Consultation Response by ESG Book on UK FCA Proposed Rules for the Regulation of ESG Ratings Providers

Questions in this paper

Question 1: Do you agree with the proposed approach not to apply the Duty to rating providers? If not, please specify what you disagree with and why.

We support the exemption of ESG ratings activities from the application of the Consumer Duty (the Duty). ESG ratings are primarily a wholesale activity, and providers have limited direct influence over retail consumer outcomes, with minimal direct use of ratings by retail investors. While the Duty plays an important role in establishing clear standards of care, good faith, and conduct for financial firms in relation to retail customer outcomes, its application to ESG ratings providers would be disproportionate given their indirect role in shaping retail financial outcomes.

Question 2: Do you agree with our approach to applying the high-level standards to rating providers? If not, please specify what you disagree with and why.

We agree with the application of the General Provisions (GEN), covering the administrative duties of FCA-regulated firms, as well as SYSC 6 relating to financial crime and market abuse, to ESG ratings providers. However, while robust governance frameworks and control systems are fundamental to sound business practice, a one-size-fits-all compliance approach does not distinguish between firms with differing resources, operational capacity, and cost constraints.

To ensure proportionality, the UK FCA could consider a tiered implementation approach, similar to that adopted in the European Union, whereby smaller firms are able to notify or register with the supervisory authority and are subject to lighter-touch requirements initially. This would provide sufficient time for such firms to build capacity and progressively comply with the full scope of the regulation.

Question 3: Do you think existing regulatory regimes sufficiently address the risk of harm? If not, which areas do you think need to be addressed and why?

While this exclusion does not apply to our business model, we agree in principle with the approach of avoiding duplicative compliance costs and unnecessary administrative burden.

As set out in the legislation, excluding ESG ratings produced as part of already regulated activities—such as asset management, investment research, or benchmark administration—from the standalone ESG ratings regime is a pragmatic and proportionate measure. It recognises that these activities are already subject to existing regulatory oversight and helps prevent the need for firms to obtain additional permissions for similar products/activities.

We support this approach as it promotes regulatory efficiency and reduces friction for market participants. At the same time, we acknowledge the importance of ensuring that appropriate standards are maintained across existing regimes and agree that any material gaps in oversight should be clearly identified and, where necessary, addressed through enhancements rather than duplicative regulation.

Question 4: Do you agree with the proposed minimum public disclosures listed in Table 2? If not, please specify what you disagree with and why.

We agree with the proposed scope of minimum public disclosures, as it helps prevent “black-box” methodologies that can obscure how ESG ratings are determined and interpreted. Greater transparency around objectives, methodology, data sources, and key assumptions is essential to ensuring the credibility and usability of ratings for market participants.

This approach is also consistent with the transparency principle underpinning the International Capital Market Association (ICMA) framework, aligns with the IOSCO Recommendations (2021), and mirrors the increasing emphasis on transparency-based disclosure requirements across mandatory regimes in jurisdictions such as the European Union and India.

That said, the European Union’s framework adopts a more comprehensive approach to transparency. The FCA could consider incorporating select additional elements—such as disclosures on ownership structure, the use of scientific evidence, industry classification, links to international agreements (e.g. Paris alignment), and greater granularity on data processes and limitations—to further strengthen comparability and decision-usefulness, while remaining mindful of proportionality and avoiding unnecessary complexity. In addition, we would encourage the FCA to work closely with other financial regulators, such as ESMA, to provide joint guidance on complying across global regulatory regimes. This could include mapping disclosure requirements across regimes or establishing forms of jurisdictional equivalence, thereby minimising duplicative compliance burdens for providers operating across multiple markets while promoting consistency in standards.

Question 5: Are there any key minimum public disclosures missing from the proposed list in Table 2? If so, please specify which disclosures and why they should be included.

Overall, we consider the proposed list of minimum public disclosures to be robust and well-calibrated in addressing transparency concerns and reducing the risk of “black-box” methodologies. The inclusion of disclosures on objectives, methodology, data sources, and key assumptions provides a strong baseline for ensuring the credibility and interpretability of ESG ratings.

