment may only be used for this purpose if the External Credit Assessment Institution (‘ECAI’) providing the risk assessment has been recognised by the competent authorities. A recognition mechanism is outlined in Annex VI Part 2 of the Capital Requirements Directive. The competent national authorities may only recognise an ECAI if the latter complies with requirements such as objectivity, independence, ongoing review, credibility and transparency. In order to promote convergence, the Committee of European Banking Supervisors (CEBS) has issued guidelines on the recognition of ECAIs[14].

1.3. Consultation of interested parties and impact assessment

As stated in Section 1.1., in autumn 2007 the Commission asked the Committee of European Securities Regulators (CESR) and the European Securities Markets Expert Group (ESME) to provide advice on various aspects of credit rating agencies’ activity and role in the financial markets, especially in structured finance. Both groups widely consulted stakeholders, giving the Commission a broader view and more evidence of the role of credit rating agencies in structured finance in the context of the subprime turmoil.

As well as closely following the progress of work at CESR and ESME, the Commission has held discussions with credit rating agencies, and sought comments from other interested parties including industry associations from the insurance, securities and banking sector and information providers. An open consultation was conducted on the internet between 31 July 2008 and 5 September 2008[15]. Credit rating agencies, banks, investment firms, insurance companies, fund managers, supervisory and regulatory authorities, ministries of finance, central banks and other interested parties were represented in the survey answers, through either individual or grouped responses[16].

1.4. Impact assessment

In line with its ‘Better Regulation’ policy, the Commission conducted an impact assessment of policy alternatives. Four options were considered:

- Option 1: keeping the status quo (self-regulatory approach based on the IOSCO code coupled with individual initiatives by credit rating agencies);

- Option 2: drafting a European code of conduct and setting up a body to monitor credit rating agencies’ compliance with the code, albeit with no enforcement powers;

- Option 3: issuing a (non-binding) Commission recommendation;

- Option 4: legislating to set up a registration and surveillance framework for credit rating agencies.

Each of these four policy options was assessed against four criteria: effectiveness[17], certainty[18], common framework[19] and flexibility[20]. The legislative option had clear advantages over the other policy options especially with regard to its effectiveness and certainty, because the other options (self-regulatory approaches or a recommendation) cannot produce legally binding rules and an enforcement mechanism. Furthermore, legislation is the best option to ensure a common framework throughout the EU and an efficient counterbalance to other important jurisdictions, notably the US.

2. LEGAL ELEMENTS OF THE PROPOSAL

2.1. Legal basis

The proposal is based on Article 95 of the EC Treaty.

2.2. Subsidiarity and proportionality

The Commission proposal to regulate Credit Rating Agencies is in line with the principle of subsidiary as laid down in Article 5(2) of the EC Treaty, which requires the Community to take action only if and in so far as the objectives of the proposed action cannot be sufficiently achieved by the Member States and can therefore, by reason of the scale of effects of the proposed action, be better achieved by the Community. The business of credit rating agencies is global. Ratings issued by a credit rating agency based in one Member State are used and relied upon by market participants throughout the EU. Failures or the lack of a regulatory framework for credit rating agencies in one specific Member State could adversely affect market participants and financial markets EU-wide. Therefore, sound regulatory rules applicable throughout the EU are necessary to protect investors and markets from possible shortcomings.

It is necessary to lay down a common framework of rules regarding the quality of credit ratings to be used by financial institutions regulated by harmonised rules in the Community. Otherwise, there would be a risk that Member States would take diverging measures at national level. This would have a direct negative impact on and create obstacles to the good functioning of the internal market, since the credit rating agencies issuing credit ratings for the use of financial institutions in the Community, would be subject to different rules in different Member States.

Finally, given the global nature and worldwide effects of the rating business, convergence of the rules regulating the issuance of credit ratings on a global scale ensuring a equally high level of investor confidence and consumer protection is important. Different national regulations in the EU would complicate this convergence process and could weaken the position of the EU compared to important regimes elsewhere.

The proposed regulation is also proportionate, as required by Article 5(3) of the EC Treaty. It targets not all credit rating agencies but only those whose ratings are used for regulatory purposes by financial institutions, i.e. those with a potentially high impact on the financial system. Many of its substantive provisions are inspired by the IOSCO code. This will limit adaptation costs considerably, since many credit rating agencies already comply voluntarily with the code. The proposal takes into account regulation in place in major non-EU countries, to accommodate the business model of globally operating credit rating agencies, but also considers smaller agencies that follow a less complex business model[21].

2.3. Choice of instrument

EU legislation appears to be the only option that could sufficiently protect investors and European financial markets against the risk of malpractice by credit rating agencies. A uniform approach is necessary in order to create a framework where Member States competent authorities can ensure that credit rating agencies apply the new set of requirements consistently across the Community. A Regulation is the best instrument to ensure a consistent and uniform approach throughout the European Union because of its direct effect.

No comprehensive registration and surveillance regime for the issuance of credit ratings currently exists in any of the Member States. A Directive, which leaves the Member States a degree of flexibility in deciding how to adapt their national legal orders to the new framework, is therefore not efficient.

Since it does not need transposition by Member States, a Regulation can immediately put in place the uniform framework needed to quickly restore the market's confidence in the credit rating activity. It is also less burdensome for the industry, as a single set of Community rules will apply throughout the European Union.

2.4. Comitology

The proposal is based on the Lamfalussy process for regulating financial services. The main part of the proposed regulation introduces principles in order to ensure that (i) the issuance of credit ratings is not affected by conflicts of interest, (ii) that credit rating issued are of high quality, and (iii) that credit rating agencies act in a transparent manner.

The technical details necessary to specify the principles of the Regulation are laid down in Annex I and II of the Regulation. In order to allow a fast adaptation of the Regulation to any new developments affecting the rating activity the technical provisions contained in the Annexes can be amended by the Commission in accordance with Council Decision 1999/468/EC of 28 June 1999[22]s. Since those measures are of general scope and are designed to amend non-essential elements of this Regulation, they must be adopted in accordance with the regulatory procedure with scrutiny provided for in Article 5a of Decision 1999/468/EC.

2.5. Content of the Proposal

2.5.1. Scope (Article 2)

The proposal introduces a legally binding registration and surveillance regime for credit rating agencies issuing credit ratings mainly intended for use for regulatory purposes by credit institutions, investments firms, insurance, assurance and reinsurance undertakings, collective investment schemes and pension funds.

2.5.2. Independence and avoidance of conflicts of interest (Articles 5-6 and Annex I Section A, B, C)

Further improvements in dealing with organisational requirements and conflicts of interest are crucial if credit rating agencies want to regain markets’ confidence. This calls for reforms to their internal governance structure, introducing sound internal controls and sound reporting lines, clearly separating the rating function from business incentives. External surveillance is strengthened by internal discipline by giving the independent, non-executive members of the administrative or supervisory board of the credit rating agency specific tasks to ensure efficient control (Article 5 and Annex I, Section A, Point 2).

To ensure the independence of ratings, credit rating agencies are required to prevent conflicts of interest and/or to manage these conflicts adequately where they are unavoidable. They must disclose conflicts of interest in a complete, timely, clear, concise, specific and prominent manner and record all significant threats to the rating agency’s independence or that of its employees involved in the credit rating process, together with the safeguards applied to mitigate those threats. They must limit their activity to credit rating and related operations, excluding consultancy or advisory services (Article 5 and Annex I, Section B).

Agencies must have adequate internal policies and procedures to insulate employees involved in credit rating from conflicts of interest and ensure the quality, integrity and thoroughness of the rating and review process at all times. Linked to this, agencies must allocate sufficient employees with appropriate knowledge and experience to their credit rating activity and make appropriate rotation arrangements for analysts and persons approving credit ratings. (Article 6 and Annex I, Section C).

The compensation arrangements of employees involved in the rating process must be determined primarily by the quality, accuracy, thoroughness and integrity of their work (Article 6(6)).

2.5.3. Quality of ratings (Article 7)

The purpose of credit rating is to provide a credible and sound analysis of the credit risk of a borrower or issuer based on the available information and economic analysis. Many investors rely on credit rating agencies because they lack the expertise and/or resources (in time and money) to undertake their own analysis of the credit risk. Moreover, credit rating agencies often possess information that is not widely available to market participants. So, in theory, the ratings issued by credit rating agencies are an efficient means for investors to measure and manage credit risk, but only if they are sound and of good quality. The proposed Regulation aims to improve the quality of credit ratings, but it does not relieve investors of the need to exercise judgment and due diligence in relying on ratings when making investment decisions; nor does it jeopardise the independence of the rating process or of the ratings themselves, for which the credit rating agency retains full responsibility.

