Legal development

ESG data and ratings providers the regulatory net has been cast

Insight Hero Image

    On 30 March 2023, HM Treasury published a consultation proposing that the activity of providing an assessment of environmental, social, or governance factors to UK users should come within the UK financial regulatory perimeter. This should come as no surprise – the extension to FSMA has been trailed extensively and there have been concerns in the industry about the activities of ESG rating providers at both the UK and international level. But the wording of the proposed activity is slightly wider in scope than some may have thought and will have the consequence of bringing some service providers into the regulatory regime that might not otherwise be ready for regulated status. The important factor will be how to determine what amounts to 'an assessment'. Expect significant debate and potentially restructuring of ESG data provider offerings.

    The consultation was foreshadowed in the written statement on the future financial regulatory framework provided by Chancellor of the Exchequer, Jeremy Hunt, in December 2022 (as part of the Edinburgh Reforms (see briefing here)). The consultation has been published on the same day that the Government published its updated Green strategy (catchily titled Green Day).

    There is a debate in the consultation as to what form the new regulatory regime should take e.g. whether it would come within the regulated activities regime or the new soon-to-be introduced designated activities regime. This is an important distinction that ESG rating providers should seek to understand before submitting their responses. There are also some proposed exclusions as well as a principle of proportionality. The consultation is seeking views on initial policy proposals, and so does not include final positions or proposed legal drafting but this is an important area to track.

    We consider the key issues in our briefing here.

    Why has this come about?

    As ESG factors have increased in importance in decisions relating to the allocation of capital, the use of ESG ratings and data has accordingly increased.

    HM Treasury makes a key distinction between ESG ratings and ESG data and describes each as:

    • ESG ratings are assessments of the ESG characteristics of entities or of products (e.g. financial instruments). This can relate to an entity's exposure to or management of ESG risk (e.g. the external events that might affect the performance of the product) and / or ESG impacts and opportunities (e.g. trends like clean technology).
    • ESG data is described as data on the same with no final assessment or value judgment.

    There have been concerns raised by UK and international regulators about ESG service providers in relation to methodologies and objectives, as well as managing conflicts of interest concerns in relation to how an ESG rating provider interacts with the rated entity (e.g. where an ESG ratings provider also provides advice to a rated entity on how to improve the rating).

    IOSCO recently published recommendations on enabling ESG ratings and data providers to deliver high-quality and independent products, whilst managing conflicts of interest. ESMA also has published a call for evidence in relation to ESG ratings market in the EU.

    Following its 2021 consultation paper on climate related disclosures and capital markets, the FCA published a feedback statement detailing concerns raised by respondents in relation to lack of transparency, poor governance and systems and controls, poor management of conflicts of interest. The FCA argued that there was merit in the FCA having regulatory oversight of certain ESG ratings and data markets. In November 2022, the FCA announced the formation of a group to develop a Code of Conduct for ESG data and ratings providers and a working group was established to produce this with an anticipated publication data of 8 June 2023.

    HM Treasury is of the view that regulation needs to be introduced to improve the transparency of methodologies, governance and processes of ESG service providers.

    What is the new proposed regulated activity?

    The Government is proposing that the "direct provision of an assessment of environmental, social or governance factors to a user in the UK, where the assessment is used in relation to a specified investment in the RAO" would become a regulated activity (unless an exclusion applies).

    The Government states that further activities may also be brought into scope, including some cases of indirect provision of these assessments, and where these assessments are used in relation to certain things other than RAO specified investments. If this were to happen, FCA would be expected to consult on any new requirements for ratings providers and its regulatory framework would be informed by recommended.

    ESG ratings in the context of a new regulated activity would cover an assessment regarding one or more ESG factors, whether or not it is labelled as such.

    This is intended to include any assessments, regardless of their self-identification (i.e., “ratings”, “scores”, and also including where market participants currently consider these to be data products). The scope intends to include ESG assessments which are directly produced by analysts, as well as assessments which are generated through an algorithm.