However, there are a small number of additional disclosures—drawing on more comprehensive regimes such as the European Union—that could further enhance transparency and comparability without imposing disproportionate burden. In particular, we would highlight:

• Ownership structure of the provider: This would improve transparency around potential conflicts of interest and governance arrangements.
• Use of scientific evidence and underlying assumptions: Greater clarity on whether and how methodologies are grounded in scientific or internationally recognised frameworks would strengthen user confidence.
• Industry classification framework: Disclosing the classification system used would improve comparability across ratings and providers.
• Linkages to international agreements: Where relevant, indicating alignment with frameworks such as the Paris Agreement or other international standards would enhance the interpretability of ratings.
• Additional transparency on data limitations: While data sources are covered, more explicit disclosure of data gaps, estimation techniques, and limitations would improve users’ understanding of rating robustness.

These additions would build on the existing framework by enhancing decision-usefulness and cross-jurisdictional consistency, while remaining aligned with the principle of proportionality.

Question 6: Do you agree with the proposed disclosures for direct users and rated entities and approach to onward sharing? If not, please specify what you disagree with and why.

We agree with the proposed disclosures for direct users and rated entities. The scope and granularity are appropriate, and the distinction between public disclosures and those intended for users and rated entities is sensible—underlying product information should be well documented, and our organisation has strong existing processes in place to ensure we abide by these principles.

Given that, however, we have automated scores, and we have robust systems and controls in place, which minimises associated risks. We support the requirement to communicate underlying scoring factors, aggregation methods, any material changes, and quality control issues to rated issuers. The provisions around data estimations, sources, and other elements listed in Table 3 will enhance transparency for rated entities, which we welcome.

We also agree with the approach to onward sharing. In terms of practical implementation, we see no significant concerns, provided that confidential methodology information remains appropriately protected.

Question 7: Are there any key minimum disclosures missing from the proposed list in Table 3? If so, please specify which disclosures and why they should be included.

One key element missing from the proposed list in Table 3 is clarity on the timing and frequency of disclosures. The current drafting does not specify whether the required disclosures are:

• One-off at the point of initial rating or product launch
• Ongoing whenever material changes occur
• Periodic on a defined cycle (e.g., annual reviews)

Without this clarity, there is a risk of inconsistent implementation across providers. We would recommend the FCA specify whether these disclosures should be subject to annual review or triggered by specific events, to ensure comparability and set clear expectations for both providers and users.

Question 8: Do you agree with our general expectations for transparency? If not, please specify what you disagree with and why.

We agree with the general expectations for transparency. The principle that disclosures should be easily accessible, prominent, free to obtain, clear and easy to understand, accurate, fair, not misleading, and updated as soon as practicable is fundamental to ensuring credibility in the ESG ratings market. This approach prevents “black box” methodologies from obscuring the ratings issuance process and ensures that users, rated entities, and the public have access to minimum disclosures that are verifiable, credible, and appropriately substantiated. The flexibility for providers to tailor disclosures for different ESG rating products supports proportionate transparency while protecting commercially sensitive information where absolutely necessary.

We also support the narrow framing of the trade secrets exemption, which requires providers to explain where and why it would prevent compliance—this should discourage overuse.

The transparency expectations align with the IOSCO Recommendations key pillar of transparency and mirror minimum public disclosure requirements for methodologies under mandatory regimes in the EU and India. In addition to establishing principles of transparency domestically, we would encourage the FCA to work cross-border to establish equivalence across regulatory regimes and identify and address potential gaps through future work—such as mapping exercises, guidance, and implementation materials—for global ratings providers operating across multiple jurisdictions.

Question 9: Overall, do you expect any significant challenges in implementing the proposed approach to transparency and minimum disclosures? If so, please specify which elements and the nature of the challenges.

We do not anticipate significant challenges in implementing the proposed approach to transparency and minimum disclosures, including the general expectations on accessibility, format, and clarity.

Our organisation already has robust systems and controls in place, comprehensive documentation of methodologies, and well-established quality control and governance frameworks. Our automated scoring approach uses publicly available and verified disclosure data, which reduces subjectivity compared to analyst-issued scores and streamlines the review and quality assurance process. Our existing disclosure practices align with the expectation that information be easily accessible, prominently displayed, and free to obtain.