To allow sophisticated market participants (banks and other institutional investors) to check the soundness of the methodologies used and to verify the rating issued by the credit rating agency, but also to increase market discipline, credit rating agencies must disclose the methodologies, models and key assumptions they use in the rating process. Methods must be kept up-to-date and subject to review. If the agency changes its rating methodology it must immediately disclose which ratings are likely to be affected by this change and re-rate them promptly. Credit rating agencies must also continually review ratings. This is important to keep the ratings up-to-date and responsive to changes in financial conditions. This provision should prevent credit rating agencies from concentrating their efforts and resources on the initial rating and neglecting subsequent monitoring, which can be detrimental to the ongoing quality of the ratings.

2.5.4. Disclosure and transparency obligations (Articles 8-11 and Annex I, Sections B, D, and E)

The current crisis revealed weaknesses in the methods and models used by the agencies to rate structured finance instruments that were financially engineered to give high confidence to investors, and in the agencies’ communication with the markets and investors both about the characteristics and limitation of the rating of structured finance instruments and about critical model assumptions.

The proposal obliges credit rating agencies to disclose ratings on a non-selective basis and in a timely manner, unless the ratings are only distributed by subscription. It seeks to enable investors to distinguish between ratings for structured products and for traditional products (corporate, sovereign) by requiring the use of a different rating category for structured finance instruments or the provision of additional information on their risk characteristics. Specific disclosure requirements apply to unsolicited credit ratings (Article 8).

To ensure that internal processes and procedures are sufficiently transparent, credit rating agencies must publicly disclose some important information, e.g. on conflicts of interest, methodologies and key rating assumptions and the general nature of their compensation policy. They must also periodically disclose data on the historical default rates of rating categories and give competent authorities certain elements such as the list of the largest 20 clients by revenue (Article 9 and Annex I, Section E).

To ensure that relevant, standardised data on credit rating agencies’ performance is available to allow market participants to make industry-wide comparisons, CESR is to create a publicly available central repository for such data (Article 9(2)).

To restore public confidence in the rating business, credit rating agencies must publish an annual transparency report (Article 10 and Annex I, Section E, Part III), and keep records of their activities (Articles 5-7 and Annex I, Section B, Points 7-9).

2.5.5. Registration (Articles 12-17) and surveillance (Articles 19-31)

The activity of credit rating agencies whose credit ratings are intended to be used for regulatory purpose by financial institutions to comply with Community legislation will be subject to prior registration. The proposal lays down the conditions and the procedure for granting or withdrawing that registration. (Articles 12-17)

A credit rating activity performed by a credit rating agency in the European Union has consequences for all EU markets; thus all regulators in the European Union should be involved in the registration process. The proposal introduces a single entry point for the registration, the CESR, which is best placed to provide a one-stop-shop for applications and a central point for informing and coordinating all EU national regulators. Responsibility for registration and surveillance of the credit rating agency rests with the competent authority of the home Member State, i.e. that in which the credit rating agency has its registered office. That competent authority is best placed in terms of physical presence to closely supervise the credit rating agency. Specific provisions are also proposed for groups of credit rating agencies; when examining the applications for registration submitted by a group of credit rating agencies, the competent authorities concerned must consider the group structure and agree on a facilitator who will be responsible for coordinating the registration process (Article 14).

To function as a single entry point, CESR should be closely involved in the registration process from the outset and be entitled to give its advice on the granting or withdrawal of the registration by the competent authority of the home Member Stated and may request re-examination of draft decisions (Article 17). The registration will become effective after publication by the Commission in the Official Journal of the European Union (Article 14). The Commission shall publish regularly an updated list of the credit rating agencies registered.

The proposal creates a mechanism to ensure effective enforcement of the Regulation. It gives competent authorities the necessary powers to ensure that credit rating agencies comply with the Regulation throughout the Community. In carrying out their duties, competent authorities shall not interfere with the content of credit ratings (Article 20(1)). To ensure effective surveillance, the proposal requires specific forms of cooperation between Member States competent authorities, to promote a common supervisory culture. It also provides for enhanced cooperation in case of a group of credit rating agencies, through the coordination of supervisory activities by the facilitator (Articles 25). Given the international scale of the credit rating business, it is also necessary to provide for the exchange of information with non-EU countries (Article 29).

2.6. Budgetary implications

The proposal has no implications for the Community budget.

2008/0217 (COD)

Proposal for a

REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

on Credit Rating Agencies (Text with EEA relevance)

THE EUROPEAN PARLIAMENT AND THE COUNCIL OF THE EUROPEAN UNION,

Having regard to the Treaty establishing the European Community, and in particular Article 95 thereof,

Having regard to the proposal from the Commission,

Having regard to the opinion of the European Economic and Social Committee[23],

Acting in accordance with the procedure laid down in Article 251 of the Treaty[24],

Whereas:

(1) Credit rating agencies play an important role in global securities and banking markets, as their ratings are used by investors, borrowers, issuers and governments to make informed investment and financing decisions. Credit institutions, investments firms, insurance undertakings, assurance undertakings, reinsurance undertakings, undertakings for collective investment in transferable securities (UCITS) and institutions for occupational retirement provision, may use those ratings as the reference for the calculation of their capital requirements for solvency purposes or for calculating risks in their investment activity. Consequently, credit ratings have a significant impact on the trust and confidence of investors and consumers. It is essential, therefore, that credit ratings used in the Community are independent, objective and of the highest quality.

(2) Currently, most credit rating agencies have their headquarters outside the Community. Most Member States do not regulate the activities of credit rating agencies or the conditions for the issuance of credit ratings. Despite their significant importance for the functioning of the financial markets, credit rating agencies are only to a limited extent subject to Community legislation, notably Directive 2003/6/EC of the European Parliament and of the Council of 28 January 2003 on insider dealing and market manipulation[25]. Moreover, Directive 2006/48/EC of the European Parliament and of the Council of 14 June 2006 relating to the taking up and pursuit of the business of credit institutions and Directive 2006/49/EC of the European Parliament and of the Council of 14 June 2006 on the capital adequacy of investment firms and credit institutions[26] refer to credit rating agencies. It is therefore important to lay down rules ensuring that all ratings used by financial institutions governed by Community legislation are of high quality and issued by credit rating agencies subject to stringent requirements. The Commission will continue to work with its international partners to ensure convergence of the rules applying to credit rating agencies.

(3) Credit rating agencies may apply on a voluntary basis the Code of Conduct Fundamentals for credit rating agencies issued by the International Organisation of Securities Commissions, hereinafter the "IOSCO code". In 2006 a Communication from the Commission on Credit Rating Agencies[27] invited the Committee of European Securities Regulators, hereinafter "CESR", to monitor compliance with the IOSCO Code and report back to the Commission on an annual basis.

(4) The European Council of 13 and 14 March 2008 agreed to a set of conclusions to respond to the main weaknesses identified in the financial system. One of the objectives was to improve market functioning and incentive structures, including the role of credit rating agencies.

(5) Credit rating agencies are considered to have failed to reflect early enough in their credit ratings the worsening market conditions. This failure can be best corrected by measures related to conflicts of interest, the quality of the credit ratings, the transparency of the credit rating agencies, their internal governance and surveillance of the activities of the credit rating agencies. The users of credit ratings should not rely blindly on credit ratings. They should take utmost care to perform own analysis and conduct due diligence regarding their reliance on such credit ratings.

(6) It is necessary to lay down a common framework of rules regarding the quality of credit ratings to be used by financial institutions regulated by harmonised rules in the Community. Otherwise, there would be a risk that Member States would take diverging measures at national level. This would have a direct negative impact on and create obstacles to the good functioning of the internal market, since the credit rating agencies issuing credit ratings for the use of financial institutions in the Community, would be subject to different rules in different Member States. Moreover, diverging quality requirements on credit ratings could lead to different levels of investor and consumer protection.

(7) In order to avoid potential conflicts of interest credit rating agencies should limit their activity to the issuing of credit ratings. A credit rating agency should not be allowed to carry out consultancy or advisory services . In particular credit rating agency should not make proposals or recommendations regarding the design of a structured finance instrument. However, credit rating agencies should be able to provide ancillary services where this does not create potential conflicts of interest with the issuance of credit ratings.

(8) Credit rating agencies should establish appropriate internal policies and procedures in relation to employees involved in the credit rating process in order to prevent conflicts of interest and ensure at all times the quality, integrity and thoroughness of the rating and review process.

(9) Credit rating agencies should avoid situations of conflicts of interest and manage those conflicts adequately when they are unavoidable in order to ensure their independence. Credit rating agencies should disclose conflicts of interest in a timely manner. They should also keep record of all significant threats to the independence of the credit rating agency and that of its employees involved in the credit rating process, as well as the safeguards applied to mitigate those threats.

