Annexes to COM(2023)314 - Transparency and integrity of Environmental, Social and Governance (ESG) rating activities - Main contents

Please note

This page contains a limited version of this dossier in the EU Monitor.

dossier	COM(2023)314 - Transparency and integrity of Environmental, Social and Governance (ESG) rating activities.
document	COM(2023)314
date	November 27, 2024

Agreement adopted under the United Nations Framework Convention on Climate Change ( OJ L 282, 19.10.2016, p. 1).

(12) Regulation (EU) 2020/852 of the European Parliament and of the Council of 18 June 2020 on the establishment of a framework to facilitate sustainable investment, and amending Regulation (EU) 2019/2088 (OJ L 198, 22.6.2020, p. 13).

(13) Directive (EU) 2022/2464 of the European Parliament and of the Council of 14 December 2022 amending Regulation (EU) No 537/2014, Directive 2004/109/EC, Directive 2006/43/EC and Directive 2013/34/EU, as regards corporate sustainability reporting (OJ L 322, 16.12.2022, p. 15).

(14) Regulation (EU) 2016/1011 of the European Parliament and of the Council of 8 June 2016 on indices used as benchmarks in financial instruments and financial contracts or to measure the performance of investment funds and amending Directives 2008/48/EC and 2014/17/EU and Regulation (EU) No 596/2014 (OJ L 171, 29.6.2016, p. 1).

(15) Regulation (EC) No 1060/2009 of the European Parliament and of the Council of 16 September 2009 on credit rating agencies (OJ L 302, 17.11.2009, p. 1).

(16) OJ L 123, 12.5.2016, p. 1.

(17) Regulation (EC) No 883/2004 of the European Parliament and of the Council of 29 April 2004 on the coordination of social security systems (OJ L 166, 30.4.2004, p. 1).

(18) Directive 2013/36/EU of the European Parliament and of the Council of 26 June 2013 on access to the activity of credit institutions and the prudential supervision of credit institutions, amending Directive 2002/87/EC and repealing Directives 2006/48/EC and 2006/49/EC (OJ L 176, 27.6.2013, p. 338).

(19) Directive 2009/138/EC of the European Parliament and of the Council of 25 November 2009 on the taking-up and pursuit of the business of Insurance and Reinsurance (Solvency II) (OJ L 335, 17.12.2009, p. 1).

(20) Directive 2009/65/EC of the European Parliament and of the Council of 13 July 2009 on the coordination of laws, regulations and administrative provisions relating to undertakings for collective investment in transferable securities (UCITS) (OJ L 302, 17.11.2009, p. 32).

(21) Directive 2011/61/EU of the European Parliament and of the Council of 8 June 2011 on Alternative Investment Fund Managers and amending Directives 2003/41/EC and 2009/65/EC and Regulations (EC) No 1060/2009 and (EU) No 1095/2010 (OJ L 174, 1.7.2011, p. 1).

(22) Directive (EU) 2016/2341 of the European Parliament and of the Council of 14 December 2016 on the activities and supervision of institutions for occupational retirement provision (IORPs) (OJ L 354, 23.12.2016, p. 37).

(23) Regulation (EU) 2020/1503 of the European Parliament and of the Council of 7 October 2020 on European crowdfunding service providers for business, and amending Regulation (EU) 2017/1129 and Directive (EU) 2019/1937 (OJ L 347, 20.10.2020, p. 1).

(24) Regulation (EU) 2023/1114 of the European Parliament and of the Council of 31 May 2023 on markets in crypto-assets, and amending Regulations (EU) No 1093/2010 and (EU) No 1095/2010 and Directives 2013/36/EU and (EU) 2019/1937 (OJ L 150, 9.6.2023, p. 40).

(25) Regulation (EU) No 1093/2010 of the European Parliament and of the Council of 24 November 2010 establishing a European Supervisory Authority (European Banking Authority), amending Decision No 716/2009/EC and repealing Commission Decision 2009/78/EC (OJ L 331, 15.12.2010, p. 12).

(26) Regulation (EU) No 1094/2010 of the European Parliament and of the Council of 24 November 2010 establishing a European Supervisory Authority (European Insurance and Occupational Pensions Authority), amending Decision No 716/2009/EC and repealing Commission Decision 2009/79/EC (OJ L 331, 15.12.2010, p. 48).