However, we would note the following potential challenges that may affect the broader market:

• Cross-jurisdictional consistency: For global providers operating across multiple jurisdictions, aligning disclosures with varying requirements may require additional guidance.
• Confidentiality boundaries: Determining the precise boundary between disclosures that enhance transparency and those that risk exposing genuinely proprietary methodology details will require careful calibration during implementation.
• Resource implications for smaller providers: While well-established providers are likely to have systems in place, smaller ones may face proportionately greater compliance burdens in meeting the disclosure standards.

We would welcome further FCA guidance or implementation materials to support consistent application of these requirements across the market.

Question 10: Do you agree with the proposed governance approach for rating providers? If not, please specify what you disagree with and why.

We agree with the proposed governance approach for rating providers, particularly the emphasis on data quality, methodology and quality control, and record keeping. These elements form the foundation of a robust and credible ratings process, and our existing governance framework already reflects these expectations.

However, we would highlight the need for proportionality in relation to personal transactions restrictions, especially for smaller providers with non-complex business models. In our case, the scoring methodology is fully automated and relies on publicly available, verified disclosure data. This significantly limits the scope for staff to access or act upon non-public information in a way that could contravene the Market Abuse Regulation (MAR). The conflict-of-interest risks associated with personal transactions are therefore inherently lower than for providers relying on analyst-driven, discretionary methodologies.

For this reason, it would be beneficial for the governance framework to distinguish between different types of ESG ratings providers and calibrate personal transaction requirements based on the actual risk profile. A proportionate approach—such as simplified controls for automated, rules-based providers—would maintain the integrity of the regime while avoiding unnecessary burdens on smaller firms.

Question 11: Do you agree with the proposed approach to systems and controls, including: a. Quality control and methodology b. Data quality and accuracy c. Record keeping d. Personal transactions If not, please specify which elements you disagree with, what alternative approach you would suggest and why.

Overall, we support the governance framework but encourage the FCA to reflect differences in business models and risk exposure when applying personal transaction restrictions. Please refer to the detailed explanation to Question 10.

Question 12: Do you agree with the proposed requirement to give rated entities and users notice of material changes to a methodology? Should any other stakeholders also be given this notice?

We agree with the proposed requirement to give rated entities and users advance notice of material changes to a methodology. This is a sensible and necessary element of transparency, and it aligns with established practice in other jurisdictions. In particular, it is consistent with the EU Regulation, which requires providers to give notice of material methodological changes to ensure users and rated entities can understand and assess the impact on ratings.

Providing notice helps maintain trust in the ratings process, allows users to evaluate potential effects on their analysis or products, and gives rated entities the opportunity to understand how the changes may influence their assessments.

At this stage, we do not see a strong need to extend mandatory notice to additional stakeholder groups. However, providers should retain the flexibility to communicate with other interested parties where appropriate, especially in cases where methodological changes may have broader market relevance or where doing so supports clarity and comparability for end-investors.

Question 13: Do you agree with our proposed approach to conflicts of interest? If not, please specify what you disagree with and why.

We broadly agree with the proposed approach to managing conflicts of interest and support the emphasis on robust governance, transparency, and accountability. In particular, we welcome the requirements to identify, prevent, manage, and disclose conflicts, alongside maintaining appropriate records and ensuring senior management oversight.

However, we recommend introducing greater proportionality in the application of certain requirements—specifically those relating to restrictions on employee personal transactions. The current approach appears to apply uniformly across all ESG ratings providers, without sufficient consideration of differences in business models and risk profiles.

For providers such as ours, where the scoring methodology is fully automated and based exclusively on publicly available, verified disclosure data, the risk of conflicts arising from access to non-public, price-sensitive information is inherently limited. As a result, the likelihood of contravening frameworks such as the Market Abuse Regulation (MAR) through personal transactions is significantly lower than in analyst-driven, discretionary models.

We therefore suggest that the framework distinguish between different types of ESG ratings providers and calibrate requirements accordingly. A proportionate approach—such as simplified or risk-based controls for automated, rules-based providers—would preserve the integrity and objectives of the regime while avoiding unnecessary operational burdens, particularly for smaller or less complex firms.

