European Parliament legislative resolution of 24 April 2024 on the proposal for a regulation of the European Parliament and of the Council on the transparency and integrity of Environmental, Social and Governance (ESG) rating activities (COM(2023)0314 – C9-0203/2023 – 2023/0177(COD))
(Ordinary legislative procedure: first reading)
The European Parliament,
– having regard to the Commission proposal to Parliament and the Council (COM(2023)0314),
– having regard to Article 294(2) and Article 114 of the Treaty on the Functioning of the European Union, pursuant to which the Commission submitted the proposal to Parliament (C9‑0203/2023),
– having regard to Article 294(3) of the Treaty on the Functioning of the European Union,
– having regard to the opinion of the European Central Bank of 4 October 2023(1),
– having regard to the opinion of the European Economic and Social Committee of 25 October 2023(2),
– having regard to the provisional agreement approved by the committee responsible under Rule 74(4) of its Rules of Procedure and the undertaking given by the Council representative by letter of 14 February 2024 to approve Parliament’s position, in accordance with Article 294(4) of the Treaty on the Functioning of the European Union,
– having regard to Rule 59 of its Rules of Procedure,
– having regard to the letter from the Committee on Legal Affairs,
– having regard to the report of the Committee on Economic and Monetary Affairs (A9-0417/2023),
1. Adopts its position at first reading hereinafter set out;
2. Calls on the Commission to refer the matter to Parliament again if it replaces, substantially amends or intends to substantially amend its proposal;
3. Instructs its President to forward its position to the Council, the Commission and the national parliaments.
Position of the European Parliament adopted at first reading on 24 April 2024 with a view to the adoption of Regulation (EU) 2024/… of the European Parliament and of the Council on the transparency and integrity of Environmental, Social and Governance (ESG) rating activities, and amending Regulation (EU) 2019/2088*
P9_TC1-COD(2023)0177
(Text with EEA relevance)
THE EUROPEAN PARLIAMENT AND THE COUNCIL OF THE EUROPEAN UNION,
Having regard to the Treaty on the Functioning of the European Union, and in particular Article 114 thereof,
Having regard to the proposal from the European Commission,
After transmission of the draft legislative act to the national parliaments,
Having regard to the opinion of the European Economic and Social Committee(1),
Acting in accordance with the ordinary legislative procedure(2),
Whereas:
(1) On 25 September 2015, the UN General Assembly adopted a new global sustainable development framework: the 2030 Agenda for Sustainable Development(3), having at its core the Sustainable Development Goals (SDGs). The Commission's Communication of 2016 on the next steps for a sustainable European future(4) links the SDGs to the Union policy framework to ensure that all Union actions and policy initiatives, within the Union and globally, take the SDGs on board at the outset. The European Council conclusions of 20 June 2017(5) confirmed the commitment of the Union and the Member States to the implementation of the 2030 Agenda in a full, coherent, comprehensive, integrated and effective manner and in close cooperation with partners and other stakeholders. In addition, the UN Principles for Responsible Investment has over 3000 signatories representing over EUR 100 trillion of assets under management. On 11 December 2019, the Commission published its communication on ‘The European Green Deal’(6). On 30 June 2021, the European Parliament and the Council signed the European Climate Law which enshrines into Union law the goal set out in the Commission’s communication of 11 December 2019 entitled ‘The European Green Deal’ (the ‘European Green Deal’) of Union economy and society becoming climate-neutral by 2050.
(2) The transition to a sustainable economy is key to ensuring the long-term competitiveness and sustainability of the Union economy and the quality of life of citizens in the Union and to keeping global warming well below the 1,5 degree Celsius threshold. Sustainability has long been at the heart of the Union project and the Union Treaties give recognition to its social and environmental dimensions.
(3) Achieving SDG objectives in the Union requires the channelling of capital flows towards sustainable investments. It is necessary to exploit fully the potential of the internal market for the achievement of those goals. In that context, it is crucial to remove obstacles to the efficient movement of capital towards sustainable investments in the internal market and to prevent such obstacles from emerging and to set rules and standards to, on the one hand, promote sustainable finance and, on the other, disincentivise investments that can adversely impact the achievement of SDG objectives.
(4) The EU’s approach to sustainable and inclusive growth is anchored in the 20 principles of the European Pillar of Social Rights to ensure a fair transition towards this goal and policies which leave no one behind. Furthermore, the EU social acquis including the Union of Equality Strategies(7) provides standards in the areas of labour law, equality, accessibility, health and safety at work, and anti-discrimination.
(5) Financial markets play a crucial role in the channelling of capital toward investments necessary for the achievement of the Union climate and environmental objectives. In March 2018, the Commission published its Action Plan ‘Financing Sustainable Growth’(8), setting up its strategy on sustainable finance. The objectives of that Action Plan are to mainstream sustainability factors into risk management and reorient capital flows towards sustainable investment to achieve sustainable and inclusive growth.
(6) As part of the Action Plan, the Commission commissioned a study entitled ‘Study on Sustainability Related Ratings, Data and Research’(9) to take stock of the developments in the sustainability-related products and services market, identify the main market participants and highlight potential shortcomings. That study provided an inventory and classification of market actors, sustainability products and services available in the market and an analysis of the use and perceived quality of sustainability-related products and services by market participants. The study highlighted the existence of conflicts of interest, the lack of transparency and accuracy of Environmental, Social and Governance (ESG) ratings methodologies and the lack of clarity over the terminology and the operations of ESG rating providers.
(7) In the framework of the European Green Deal, the Commission put forward a renewed sustainable strategy. The renewed sustainable finance strategy was adopted on 6 July 2021(10).
(8) As a follow-up, the Commission announced in the renewed sustainable finance strategy, a public consultation on ESG ratings to feed into an impact assessment. In the public consultation that took place in 2022, stakeholders confirmed concerns with the lack of transparency of ESG ratings methodologies and objectives and clarity over ESG rating activities. As trust is pivotal in the functioning of financial markets, such lack of transparency and reliability of ESG ratings should be urgently addressed.
(9) At international level, the International Organization of Securities Commissions (IOSCO) has issued a report in November 2021 containing a set of recommendations on ESG ratings and data product providers(11). The Commission and ESMA should consider the application of the IOSCO recommendations for ESG ratings published in November 2021 when assessing a third-country jurisdiction or ESG rating provider compliance with the requirements of this Regulation for the purpose of equivalence, endorsement or recognition.
(10) ESG ratings play an important role in global capital markets, as investors, borrowers and issuers increasingly use those ESG ratings as part of the process of making informed, sustainable investment and financing decisions. Credit institutions, investment firms, insurance undertakings, assurance undertakings, and reinsurance undertakings, amongst others, often use those ESG ratings as a reference for the sustainability performance or for the sustainability risks and opportunities in their investment activity. Consequently, ESG ratings have a significant impact on the operation of the markets and on the trust and confidence of investors and consumers. To ensure that ESG ratings used in the Union are independent, comparable where possible, impartial, systematic and of adequate quality, it is important that ESG rating activities are conducted in accordance with the principles of integrity, transparency, responsibility ▌ and good governance, while contributing to the sustainable finance agenda of the Union. Better comparability and increased reliability of ESG ratings would enhance the efficiency of that fast-growing market, thereby facilitating progress towards the objectives of the Green Deal.
(11) ESG ratings play an enabling role for the proper functioning of the Union sustainable finance market by providing important information for investment strategies, risk management and disclosure obligations by investors and financial institutions. It is therefore necessary to ensure that ESG ratings provide material decision-useful information to the users, and that users of ESG ratings better understand the objectives which ESG ratings pursue and what specific issues and metrics those ratings measure.
(12) It is necessary to acknowledge the various business models of the ESG rating market. A first business model is the user-paid model, where users are mainly investors that purchase ESG ratings for investment decisions. A second business model is the issuer-paid model, where undertakings purchase ESG ratings for assessing risks and opportunities with their operations. In order to ensure greater reliability of the ratings provided in the EU, rated items or issuers of a rated item should have the possibility to verify the data used by the ESG rating provider. To that end, a rated item or an issuer of a rated item can, upon request, access the dataset used to issue their rating. This would provide the rated item or issuer of a rated item with the opportunity to highlight any factual errors in the dataset used that could potentially impact the quality of future ratings. This should be a pure fact checking tool and rated items or issuers of a rated item should in no case be able to influence in any manner the rating methodologies or rating outcome. The notification to the issuer should only apply before the first issuance of the rating and not to any following updates. This provision serves as a means to inform the rated entity that the ESG rating provider is going to be rated.