(27) Regulation (EU) No 575/2013 of the European Parliament and of the Council of 26 June 2013 on prudential requirements for credit institutions and amending Regulation (EU) No 648/2012 (OJ L 176, 27.6.2013, p. 1).

(28) Regulation (EU) No 345/2013 of the European Parliament and of the Council of 17 April 2013 on European venture capital funds (OJ L 115, 25.4.2013, p. 1).

(29) Regulation (EU) No 346/2013 of the European Parliament and of the Council of 17 April 2013 on European social entrepreneurship funds (OJ L 115, 25.4.2013, p. 18).

(30) Regulation (EU) 2015/760 of the European Parliament and of the Council of 29 April 2015 on European long-term investment funds (OJ L 123, 19.5.2015, p. 98).

(31) Regulation (EC) No 987/2009 of the European Parliament and of the Council of 16 September 2009 laying down the procedure for implementing Regulation (EC) No 883/2004 on the coordination of social security systems (OJ L 284, 30.10.2009, p. 1).

(32) Regulation (EU) No 648/2012 of the European Parliament and of the Council of 4 July 2012 on OTC derivatives, central counterparties and trade repositories (OJ L 201, 27.7.2012, p. 1).

(33) Regulation (EU) No 909/2014 of the European Parliament and of the Council of 23 July 2014 on improving securities settlement in the European Union and on central securities depositories and amending Directives 98/26/EC and 2014/65/EU and Regulation (EU) No 236/2012 (OJ L 257, 28.8.2014, p. 1).

(34) Regulation (EU) 2017/2402 of the European Parliament and of the Council of 12 December 2017 laying down a general framework for securitisation and creating a specific framework for simple, transparent and standardised securitisation, and amending Directives 2009/65/EC, 2009/138/EC and 2011/61/EU and Regulations (EC) No 1060/2009 and (EU) No 648/2012 (OJ L 347, 28.12.2017, p. 35).

(35) Directive (EU) 2015/2366 of the European Parliament and of the Council of 25 November 2015 on payment services in the internal market, amending Directives 2002/65/EC, 2009/110/EC and 2013/36/EU and Regulation (EU) No 1093/2010, and repealing Directive 2007/64/EC (OJ L 337, 23.12.2015, p. 35).

(36) Directive 2009/110/EC of the European Parliament and of the Council of 16 September 2009 on the taking up, pursuit and prudential supervision of the business of electronic money institutions amending Directives 2005/60/EC and 2006/48/EC and repealing Directive 2000/46/EC (OJ L 267, 10.10.2009, p. 7).

(37) Council Regulation No 1 determining the languages to be used by the European Economic Community (OJ 17, 6.10.1958, p. 385).

(38) Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC (OJ L 295, 21.11.2018, p. 39).

(39) Directive (EU) 2016/943 of the European Parliament and of the Council of 8 June 2016 on the protection of undisclosed know-how and business information (trade secrets) against their unlawful acquisition, use and disclosure (OJ L 157, 15.6.2016, p. 1).

(40) Regulation (EU) No 596/2014 of the European Parliament and of the Council of 16 April 2014 on market abuse (market abuse regulation) and repealing Directive 2003/6/EC of the European Parliament and of the Council and Commission Directives 2003/124/EC, 2003/125/EC and 2004/72/EC (OJ L 173, 12.6.2014, p. 1).

(41) Regulation (EU) No 1092/2010 of the European Parliament and of the Council of 24 November 2010 on European Union macro-prudential oversight of the financial system and establishing a European Systemic Risk Board (OJ L 331, 15.12.2010, p. 1).

(42) Commission Decision 2001/528/EC of 6 June 2001 establishing the European Securities Committee (OJ L 191, 13.7.2001, p. 45).

(43) Regulation (EU) No 182/2011 of the European Parliament and of the Council of 16 February 2011 laying down the rules and general principles concerning mechanisms for control by Member States of the Commission’s exercise of implementing powers (OJ L 55, 28.2.2011, p. 13).