Question 14: Do you expect any challenges in implementing the proposed rules? If so, please specify which rules and the nature of the challenges.

While we do not foresee fundamental barriers to implementation, certain aspects of the proposed rules may present practical challenges, particularly if applied without proportionality.

In particular, prescriptive requirements around employee personal transactions could impose disproportionate compliance burdens on smaller providers or those with low inherent conflict-of-interest risk. Implementing monitoring systems, pre-clearance processes, and ongoing surveillance mechanisms may require significant operational and technological investment, which may not be commensurate with the actual risk exposure in more automated business models.

More broadly, a one-size-fits-all approach to conflicts of interest governance may lead to inefficiencies, as firms with simpler structures and lower risk profiles would be subject to the same level of controls as more complex, analyst-driven organisations.

To mitigate these challenges, we recommend that the final rules explicitly allow for a risk-based and proportionate application of requirements, aligned with the nature, scale, and complexity of the provider’s activities.

Question 15: Do you agree with the proposed approach for stakeholder engagement? If not, please specify what you disagree with and why, and if you have identified any gaps.

We agree with the proposed approach to stakeholder engagement, as it appropriately supports the integrity, accuracy, and transparency of ESG ratings. In particular, we welcome the emphasis on early notification, clear communication of methodologies, and the provision of underlying data upon request. These measures ensure that rated entities have a meaningful opportunity to review the inputs into their assessment, address factual errors, and contribute to a more robust, data-driven outcome based on validated source information.

The proposed requirements around allowing sufficient time for the correction of factual errors—both prior to issuance and post-publication—are particularly important in strengthening confidence in ESG ratings. Similarly, the expectation to maintain formal procedures for receiving and processing stakeholder feedback is a critical component of ensuring ongoing data quality and methodological credibility.

While we are supportive of the proposed framework in Table 4, certain implementation challenges may arise, particularly in operationalising stakeholder engagement requirements at scale. Providing underlying data free of charge upon request, while appropriate from a transparency perspective, may create operational and resource burdens—especially where requests are frequent, complex, or require standardisation across multiple datasets. Similarly, ensuring timely notification, managing data requests, and incorporating feedback on factual errors within defined timelines may require significant workflow coordination and system enhancements.

There may also be challenges in balancing sufficient time for issuer feedback with the need to maintain timely publication of ratings, particularly in cases where rated entities are slow to respond or where multiple rounds of clarification are required.

To address these challenges, it would be beneficial for the framework to allow for proportional implementation, taking into account the scale, business model, and level of automation of the ESG ratings provider. Clarification on reasonable timelines, as well as flexibility in how data is shared (e.g., through standardised templates or digital interfaces), would further support efficient and consistent implementation.

Question 16: Do you agree with the proposed approach for complaints handling? If not, please specify what you disagree with and why.

We agree with the proposed approach to stakeholder engagement and consider it an important mechanism for enhancing the accuracy, transparency, and credibility of ESG ratings. The requirements relating to early notification, clear communication of methodologies, and the provision of underlying data upon request ensure that rated entities have a meaningful opportunity to review and validate the inputs into their assessment.

In particular, enabling rated entities to identify and correct factual errors—both prior to issuance and after publication—supports a more robust, data-driven process grounded in validated source data.

The inclusion of formal procedures for receiving and processing stakeholder feedback further strengthens the reliability and accountability of ESG rating providers.

Overall, we believe the framework is well-calibrated and does not identify any material gaps. It strikes an appropriate balance between transparency and operational feasibility.

Question 17: Do you expect any significant challenges in implementing the proposed approach for stakeholder engagement or complaints? If so, please specify which elements and the nature of the challenges.

While we are broadly supportive of the proposed approaches, certain implementation challenges may arise, particularly in relation to operational scalability and proportionality.

For stakeholder engagement, managing data requests, incorporating feedback on factual errors, and ensuring timely interactions with rated entities may require enhanced workflows, systems, and resourcing—especially for providers operating at scale. There may also be practical challenges in balancing sufficient time for issuer feedback with the need to ensure timely publication of ratings.