(13) Member States neither regulate nor supervise the activities of ESG rating providers or the conditions for the provision of ESG ratings. In ensuring alignment with the objectives of the SDGs and the European Green Deal, and given the existing divergences, lack of transparency and absence of common rules, it is likely that Member States would adopt diverging measures and approaches, which would have a direct negative impact on, and create obstacles to, the proper functioning of the internal market, and be detrimental to the ESG rating market. ESG rating providers issuing ESG ratings for the use of financial institutions and undertakings in the Union would be subject to different rules in different Member States. Divergent standards and market practices would make it difficult to have clarity over the construction of ESG ratings and to compare them, thus creating uneven market conditions for users, causing additional barriers within the internal market, and risking distorting investment decisions.
(14) This Regulation complements the existing EU sustainable finance framework. Ultimately, ESG ratings should facilitate information flows in order to facilitate investment decisions.
(15) To adequately define the territorial scope, this Regulation should be based on the concept of ‘operating in the Union’, distinguishing between cases where ESG rating providers are established within or outside the Union. In the first case, providers established in the Union should be deemed to operate in the Union when they issue and publish their ESG ratings on their website or through other means, or when they issue and distribute their ESG ratings through subscription or other contractual relationships to regulated financial undertakings in the Union, to undertakings falling under the scope of Directive 2013/34/EU of the European Parliament and of the Council(12), to undertakings under the scope of Directive 2004/109/EC of the European Parliament and of the Council(13), in particular with respect to third-country issuers whose securities are admitted to trading on EU regulated markets, or to Union’s or Member States’ public authorities. In the second case, providers established outside the Union should only be considered operating in the Union when they issue and distribute their ratings by subscription or other contractual relationships to the same entities as for ESG rating providers established in the Union.
(16) This Regulation is designed to govern the issuance, distribution and, where relevant, publication of ESG ratings, without intending to regulate their use. Given the territorial scope of this Regulation tied to the concept of operating in the Union, users of ESG rating should engage with ESG rating providers that are authorised or registered under the provisions of this Regulation. Nevertheless, in limited cases a user in the Union may opt to engage with an ESG rating provider established outside the Union and not authorised or recognised under this Regulation. Such cases should strictly adhere to specific conditions to avoid any risk of circumvention.
(17) To adequately define the range of products to which this Regulation applies, the definition of ESG rating is limited to opinions or scores that are based on both an established methodology and a defined ranking system. For instance, the assignment of an item in a category or a scale that is either positive or negative, based on an established methodology with regard to environmental, social and human rights, or governance factors or to exposure to risks, should be considered as a ranking system under this Regulation.
(18) This Regulation should not apply to the publication or distribution of data on environmental, social and human rights, and governance factors that do not result in the development of an ESG rating. Moreover, such rules should not be applicable to products or services that incorporate an element of an ESG rating, including investment research as laid down in Directive 2014/65/EU of the European Parliament and of the Council(14). External reviews of European Green Bonds and second-party opinions on green bonds, bonds marketed as environmentally sustainable, sustainability-linked bonds, loans and other types of debt instruments, should also be out of the scope of these rules to the extent that such external reviews and second-party opinions do not contain ESG ratings produced by the reviewer or the second-party opinion provider. External reviews include pre-issuance reports, such as those of financing frameworks, post-issuance reviews, such as allocation reports, and impact reports. Furthermore, these rules should not be applicable to ratings developed exclusively for accreditation or certification processes, which are not targeting investment and financial analysis or decision-making. Lastly, these rules should not be applicable to ESG labelling activities when granted to entities, financial instruments or products. This exemption is contingent upon ESG labels not involving the disclosure of an ESG rating.
(19) This Regulation should in principle not apply to ratings produced by members of the European System of Central Banks (ESCB). This is to ensure that this Regulation does not unintentionally have an impact on measures of the ESCB that seek to take climate, or other environmental, social and governance considerations into account in the ESCB’s monetary policy collateral framework when pursuing its primary objective of maintaining price stability and supporting the general economic policies in the Union.
(20) Where an undertaking or financial institution discloses information about its own sustainability impacts, risks and opportunities or those of its value chain, such information should not be considered as an ESG rating under this Regulation.
(21) This Regulation should not apply to private ESG ratings produced pursuant to an individual order and provided exclusively to the person who placed the order and which are not intended for public disclosure or distribution by subscription or other means. Neither should this Regulation apply to ESG ratings issued by regulated financial undertakings that are used exclusively for internal purposes or for providing in-house or intra group financial services or products.
(22) In order to further enhance the functioning of the single market and the level of investor protection, it is important to ensure sufficient and consistent transparency about ESG ratings issued by regulated financial undertakings and incorporated in their financial products or services , when such ratings are disclosed and are therefore visible for third parties. Investors should receive adequate information about the methodologies underlying the ESG ratings which should be disclosed in the marketing communications. Therefore, this Regulation should also complement the disclosure obligations related to marketing communications established by the Regulation (EU) 2019/2088 of the European Parliament and of the Council(15). A similar disclosure should also be required from any other regulated financial undertakings in the Union that discloses an ESG rating as part of its marketing communications without being covered by Regulation (EU) 2019/2088. Investors should receive, via a link to the relevant website, the same information as the one required from the ESG rating providers by point 1 of Annex III of this Regulation, while taking into account the content of the information already disclosed by financial market participants and financial advisors pursuant to Regulation (EU) 2019/2088. Other regulated financial undertakings should disclose the same information, taking into account the various types of financial products, their characteristics and the differences between them as well as the need to avoid duplication with information already published in accordance with other applicable regulatory requirements. In general, any duplication in applicable disclosure requirements should be avoided. With the same objective to avoid any duplication of rules, regulated financial undertakings that issue ESG ratings and incorporate those ratings in financial products or services that they offer to third parties should be excluded from the scope of this Regulation.
(23) Non-profit organisations that issue ESG ratings for non-commercial purposes and that publish those ratings free of charge, should not be deemed to fall within the scope of this Regulation. However, they should endeavour to integrate the transparency requirements laid down in this Regulation where applicable. Where non-profit organisations charge rated items to report data or get rated through their platform, or where they charge users to access any information on the ESG ratings, they should be covered by the requirements of this Regulation.
(24) Natural persons including academics and journalists that publish and distribute ESG ratings for non-commercial purposes should not fall within the scope of this Regulation.
(25) To assess the ESG profile of companies, and as part of their sustainable investment and financing decisions processes, credit institutions, investment firms, insurance undertakings, and reinsurance undertakings, amongst others, rely both on external ESG ratings and on external ESG data products. Financial institutions should bear responsibility in the case of greenwashing accusations concerning their financial products, while the sole distribution of ESG information on entities or financial products, relying on proprietary or established methodology, which includes, among others, data sets on emissions and data on controversies, should not be covered by this Regulation. The Commission should carry out a review of this Regulation that assesses whether the scope identified is sufficient to ensure the confidence of investors and consumers in the sustainability performance of financial products and services and, where needed, envisages broadening the set of ESG data products and ESG data products providers covered by this Regulation.
(26) It is important to lay down rules ensuring that ESG ratings provided by ESG rating providers authorised in the Union are of adequate quality, are subject to appropriate requirements, recognising the existence of different business models, and ensure market integrity. Those rules would apply to overall ESG ratings capturing Environmental, Social and Governance factors, and to ratings that are only looking at a single Environmental, Social or Governance factor or sub-component of that factor. Separate environmental (E), social (S) and governance (G) ratings should be provided rather than a single ESG metric that aggregates E, S and G factors. If ESG rating providers decide to provide aggregated ratings, they should disclose the rate and weight granted to each component E, S and G, which should be presented in a manner that ensures comparability in order to ensure that each E, S and G category can be compared with the other ones.
(27) Given the use of ESG ratings from providers established outside the Union, it is necessary to introduce requirements based on which ▌ ESG rating providers established outside the Union may offer their services in the Union. This is necessary to ensure market integrity, investor protection and proper enforcement. Therefore, three possible regimes are proposed for those ▌ ESG rating providers established outside the Union: equivalence, endorsement and recognition. As an overarching principle, supervision and regulation in a third country should be equivalent to Union's supervision and regulation of ESG ratings. Therefore, ESG ratings provided by an ESG rating provider established and authorised or registered in a third country, can only be offered in the Union where a positive decision on equivalence of the third-country regime has been taken by the Commission. However, to avoid any adverse impact resulting from a possible abrupt cessation of the offering in the Union of ESG ratings provided by an ESG rating provider established outside the Union, it is also necessary to provide for certain other mechanisms, that is endorsement and recognition. Any ESG rating provider with a group structure should be able to use the mechanism of endorsement for the ESG ratings developed outside the Union. To do so, they should establish, within the group, an authorised ESG rating provider in the Union. This authorised ESG rating provider should ensure that the issuance and distribution of endorsed ESG ratings fulfils requirements which are at least as stringent as the requirements of this Regulation. Additionally, the provider established in the Union must possess the necessary expertise to monitor the issuance and distribution of ESG ratings of the provider established outside the Union. There should be an objective reason justifying why the endorsed ratings are issued by a provider established outside the Union. The requirement to demonstrate compliance, as outlined in this Regulation, should not be proven for each individual rating but rather for the overall methodologies and procedures implemented by the provider. Smaller ESG rating providers with a consolidated annual net turnover of all their activities below the quantitative threshold set by reference to the maximum amount fixed in the Accounting Directive for the definition of small groups should be able to benefit from the recognition regime. Where the ESG provider established outside the Union is subject to supervision in a third country, appropriate cooperation arrangements should be put in place in order to ensure the proper exchange of information with the relevant competent authority of the third country.
