With reference to the above consultation paper dated January 28th, 2022, we are pleased to hereby submit the views of our association. In addition, individual EACRA Members may, in accordance with the EACRA Rules of Procedure, submit separate responses to you.
The consultation paper mentions several times that the developments in the private placements market, where private ratings are frequently used, are the main driver for the update of this guideline. ESMA’s intention is to capture private ratings produced by both non-CRAs and CRAs. We believe that there are major differences between these two types of “rating producers” and the type of ratings being produced and how they are disseminated.
On the one hand, there are banks (or other financial institutions) producing private ratings in order to use these in private placement transactions. These non-CRA private ratings are used as benchmarks by other financial institutions while evaluating the proposed transaction.
On the other hand, several CRAs produce two different types of ratings both erroneously referred to as private ratings. The first and “standard” private rating correspond to the requirements of Article 2 (2) of the CRA Regulation as they are “provided exclusively to the person who placed the order and which are not intended for public disclosure or distribution by subscription”. The second relates to ratings with disclosure via (sometimes limited) subscription in the context of private placements. While the first is outside of the scope of the CRA regulation, the second is covered by the CRA regulation and may be used for regulatory purposes.
A key difference of private ratings produced by non-CRAs and by CRAs lies in the availability of the mapping of credit ratings to regulatory credit quality steps. In the case of CRAs, European Supervisory Authorities provide a mapping of the ratings, thereby providing to potential investors a clear and objective indication of the credit quality step, and thereby capital requirements. In the case of non-CRAs, no mapping is available, and therefore the private rating can only be used as a rating indication. Additionally, “private placement ratings” produced by CRAs are monitored and are therefore also suited for secondary market transactions.
Our responses below take the perspective of a CRA producing a “standard” private rating unless stated explicitly otherwise.
Q1 Do you agree with ESMA’s interpretation of “produced pursuant to an individual order”? If you do not agree, please explain.
Referring to § 27 and § 28 of the Consultation Paper outlining ESMA’s expectations regarding a private rating being produced pursuant to an individual order, we confirm that our Members always use written contracts with the requesting party for the provision of a private rating. In terms of process, CRAs are approached by the requesting party (most frequently the issuer itself or its related third party) for the provision of the private rating. The CRA then provides a contract to the requesting party outlining the key terms and conditions of the service (usually indicating that the private rating should not be disclosed publicly). The requesting party thereafter confirms the service request by signing the contract. In our view, the proposed amendment to § 14 of the guideline is not reflective of the standard process followed by CRAs.
Based on market experience, we note that issuers wish to withdraw their credit ratings from the public domain from time to time, but still wants to receive independent and objective creditworthiness assessments from a reputable provider. In such a case, the initial contract for the provision of a public rating is being amended to reflect the private nature of the rating going forward. Similarly, a new client may initially request a private rating from a CRA and later request the rating being made public – such a situation is equally addressed through the amendment of the initial contract. We kindly request a clarification from your side that the above examples are compliant with the spirit and the text of the CRA Regulation. More precisely, kindly confirm that a new contract is not necessary and therefore, the CRA is not required to rerun the rating process.
Q2 Do you agree with ESMA’s interpretation of “provided exclusively to the person who placed the order”? If you do not agree, please explain.
Given that private ratings are not intended for general public disclosures (e.g. at the website of the CRA, the website of the requesting party, press releases etc.), the contract between the CRA and the requesting party already now includes provisions explicitly stating the private nature of such ratings. In view of the 2013 Guidelines on the scope of the CRA regulation currently in force, CRA may inform the requesting party that it is allowed to share the private rating with a limited number of third parties on a strictly confidential basis. Whether a specific additional Non-Disclosure Agreement restating the same objective is required may depend on the legal requirements and the legal habits in the different EU Member States. In case your institution believes that a Non-Disclosure Agreement is a must, we kindly ask you to clarify which elements are required therein in order to satisfy your expectations.
Additionally, a CRA may receive requests for a private rating on the same entity from 2 different (non-related) requesting parties within a short period of time. As the entity analysed remains the same, given that CRAs apply their methodologies in a consistent manner, the output of the analysis (the private rating and the documentation explaining the rationale for the rating) should equally be the same. It is therefore unclear to us why the CRA should undertake the rating process again in order to come up with the same result. Furthermore, since the CRA is bound by the confidentiality undertaking towards both clients, the CRA is not allowed to inform these clients that another client has also received the private rating.
With reference to § 15 of the guideline requiring CRAs to assess whether the requesting party has the intention to bring the private rating into the public domain or to use it for regulatory purposes, we bring to the attention of issuers and banks that private ratings are not covered by the CRA Regulation and that these private ratings cannot therefore be used for regulatory purposes. Additionally, CRAs have usually not the information on whether a requesting party breached a confidentiality agreement by bringing a private rating into the public domain in the past. In fact, such a past pattern may not preclude future intentions.
Q3 Do you agree that setting a 150 natural persons limit for sharing the private credit rating with third parties would be adequate? If you do not agree, please explain.
We would strongly prefer defining the threshold based on legal entities instead of natural persons. The background for this request is based on the different sizes and complexities of financial market participants.
If the requesting party shares the private rating with a person working for a large and complex entity, it is likely that that person will need to forward the private rating to numerous other persons within the entity in order to make full use of the private rating. On the other hand, if the requesting party shares the private rating with a small, less sophisticated financial market participant, we proceed from the assumption that the private rating will be disseminated within that organisation on a limited basis only. Additionally, § 38 of the consultation paper cites cases where the rating is distributed even further e.g. to co-financing institutions, subsidiaries or investors in the secondary market.