For complaints handling, establishing and maintaining robust processes, including tracking, documenting, and responding to complaints within defined timelines, may require additional operational and technological investment. This could be particularly impactful for smaller providers or those with more automated, rules-based methodologies, where the volume and complexity of complaints may not justify highly resource-intensive frameworks.

To address these challenges, we recommend that the final rules explicitly allow for a proportionate, risk-based approach to implementation. This should take into account the nature, scale, and complexity of the provider’s business model, including the degree of automation in the rating process. Flexibility in how requirements are operationalised—such as through standardised templates, digital interfaces, or tiered service levels—would support efficient and effective compliance while maintaining the overall objectives of the regime.

Question 20: Do you agree with the proposal to not provide FSCS cover? If not, please explain why.

We agree with the proposal not to extend Financial Services Compensation Scheme (FSCS) cover to ESG ratings providers.

This approach is proportionate and appropriate given ESG ratings providers do not hold client money, manage investments, or provide personal investment advice, and therefore do not expose users to the types of financial risks that FSCS protection is designed to address.

Question 21: Do you agree with our approach of applying the standard (Core) SM&CR to ESG rating providers as it applies to most other FCA regulated firms? If not, what alternative approach would you propose?

We broadly agree with the proposal to apply the standard (Core) SM&CR framework to ESG rating providers, as it ensures consistency with the wider regulatory regime and reinforces clear accountability, governance, and oversight within firms.

Applying the Core regime appears proportionate given the nature of ESG ratings activities, which—while important for market integrity—generally present lower direct consumer harm compared to other regulated financial services. The focus on Senior Management Functions, Statements of Responsibilities, and Conduct Rules is appropriate and supports strong internal governance without imposing undue complexity.

We also agree with the proposal not to require certain functions, such as the Money Laundering Reporting Officer (SMF17), reflecting the relatively limited financial crime risk inherent in ESG ratings business models.

However, we would encourage continued emphasis on proportionality in the application of specific SM&CR elements. In particular, the Certification Regime may have limited applicability for many ESG rating providers—especially those with highly automated, rules-based methodologies and smaller organisational structures—where few, if any, roles are likely to meet the threshold of “Certification Functions.” This is acknowledged in the consultation and is a helpful clarification.

In this context, we welcome the ongoing reform discussions, including the potential removal or simplification of the Certification Regime, which could further enhance proportionality and reduce unnecessary operational burden.

Question 22: Does the proposed perimeter guidance provide sufficient support to help firms understand when FCA authorisation might be required? If not, what else should the guidance cover?

We agree with the proposed perimeter guidance and welcome the clarification it provides on the scope of ESG ratings and the regulated activity of providing such ratings.

In particular, we support the distinction between firms that are already FCA-authorised and those seeking authorisation. This differentiation is important to ensure that additional regulatory burden is not unnecessarily imposed on firms already subject to FCA rulemaking, while still maintaining appropriate oversight of newly regulated activities.

The inclusion of guidance on what qualifies as an ESG rating, as well as clearly defined exclusions, is helpful in reducing ambiguity and supporting consistent interpretation across the market. This is particularly important given the breadth and complexity of products and services that may incorporate ESG-related data or estimations that may be interpreted as an ‘assessment’ and fall within the scope of the ratings definition.

Question 23: Do you agree with our proposed application fee structure for ESG rating providers? If not, please explain why you disagree.

We agree with the proposed application fee structure, including the use of standard pricing categories and the differentiation between smaller and larger ESG rating providers at the point the gateway opens. The approach appears proportionate and pragmatic, reflecting the higher supervisory effort required to assess more complex business models while avoiding undue barriers to entry for smaller firms. In particular, the use of a lower fee category for firms with more limited scale supports market accessibility and innovation, which is important in a developing segment such as ESG ratings.

We also support the simplification of the fee structure post-gateway, where a single category is applied to all firms. This provides clarity and predictability for new entrants while aligning fees more closely with expected supervisory costs over time.

Overall, the proposed structure strikes an appropriate balance between cost recovery and proportionality.

Question 24: Do you agree that the threshold to define larger ESG rating providers should be a forecast annual revenue of £250,000 or more? If not, please explain why you disagree.