(28) The notion of establishment extends to any real and effective activity exercised through stable arrangements. When determining whether an entity based outside the EU has an establishment in a Member State, it is pertinent to consider the degree of stability of the arrangements, the effective exercise of activities in the Union, and the specific nature of the economic activities and services provided.
(29) The European Union represents one of the main markets for ESG ratings. It is also one of the first jurisdictions to develop a regulation on the transparency and integrity of ESG rating activities. The Commission should continue to work with the international partners to foster convergence of the rules applying to ESG rating providers.
(30) To ensure a high level of investor and consumer confidence in the internal market, ESG rating providers which provide ESG ratings in the Union should be authorised. It is therefore necessary to lay down harmonised conditions for such authorisation and the procedure for the granting, suspension and withdrawal of such authorisation. ESG rating providers that have been authorised should notify ESMA of any material changes to the conditions for their initial authorisation without undue delay. Material changes include any opening or closing of a branch within the Union. In order to provide more clarity to ESG rating providers, ESMA should specify what constitutes a material change by issuing guidelines to that effect.
(31) To ensure a high level of information to investors and other users of ESG ratings, information on ESG ratings and ESG rating providers should be made available on the European Single Access Point (ESAP)(16). ESAP should provide the public with ▌ easy centralised access to such information.
(32) To ensure the quality and reliability of ESG ratings, ESG rating providers should use rating methodologies that are rigorous, systematic, independent, continuous and capable of justification. ESG rating providers should be encouraged to address both aspects of the double materiality principle. ESG rating providers should review ESG ratings methodologies on an on-going basis and at least annually taking into account European and international developments affecting the E, S or G factors. However, it is key to leave it to the ESG rating providers themselves to determine their own methodologies in accordance with those principles.
(33) ▌ ESG rating providers should disclose information to the public on the methodologies, models and key rating assumptions which those providers use in their ESG rating activities and in each of their ESG ratings products. In light of the uses of ESG ratings by investors, the rating products should explicitly disclose which dimension of the double materiality principle the rating addresses, whether it is both material financial risk to the rated item or the issuer of the rated item and the material impact of the rated item or the issuer of the rated item on the environment and society in general or whether it takes into account only one of them. They should also explicitly disclose whether the rating addresses other dimensions. For the same reason, ESG rating providers should provide more detailed information on the methodologies, models and key rating assumptions to users of ESG ratings. That information should enable users of ESG ratings to perform their own due diligence when assessing whether to rely or not on those ESG ratings. Disclosure of information concerning methodologies, models and key rating assumptions should however not reveal sensitive business information or impede innovation. ESG rating providers should also disclose whether they have taken into account E, S, or G factors, or an aggregation thereof, the rating given to each relevant factor, and the weighting each of those factors is given in the aggregation. ESG rating providers should also disclose the limitations of the information available to them, including information about possible engagement with stakeholders of the rated item or issuer of the rated item. ESG rating providers should also disclose to the public information about the limitations of the methodology used, such as when they assess only one of the two dimensions of the double materiality principle or when the ESG rating is expressed in relative or absolute value.
(34) Taking into account the Union objectives and international standards for each factor is recommended in view of ensuring a sufficient level of quality of ESG ratings. As such, ESG ratings providers should provide information on whether the rating considers, amongst other relevant international agreements , the alignment with the objectives set in the Paris Agreement adopted under the United Nations Framework Convention on Climate Change on 12 December 2015 (the ‘Paris Agreement’) for the E factor, the compliance with International Labour Organisation core conventions on the right to organise and collective bargaining for the S factor, and the alignment with international standards on tax evasion and avoidance for the G factor.
(35) Regulation (EU) 2019/2088, Regulation (EU) 2020/852 of the European Parliament and of the Council(17) and Directive (EU) 2022/2464 of the European Parliament and of the Council(18) represent landmark legislative initiatives to enhance the availability, quality and consistency of ESG requirements across the entire value chain of financial market participants, which should contribute to the continuous improvement of the quality of ESG ratings.
(36) This Regulation should not interfere with the ESG rating methodologies or content. Diversity in the methodologies of ESG rating providers ensures that the broad requirements of users can be met and promotes competition in the market.
(37) Whilst an ESG rating provider may use alignment with the taxonomy set out in Regulation (EU) 2020/852 as a relevant factor or key performance indicator (KPI) in its rating methodology, ratings within the scope of this Regulation should not be considered as ESG labels indicating or providing assurance of compliance or alignment with Regulation (EU) 2020/852 or with any other standards.
(38) ESG rating providers should ensure that they provide ESG ratings that are independent, impartial, systematic and of adequate quality. It is important to introduce organisational requirements ensuring the prevention and mitigation of potential conflicts of interest. To ensure their independence, ESG rating providers should avoid situations of conflict of interest and manage those conflicts adequately where they are unavoidable. ESG rating providers should disclose conflicts of interest in a timely manner. They should also keep records of all significant threats to the independence of the ESG rating provider and that of its employees and other persons involved in the rating process, and the safeguards applied to mitigate those threats. In addition, to avoid potential conflicts of interest, ESG rating providers should not be allowed to offer within the same entity a number of other services including consulting services, credit ratings, benchmarks, investment activities, audit, or banking, insurance and reinsurance activities. Finally, to prevent, identify, eliminate or manage and disclose any conflicts of interest and ensure the quality, integrity and thoroughness of the ESG rating and review process at all times, ESG rating providers should establish appropriate internal policies and procedures in relation to employees and other persons involved in the rating process. Such policies and procedures should, in particular, include internal control mechanisms and an oversight function.
(39) In order to address risks of conflicts of interests, some activities should be offered from separate legal entities. However, some of these activities could be offered within the same legal entity where the providers have sufficient measures and procedures in place to ensure that each activity is exercised autonomously and to avoid creating potential risks of conflicts of interest in decision-making within its ESG rating activities. Such derogation should not be possible for credit rating activities and for audit and consulting activities. Consulting activities include developing sustainability strategies and strategies to manage sustainability risks or impacts. Concerning the activity of development of benchmarks, ESMA should assess if the measures proposed by the ESG rating provider are appropriate or sufficient regarding the potential risks of conflict of interest, taking into account whether the benchmark administrator offers benchmarks that pursue sustainability objectives and in particular EU Climate Transition Benchmarks and EU Paris-aligned benchmarks in accordance with Regulation (EU) 2016/1011 of the European Parliament and of the Council(19).
(40) Employees of ESG rating providers and other persons involved in the rating process should not participate in, or otherwise influence, the determination of an ESG rating of any rated entity if there is any evidence of self-review, self-interest, advocacy, or familiarity stemming from financial, personal, business, employment or other relationships between those persons and the rated entity as a result of which an objective, reasonable and informed third party, taking into account the safeguards applied, would conclude that those persons’ independence is compromised. If, during the period in which employees of ESG rating providers or other persons involved in the rating process are part of the assessment activities, a rated entity merges with, or acquires, another entity, those persons should identify and evaluate any current or recent interests or relationships which, taking into account available safeguards, could compromise those persons’ independence and ability to continue being involved in the assessment activities after the effective date of the merger or acquisition.
(41) To bring more clarity and to enhance trust on the operations of ESG rating providers, it is necessary to lay down requirements for ongoing supervision of ESG rating providers in the Union. In light of the important similarities between the activities of credit rating agencies and ESG rating providers and the related close alignment of central aspects of the regulatory framework for ESG rating providers to the regulatory framework applicable to credit rating agencies under Regulation (EC) No 1060/2009 of the European Parliament and of the Council(20), and to ensure a harmonised application of the proposed rules as well as uniform supervision, it is deemed understandable, considering the decision taken under Regulation (EC) No 1060/2009 to entrust supervision to ESMA, to entrust the supervision of ESG rating providers also to ESMA. This does not constitute a precedent and should not be interpreted as establishing a practice or policy on the attribution of supervisory responsibilities in the financial sector.
(42) Aside from their use in the financial services sector, ESG rating assessments are also used in the procurement and supply chain context. Therefore, in its supervision of ESG rating providers, ESMA should take account of the distinction between ESG rating providers in the financial sectors and those in non-financial sectors.