(10) In order to ensure the independence of the credit rating process from the business interest of the credit rating agency as a company, the credit rating agencies should ensure that the administrative or supervisory board shall include at least three non-executive members, who should be independent along the lines of point 13 in Section III of Commission Recommendation 2005/162/EC on the role of non-executive or supervisory directors of listed companies and on the committees of the (supervisory) board[28]. Moreover, it is necessary that the majority of members of the administrative or supervisory board, including all independent members have sufficient expertise in financial services.

(11) In order to avoid conflicts of interest the remuneration of independent members of the administrative or supervisory board should not depend on the business performance of the agency.

(12) A credit rating agency should allocate a sufficient number of employees with appropriate knowledge and experience to its credit rating activity. In particular, the credit rating agency should ensure that adequate human and financial resources are allocated to the issuing of credit ratings as well as their monitoring and updating.

(13) Long lasting relationships with the same rated entities or its related third parties could compromise independence of analysts and persons approving credit ratings. Therefore those analysts and persons should be subject to a rotation mechanism.

(14) Credit rating agencies should use rating methodologies that are rigorous, systematic, and continuous and result in ratings that may be subject to validation based on historical experience. Credit rating agencies should ensure that methodologies, models and key rating assumptions used for determining credit ratings are properly maintained, up-to-date and subject to a comprehensive review on a periodic basis. In cases where the lack of reliable data or the complexity of the structure of a new type, in particular structured finance instruments, raises serious questions as to whether the credit rating agency can produce a credible credit rating, the credit rating agency should refrain from issuing a credit rating or withdraw an existing credit rating.

(15) In order to ensure the quality of ratings, a credit rating agency should take measures to ensure that the information it use in assigning a rating is reliable. For this purpose, a credit rating agency may envisage, among other elements reliance on independently audited financial statements and public disclosures; verification by reputable third party services; random sampling examination by the credit rating agency of the information received; or contractual provisions clearly stipulating liability for the rated entity or its related third parties, if the information provided under the contract is knowingly materially false or misleading or if the rated entity or its related third parties fail to conduct reasonable due diligence regarding the accuracy of the information as specified under the terms of the contract.

(16) It is necessary that methodologies, models and key rating assumptions used by the credit rating agency are regularly reviewed in order to be able to properly reflect the changing conditions in the underlying asset markets. With a view to ensuring transparency, disclosure of any material modification to the methodologies and practices, procedures and processes of credit rating agency should be made prior to their coming into effect, unless extreme market conditions require an immediate change in the credit rating.

(17) The credit rating agency should indicate any appropriate risk warning, including a sensitivity analysis of the relevant assumptions. This analysis should explain how various market developments that move the parameters built into the model may influence the credit rating changes (e.g. volatility). The credit rating agency should ensure that the information on historical default rates of its rating categories is verifiable and quantifiable and provides a sufficient basis for interested parties to understand the historical performance of each rating category and if and how rating categories have changed. If the nature of the credit rating or other circumstances makes a historical default rate inappropriate, statistically invalid, or otherwise likely to mislead the users of the rating, the credit rating agency should provide appropriate clarifications. This information should, to the extent possible, be comparable with any existing industry patterns in order to assist investors in drawing performance comparisons between different credit rating agencies.

(18) Under certain circumstances structured finance instruments may have effects which are different from traditional corporate debt instruments. It could be misleading for investors to apply the same rating categories to both types of instruments without further explanation. Credit rating agencies should play an important role in raising awareness of the users of ratings about the specificities of the structured finance products in relation to traditional ones. Therefore credit rating agencies should either use different rating categories when rating structured finance instruments or provide additional information on the different risk characteristics of these products.

(19) Credit rating agencies should take measures to avoid situations where issuers request the preliminary rating assessment of the structured finance instrument concerned from a number of credit rating agencies in order to identify the one offering the best credit rating for the proposed structure. Issuers should also avoid applying such practices.

(20) A credit rating agency should keep records of the methodology of ratings and regularly update changes thereto and also keep a record of the substantial elements of the dialogue between the analyst and the rated entity or its related third parties.

(21) In order to ensure a high level of investor and consumer confidence in the internal market, credit rating agencies which issue credit ratings intended for use for regulatory purposes by financial institutions in the Community should be subject to registration. It is therefore necessary to lay down the conditions and the procedure for the granting, suspension and withdrawal of that registration.

(22) A credit rating agency registered by the competent authority of the relevant Member State should be allowed to issue credit ratings throughout the Community. It is therefore necessary to establish a single registration for each credit rating agency which is valid throughout the Community.

(23) Some credit rating agencies are composed of several legal entities which together form a group of credit rating agencies. When registering each of the credit rating agencies being part of such a group, the competent authorities of the Member States concerned should coordinate the assessment of the applications submitted by credit rating agencies belonging to the same group.

(24) It is necessary to establish a single point for submission of applications for registration. CESR should receive applications for registration and effectively inform competent authorities in all Member States. Nevertheless, the examination of applications for registration should be carried out at national level by the relevant competent authority. In order to efficiently deal with credit rating agencies competent authorities within CESR should set up an operational network supported by an efficient information technology infrastructure and establish a subcommittee specialised in the field of credit ratings of each of the asset classes rated by credit rating agencies.

(25) The Commission has in November 2008 set up a high level group which will look into the future European supervisory architecture in the field of financial services, including the role of CESR.

(26) The supervision of a credit rating agency should be carried out by the competent authority of the home Member State, and, in case of a group of credit rating agencies, in cooperation with the competent authorities of the other Member States concerned and under coordination of CESR.

(27) In order to maintain a high level of investor and consumer confidence and enable an on-going control of credit ratings used by financial institutions in the Community, credit rating agencies whose headquarters are located outside the Community should be required to set up a subsidiary in the Community in order to allow for an efficient supervision of their activities in the Community.

(28) It is appropriate to create a mechanism to ensure the effective enforcement of the provisions of this Regulation. The competent authorities of the Member States should have at their disposal necessary means to ensure that ratings for use within the Community are issued in compliance with this Regulation. Since the analytical independence of a credit rating agency in the process of issuing its credit ratings should be preserved, the competent authorities should not interfere in relation to the substance of credit ratings and the methodologies by which a credit rating agency determines credit ratings.

(29) For the efficiency of supervision and in order to avoid duplication of tasks the competent authorities of Member States should cooperate.

(30) In case the competent authority of the home Member State does not take the necessary measures in order to eliminate irregularities committed by a credit rating agency, competent authorities of other Member States should be able to intervene and take appropriate measures.

(31) It is necessary to enhance convergence of the powers at the disposal of the competent authorities in order to achieve an equivalent intensity of enforcement across the internal market.

(32) CESR should ensure coherence in the application of this Regulation. It should enhance and facilitate the cooperation of competent authorities in supervisory activities and assume a coordination role in day-to-day supervisory practice. Therefore CESR should establish a mediation mechanism in order to facilitate a coherent approach by the competent authorities.

(33) Member States should lay down rules on sanctions applicable to infringements of the provisions of this Regulation and ensure that they are implemented. The sanctions should be effective, proportionate and dissuasive.

(34) Any exchange or transmission of information between competent authorities, other authorities, bodies or persons should be in accordance with the rules on transfer of personal data as laid down in Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data[29].

(35) The stricter and clearer legal framework within which credit rating agencies will operate should also facilitate recourse to civil actions in respect of credit rating agencies in appropriate cases, in accordance with the applicable regimes of liability of the Member States.

(36) The measures necessary for the implementation of this Regulation should be adopted in accordance with Council Decision 1999/468/EC of 28 June 1999 laying down the procedures for the exercise of implementing powers conferred on the Commission[30].

(37) In particular the Commission should be empowered to amend Annex I and II of the Regulation which lay down the specific criteria for assessing the compliance of a credit rating agency with its duties in terms of internal organisation, operational arrangements, rules on employees, presentation of credit ratings and disclosure. Since those measures are of general scope and are designed to amend non-essential elements of this Regulation, they must be adopted in accordance with the regulatory procedure with scrutiny provided for in Article 5a of Decision 1999/468/EC.