We broadly agree with the use of a revenue-based threshold to distinguish between smaller and larger ESG rating providers, as it provides an objective and practical basis for categorisation.

However, we note that in the EU, firm size thresholds in the context of sustainability reporting reforms are set at a significantly higher level, based on both turnover (€450 million) and employee count (1,000 employees). This reflects a broader policy direction towards simplifying requirements for smaller entities, while focusing more intensive regulatory obligations on firms with greater scale and systemic relevance.

In contrast, the proposed £250,000 revenue threshold for ESG rating providers is comparatively low and may result in smaller or early-stage firms being captured within a more intensive regulatory category. This is particularly relevant in a cross-border context, where ESG rating providers may already face increased compliance costs when operating across jurisdictions.

Under Regulation (EU) 2024/3005, ESG rating providers are subject to a differentiated fee structure, including authorisation or registration fees and ongoing supervisory fees, with additional complexity for third-country providers operating via equivalence, recognition, or registration regimes. As a result, smaller providers expanding into multiple jurisdictions may face cumulative regulatory and cost burdens, even where their scale and risk profile remain limited.

In this context, setting a relatively low threshold in the UK could further compound these pressures, potentially creating barriers to entry and limiting competition and innovation in the market. We therefore recommend that the threshold be kept under review and calibrated carefully to reflect both international regulatory developments and the cumulative compliance burden faced by providers operating across multiple jurisdictions.

Question 25: Do you agree with our proposed application of certain existing SUP rules and guidance to rating providers? If not, please specify what you disagree with and why.

The approach is proportionate and appropriate, using existing supervisory tools to ensure consistency with other FCA-regulated firms while avoiding duplication. We support the focus on risk-based supervision, including information-gathering powers, skilled person reviews, and firm-specific requirements where necessary.

We also welcome the FCA’s staged approach to regulatory reporting. As noted in paragraph 9.4, mandatory reporting will not be introduced at this stage (aside from SUP 16.10), with the FCA instead engaging with firms on a voluntary basis to test data availability and reporting. This provides useful flexibility as the regime evolves.

Question 26: Do you have any comments on our proposal to apply the same approach to enforcement investigations and actions to rating providers as we do to other regulated firms, as set out in ENFG? If yes, please specify.

We agree with the proposed approach to apply the Enforcement Guide (ENFG) to ESG rating providers. Aligning enforcement with the existing framework for regulated firms supports consistency, predictability, and credibility of the regime. Given the importance of ESG ratings for market integrity, applying established investigation powers and disciplinary tools is appropriate and proportionate.

Question 27: Do you have any comments on our proposal to follow the same procedures for decision-making and imposing penalties in relation to rating providers and their personnel as set out in DEPP? If yes, please specify.

We agree with the proposal to apply the Decision Procedure and Penalties Manual (DEPP) to ESG rating providers. The use of established decision-making procedures, including statutory notices, settlement processes, and the role of the Regulatory Decisions Committee, ensures procedural fairness and transparency. Applying a consistent penalties framework across regulated firms is appropriate and supports a level playing field.

Question 28: Do you have any additional comments on our proposed rules and guidance set out in this CP, including where we could take an alternative approach, or think there are any other topics we should consider? If yes, please specify.

We have outlined our position directly in response to the questions covered in this consultation paper.

However, as an international smaller provider we would like to highlight the following concerns:

1. We are concerned that the FCA’s proposed fee structure—particularly the relatively low revenue threshold—may create a disproportionate compliance burden for smaller or early-stage providers, potentially acting as a barrier to market entry and innovation. This is compounded in a cross-border context, where providers already face additional regulatory and cost pressures (e.g. under EU requirements), leading to cumulative burden. This also shows misalignment with international regulatory trends (e.g. EU Omnibus), where higher thresholds are being introduced to ease reporting burdens on companies.
2. There appears to be a risk of an imbalanced regulatory approach whereby ESG rating providers face increased scrutiny and compliance costs at an early stage, while underlying ESG data from rated entities—particularly large companies—remains limited or fragmented, effectively shifting the burden onto providers rather than data sources.