(43) ESMA should be able to require all information necessary to carry out its supervisory tasks effectively. It should therefore be able to demand such information from ESG rating providers, persons involved in ESG rating activities, legal representatives designated under the recognition regime, rated items and issuers of rated items and third parties to whom the ESG rating providers have outsourced operational functions and persons otherwise closely and substantially related or connected to ESG rating providers or ESG rating activities.
(44) ESMA should be able to perform its supervisory tasks, and in particular to compel ESG rating providers to end an infringement, to supply complete and correct information, or to comply with an investigation or an on-site inspection. To ensure that ESMA is able to perform those supervisory tasks, ESMA should be able to impose penalties or periodic penalty payments.
(45) Given its role to authorise and supervise ESG rating providers, ESMA should develop draft regulatory technical standards that do not involve policy choices for submission to the Commission. ESMA should specify further the information needed for the authorisation of ESG rating providers. The Commission should be empowered to adopt those implementing technical standards by means of delegated acts pursuant to Article 290 of the Treaty on the Functioning of the European Union (TFEU) and in accordance with Articles 10 to 14 of Regulation (EU) No 1095/2010 of the European Parliament and of the Council(21).
(46) In its role to authorise and supervise ESG rating providers, ESMA should be able to charge supervised entities supervisory fees ▌ . Such fees should be proportionate and adequate to the size of the ESG rating providers and to the extent of their supervision.
(47) In order to specify further technical elements of this Regulation, the power to adopt acts in accordance with Article 290 TFEU should be delegated to the Commission in respect of the specifications of the procedure to impose fines or periodic penalty payments, including provisions on rights of defence, temporal provisions, the collection of fines or periodic penalty payments, and detailed rules on the limitation periods for the imposition and enforcement of penalties and the type of fees, the matters for which fees are due, the amount of the fees, and the manner in which those fees are to be paid. It is of particular importance that the Commission carry out appropriate consultations during its preparatory work, including at expert level, and that those consultations be conducted in accordance with the principles laid down in the Inter-institutional Agreement of 13 April 2016 on Better Law-Making(22). In particular, to ensure equal participation in the preparation of delegated acts, the European Parliament and the Council should receive all documents at the same time as Member States’ experts, and their experts should systematically have access to meetings of Commission expert groups dealing with the preparation of delegated acts.
(48) It is necessary to have a number of measures supporting smaller ESG rating providers to enable them to continue their activities, or to enter the market after the date of application of this Regulation. Against this background, a temporary regime should be introduced to facilitate the market entry of smaller ESG rating providers and support the development of existing smaller ESG rating providers already operating in the Union before the entry into force of this Regulation. Under this temporary and optional framework, ESG rating providers categorized as small undertakings or as small groups should register with ESMA, without the need for authorisation, and should only be subject to specific provisions on organisational requirements and to provisions on transparency requirements. ESMA should be empowered to request information and to conduct general investigations, on-site inspections, and to adopt administrative measures. ESMA should also ensure that risks of circumvention are avoided, particularly by preventing small undertakings within medium-sized or large groups from benefiting from the provisions outlined under this regime. Once this temporary regime ends, these small ESG rating providers should apply for authorisation and benefit from a proportionate regime as regards governance requirements, accompanied by supervisory fees ▌ proportionate to the annual net turnover of the ESG ratings provider concerned.
(49) Where an entity or investor seeks an ESG rating from at least two ESG rating providers, it may consider appointing at least one ESG rating provider with a market share of no more than 10 % in the Union.
(50) Since the objectives of this Regulation cannot be sufficiently achieved by the Member States, namely to lay down a consistent and effective regime to address the shortcomings and vulnerabilities that ESG ratings pose, but can rather, by reasons of the scale and effects, be better achieved at Union level, the Union may adopt measures, in accordance with the principle of subsidiarity as set out in Article 5 of the Treaty on European Union. In accordance with the principle of proportionality as set out in that Article, this Regulation does not go beyond what is necessary in order to achieve those objectives.
(51) This Regulation should apply without prejudice to the application of Articles 101 and 102 TFEU.
(52) The European Central Bank delivered its own initiative opinion on 4 October 2023,
HAVE ADOPTED THIS REGULATION:
Title I
Subject matter, scope and definitions
Article 1
Subject-matter
This Regulation introduces a common regulatory approach to enhance the integrity, transparency, comparability where possible, responsibility, reliability, good governance, and independence of ESG rating activities, contributing to the transparency and quality of ESG ratings and to the sustainable finance agenda of the Union. It aims to contribute to the smooth functioning of the internal market, while achieving a high level of consumer and investor protection and preventing greenwashing or other types of misinformation, including social-washing, by introducing transparency requirements related to ESG ratings and rules on the organisation and conduct of ESG rating providers.
Article 2
Scope
1. This Regulation applies to ESG ratings issued by ESG rating providers operating in the Union. ESG rating providers are considered as operating in the Union in the following cases:
(a) for ESG rating providers established in the Union, when they issue and publish their ESG ratings on their website or through other means or when they issue and distribute their ESG ratings by subscription or other contractual relationships to regulated financial undertakings in the Union, to undertakings that fall under the scope of Directive 2013/34/EU, to undertakings that fall under the scope of Directive 2004/109/EC or to Union institutions, bodies, offices and agencies or Member State public authorities;
(b) for ESG rating providers established outside the Union, when they issue and distribute their ratings by subscription or other contractual relationships to regulated financial undertakings in the Union, to undertakings that fall under the scope of Directive 2013/34/EU, to undertakings that fall under the scope of Directive 2004/109/EC or to Union institutions, bodies, offices and agencies or Member State public authorities.
2. This Regulation does not apply to any of the following:
(a) private ESG ratings which are not intended for public disclosure or for distribution;
(b) ESG ratings issued by regulated financial undertakings ▌ that are used exclusively for internal purposes or for providing in-house or intra group financial services or products;
(c) ESG ratings issued by regulated financial undertakings in the Union that:
(i) are incorporated in a product or a service, where such products or services are already regulated under Union law, including under Regulation (EU) 2019/2088, Directives 2013/36/EU(23), (EU) 2014/65, 2009/138/EC(24), 2009/65/EC(25), 2011/61/EU(26) and (EU) 2016/2341(27) of the European Parliament and of the Council, Commission Implementing Regulation (EU) No 883/2014(28), Regulations (EU) 2020/1503(29), (EU) 2023/1114(30) and (EU) 2016/1011 of the European Parliament and of the Council, and
(ii) are disclosed to a third-party.
In the situations covered by the first subparagraph of this point, where a regulated financial undertaking in the Union discloses to third parties an ESG rating as part of their marketing communications, it shall include on its website the same information as those required by point 1 of Annex III of this Regulation and it shall disclose in that marketing communications a link to those website disclosures, except where it is subject to Article 13(3) of Regulation (EU) 2019/2088.
National competent authorities designated in accordance with the sectoral legislations as referred to in first subparagraph shall monitor the compliance by the regulated financial undertakings with the requirements of this article, in accordance with the powers granted by these sectoral legislations;
(d) ESG ratings issued by providers established outside the Union which are not authorised or recognised under Title II and that meet all the following conditions:
(i) the ESG rating is distributed at the own exclusive initiative of the user established in the Union without any prior contact, solicitation, promotion, advertisement or any other initiative by the ESG rating provider, or by any third party on behalf of the provider; an ESG rating distributed in the Union by a provider established outside the Union whose market share in the Union on its ESG rating activities becomes substantial or that has a website in at least one of the official language of the Union – and which is not customary in the sphere of international finance shall not be considered as distributed at the own exclusive initiative of the user;
(ii) there is no substitute for the ratings offered by any ESG rating provider authorized under this Regulation.
A user’s initiative as referred to in the first subparagraph of this point shall not entitle the ESG rating provider established outside the Union to distribute ESG ratings to this user in a recurrent manner neither to distribute ESG ratings to any other user in the Union;
(e) the publication or distribution of data on environmental, social and human rights, and governance factors;
(f) credit ratings issued pursuant to Regulation (EC) No 1060/2009, any ESG-related scores or assessments that are produced or published as part of the methodologies for credit ratings or as an input or output of the creditworthiness assessment;
(g) products or services that incorporate an element of an ESG rating, including investment research as laid down in Directive (EU) 2014/65;
(h) external reviews of European Green Bonds and second-party opinions on green bonds, bonds marketed as environmentally sustainable, sustainability-linked bonds, loans and other types of debt instruments, to the extent that such external reviews and second-party opinions do not contain ESG ratings produced by the reviewer or the second-party opinion provider;
(i) ESG ratings produced by Union or Member States’ public authorities when they are not published or distributed for commercial purposes;
(j) ESG ratings produced by an authorised ESG rating provider when they are published or distributed by a third party;
(k) ESG ratings produced by members of the European System of Central Banks when they are not published or distributed for commercial purposes;
(l) mandatory disclosures pursuant to Articles 6, 8, 9, 10, 11 and 13 of Regulation (EU) 2019/2088;
(m) disclosures pursuant to Articles 5, 6 and 8 of Regulation (EU) 2020/852;
(n) ESG ratings developed exclusively for accreditation or certification processes, which do not target investment and financial analysis or decision-making;
(o) labelling activities provided that the labels granted to the relevant entities, financial instruments or financial products do not involve the disclosure of an ESG rating;
(p) ESG ratings published or distributed by non-profit organisations for non-commercial purposes.