(38) Since the objectives of the action to be taken, namely to ensure a high level of consumer and investor protection by laying down a common framework with regard to the quality of credit ratings to be used by financial institutions operating in the internal market cannot be sufficiently achieved by the Member States, given the current lack of national legislation and the fact that a majority of existing credit rating agencies are established outside the Community, and can therefore, be better achieved at Community level, the Community may adopt measures, in accordance with the principle of subsidiarity as set out in Article 5 of the Treaty. In accordance with the principle of proportionality, as set out in that Article, this Regulation does not go beyond what is necessary in order to achieve those objectives,

HAVE ADOPTED THIS REGULATION:

TITLE I SUBJECT MATTER, SCOPE AND DEFINITIONS

Article 1

Subject matter

This Regulation introduces a common approach to ensuring the high quality of credit ratings to be used in the Community, thereby contributing to the smooth functioning of the internal market while achieving a high level of consumer and investor protection. It lays down conditions for the issuance of credit ratings and rules on the organisation and conduct of credit rating agencies to ensure in practice their independence and avoidance of conflicts of interest.

Article 2

Scope

1. This Regulation shall apply to credit ratings that are intended for use for regulatory purposes or otherwise by credit institutions as defined in Directive 2006/48/EC, investments firms as defined in Directive 2004/39/EC of the European Parliament and of the Council[31], insurance undertakings subject to Council Directive 73/239/EEC[32], assurance undertakings as defined in Directive 2002/83/EC of the European Parliament and of the Council[33], reinsurance undertakings as defined in Directive 2005/68/EC of the European Parliament and the Council[34], undertakings for collective investment in transferable securities (UCITS) as defined in Directive [2009/XX/EC[35]] or institutions for occupational retirement provision as defined in Directive 2003/41/EC of the European Parliament and of the Council[36] and are disclosed publicly or distributed by subscription.

2. This Regulation shall not apply to private credit ratings. It shall not apply to credit ratings issued by public bodies whose credit ratings are not publicly disclosed and are not paid by the rated entity.

Article 3

Definitions

1. For the purpose of this Regulation, the following definitions shall apply:

a) "credit rating" means an opinion regarding the creditworthiness of an entity, a credit commitment, a debt or debt-like financial instrument or an issuer of such obligations, issued using an established and defined ranking system of rating categories;

b) "credit rating agency" means a legal person whose regular and principal occupation is the issuance of credit ratings;

c) "home Member State " means a Member State in which the credit rating agency has its registered office;

d) "analyst" means a person who performs analytical functions that are necessary for the issuance of a credit rating;

e) "rated entity" means a legal person whose creditworthiness is explicitly or implicitly rated in the credit rating, whether it has solicited that credit rating or not or provided information for that credit rating;

f) "rating category" means a rating symbol used for identifying different credit ratings for each class of credit ratings in order to distinguish the different risk characteristics of the different types of rated entities, issuers and financial instruments;

g) "related third party" means the originator, arranger, sponsor, servicer or any other party that interacts with a credit rating agency on behalf of a rated entity, including any person directly or indirectly linked to it by control;

h) "control" means the relationship between a parent undertaking and a subsidiary, as set out in Article 1 of Council Directive 83/349/EEC[37], or a similar relationship between any natural or legal person and an undertaking;

i) "financial instruments" means the instruments listed in Section C of Annex I to Directive 2004/39/EC;

j) "structured finance instrument" means an instrument resulting from a securitisation transaction or scheme referred to in Article 4(36) of Directive 2006/48/EC;

k) "group of credit rating agencies" means a group of undertakings consisting of a parent undertaking and its subsidiaries within the meaning of Article 1 and 2 of Directive 83/349/EEC[38], as well as undertakings linked to each other by a relationship within the meaning of Article 12(1) of Directive 83/349/EEC and whose regular and principal occupation is the issuance of credit ratings.

2. For the purposes of point (a) of paragraph 1, credit ratings shall not be considered recommendations within the meaning of Article 1(3) of Commission Directive 2003/125/EC[39].

Article 4

Use of credit ratings

Credit institutions, investments firms, insurance, assurance and reinsurance undertakings, undertakings for collective investment in transferable securities (UCITS) and institutions for occupational retirement provision referred to in Article 2 may only use for regulatory purposes credit ratings which are issued by credit rating agencies established in the Community and registered in accordance with this Regulation.

Investment firms and credit institutions referred to in Art. 1 of Directive 2004/39/EC should not execute orders on behalf of their clients with respect to financial instruments which have been rated, unless the credit rating has been issued by a credit rating agency registered in accordance with this Regulation.

TITLE II

ISSUING OF CREDIT RATINGS

Article 5

Independence and avoidance of conflicts of interest

1. A credit rating agency shall ensure that the issuance of a credit rating is not affected by any existing or potential conflict of interest or business relationship involving the credit rating agency issuing the credit rating, its managers, employees or any person directly or indirectly linked to it by control.

2. In order to ensure compliance with paragraph 1, the credit rating agency shall comply with the requirements set out in Sections A and B of Annex I.

Article 6

Employees

1. A credit rating agency shall ensure that employees directly involved in the credit rating process have appropriate knowledge and experience for the duties assigned.

2. A credit rating agency shall ensure that employees who are directly involved in the credit rating process shall not be allowed to initiate or participate in negotiations regarding fees or payments with any rated entity, related third party or any person directly or indirectly linked to the rated entity by control.

3. A credit rating agency shall ensure that employees who are directly involved in the credit rating process meet the requirements set out in Section C of Annex I.

4. A credit rating agency shall ensure that analysts and persons approving credit ratings shall not be involved in providing the credit rating services to the same rated entity or its related third parties for a period exceeding four years. For that purpose it shall establish a rotation mechanism with regard to those analysts and persons.

The period after which the analysts and persons approving credit ratings may be involved in providing the credit rating services to the rated entity or related third parties referred to in the first subparagraph may not be shorter than two years.

5. Paragraph 4 shall not apply to a credit rating agency which employs less than 50 employees and takes measures to ensure the objectivity of analysts in the relations with the rated entity or related third parties.

6. Compensation and performance evaluation of analysts and persons approving the credit ratings shall not be contingent on the amount of revenue that the credit rating agency derives from the rated entities or related third parties to which the analyst or persons approving the credit ratings provide services.

Article 7

Rating methodologies

1. A credit rating agency shall disclose to the public the methodologies, models and key rating assumptions it uses in the rating process.

2. A credit rating agency shall ensure that the credit ratings it produces and disseminates are based on an analysis of all information available to it that is of relevance according to its rating methodologies. It shall adopt all necessary measures so that the information it uses in assigning a credit rating is of sufficient quality and from reliable sources.

3. Where a credit rating agency is using an existing credit rating or ratings prepared by another credit rating agency with respect to underlying assets or structured finance instruments, it shall not refuse to issue a credit rating of an entity or a financial instrument because a portion of the entity or the financial instrument had been previously rated by another credit rating agency.

A credit rating agency shall record all instances where in its credit rating process it downgrades existing credit ratings prepared by another credit rating agency with respect to underlying assets or structured finance instruments providing a justification for the downgrade.

4. A credit rating agency shall monitor credit ratings and review its credit ratings where necessary. A credit rating agency shall establish internal arrangements to monitor the impact of changes in macroeconomic or financial market conditions on credit ratings.

5. When rating methodologies, models or key rating assumptions are changed a credit rating agency shall:

a) immediately, using the same means of communication as was used for the distributions of the affected credit ratings, disclose the likely scope of credit ratings to be affected;

b) review the affected credit ratings as soon as possible and not later than within 6 months after the change, and in the meantime place those ratings under observation;

c) re-rate all credit ratings that have been based on those methodologies, models or assumptions.

Article 8

Disclosure and presentation of credit ratings

1. A credit rating agency shall disclose any credit rating, as well as any decisions to discontinue a credit rating on a non-selective basis and in a timely manner.

The first subparagraph shall not apply to credit ratings that are distributed by subscription.

2. Credit ratings shall be presented in accordance with the requirements set out in Section D of Annex I.

3. When a credit rating agency issues a rating for structured finance instruments it shall ensure either of the following:

a) credit rating categories that may be attributed to structured finance instruments are clearly differentiated from rating categories that may be used to rate other types of rated entities or financial instruments;

b) publish a report that provides a detailed description of the rating methodology used to determine the credit rating and an explanation of how it differs from the determination of ratings for any other type of rated entity or financial instrument, and how the credit risk characteristics associated with a structured finance instrument differ from the risks related to any other type of rated entity or financial instrument.

4. A credit rating agency shall disclose its policies and procedures regarding unsolicited credit ratings.

5. When a credit rating agency issues an unsolicited credit rating it shall state in the credit rating that the rated entity or related third party did not participate in the credit rating process and that the credit rating agency did not have access to the accounts and other relevant internal documents of the rated entity or its related third party.

Unsolicited credit ratings shall be identified with a different credit rating category.

Article 9

General and periodic disclosures

1. A credit rating agency shall fully and publicly disclose and update immediately the information on matters set out in Annex I, Section E, Part I.