ANNEX I

INFORMATION TO BE PROVIDED IN THE APPLICATION FOR AUTHORISATION

An application for authorisation shall contain all of the following information:

(a)	the full name of the applicant, the address of its registered office within the Union, the applicant’s website and, where available, the applicant’s legal entity identifier (LEI);

(b)	the name and contact details of a contact person at the applicant;

(c)	the legal status of the applicant;

(d)	the ownership structure of the applicant;

(e)	the identity of entities within the ownership structure of the applicant that will provide ESG ratings or any of the activities listed in Article 16(1);

(f)	the identity of the members of the senior management of the applicant and their level of qualification, experience and training;

(g)	the number of rating analysts, employees and other persons working for the applicant who are directly involved in ESG rating activities, and their level of experience and training;

(h)	the expected market coverage of ESG ratings;

(i)

a description of the procedures and methodologies used to issue and review ESG ratings implemented by the applicant, whether the applicant expects to use information disclosed under Regulation (EU) 2019/2088 and Directive 2013/34/EU, and whether the applicant expects to use methodologies that are based on scientific evidence and takes into account the targets and objectives of the Paris Agreement or any other relevant international agreements;

(j)	the policies or procedures implemented by the applicant to identify, manage and disclose any conflicts of interest as referred to in Article 15 of this Regulation;

(k)	where applicable, documents and information related to any existing or planned outsourcing arrangements for activities covered by this Regulation;

(l)	where applicable, information about other activities, including expected endorsement, carried out by the applicant, or which the applicant intends to carry out;

(m)	where applicable, information about the specific measures implemented by the applicant as referred to in Article 16(2) and (3) of this Regulation;

(n)	where applicable, information about previous ESG rating activities.

ANNEX II

ORGANISATIONAL REQUIREMENTS

1. Record keeping information

ESG rating providers shall keep records of all of the following:

(a)

for each ESG rating, where applicable:

(i)	the identity of the rating analysts participating in the determination of the ESG rating, the identity of the persons who have approved the ESG rating, information as to whether the ESG rating was solicited or unsolicited, and the date on which the ESG rating action was taken;

(ii)	the identity of the persons responsible for the development of the rule-based methodology, and the identity of the persons who have approved the rating methodology;

(b)	the account records relating to fees received from any rated item or issuer of the rated item or related third party or any user of ESG ratings;

(c)	the account records for each user of ESG ratings;

(d)	the records documenting the established procedures and rating methodologies used by the ESG rating provider to determine ESG ratings;

(e)	the internal records and external communications and files, including non-public information and work papers, used to form the basis of any ESG rating decision taken;

(f)	records of the procedures and measures implemented by the ESG rating provider to comply with this Regulation;

(g)	the methodology used for the determination of an ESG rating;

(h)	changes in, or deviations from, standard procedures and methodologies;

(i)	all documents relating to any complaint, including those submitted by a complainant.

2. Outsourcing

Where ESG rating providers outsource to a service provider functions or any relevant services or activities in the provision of an ESG rating, the ESG rating provider shall ensure that the following conditions are met:

(a)	the service provider has the ability, capacity, and any authorisation required by law, to perform the outsourced functions, services or activities reliably and professionally;

(b)	the ESG rating provider takes appropriate action if it appears that the service provider might not be carrying out the outsourced functions effectively and in compliance with applicable law and regulatory requirements;

(c)	the ESG rating provider retains the necessary expertise to supervise the outsourced functions effectively and to manage the risks associated with the outsourcing;

(d)	the service provider discloses to the ESG rating provider any development that might have a material impact on its ability to carry out the outsourced functions effectively and in compliance with applicable law and regulatory requirements;

(e)	the ESG rating provider is able to terminate the outsourcing arrangements where necessary;

(f)	the ESG rating provider takes reasonable steps, including contingency plans, to avoid undue operational risk related to the participation of the service provider in the ESG rating determination process.

ANNEX III

DISCLOSURE REQUIREMENTS

1. Minimum disclosures to the public

In accordance with Article 23 of this Regulation, ESG rating providers shall, at a minimum, disclose to the public on their website and through the European single access point (ESAP) the following:

(a)	an overview of the rating methodologies used and changes thereto, including whether analysis is backward-looking or forward-looking and the time horizon covered;

(b)	the industry classification used;

(c)

an overview of data sources, including whether data is sourced from sustainability statements required under Directive 2013/34/EU or from information disclosed under Regulation (EU) 2019/2088 and whether sources are public or non-public, and an overview of data processes, estimation of input data in case of unavailability and frequency of data updates;

(d)	the ownership structure of the ESG rating provider;

(e)	information on whether and how the rating methodologies are based on scientific evidence;

(f)	information on the ESG rating’s clearly defined objective and marking whether the rating is assessing risks, impacts, or both, according to the double materiality principle, or any other dimensions, and in the case of double materiality the proportion of the risk and impact materiality;