By way of derogation from the first subparagraph of this point (p), where non-profit organisations charge rated items to report data or get rated through their platform, or where they charge users to access any information on the ESG ratings, they should be covered by the requirements of this Regulation.
3. The ESAs shall, through the Joint Committee, develop draft regulatory technical standards to specify the details of the presentation and content of the information to be disclosed pursuant to the paragraph 2, point (c), taking into account the various types of financial products, their characteristics and the differences between them and the need to avoid duplication with information already published in accordance with applicable regulatory requirements.
The Commission is empowered to supplement this Regulation by adopting the regulatory technical standards referred to in the first subparagraph of this paragraph, in accordance with Articles 10 to 14 of Regulations (EU) No 1093/2010(31), (EU) No 1094/2010(32) and (EU) No 1095/2010 of the European Parliament and of the Council.
Article 3
Definitions
For the purposes of this Regulation, the following definitions apply:
(1) ‘ESG rating’ means an opinion, a score or a combination of both, regarding a rated item’s profile or characteristics with regard to environmental, social and human rights, or governance factors or exposure to ▌ risks or the impact on environmental, social and human rights, or governance factors, that are based on both an established methodology and a defined ranking system of rating categories ▌ , irrespective of whether such ESG rating is explicitly labelled as ‘ESG rating’, ‘ESG opinion’ or ‘ESG score’;
(2) ‘ESG opinion’ means an ESG assessment that is based on a rules-based methodology and defined ranking system of rating categories, involving directly a rating analyst in the rating process or systems process;
(3) ‘ESG score’ means an ESG measure derived from data, using a rule-based methodology, and based only on a pre-established statistical or algorithmic system or model, without any additional substantial analytical input from an analyst;
(4) ‘ESG rating provider’ means a legal person whose occupation includes:
(a) the issuance, and
(b) publication or distribution, of ESG ratings ▌ on a professional basis;
(5) ‘regulated financial undertaking in the Union’ means an undertaking, regardless of its legal form, that is:
(a) a credit institution as defined in Article 4(1), point (1), of Regulation (EU) No 575/2013 of the European Parliament and of the Council(33);
(b) an investment firm as defined in Article 4(1), point (1), of Directive (EU) 2014/65;
(c) an alternative investment fund manager (AIFM) as defined in Article 4(1), point (b), of Directive 2011/61/EU, including a manager of a qualifying venture capital fund as defined in Article 3, point (c), of Regulation (EU) No 345/2013 of the European Parliament and of the Council(34), a manager of a qualifying social entrepreneurship fund as defined in Article 3, point (c), of Regulation (EU) No 346/2013 of the European Parliament and of the Council(35) and a manager of the ELTIF as defined in Article 2, point (12), of Regulation (EU) 2015/760 of the European Parliament and of the Council(36);
(d) an undertaking for collective investment in transferable securities (UCITS) management company as defined Article 2(1), point (b), of Directive 2009/65/EC;
(e) an insurance undertaking as defined in Article 13, point (1), of Directive 2009/138/EC;
(f) a reinsurance undertaking as defined in Article 13, point (4), of Directive 2009/138/EC;
(g) an institution for occupational retirement provision as defined in Article 1, point (6) of Directive (EU) 2016/2341;
(h) pension institutions operating pension schemes which are considered to be social security schemes covered by Regulations (EC) No 883/2004 and (EC) No 987/2009(37) of the European Parliament and of the Council, and any legal entity set up for the purpose of investment of such social security schemes;
(i) an alternative investment fund (AIF) managed by an AIFM as defined in Article 4(1), point (b), of Directive 2011/61/EU or an AIF supervised under the applicable national law;
(j) a UCITS as defined in Article 1(2) of Directive 2009/65/EC;
(k) a central counterparty as defined in Article 2, point (1), of Regulation (EU) No 648/2012 of the European Parliament and of the Council(38);
(l) a central securities depository as defined in Article 2(1), point (1), of Regulation (EU) No 909/2014 of the European Parliament and of the Council(39);
(m) an insurance or reinsurance special purpose vehicle authorised in accordance with Article 211 of Directive 2009/138/EC;
(n) a ‘securitisation special purpose entity’ as defined in Article 2, point (2), of Regulation (EU) 2017/2402 of the European Parliament and of the Council(40);
(o) an insurance holding company as defined in Article 212(1), point (f), of Directive 2009/138/EC or a mixed financial holding company as defined in Article 212(1), point (h), of Directive 2009/138/EC, which is part of an insurance group that is subject to supervision at the level of the group pursuant to Article 213 of that Directive and which is not exempted from group supervision pursuant to Article 214(2) of that Directive;
(p) a financial holding company as defined in Article 4(1), point (20), of Regulation (EU) No 575/2013;
(q) a payment institution as defined in Article 1(1), point (d), of Directive (EU) 2015/2366 of the European Parliament and of the Council(41);
(r) an electronic money institution as defined in Article 2, point (1), of Directive 2009/110/EC of the European Parliament and of the Council(42);
(s) a crowdfunding service provider as defined in Article 2(1), point (e), of Regulation (EU) 2020/1503;
(t) a crypto-asset service provider as defined in Article 3(1), point (8), of Regulation (EU) 2023/1114 where performing one or more crypto-asset services as defined in Article 3(1), point (9), of Regulation (EU) 2023/1114;
(u) a trade repository as defined in Article 2, point (2), of Regulation (EU) No 648/2012;
(v) a securitisation repository as defined in Article 2, point (23), of Regulation (EU) 2017/2402;
(w) an administrator of benchmarks as defined in Article 3(1), point (3), of Regulation (EU) 2016/1011;
(x) a credit rating agency as defined in Article 3(1), point (b), of Regulation (EC) No 1060/2009;
(6) ‘rating analyst’ means a person who performs analytical functions for the purpose of issuing ESG ratings;
(7) ‘rated item’ means a legal person, a financial instrument, a financial product or a public authority or a body governed by public law which is explicitly or implicitly rated in the ESG rating ▌ , irrespective of whether such rating has been requested for and irrespective of whether the legal person has provided information for that ESG rating ▌ ;
(8) ‘financial instrument’ means any of the instruments listed in Annex I, Section C, of Directive (EU) 2014/65;
(9) ‘user’ means a natural or legal person, including a public authority or a body governed by public law, to which an ESG rating is distributed by subscription or other contractual relationships;
(10) ‘competent authorities’ means the authorities designated by each Member State in accordance with Article 30 and for the purposes of this Regulation;
(11) ‘management body’ means an ESG rating provider’s body or bodies, which are appointed in accordance with national law, which are empowered to set the ESG rating provider’s strategy, objectives and overall direction, and which oversee and monitor management decision-making, and include the persons who effectively direct the business of the ESG rating provider;
(12) ‘senior management’ means the person or persons who effectively direct the business of the ESG rating provider and the member or members of the ESG rating provider’s administrative or supervisory board;
(13) ‘group of ESG rating providers’ means a group of undertakings established in the Union consisting of a parent undertaking and its subsidiaries within the meaning of Article 2 of Directive 2013/34/EU, and undertakings linked to each other by a relationship and whose occupation includes the provision of ESG ratings.
Title II
Provision of ESG ratings in the Union
Article 4
Requirements to operate in the Union
Any legal person that wishes to operate as an ESG rating provider in the Union shall be subject to any of the following:
(a) an authorisation issued by ESMA as referred to in Article 6;
(b) an implementing decision as referred to in Article 10;
(c) an authorisation for endorsement as referred to in Article 11;
(d) a recognition as referred to in Article 12.
Article 5
Temporary regime for small ESG rating providers
1. An ESG rating provider established in the Union categorized as a small undertaking or as a small group according to the criteria laid down Article 3 of Directive 2013/34/EU that wants to operate in the Union, will only be subject to the general principles stated in Article 15(1), (5), and (7), to the provisions of Articles 23 and 24, to the powers referred to in Articles 32 to 37, provided that it:
(a) notifies ESMA of its intention to operate in the Union;
(b) has been registered by ESMA before its starts operating in the Union.