2. Credit rating agencies shall make available in a central repository established by CESR information on their historical performance data and information about past credit rating activities. The repository shall be open to the public.

3. A credit rating agency shall make available annually to the competent authority of the home Member State the information on matters set out in Annex I, Section E, Part II, point 2. Competent authorities of home Member States shall not disclose that information.

Article 10

Transparency report

A credit rating agency shall publish annually a transparency report which includes the information on matters set out in Annex I, Section E, Part III. The credit rating agency shall publish its annual report at the latest three months after the end of each financial year and shall ensure that it remains available on the website of the agency for at least five years.

Article 11

Public disclosure fees

A credit rating agency may not charge a fee for the information provided in accordance with Articles 7 to 10.

TITLE IIISURVEILLANCE OF CREDIT RATING ACTIVITY

CHAPTER I PROCEDURE FOR REGISTRATION

Article 12

Requirement for registration

1. A credit rating agency may apply for registration in order to ensure that its credit ratings can be used for regulatory purposes by credit institutions, investments firms, insurance, assurance and reinsurance undertakings, undertakings for collective investment in transferable securities (UCITS) and institutions for occupational retirement provision referred to in Article 2 provided that it is a legal person established in the Community.

2. The registration shall be valid for the entire territory of the Community, after publication in the Official Journal of the European Union in accordance with Article 15(3).

3. A registered credit rating agency shall comply at all times with the conditions for initial registration.

Credit rating agencies shall notify the competent authority of the home Member State of any material changes to the conditions for initial registration.

4. The competent authority of the home Member State shall register the credit rating agency if it complies with the conditions for the issuance of credit ratings set out in this Regulation.

5. Competent authorities may not impose additional requirements on the registration which are not provided for in this Regulation.

Article 13

Application for registration

1. The credit rating agency shall submit an application for registration to CESR. The application shall contain information on the matters set out in Annex II.

2. An application for registration may be submitted by a group of credit rating agencies. In that case the members of the group shall mandate one of the members of the group to submit the application to CESR on behalf of the group. The mandated credit rating agency shall provide the information on the matters set out in Annex II for each member of the group.

3. Within 10 days of receipt of the application, CESR shall transmit the application to the competent authority of the home Member State and inform the competent authorities of the other Member States of that transmission.

Article 14

Examination of the application by the competent authorities

1. Within 10 days of receipt of the application for registration, the competent authority of the home Member State shall check whether the application is complete.

In case the application is not complete, the competent authority of the home Member State shall set a deadline by which the credit rating agency shall provide additional information.

2. Upon receipt of a complete application, the competent authority of the home Member State shall transmit the application to the competent authorities of the other Member States and CESR.

3. In case an application for registration is submitted by a group of credit rating agencies the competent authorities of the home Member States concerned shall closely co-operate in the registration process. They shall select among themselves a facilitator taking into account the following criteria:

(a) the place where the group of credit rating agencies carries out or is planning to carry out the most important part of its credit rating activity within the Community;

(b) the place where the group of credit rating agencies generates or can be expected to generate the major part of the revenue of the group.

4. The facilitator shall coordinate the examination of the application submitted by the group of credit rating agencies and ensure that all information necessary to carry out the examination of the application is shared among the competent authorities.

5. In case of an application for registration by a credit rating agency the competent authority of the home Member State shall examine the application and prepare an opinion on whether to grant or refuse registration.

In the case of an application submitted by a group of credit rating agencies, the competent authorities of the home Member States concerned shall jointly examine the application for registration and shall reach agreement on whether to grant or to refuse registration.

Article 15

Decision on the registration of a credit rating agency

1. Within 40 days of receipt of the complete application and before registration, the competent authority of the home Member State shall communicate to CESR a motivated draft registration decision or draft refusal decision. In case of an application submitted by a group of credit rating agencies the facilitator shall communicate the outcome of the joint assessment to CESR.

Within 15 days of receipt of that communication, CESR shall express its views on the application. CESR may request the competent authority of the home Member State concerned to re-examine the draft registration decision in case it considers that the conditions necessary for the registration as set out in Title II are not met or to re-examine its draft refusal decision in case it considers that the conditions necessary for the registration as set out in this Regulation are met.

2. The competent authority of the home Member State shall adopt its decision within 15 days after receipt of the opinion of CESR. In case the competent authority of the home Member State departs from the opinion of CESR it shall motivate its decision. In case no opinion is submitted, the competent authority of the home Member State shall adopt its decision within 30 days after the draft registration decision, as referred to in paragraph 1, has been communicated to CESR. Where a group of credit rating agencies is concerned the competent authority of each home Member State shall take its decision on the basis of the outcome of the joint assessment referred to in Article 14(5).

Within 10 days following the adoption or refusal of the registration decision the credit rating agencies concerned shall be informed, whether or not they have been registered. Where the competent authority of the home Member State refuses to register the credit rating agency, it shall give reasons in the decision for its refusal to the credit rating agency concerned.

3. The competent authority of the home Member State shall notify the European Commission, CESR and the other competent authorities of the registration it has carried out.

The European Commission shall publish in the Official Journal of the European Union an updated list of credit rating agencies registered in accordance with this Regulation within 30 days of the notification by the competent authority of the home Member State.

Article 16

Registration fee

The competent authority of the home Member State may charge a registration fee to the credit rating agency. The registration fee shall be proportionate to the cost of the procedures in that Member State.

Article 17

Withdrawal of registration

1. The competent authority of the home Member State shall withdraw the registration of a credit rating agency where the credit rating agency:

a) expressly renounces the registration or has provided no credit ratings for the preceding six months;

b) has obtained the registration by making false statements or by any other irregular means;

c) no longer meets the conditions under which it was registered;

d) has infringed the provisions of this Regulation governing the operating conditions for credit rating agencies.

2. The competent authorities of the home Member State of the credit rating agencies belonging to a group shall closely cooperate with each other. They shall carry out a joint assessment coordinated by the facilitator. They shall reach an agreement on the necessity to withdraw the registration. The competent authority of each home Member State shall take its decision on the basis of the agreement.

3. CESR or a competent authority from another Member State, in which the credit ratings issued by the credit rating agency concerned are used, may request the competent authority of the home Member State to examine whether the conditions for withdrawal of registration are met. In case the competent authority of the home Member State decides not to withdraw the registration of the credit rating agency concerned, it shall motivate its decision.

4. The competent authority of the home Member State shall notify the European Commission, CESR and the other competent authorities of the withdrawal of the registration, which shall take immediate effect throughout the Community.

The European Commission shall publish in the Official Journal of the European Union an updated list of credit rating agencies the registration of which has been withdrawn within 30 days of the notification by the competent authority of the home Member State.

CHAPTER II CESR AND COMPETENT AUTHORITIES

Article 18

Committee of European Securities Regulators

1. CESR shall provide advice to the competent authorities, in the cases provided for in this Regulation. The competent authorities shall consider that advice before taking any final decision under this Regulation.

2. By [within one year after entry into force of this Regulation] CESR shall issue guidance on:

(a) the registration process and coordination arrangements between competent authorities and with CESR;

(b) enforcement practices and activities by competent authorities;

(c) common standards on the presentation of the information that credit rating agencies shall disclose in accordance with Article 9(2) and Annex I, Section E, Part II, Point 1.

3. CESR shall publish by [within one year after entry into force of this Regulation] and every year thereafter a report on the application of this Regulation.

4. CESR shall cooperate, where appropriate, with the Committee of European Banking Supervisors established by Commission Decision 2004/5/EC [40] and the Committee of European Insurance and Occupational Pensions Supervisors established by Commission Decision 2004/6/EC [41].

Article 19

Competent authorities

1. Each Member State shall designate a competent authority for the purpose of this Regulation.

2 Competent authorities shall be adequately staffed in order to be able to apply this Regulation.

Article 20

Powers of competent authorities

1. In carrying out their duties under this Regulation competent authorities of Member States shall not interfere with the content of credit ratings.

2. In order to fulfil their duties competent authorities shall have all the supervisory and investigatory powers that are necessary for the exercise of their functions. They shall exercise their powers:

(a) directly;

(b) in collaboration with other authorities; or

(c) by application to the competent judicial authorities.

3. The competent authorities of Member States shall have the following powers:

(a) have access to any document in any form and to receive or take a copy thereof;

(b) demand information from any person and if necessary to summon and question a person with a view to obtaining information;

(c) carry out on-site inspections with or without announcement;

(d) require records of telephone and data traffic.