(g)	the ESG rating’s scope, namely, whether it covers an individual E, S, or G factor or whether it is an aggregated rating aggregating E, S and G factors, or whether it covers specific issues such as transition risks;

(h)	in the case of an aggregated ESG rating, the weighting of the three overarching E, S and G categories of factors (for example 33 % for the E factor, 33 % for the S factor, 33 % for the G factor), and the explanation of the weighting method, including weight per individual E, S and G category;

(i)	within the E, S or G factors, specification of the topics covered by the ESG rating, and whether they correspond to the topics from the sustainability reporting standards developed pursuant to Article 29b of Directive 2013/34/EU;

(j)	information on whether the rating is expressed in absolute or relative value;

(k)	where applicable, reference to the use of artificial intelligence in the data collection or rating process including information about current limitations and risks of using artificial intelligence;

(l)	general information on criteria used for establishing fees charged to clients, specifying the various elements taken into consideration, and general information on the business/payment model;

(m)	any limitation in data sources and methodologies used for the construction of ESG ratings;

(n)	the main risks of conflicts of interest and the steps taken to mitigate them;

(o)	if an ESG rating of a rated item covers the E factor, information on whether that rating takes into account the targets and objectives of the Paris Agreement or any other relevant international agreements;

(p)	if an ESG rating of a rated item covers the S and G factors, information on whether that rating takes into account any relevant international agreements;

(q)	any limitation on the information available to ESG rating providers.

2. Additional disclosures to users of ESG ratings and rated items within the scope of Directive 2013/34/EU

In accordance with Article 24 and in addition to the minimum disclosures to the public referred to in point 1 of this Annex, ESG rating providers shall make available the following information to users of ESG ratings, rated items and issuers of a rated item, if applicable, that are the subject of such rating:

(a)

a more granular overview of the rating methodologies used and changes thereto, including:

(i)	where applicable, scientific evidence and assumptions on which the ratings are based;

(ii)	the relevant key performance indicators per E, S and G factor, and weighting method;

(iii)

in the case of an aggregated ESG rating, the result of the assessment for each E, S and G category of factors, presented in a manner that ensures comparability of the E, S and G category;

(iv)	any potential shortcomings of methodologies, and the measures taken to address those shortcomings;

(v)	policies for the revision of methodologies;

(vi)	when an ESG rating has been upgraded or downgraded due to any material changes to rating methodologies, models, key rating assumptions or data sources (including estimates), the reasons for those changes and their implications for the given rating;

(vii)

date of the last revision of methodologies;

(viii)

where the ESG rating covers the E factor, whether and to what extent the ESG rating is correlated with the percentage of taxonomy-alignment under Regulation (EU) 2020/852, or aligned with other international agreements, together with an explanation of any significant deviations therefrom;

(b)

a more granular overview of data processes, including:

(i)

a more detailed explanation of data sources used, including whether public or non-public, whether subject to assurance engagement, and whether derived from the sustainability reporting standards developed pursuant to Articles 19a and 29b of Directive 2013/34/EU concerning sustainable economic activities and disclosure of information pursuant to Regulation (EU) 2020/852 and Regulation (EU) 2019/2088, including whether and how information on companies’ transition plans derived from such sustainability reporting standards is used;

(ii)	where applicable, the use of estimation and industry average and explanation of the underlying methodology;

(iii)

the policies for updating data and revising historical data, and the date of last updates of data;

(iv)	data quality controls, their frequency and the remediation process if issues arise;

(v)	where applicable, any steps taken to address limitations in data sources;

(c)	where applicable, information about engagement with rated items and issuers of rated items, including whether on-site reviews or visits have been performed by the ESG rating provider and at what frequency;

(d)

where an ESG rating provider issues an unsolicited rating, a prominent statement to that effect in the ESG rating, including information on whether the rated item or a related third party has been informed that it would be rated, whether it participated in the rating process and whether the ESG rating provider had access to the management and relevant internal documents of the rated item or a related third party;

(e)	where applicable, an explanation of any artificial intelligence methodology used in the data collection or rating process;

(f)	in the case of major new information in respect of a rated item that has the possibility to affect the result of an ESG rating, ESG rating providers shall explain how they have taken that information into account and whether they have amended the corresponding ESG rating;

Where applicable, the information referred to in point 2 of this Annex shall be specific to each ESG rating distributed.

ELI: http://data.europa.eu/eli/reg/2024/3005/oj

ISSN 1977-0677 (electronic edition)