2. Where an ESG rating provider referred to in paragraph 1 ceases to be categorized as a small undertaking or as a small group according to the criteria laid down in Article 3 of Directive 2013/34/EU or three years after its registration in accordance with paragraph 1, whichever occurs first, the ESG rating provider shall become subject to all the provisions of this Regulation and shall within 6 months apply for authorisation pursuant to Chapter 1 of Title II.
3. ESG rating providers referred to in paragraph 1 can choose to opt in under this Regulation. Where ESG rating providers choose to opt in, this Regulation shall become applicable to them in its entirety.
Chapter 1
Authorisation of ESG rating providers established in the Union to operate in the Union
Article 6
Application for an authorisation to operate in the Union
1. Legal persons established in the Union that wish to operate in the Union pursuant to Article 2(1), point (a), shall apply for authorisation to ESMA.
2. The application for authorisation shall contain all of the information listed in Annex I and shall be submitted in any of the official languages of the Union. Council Regulation No 1(43) shall apply mutatis mutandis to any other communication between ESMA and the ESG rating providers and their staff.
3. ESMA shall develop draft regulatory technical standards to specify further the information listed in Annex I.
ESMA shall submit those draft regulatory technical standards to the Commission by ... [nine months from the date of entry into force of this Regulation] .
Power is delegated to the Commission to adopt the regulatory technical standards referred to in the first subparagraph in accordance with the procedure laid down in Articles 10 to 14 of Regulation (EU) No 1095/2010.
4. An authorised ESG rating provider shall comply with the conditions for initial authorisation at all times.
5. ESG rating providers shall notify ESMA of any material changes to the conditions for initial authorisation, including any opening or closing of a branch within the Union, without undue delay.
Article 7
Examination of the application for authorisation of ESG rating providers by ESMA
1. Within 25 working days of receipt of the application referred to in Article 6(2), ESMA shall assess whether the application is complete. Where the application is not complete, ESMA shall set a deadline by which the applicant is to provide additional information.
2. After having assessed whether an application is complete, ESMA shall notify the applicant of the result of that assessment.
3. Within 90 working days of the notification referred to in paragraph 2, ESMA shall adopt a fully reasoned decision to authorise or refuse authorisation.
4. ESMA may extend the period referred to in ▌ paragraph 3 to 120 working days in particular where the applicant:
(a) envisages endorsing ESG ratings as referred to in Article 11;
(b) envisages using outsourcing; or
(c) requests exemption from compliance in accordance with Article 22.
5. The decision adopted by ESMA pursuant to paragraph 3 shall take effect on the fifth working day following its adoption.
6. If the applicant does not provide additional information within the deadline referred to in paragraph 1, or if no decision is adopted by ESMA within the period referred to in paragraph 3 or 4, as applicable, the application shall be deemed rejected.
Article 8
Decision to grant or ▌ refuse the authorisation to operate in the Union and notification of that decision
1. ESMA shall authorise the applicant as ESG rating provider where it concludes from the examination of the application referred to in Article 7 that the applicant complies with the conditions for the provision of ratings set out in this Regulation.
2. ESMA shall inform the applicant within five working days of the decision referred to in paragraph 1.
3. ESMA shall inform the Commission, the EBA and EIOPA of any decision taken pursuant to paragraph 2.
4. The authorisation shall be effective for the entire territory of the Union.
Article 9
Withdrawal or suspension of authorisation
1. ESMA shall withdraw or suspend the authorisation of an ESG rating provider in any of the following cases:
(a) the ESG rating provider has expressly renounced the authorisation or has provided no ESG ratings for 12 months preceding that withdrawal or suspension;
(b) the ESG rating provider has obtained its authorisation by making false statements or by any other irregular means;
(c) the ESG rating provider no longer meets the conditions under which it was authorised;
(d) the ESG rating provider has seriously or repeatedly infringed this Regulation.
2. The decision on the withdrawal or suspension of authorisation shall take immediate effect throughout the Union. ESMA shall inform national competent authorities, the Commission, the EBA and the EIOPA of any decision taken pursuant to paragraph 1. The ESG rating provider shall also be informed of the decision taken pursuant to paragraph 1.
Chapter 2
Operation in the Union by ▌ ESG rating providers established outside the Union
Article 10
Equivalence decision
1. An ESG rating provider established outside the Union that wishes to operate in the Union pursuant to Article 2(1), point (b), shall only be able to do so where it is included in the register referred to in Article 14 and provided that all of the following conditions have been complied with:
(a) the ▌ ESG rating provider established outside the Union is a legal person, is authorised or registered as an ESG rating provider in the third country concerned, and is subject to supervision in that third country;
(b) the ▌ ESG rating provider established outside the Union has notified ESMA that it wishes operate in the Union and has submitted to ESMA the proof of the authorisation or registration, the relevant documents required for the authorisation or registration in the third country, as well as the name of the competent authority responsible for its supervision in the third country and has received confirmation from ESMA on the completeness of the provided information;
(c) the Commission has adopted an equivalence decision pursuant to paragraph 2;
(d) the cooperation arrangements referred to in paragraph 4 are operational.
2. The Commission may adopt an implementing decision stating that the legal framework and supervisory practice of a third country ensures that:
(a) ESG rating providers authorised or registered in that third country comply with binding requirements which are equivalent to the requirements under this Regulation;
(b) compliance with the binding requirements referred to in point (a) is subject to effective supervision and enforcement on an on-going basis in that third country.
▌
Such implementing decision shall be adopted in accordance with the examination procedure referred to in Article 48.
3. The Commission may adopt a delegated act in accordance with Article 47 to specify the conditions referred to paragraph 2, first subparagraph, points (a) and (b) of this Article. The Commission may subject the application of the implementing decision referred to in paragraph 2 of this Article to:
(a) the effective fulfilment on an ongoing basis by that third country of any condition set out in that implementing decision that aims at ensuring equivalent supervisory and regulatory standards;
(b) the ability of ESMA to effectively exercise the monitoring responsibilities referred to in Article 33 of Regulation (EU) No 1095/2010.
▌
4. ESMA shall establish cooperation arrangements with the competent authorities of third countries whose legal framework and supervisory practices have been recognised as equivalent in accordance with paragraph 2. Such arrangements shall specify at least the following:
(a) the mechanism for exchanging information on a regular and ad hoc basis between ESMA and the competent authorities of third countries concerned, including access to all relevant information requested by ESMA regarding the ESG rating provider authorised or registered in that third country;
(b) the mechanism for prompt notification to ESMA where a third country competent authority deems that the ESG rating provider authorised or registered in that third country and that is supervised by that third country competent authority is breaching the conditions of its authorisation or registration, or other national law in that third country;
(c) the procedures concerning the coordination of supervisory activities, including on-site inspections;
(d) the mechanism for prompt notification for ESMA where a third-country competent authority takes any regulatory or supervisory actions in relation to the ESG rating provider, including any change that may have an impact on the ESG rating provider’s continued compliance with applicable laws and regulations;
(e) the mechanism for prompt notification to the third country competent authority where ESMA issues a public notice in accordance with Article 35 to the ESG rating provider established outside the Union.
For the purpose of the first subparagraph, where ESMA is informed that an ESG rating provider established outside the Union no longer meets the conditions to be authorised in its country of origin, ESMA shall remove it from the register referred to in Article 14.
5. For the purpose of paragraph 1, point (b), ESMA shall assess whether the information is complete within 20 working days of its receipt. If ESMA deems the information not complete, ESMA shall set a deadline by which the ESG rating provider is to provide additional information. After assessing the completeness of the submission, ESMA shall inform the ESG rating provider about the outcome of the process no later than 60 working days from the date of the initial notification.
Article 11
Endorsement of ESG ratings by an ESG rating provider established outside the Union
1. An ESG rating provider established in the Union and authorised in accordance with Article 8 may endorse ESG ratings provided by an ESG rating provider established outside the Union and belonging to the same group, provided that all of the following conditions have been met:
(a) the ESG rating provider established in the Union has applied to ESMA for authorisation of such endorsement;
(b) the ESG rating provider established in the Union fulfils the following indicators of minimum substance:
(i) it has own premises or premises for its exclusive use in a Member State;
(ii) it has at least one active bank account of its own in the Union; and
(iii) it has appropriate analytical and decision-making presence in the Union considering the nature, scale or complexity of its activities in the Union;
(c) the endorsement of the ESG rating does not impair the quality of the assessment of the rated entity or the arrangement of on-site reviews or inspections, where provided for in the ESG rating methodology used by the ESG rating provider;
(d) the ESG rating provider established in the Union has verified and is able to demonstrate on an on-going basis to ESMA that the issuance and distribution of endorsed ESG ratings fulfils requirements which are at least as stringent as the requirements of this Regulation; the ESG rating provider established in the Union shall demonstrate compliance with those requirements without having to refer to the specific process followed for each individual rating;
(e) the ESG rating provider established in the Union has the necessary expertise to effectively monitor the ESG ratings by the ▌ ESG rating provider established outside the Union, to manage any associated risks;
(f) there is an objective reason why the ESG ratings have to be endorsed for their use in the Union, which may include factors such as the specificities of the ESG ratings, the need for proximity of the production of the ESG ratings to the issuer or to specific economic reality, a particular industry, centres of excellence for sub-components of ESG factors, the availability of specific skills required for the production of the ESG ratings, the material availability of input data and the development of ESG ratings through the collaboration of global teams;
(g) the ESG rating provider established in the Union provides ESMA at its request with all the information necessary to enable ESMA to supervise the compliance by the ▌ ESG rating provider established outside the Union, where relevant to the endorsed rating, with this Regulation on an ongoing basis;
(h) where an ESG rating provider established outside the Union is subject to supervision, an appropriate cooperation arrangement is in place between ESMA and the competent authority of the third country where the ESG rating provider is established, to ensure an efficient exchange of information.