Article 21

Supervisory measures

1. The competent authority of the home Member State may take the following measures:

(a) withdraw the registration in accordance with Article 17;

(b) impose temporary prohibition of issuing credit ratings with effect throughout the Community;

(c) impose suspension of the use of credit ratings with effect throughout the Community;

(d) adopt appropriate measures to ensure that credit rating agencies continue to comply with legal requirements;

(e) issue public notices when a credit rating agency breaches the obligations set out in this Regulation;

(f) refer matters for criminal prosecution to the competent jurisdictions.

2. Competent authorities shall not make use of the powers provided for in paragraph 1 and Article 22 before communicating a motivated draft decision to CESR. CESR shall express its views on the draft decision within 15 days of receipt of that communication.

The first subparagraph shall not apply in cases of urgency, notably in the presence of a situation threatening the orderly functioning of financial markets. In this case, the competent authority shall immediately inform CESR of the decision taken.

Article 22

Action by competent authorities other than the competent authority of the home Member State

Where the competent authority of a Member State has grounds for believing that a registered credit rating agency acting within its territory is in breach of the obligations arising from this Regulation, it shall inform the competent authority of the home Member State.

If, after discussions between the competent authorities concerned, the competent authority of the home Member State refuses to act or is unable to adopt effective measures or if, despite the measures taken by the competent authority of the home Member State such measures prove inadequate to protect the interests of the investors of the Member State concerned or the orderly functioning of markets, the competent authority of that Member State, after informing the competent authority of the home Member State may take all appropriate measures except for the measures referred to in point (a), (b) and (c) of Article 21(1). CESR shall be consulted before the adoption of such measures.

CHAPTER III COOPERATION BETWEEN COMPETENT AUTHORITIES

Article 23

Obligation to cooperate

Competent authorities of Member States shall cooperate where it is necessary for the purposes of this Regulation, including in cases where the conduct under investigation does not constitute an infringement of any regulation in force in the Member State concerned.

Article 24

Cooperation in case of request for on-site inspections or investigations

1. The competent authority of one Member State may request assistance of the competent authority of another Member State with regard to on-site inspections or investigations.

The competent authority shall inform CESR of any request referred to in the first subparagraph. In case of an investigation or inspection with cross-border effect, CESR may assume coordination of the investigation or inspection.

2. Where a competent authority receives a request from a competent authority of another Member State to carry out an on-site inspection or an investigation, it shall do any of the following:

a) carry out the on-site inspection or investigation itself;

b) allow the competent authority which submitted the request to participate in an on-site inspection or investigation;

c) allow the competent authority which submitted the request to carry out the on-site inspection or investigation itself;

d) appoint auditors or experts to carry out the on-site inspection or investigation;

(e) share specific tasks related to supervisory activities with the other competent authorities.

Article 25

Cooperation of competent authorities in case of a group of credit rating agencies

1. In case of a group of credit rating agencies referred to in Article 14(3) the competent authorities of the home Member States concerned shall consult each other before taking measures in accordance with this Regulation.

2. The facilitator referred to in Article 14(3) shall plan and coordinate the actions of the competent authorities of the home Member States concerned.

3. The facilitator and the competent authorities of the Member States concerned shall establish coordination arrangements regarding the following matters:

a) the information to be exchanged between competent authorities;

b) cases in which competent authorities have to consult each other;

c) cases in which competent authorities delegate supervisory tasks in accordance with Article 24.

Article 26

Delegation of tasks between competent authorities

The competent authority of the home Member State may delegate any of its tasks to the competent authority of another Member State subject to the agreement of that authority. Delegation of tasks is not intended to affect the responsibility of the designated competent authority.

Article 27

Mediation

1. CESR shall establish a mediation mechanism to assist in finding a common view among competent authorities concerned.

2. In case of disagreement between competent authorities of Member States on an assessment or action under this Regulation, competent authorities shall refer the matter to CESR for mediation. The competent authorities shall take into account the opinion of CESR.

Article 28

Professional secrecy

1. The obligation of professional secrecy shall apply to all persons who work or who have worked for the competent authority or for any authority or person to whom the competent authority has delegated tasks, including auditors and experts contracted by the competent authority. Information covered by professional secrecy may not be disclosed to any other person or authority except when such disclosure is necessary for legal proceedings.

2. All the information exchanged between competent authorities under this Regulation shall be considered confidential, except when the competent authority states at the time of communication that such information may be disclosed or when such disclosure is necessary for legal proceedings.

CHAPTER IV COOPERATION WITH THIRD COUNTRIES

Article 29

Agreement on exchange of information

The competent authorities may conclude cooperation agreements on exchange of information with the competent authorities of third countries only if the information disclosed is subject to guarantees of professional secrecy which are at least equivalent to those set out in Article 28. Such exchange of information must be intended for the performance of the tasks of those competent authorities.

With regard to transfer of personal data to a third country, Member States shall apply Directive 95/46/EC.

Article 30

Disclosure of information

The competent authority of a Member State may only disclose the information received from a competent authority of another Member State or from competent authorities of third countries if the competent authority of the Member State concerned has obtained express agreement of the competent authority which have transmitted the information and, where applicable, the information is disclosed solely for the purposes for which that competent authority gave its agreement.

TITLE IVPENALTIES, COMMITTEE PROCEDURE, REPORTING, TRANSITIONAL AND FINAL PROVISIONS

CHAPTER I Penalties, committee procedure and reporting

Article 31

Penalties

Member States shall lay down the rules on penalties applicable to infringements of the provisions of this Regulation and shall take all measures necessary to ensure that they are implemented. Penalties shall, at least, cover cases of gross professional misconduct and lack of due diligence. The penalties provided for must be effective, proportionate and dissuasive.

The Member States shall notify those provisions to the Commission by [six months after the entry into force of this Regulation] at the latest and shall notify it without delay of any subsequent amendment affecting them.

Article 32

Amendments to Annexes

The Commission may amend the Annexes in order to take account of developments on financial markets, in particular in relation to new financial instruments and with regard to convergence of supervisory practice.

Those measures designed to amend non-essential elements of this Regulation shall be adopted in accordance with the regulatory procedure with scrutiny referred to in Article 33(2).

Article 33

Committee procedure

1. The Commission shall be assisted by the European Securities Committee established by Commission Decision 2001/528/EC[42].

2. Where reference is made to this paragraph, Article 5a(1) to (4) and Article 7 of Decision 1999/468/EC shall apply, having regard to the provisions of Article 8 thereof.

Article 34

Report

By [three years after the entry into force of this Regulation] the Commission shall make an assessment of the application of this Regulation, including an assessment of the reliance on credit ratings in the Community and of the appropriateness of the remuneration of the credit rating agency by the rated entity ("issuer-pays model"), and submit a report to the European Parliament and the Council of the European Union.

CHAPTER II Transitional and final provisions

Article 35

Transitional provision

Credit rating agencies operating in the Community before [the date of entry into force of this Regulation] shall adopt all necessary measures to comply with this Regulation and shall submit an application for registration by [six months after the entry into force of this Regulation] .

The credit rating agencies referred to in the first subparagraph shall cease to issue credit ratings if registration is refused.

Article 36

Entry into force

This Regulation shall enter into force on the twentieth day following that of its publication in the Official Journal of the European Union .

It shall apply from [insert exact date; six months after entry into force].

This Regulation shall be binding in its entirety and directly applicable in all Member States.

Done at Brussels,

For the European Parliament For the Council

The President The President

ANNEX I

INDEPENDENCE AND AVOIDANCE OF CONFLICTS OF INTEREST

Section A

Organisational requirements

1. The credit rating agency shall have an administrative or supervisory board that is responsible for ensuring:

a) the independence of the rating process;

b) that conflicts of interest are properly identified, managed and disclosed;

c) compliance of the credit rating agency with the remaining requirements of this Regulation.

2. A credit rating agency shall be organised in a way that ensures that the business interest of the company does not impair the independence and accuracy of the rating process.

The senior management, as defined in Article 2(9) of Commission Directive 2006/73/EC[43] of a credit rating agency shall be of good repute and sufficiently skilled and experienced, and shall ensure the sound and prudent management of the credit rating agency.

The administrative or supervisory board of a credit rating agency shall include at least three non-executive members who shall be are independent. The remuneration of the independent members of administrative or supervisory board shall not be linked to the business performance of the credit rating agency and shall be arranged so as to ensure the independence of their judgement. The term of office of the independent members of the administrative or supervisory board shall be for a pre-agreed fixed period not exceeding five years and shall not be renewable. The dismissal of independent members of the administrative or supervisory board shall only take place in case of misconduct or professional underperformance.

The majority of members of the administrative or supervisory board, including all independent members, shall have sufficient expertise in financial services. At least one independent member of this board should have in-depth knowledge and experience at a senior level of the structured credit and securitisation markets.