    The Government's proposed scope excludes data on ESG matters where no assessment is present. This would exclude raw, unprocessed data or data that is only minimally processed, so long as there is no separate assessment provided. This proposed exclusion would also incorporate estimates and proxy data, such as those which aim to fill gaps in a data set. The rationale for this approach is that the biggest risk of harm lies in the assessment of data, with a final ESG rating likely to be more subjective and vary more widely between providers than data.

    Clearly what amounts to 'an assessment' will be closely scrutinised.

    How would ESG ratings providers fit within the current regulatory framework?

    Under the current regulatory framework set out in the Financial Services and Markets Act 2000, a person (whether individual or a firm) may only carry out a regulated activity if its authorised by the appropriate regulator or is exempt from the authorisation requirement. HM Treasury determines which activities are regulated activities, by specifying them in the Financial Services and Markets Act 2000 (Regulated Activities) Order 2001 (RAO). The Financial Services and Markets Bill 2022-23 is proposing to introduce a new so-called designated activities regime (see our briefing here) whereby any individual proposing to conduct an activity that has been "designated" will be required to follow rules for it, unless they are exempt.

    HM Treasury is considering whether ESG rating providers should be brought in scope as a result of performing a regulated or designated activity.

    If regulation for ESG ratings was to be introduced, HM Treasury would need to amend the RAO to widen the regulatory perimeter, which would require firms brought into the perimeter to become FCA authorised and to meet specified Threshold Conditions.

    Is there a territoriality aspect to all of this?

    The proposed regime would capture, at a minimum, the direct provision of ESG ratings to "users in the UK", by both UK firms and overseas firms. The consultation states that this would include direct provision to both institutional and retail users in the UK, but would not capture the provision of ESG ratings by any UK or overseas firm to any user outside the UK. The Government explains that "direct provision" would capture where an ESG rating is provided to a UK user who has paid for that rating, either on its own or as part of another service or bundle of products or services.

    It does not intend to capture scenarios where a UK user accesses a free rating. The consultation also throws up future scenarios that could be brought within scope in the future including indirect provision of ESG ratings to UK users (e.g. where an ESG ratings provider does not have a contractual agreement with a UK user, but its ESG ratings become available to UK users anyway (for example via intermediaries) or where a UK investor uses an ESG rating which has been paid for by a rated entity located overseas).

    The consultation provides that it would be for the FCA to decide whether firms carrying out these activities need a physical presence in the UK in order to obtain authorisation (the FCA’s existing framework for international firms would inform any approach).

    Are there any exclusions?

    The Government is proposing to exclude certain activities from the proposed regulated activity that it conceives as distinct from the provision of an ESG rating.

    • credit ratings which consider the impact of ESG factors on creditworthiness;
    • investment research products, such as equity research reports;
    • external reviews, including second-party opinions, verifications, and certifications of ESG-labelled bonds;
    • proxy advisor services, such as voting or recommendations to shareholders of firms;
    • consulting services, even where these relate to ESG matters (where this is the case, consulting services involving ESG ratings would be bespoke and ad hoc reviews, rather than ratings systematically influencing capital allocation); and
    • academic research or journalism, even where that relates to ESG matters.

    Is it a one-size-fits-all regime?

    The Government is aiming for the regulatory regime for ESG ratings providers to be proportionate, especially for smaller providers and the proportionality approach might involve:

    ESG ratings providers of all sizes being subject to authorisation requirements under the RAO, with further enhanced requirements in FCA rules for larger providers; or

    Only ESG ratings providers of a certain size being subject to authorisation requirements under the RAO. Smaller providers could be subject to requirements using other mechanisms, such as the DAR or a bespoke regime, but these would not require authorisation.

    Given the fact that there is no one single definition of a small firm in legislation, views are sought on an appropriate way to distinguish between smaller providers of ESG ratings and larger ones.

    What next?

    The consultation opens on 30 March 2023 and will close on 30 June 2023.

    The information provided is not intended to be a comprehensive review of all developments in the law and practice, or to cover all aspects of those referred to.
    Readers should take legal advice before applying it to specific issues or transactions.