▌
2. An ESG rating provider that applies for endorsement as referred to in paragraph 1, point (a), shall provide ESMA with all information necessary to satisfy ESMA that, at the time of application, all the conditions referred to in that paragraph are fulfilled.
3. Within 45 working days of receipt of the complete application for endorsement referred to in paragraph 1, point (a), but no later than 85 working days of the receipt of the initial application, ESMA shall examine the application and decide either to authorise the endorsement or to refuse it. ESMA shall ▌ notify the applicant of that decision within five working days.
4. An endorsed ESG rating shall be considered to be an ESG rating provided by the endorsing ESG rating provider. The endorsing provider shall not use the endorsement to avoid or circumvent the requirements of this Regulation.
5. An ESG rating provider that has endorsed ESG ratings issued by an ESG rating provider established outside the Union shall remain fully responsible for such ESG ratings and for compliance with the obligations under this Regulation.
6. Where ESMA has well-founded reasons to consider that the conditions laid down in this Article are no longer fulfilled, it shall have the power to require the endorsing ESG rating provider to cease the endorsement, without prejudice to the applicable measures, fines and penalties in accordance with Articles 35 to 37.
Article 12
Recognition of ▌ ESG rating provider established outside the Union
1. Until the Commission has adopted an equivalence decision as referred to in Article 10 or, where adopted, in the event that the equivalence decision is repealed, ESG rating providers established outside the Union with a consolidated annual net turnover of all their ▌ activities below the maximum amount set in Article 3(5), second subparagraph, of Directive 2013/34/EU, for the latest three consecutive years may operate in the Union, provided that ESMA has recognised that ▌ ESG rating provider in accordance with this Article . Where the ESG rating provider established outside the Union belongs to a group within the meaning of Article 2(11) of Directive 2013/34/EU, the consolidated net turnover should be assessed on a consolidated basis. To that end, ESMA may take into account either an assessment by an independent external auditor or a certification of the competent authority of the third country where the ESG rating provider is established.
2. ▌ ESG rating providers established outside the Union that wish to be recognised as referred to in paragraph 1 shall comply with the requirements established in this Regulation and apply for recognition to ESMA. ▌
3. ▌ An ESG rating provider established outside the Union that wish to be recognised as referred to in paragraph 1 shall have a legal representative. That legal representative shall be a legal person located in the Union and expressly appointed by that ▌ ESG rating provider to act on its behalf, demonstrating and being accountable to ESMA that the ESG rating provider meets the obligations laid down in this Regulation on an ongoing basis. The legal representative shall, upon request, provide ESMA with all the information necessary to satisfy ESMA that the ESG rating provider fulfils the requirements laid down in this Regulation.
4. The ▌ ESG rating provider established outside the Union shall provide ESMA, prior to the recognition referred to in paragraph 1, with the following information:
(a) all information necessary to demonstrate that the conditions laid down in paragraph 1 are met, including the information listed in Annex I;
(b) all information necessary to satisfy ESMA that the ESG rating provider established outside the Union has established all the necessary arrangements to meet the requirements referred to in paragraphs 2 and 3;
(c) the list of its actual or prospective ESG ratings which are intended for distribution in the Union;
(d) where applicable, the name and contact details of the competent authority in the third country responsible for its supervision.
Within 90 working days of receipt of the application for recognition referred to in paragraph 2, ESMA shall examine the application and decide on the recognition. ESMA shall inform the applicant of its decision within five working days of the decision.
5. ESMA shall recognise the ▌ ESG rating provider established outside the Union as referred to in paragraph 1 provided that all of the following conditions are met:
(a) the ▌ ESG rating provider established outside the Union has complied with all the conditions laid down in paragraphs 2, 3 and 4;
(b) where the ▌ ESG rating provider established outside the Union is subject to supervision, ESMA shall seek to put in place an appropriate cooperation arrangement with the relevant competent authority of the third country where the ESG rating provider is located, to ensure an efficient exchange of information.
6. No recognition shall be granted where the effective exercise by ESMA of its supervisory functions under this Regulation is either prevented by the laws, regulations or administrative provisions of the third country where the third country ESG rating provider is established, or, where applicable, by limitations in the supervisory and investigatory powers of that third country’s competent authority.
7. ESMA shall impose fines, in accordance with Article 36, suspend or, where appropriate, withdraw the recognition referred to in paragraph 1 where it has well-founded reasons, based on documented evidence, to consider that the ESG rating provider:
(a) is acting, or has been acting, in a manner which is clearly prejudicial to the interests of users of its ESG ratings or to the orderly functioning of markets;
(b) has seriously infringed the applicable requirements set out in this Regulation;
(c) has made false statements or used any other irregular means to obtain the recognition.
8. Where the ESG rating provider recognised under the provisions of this Article by ESMA no longer meets the conditions laid down in paragraph 1, it shall notify ESMA without undue delay.
The ESG rating provider shall notify ESMA within 3 months if it wants to continue offering its services in the Union and apply for authorisation within 12 months. In the absence of such notification, the ESG rating provider shall cease to operate in the Union.
9. ESMA shall develop draft regulatory technical standards to determine the form and content of the application referred to in paragraph 2 and, in particular, the presentation of the information required in paragraph 4. ESMA shall submit them to the Commission by ... [nine months from the date of entry into force].
Power is conferred on the Commission to adopt the regulatory technical standards referred to in the first subparagraph in accordance with the procedure laid down in Articles 10 to 14 of Regulation (EU) No 1095/2010.
Article 13
Cooperation arrangements
1. Any cooperation arrangement as referred to in Article 10(4), Article 11(1), point (h), and Article 12(5), point (b), shall be subject to guarantees of professional secrecy which are at least equivalent to those set out in Article 46. The exchange of information performed under such cooperation arrangements shall be intended for the performance of the tasks of ESMA or the competent authorities.
2. With regard to transfer of personal data to a third country, ESMA shall apply Regulation (EU) 2018/1725 of the European Parliament and of the Council(44).
Chapter 3
Register and accessibility of information
Article 14
Register of ESG rating providers and accessibility of information on the European Single Access Point (ESAP)
1. ESMA shall establish and maintain a register that contains information on all of the following:
(a) the identities of the ESG rating providers authorised pursuant to Article 8 or registered pursuant to Article 5;
(b) the identities of ▌ ESG rating providers established outside the Union that comply with the conditions laid down in Article 10 and the third country competent authorities responsible for the supervision of those ▌ ESG rating providers;
(c) the identities of the endorsing ESG rating provider and the endorsed ▌ ESG rating providers established outside the Union referred to in Article 11, and, where applicable, the third country competent authorities that are responsible for the supervision of the endorsed ▌ ESG rating provider;
(d) the identities of the ▌ ESG rating providers established outside the Union that have been recognised in accordance with Article 12, the legal representative located in the Union of that ESG rating provider and, where applicable, the third country competent authorities responsible for the supervision of those ▌ ESG rating providers.
2. The register referred to in paragraph 1 shall be publicly accessible on the website of ESMA and shall be updated without delay, as necessary.
3. From 1 January 2028, when making public any information pursuant to Article 19(1) and 23(1), the ESG rating provider shall submit that information to the relevant collection body referred to in paragraph 6 of this Article at the same time for accessibility on ESAP established under Regulation (EU) 2023/2859.
4. That information shall comply with all of the following requirements:
(a) the information shall be prepared in a data extractable format as defined in Article 2, point (3), of Regulation (EU) 2023/2859 or, where required under Union law, in a machine-readable format, as defined in Article 2, point (4), of Regulation (EU) 2023/2859;
(b) the information shall be accompanied by the following metadata:
(i) a full business name and, if applicable, the name used for marketing purposes and the abbreviation of the name of the ESG rating provider submitting the information;
(ii) the legal entity identifier of the ESG rating provider as specified pursuant to Article 7(4) of Regulation (EU) 2023/2859;
(iii) the size of the ESG rating provider as specified pursuant to Article 7(4) of Regulation (EU) 2023/2859;
(iv) the type of information as classified pursuant to Article 7(4) of Regulation (EU) 2023/2859;
(v) metadata specifying whether the information includes personal data.