In addition to the overall responsibility of the board, the independent members of administrative or supervisory board shall have the specific task of monitoring the development of the credit rating policy, the effectiveness of the internal quality control system of the credit rating agency on the credit rating process to ensure that there are no conflicts of interest and the compliance and governance processes including the efficiency of the review function referred to in point 7 of this Section. Opinions of the independent directors issued on these matters shall be presented to the board periodically and made available to the competent authority, whenever the latter requests it.

3. A credit rating agency shall establish policies and procedures which ensure compliance with this Regulation.

4. A credit rating agency shall have sound administrative and accounting procedures, internal control mechanisms, effective procedures for risk assessment, and effective control and safeguard arrangements for information processing systems.

5. A credit rating agency shall establish organisational and administrative arrangements to identify, prevent and manage conflicts of interest referred to in point 1 of Section B. It shall keep a record of all significant threats to its independence and that of its employees involved in the credit rating process, as well as the safeguards applied to mitigate those threats.

6. A credit rating agency shall use appropriate systems to ensure continuity and regularity in the performance of its credit rating activities.

7. A credit rating agency shall establish a review function responsible for periodically reviewing the methodologies, models and significant changes to methodologies and models it uses, as well as the appropriateness of those methodologies and models for the assessment of new financial instruments.

This review function must be independent of the business lines which are responsible for credit rating activities and report to the members of the administrative or supervisory board referred to in point 2 of this Section.

8. A credit rating agency shall monitor and evaluate the adequacy and effectiveness of its systems, internal control mechanisms and arrangements established in accordance with this Regulation and take appropriate measures to address any deficiencies.

Section B

Operational requirements

1. A credit rating agency shall identify and eliminate or, where appropriate, manage and disclose any actual or potential conflicts of interest that may influence the analyses and judgments of its analysts that participate in determining a credit rating and persons approving credit ratings.

2. A credit rating agency shall publicly disclose the names of the rated entities or related third parties from which it receives more than 5 % of its annual revenue.

3. A credit rating agency shall not issue a credit rating or shall withdraw an existing credit rating in the following cases:

(a) the credit rating agency, an analyst that participated in determining a credit rating, or person approving the credit ratings, directly or indirectly owns financial instruments of the rated entity or any related third party or has any other direct or indirect ownership interest in that entity or party;

(b) the credit rating is issued with respect to a rated entity or any related third party directly or indirectly linked to the credit rating agency by control;

(c) an analyst who participated in determining a credit rating, or person approving the credit rating is a member of the administrative, management or supervisory bodies of the rated entity or any related third party.

4. A credit rating agency shall not provide consultancy or advisory services to the rated entity or any related third party regarding the corporate or legal structure, assets, liabilities or activities of the rated entity or any related third party.

A credit rating agency may provide services other than issuance of credit ratings, hereinafter "ancillary services". A credit rating agency shall determine what it considers as ancillary services. It shall ensure that the provision of ancillary services does not present conflicts of interest with its credit rating activity.

5. A credit rating agency shall ensure that analysts do not make proposals or recommendations, either formally or informally, regarding the design of structured finance instruments on which credit rating agency is expected to issue a credit rating.

6. A credit rating agency shall design its reporting and communication channels so as to ensure independence of analysts and persons approving the credit ratings from the other parts of the credit rating agency representing the commercial interests of the credit rating entity.

7. A credit rating agency shall keep records and audit trails of all its activities, including records of agreements between the credit rating agency and the rated entity or related third party and all significant elements of the dialogue with the rated entity and its related third parties, as well as records in relation to the obligations set out in Articles 5, 6 and 7.

8. Records and audit trails referred to in point 7 shall be kept at the premises of the registered credit rating agency for at least five years and be made available upon request to the competent authorities of the Member States concerned.

Where the registration of a credit rating agency is withdrawn, the records shall be kept for at least three years.

9. Records which set out the respective rights and obligations of the credit rating agency and the rated entity or its related third parties under an agreement to provide services shall be retained for at least the duration of the relationship with that rated entity or its related third parties.

Section C

Rules on employees

1. Credit rating analysts and other employees directly involved in the credit rating process, as well as persons closely associated with them as enumerated in Article 1(2)(a) to (d) of Commission Directive 2004/72/EC[44], shall not buy or sell or engage in any transaction in any financial instrument issued, guaranteed, or otherwise supported by any rated entity within the area of primary analytical responsibility of the analyst, other than holdings in diversified collective investment schemes.

2. No employee shall participate in or otherwise influence the determination of a credit rating of any particular rated entity if this employee or any person closely associated with them as enumerated in Article 1(2)(a) to (d) of Directive 2004/72/EC:

a) owns financial instruments of the rated entity, other than holdings in diversified collective investment schemes;

b) owns financial instruments of any entity related to a rated entity, the ownership of which may cause or may be generally perceived as causing a conflict of interest, other than holdings in diversified collective investment schemes;

c) has had a recent employment or other business relationship or any other relationship with the rated entity that may cause or may be generally perceived as causing a conflict of interest.

3. Credit rating agencies shall ensure that employees directly involved in the credit rating process:

a) take all reasonable measures to protect property and records in possession of the credit rating agency from fraud, theft or misuse;

b) do not disclose any information about credit ratings or possible future credit ratings of the credit rating agency, except to the rated entity or its related third party;

c) do not share confidential information entrusted to the credit rating agency with employees of any person directly or indirectly linked to it by control;

d) do not use or share confidential information for the purpose of trading financial instruments, or for any other purpose except the conduct of the business of credit rating agency.

4. An employee directly involved in the credit rating process shall not solicit or accept money, gifts or favours from anyone with whom the credit rating agency does business.

5. Upon becoming aware that another employee with the credit rating agency is or has engaged in conduct that is illegal, an employee of a credit rating agency shall report such information immediately to the person in charge of compliance with this Regulation in the credit rating agency.

6. Where an analyst terminates his or her employment and joins a rated entity, in the rating of which the analyst has been involved, or a financial firm, with which the analyst has had dealings as part of his or her duties at the credit rating agency, a credit rating agency shall review the relevant work of analyst over 2 years preceding his departure.

7. Employees directly involved in the credit rating process shall not take up a key management position with the rated entity or its related third party before 6 months have lapsed since the credit rating.

Section D

Rules on the presentation of credit ratings

I. General obligations

1. A credit rating agency shall ensure that a credit rating states clearly and prominently the name and job title of the lead analyst who was primarily responsible for preparing the credit rating.

2. A credit rating agency shall ensure that at least:

a) all substantially material sources used to prepare the credit rating are indicated, including the rated entity or, where appropriate, its related third party together with the fact whether the credit rating has been disclosed to that rated entity or its related third party and amended following this disclosure before its dissemination;

b) the principal methodology or methodology version that was used in determining the rating is clearly indicated, with a reference to its comprehensive description; where the rating is based on more than one methodology, or where reference only to the principal methodology might cause investors to overlook other important aspects of the rating, including any significant adjustments and deviations, the credit rating agency shall explain this fact in the credit rating and indicate how the different methodologies or these other aspects are taken into account in the credit rating;

c) the meaning of each rating category and the definition of default or recovery is explained and any appropriate risk warning, including a sensitivity analysis of the relevant assumptions, accompanied by worst-case scenario ratings as well as best-case scenario ratings;

d) the date at which the credit rating was first released for distribution and when it was last updated is indicated clearly and prominently.

3. A credit rating agency shall ensure that any credit rating states clearly and prominently any attributes and limitations of the credit rating. In particular, a credit rating agency shall prominently state in any credit rating whether it considers satisfactory the quality of information available on the rated entity and to what extent it has verified information provided to it by the rated entity or its related third party. If a credit rating involves a type of entity or financial instrument for which historical data is limited, the credit rating agency shall make clear, in a prominent place, the limitations of the credit rating.

In case where the lack of reliable data or the complexity of the structure of a new type of instrument or the quality of information available is not satisfactory or raises serious questions as to whether a credit rating agency can provide a credible credit rating, the credit rating agency shall refrain from issuing a credit rating or withdraw an existing rating.

4. When announcing a credit rating, a credit rating agency shall explain in its press releases or reports the key elements underlying the credit rating.

Where the information laid down in points 1, 2 and 3 would be disproportionate in relation to the length of the credit rating distributed, it shall suffice to make clear and prominent reference in the credit rating itself to the place where such disclosures can be directly and easily accessed, including a direct web link to the disclosure on an appropriate website of the credit rating agency.

II. Additional obligations in relation to credit ratings of structured finance instruments

1. Where a credit rating agency rates a structured finance instrument, it shall provide in the credit rating information about loss and cash-flow analysis it has performed.