The requesting party of the private rating can therefore hardly anticipate how many persons within one legal entity will see/receive the private rating and therefore can hardly ensure that the threshold of maximum 150 natural persons is being adhered to. Finally, it is unclear how the party disseminating the private rating can track who forwarded the private rating and to how many other persons. We therefore propose to clarify in the guideline that the private rating can be shared within an organisation or with other third parties only on a “need-to-know basis”.
With reference to non-CRAs producing private ratings, given ESMA’s goal of investor protection, we recommend that the distribution threshold should be set at maximum 30 legal persons. Additionally, the distribution of the private ratings should be restricted to qualified investors having their own internal credit assessment models.
Q4 Do you agree with the onus on the rating producer to monitor the distribution of the private credit ratings to third parties? If you do not agree, please explain.
As can be seen from the chart, in the case of CRAs being the “rating producer”, the role of distributing party lies first with the issuer (the requesting party) and, in a second step, with banks distributing the rating to other investors. As such, the CRA is poorly positioned to monitor the distribution of the private credit rating to third parties. Requiring the CRA to monitor the distribution of the private rating is technically extremely difficult and results in very high administrative costs. Additionally, with reference to Question 2 above, we would like to recall that CRAs are allowed to provide the private rating exclusively to the requesting party.
Furthermore, we highlight that CRAs have only a contractual relationship with the requesting party and no relation at all with the third parties potentially receiving the private rating from the requesting party. CRAs can therefore hardly monitor the distribution of the rating nor require corrective measures from any third party directly. Therefore, we strongly recommend placing the responsibility for monitoring the distribution of the private credit rating with the distributing party (the issuer or the bank as the case may be).
CRAs could potentially monitor on a best-effort basis whether a private rating has been disclosed publicly. As CRAs will most likely not be able to identify who breached the confidential nature of the private rating, we propose that the CRA, upon becoming aware of the breach, informs the requesting party and ESMA about this event. The requesting party and ESMA could thereafter take the necessary steps to bring the private rating out of the public domain. In any case, the CRAs cannot be held liable for the publication of a private rating by a third party.
Q5 Do you agree that ESMA’s proposed approach is reflective of your interactions with rating producers and that the market would benefit from such a clarification?
Q6 Do you have any comments on the CBA outlined under the preferred option?
We welcome that ESMA has not retained Option 3 (guidance through a new Q+A) and that ESMA has opted to consult publicly on the proposed revision of the guideline. Given ESMAs wish to receive external input, we would appreciate if the updated guidelines takes into account the comments in this letter.
We further welcome that ESMA has not retained Option 1 (no change to the current guideline) as we think that proper guidance to non-CRAs producing private ratings is a good development. In fact, we believe that non-CRAs producing regularly private ratings for private placement should seek registration as CRA with ESMA for this type of service. Such an approach would fundamentally contribute to improved investors protection as well as contribute to a level playing field between these non-CRAs and already registered CRAs.
For CRAs, the key difference between the existing and the proposed updated guideline lies in the envisaged obligation to monitor the distribution of the private rating. The cost-benefits analysis in the consultation paper does not quantify the costs of this envisaged requirement. We believe that this proposed obligation can hardly be implemented by the CRA itself, as it may potentially not have the knowledge of whom received the private rating. It could result in significantly increased IT and administrative costs, disproportionate to the size and operations of smaller agencies.
While the consultation paper uses the term “rating producer” to refer to both CRAs and to financial institutions producing a private rating, the proposed updated text of the guideline in § 15 uses the term “rating provider” only once whereas otherwise references are only done to credit rating agencies. In order to ensure that the updated guideline reaches its goal to cover both types of rating producers, we believe that the text of the guideline needs to be more precise.
As mentioned already in our response to Question 4 and 6, we believe that CRAs should not be required to monitor the distribution of a private rating which is exclusively provided to the requesting party. We therefore restate that this responsibility should be placed with the requesting party.
We thank you for your kind attention and remain at your disposal for any clarification or additional information.
 Page 20 of the consultation paper states: “The private credit rating should only be produced following an explicit order, formalised through an agreement consisting of a written request from the person placing the order and a formal written acceptance by the ratings provider.”
 In order to cover all possible scenarios, a new client also may contract a CRA for a credit rating and thereafter decide not to publish but to maintain the rating on a private basis. In such a case, the initial contract is being amnded.
 Page 20 of the consultation paper, states the following: “When issuing private credit ratings, credit rating agencies should assess whether the person who placed the order, as recipient of the private credit rating, has any intention to use the rating in a way that would bring it into the public domain or to use it for regulatory purposes. Where the credit rating agencies can reasonably conclude that a private credit rating could be disclosed to the public, for instance taking into account that the same client already breached the duty of confidentiality in the past, ESMA recommends as a best practice that credit rating agencies should put in place the necessary measures to avoid such disclosure or refrain from issuing that rating”.
 Competent Authorities responsible for monitoring the use of credit ratings are best placed to inform their supervised entities that private ratings cannot be used for regulatory purposes and clarify that the private ratings in fact correspond to “unrated” entities from a regulatory perspective. Competent Authorities should act in case a supervised entity repeatedly ignores this legal requirement.
 Such an approach would also cover the case of silent co-financing arrangements.
 Page 20 of the consultation paper states the following: “For instance, when applying for a loan, the recipient of a private credit rating may share his rating with his bank on a strictly confidential basis, or a bank can circulate a private credit rating to a restricted number of other banks for the purposes of a business transaction”.
 See footnote 1 on page 8 of the consultation paper