2. A credit rating agency shall state what level of assessment it has performed concerning the due diligence processes carried out at the level of underlying assets of structured finance instruments. The credit rating agency shall disclose whether it has undertaken any assessment of such due diligence processes or whether it has relied on a third-party assessment, indicating how the outcome of such assessment impacts the rating.

Section E

Disclosures

I. General disclosures

A credit rating agency shall generally disclose the following information:

1. Actual and potential conflicts of interest referred to in point 1 of Section B;

2. Definition of what the credit rating agency considers, or does not consider to be services ancillary to its core rating business;

3. Policy of the credit rating agency concerning the publication of credit ratings and other related communication;

4. General nature of its compensation arrangements;

5. Methodologies, models and key rating assumptions as well as their material changes;

6. Any material modification to its practices, procedures, and processes.

II. Periodic disclosures

A credit rating agency shall periodically disclose the following information:

1. Every six months, data about the historical default rates of its rating categories and whether the default rates of these categories have changed over time;

2. On a yearly basis the following information:

a) a list of the largest 20 clients of the credit rating agency by revenue;

b) a list of those clients of the credit rating agency whose contribution to the growth rate in the revenue of the credit rating agency in the previous financial year exceeded the growth rate in the total revenues of the credit rating agency in that year by a factor of more than 1.5 times; each such client shall only be included on this list where in that year it accounted for more than 0.25 % of the worldwide total revenues of the credit rating agency at global level.

For the purposes of the first subparagraph of point 2 "client" shall mean a company, its subsidiaries, and associated companies in which the company has holdings of more than 20 %, as well as any other entities in respect of which it has negotiated the structuring of a debt issue on behalf of a client and where a fee was paid, directly or indirectly, to the credit rating agency for the rating of that debt issue.

III. Transparency report

A credit rating agency shall make available annually the following information:

1. Detailed information on legal structure and ownership of the credit rating agency, including information on holdings within the meaning of Articles 9 and 10 of Directive 2004/109/EC of the European Parliament and of the Council[45];

2. A description of the internal quality control system;

3. Statistics on staff allocation to new credit ratings, credit rating reviews, methodology or model appraisal and management;

4. A description of the credit ratings record-keeping policy;

5. The outcome of the annual internal review of the independence compliance;

6. A description of the management and analyst rotation policy;

7. Financial information on the revenue of the agency divided into fees from credit rating and non credit rating services with a comprehensive description of each;

8. A governance statement within the meaning of Article 46a(1) of Council Directive 78/660/EEC[46]; for the purposes of that statement, the information referred to in Article 46a(1)(d) of that Directive shall be provided by the credit rating agency irrespective of whether it is subject to Directive 2004/25/EC of the European Parliament and of the Council[47].

ANNEX II

Information to be provided in the application for registration

1. full name of the credit rating agency, address of the registered office within the Community;

2. name and contact details of a contact person;

3. legal status;

4. class of credit ratings for which the credit rating agency is applying to be registered;

5. description of the procedures and methodologies used to issue and maintain credit ratings;

6. policies and procedures to identify and manage conflicts of interests;

7. information regarding employees;

8. compensation arrangements;

9. ancillary services;

10. programme of operations, including indications of where the main business activities are expected to be carried out and setting out the type of business envisaged.

[1] Communication from the Commission on Credit Rating Agencies, OJ C 59, 11.3.2006, p. 2 (http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:C:2006:059:0002:0006:EN:PDF).

[2] Code of conduct fundamentals for CRAs (revised May 2008)http://www.iosco.org/library/pubdocs/pdf/IOSCOPD271.pdf.

[3] The CESR is an independent advisory group to the European Commission composed of the national supervisors of EU securities markets; see Commission Decision of 6 June 2001, establishing the Committee of European Securities Regulators, 2001/527/EC (OJ L191, 13.7.2001, p. 43). The role of the CESR is to improve coordination among securities regulators, advise the European Commission and ensure more consistent and timely day-to-day implementation of Community legislation in the Member States.

[4] http://www.consilium.europa.eu/ueDocs/cms_Data/docs/pressData/en/ecofin/96375.pdf.

[5] The European Securities Markets Experts Group (ESME) is an advisory body to the Commission, composed of securities markets practitioners and experts set up by the Commission in April 2006 and governed by Commission Decision 2006/288/EC of 30 March 2006 setting up a European Securities Markets Expert Group to provide legal and economic advice on the application of the EU securities Directives (OJ L 106, 19.4.2006, p. 14).

[6] Code of conduct fundamentals for CRAs (revised May 2008)http://www.iosco.org/library/pubdocs/pdf/IOSCOPD271.pdf.

[7] Report of the FSF on Enhancing Market and Institutional Resilience , 7 April 2008 http://www.fsforum.org/publications/r_0804.pdf.

[8] CGFS Papers No 32: Ratings in structured finance: What went wrong and what can be done to address short comings? July 2008, http://www.bis.org/publ/cgfs32.pdf?noframes=1.

[9] For example, Standards and Poor’s presented a reform plan that included measures such as the appointment of an ombudsman for stakeholders, a public annual review of governance processes by an independent firm and client rotation for analysts. Moody’s has taken measures to enhance the quality of the data used in the rating process. Fitch has separated its non-rating businesses into a separate division and has made changes to its structured finance operations to support objectivity and consistency in the rating review process.

[10] The US Credit Rating Agency Reform Act of 2006 entered into force on 27 June 2007 establishing a legal framework for the registration of NRSRO (Nationally Recognized Statistical Rating Organizations).

[11] Commission Directive 2003/125/EC of 22 December 2003 implementing Directive 2003/6/EC of the European Parliament and the Council as regards the fair presentation of investment recommendations and the disclosure of conflicts of interest (OJ L 339 24.12.2003, p. 73).

[12] Directive 2003/6/EC of the European Parliament and of the Council of 28 January 2003 on insider dealing and market manipulation (OJ L 96, 12.4.2003, p. 16).

[13] Directive 2006/48/EC of the European Parliament and of the Council of 14 June 2006 relating to the taking up and pursuit of the business of credit institutions (recast) (OJ L 177, 30.6.2006. p. 1).

[14] Guidelines on the recognition of External Credit Assessment Institutions of 20 January 2006 (GL07), http://www.c-ebs.org/formupload/41/413b2513-5084-4293-a386-16385b80411d.pdf.

[15] http://ec.europa.eu/internal_market/consultations/2008/securities_agencies_en.htm.

[16] A total number of 82 replies were received. The answers were published at:http://circa.europa.eu/Public/irc/markt/markt_consultations/library?l=/financial_services/credit_agencies&vm=detailed&sb=Title.

[17] The extent to which the measure fulfils the objectives referred to in section 1.1.

[18] Stakeholders’ confidence in the rules.

[19] The extent to which the framework for operation of credit rating agencies is governed by the same requirements in all Member States.

[20] The extent to which the respective policy option facilitates the operation of CRAs across the Member States. Flexibility also affects the costs incurred by credit rating agencies.

[21] See Article 6(5).

[22] Council Decision 1999/468/EC of 28 June 1999 laying down the procedures for the exercise of implementing powers conferred on the Commission (OJ L 184, 17.7.1999, p. 23) as amended by Council Decision 2006/512/EC of 17 July 2006 (OJ L 200, 22.7.2006, p. 11).

[23] OJ C , , p. .

[24] OJ C , , p. .

[25] OJ L 96, 12.4.2003, p. 16.

[26] OJ L 177, 30.6.2006, p. 201.

[27] OJ C 59, 11.3.2006, p. 2.

[28] OJ L 52, 25.2.2005, p. 51.

[29] OJ L 281, 23.11.1995, p. 31.

[30] OJ L184, 17.7.1999, p. 23.

[31] OJ L 145, 30.4.2004, p.1.

[32] OJ L 228, 16.8.1973, p. 3.

[33] OJ L 345, 19.12.2002, p. 1.

[34] OJ L 323, 9.12.2005, p. 1.

[35] [ Recast]

[36] OJ L 235, 23.9.2003, p. 10.

[37] OJ L 193, 18.7.1983, p. 1.

[38] OJ L 193, 18.7.1983, p. 1.

[39] OJ L 339, 24.12.2003, p. 73.

[40] OJ L 3, 7.1.2004, p. 28.

[41] OJ L 3, 7.1.2004, p. 30.

[42] OJ L 191, 13.7.2001, p.45.

[43] OJ L 241, 2.9.2006, p. 26.

[44] OJ L 162, 30.4.2004, p. 70.

[45] OJ L 390, 31.12.2004, p. 38

[46] OJ L 222, 14.8.1978, p. 11.

[47] OJ L 142, 30.4.2004, p. 12.