5. For the purposes of paragraph 4, point (b)(ii) the ESG rating provider shall acquire the legal entity identifier as specified pursuant to Article 7(4) of Regulation (EU) 2023/2859.
6. For the purposes of making accessible on ESAP the information referred to in paragraph 1, the collection body as defined in Article 2, point (2), of Regulation (EU) 2023/2859 shall be ESMA.
7. From 1 January 2028, the information referred to in paragraph 1 and in Articles 11(3), 35(6) and 38(1) shall be made accessible on ESAP. For that purpose, the collection body as defined in Article 2, point (2), of that Regulation shall be ESMA. That information shall be prepared in a data extractable format as defined in Article 2, point (3), of Regulation (EU) 2023/2859, include the metadata as regards the names and, where available, the legal entity identifier of the ESG rating provider as specified pursuant to Article 7(4) of that Regulation, the type of information as classified pursuant to Article 7(4) of that Regulation and whether the information includes personal data.
8. For the purposes of ensuring an efficient collection and administration of data submitted in accordance with paragraph 3, ESMA shall develop draft implementing technical standards to specify:
(a) any other metadata to accompany the information;
(b) the structuring of data in the information;
(c) for which information a machine-readable format is required and which machine-readable format is to be used.
Before developing the draft implementing technical standards, ESMA shall carry out a cost-benefit analysis. For the purposes of the first subparagraph, point (c), ESMA shall assess the advantages and disadvantages of different machine-readable formats and conduct appropriate field tests¸ in consultation with relevant stakeholders.
ESMA shall submit those draft implementing technical standards to the Commission.
Power is conferred on the Commission to adopt the implementing technical standards referred to in the first subparagraph in accordance with Article 15 of Regulation (EU) No 1095/2010.
9. If necessary, ESMA shall adopt guidelines for entities to ensure that the metadata submitted in accordance with paragraph 8, first subparagraph, point (a), is correct.
Title III
Integrity and reliability of ESG rating activities
Chapter 1
Organisational requirements, processes and documents concerning governance
Article 15
General principles
1. ESG rating providers shall ensure the independence of their rating activities, including from all political and economic influences or constraints.
2. ESG rating providers shall have in place rules and procedures that ensure that their ESG ratings are issued and published, and distributed in accordance with this Regulation.
3. ESG rating providers shall employ systems, resources and procedures that are adequate and effective to comply with their obligations under this Regulation.
4. ESG rating providers shall adopt and implement written policies and procedures that ensure that their ESG ratings are based on a thorough analysis of all ▌ information available to them that is relevant to their analysis in accordance with their rating methodologies.
5. ESG rating providers shall adopt and implement internal due diligence policies and procedures that ensure that their business interests do not impair the independence or accuracy of the assessment activities.
6. ESG rating providers shall adopt and implement sound administrative and accounting procedures, internal control mechanisms, and effective control and safeguard arrangements for information processing systems.
7. ESG rating providers shall use rating methodologies for the ESG ratings they provide that are rigorous, systematic, independent and capable of justification and shall apply those rating methodologies continuously and in a transparent manner.
8. ESG rating providers shall review the rating methodologies referred to in paragraph 7 on an on-going basis and at least annually.
9. ESG rating providers shall monitor and evaluate the adequacy and effectiveness of the systems, resources and procedures referred to in paragraph 3 at least annually and take appropriate measures to address any deficiencies.
10. ESG rating providers shall establish and maintain a permanent, independent and effective oversight function to ensure oversight of overall aspects of the provision of their ESG ratings.
The oversight function shall have the necessary resources and expertise and have access to all information necessary to perform its functions. It shall have direct access to the management body of the ESG rating provider.
ESG rating providers shall develop and maintain robust procedures regarding their oversight function.
11. ▌ESG rating providers shall adopt ▌ all necessary measures to ensure that the information they use in assigning ESG ratings is of sufficient quality and from reliable sources. ESG rating providers shall clearly and explicitly state that their ESG ratings are their own opinion ▌.
12. ESG rating providers shall inform the rated item or the issuer of the rated item during its working hours and at least two full working days before the first issuance of the ESG rating in order to give the rated item or the issuer of the rated item an opportunity to inform the ESG rating provider of any factual errors. To that end, ESG rating providers shall make available, upon request by the rated item or by the issuer of the rated item, free of charge and on a non-commercial basis, the information referred to in point 1, points (b) and (c), and in point 2, point (b)(ii), of Annex III and the date of the last update of dataas well as, where relevant, any other data collected, estimated or computed related to them.
13. ESG rating providers shall not disclose information about their intellectual capital, intellectual property, know-how or the results of innovation that would qualify as trade secrets as defined in Article 2, point (1), of Directive (EU) 2016/943 of the European Parliament and of the Council(45).
14. ESG rating providers shall only make changes to their ESG ratings in accordance with their rating methodologies published pursuant to Article 23.
Article 16
Separation of business and activities
1. ESG rating providers shall not provide any of the following activities:
(a) consulting activities to investors or undertakings;
(b) the issuance and distribution of credit ratings as defined in Article 3(1), point (a), of Regulation (EC) No 1060/2009;
(c) the development of benchmarks within the meaning of Regulation (EU) 2016/1011;
(d) investment services and activities as defined in Article 4(1), point (2), of Directive (EU) 2014/65;
(e) statutory auditing on financial statements and assurance engagements on sustainability reporting within the meaning of Directive 2013/34/EU;
(f) activities of credit institutions within the meaning of the Regulation (EU) No 575/2013, and insurance, or reinsurance activities within the meaning of Directive 2009/138/EC.
2. By way of derogation from paragraph 1, ESG rating providers may provide the activities listed in paragraph 1, points (d) and (f), provided that they put in place specific measures, including measures referred to in Articles 25 and 26:
(a) to ensure that each activity is exercised autonomously and to avoid creating potential risks of conflicts of interest in decision-making within its ESG rating activities;
(b) to ensure that employees of ESG rating providers directly involved in the assessment process of an rated item shall not provide any of the activities referred to in paragraph 1.
In implementing such measures, the ESG rating provider shall also take into account the activities of the group to which it belongs, if applicable.
3. By way of derogation from paragraph 1, point (c), an ESG rating provider may lodge a request to ESMA to be authorised to develop benchmarks provided that it put in place specific measures, including those referred to in paragraph 2. ESMA shall assess if the measures proposed by the ESG rating provider are appropriate and sufficient regarding the potential risks of conflicts of interest. If ESMA considers that the measures are not appropriate or sufficient regarding the potential risks of conflict of interest, paragraph 1, point (c), shall apply.
Any substantial change in the measures taken by the ESG rating provider or in their implementation shall be notified to ESMA by the ESG rating provider before it is implemented. ESMA shall assess if the measures remain appropriate and sufficient regarding the potential risks of conflicts of interest. If not, paragraph 1, point (c), shall apply.
ESMA shall take its decision as referred to in the first and second subparagraphs within 30 working days of receipt of the complete information about the measures proposed by the ESG rating provider of their substantial changes or within the deadlines laid down in Article 7 if the assessment is part of its evaluation of the application for authorisation.
4. An ESG rating provider shall ensure that its employees who are directly involved in the assessment process of a rated item do not provide any of the activities referred to in paragraph 1, points (a), (b) and (e).
5. ESMA shall develop draft regulatory technical standards to specify the details of the measures and safeguards to be implemented pursuant to paragraphs 2, 3 and 4.
ESMA shall submit the draft regulatory technical standards referred to in the first subparagraph to the Commission by ... [nine months from the entry into force of this Regulation].
Power is delegated to the Commission to supplement this Regulation by adopting the regulatory technical standards referred to in the first subparagraph in accordance with Articles 10 to 14 of Regulations (EU) No 1095/2010.
6. ESG rating providers shall ensure that the provision of other services than those referred to in paragraph 1 does not create risks of conflicts of interest within its ESG rating activities. In case of risks of conflict of interest, ESG rating providers shall refrain from offering such other services.
Article 17
Rating analysts, employees and other persons involved in the provision of ESG ratings
1. ESG rating providers shall ensure that rating analysts, employees and any other natural person under their control or whose services are placed at their disposal, for example by way of a contractual arrangement, and who are directly involved in the provision of ESG ratings, including analysts directly involved in the rating process and persons involved in the provision of ESG scores, are appropriately trained and have the knowledge and experience that is necessary for the performance of the duties and tasks assigned, including, where appropriate, a sufficient understanding of potential material financial risk to the rated entity and potential material impact of the rated entity on the environment and on society in general.
2. ESG rating providers shall ensure that the persons referred to in paragraph 1 are not allowed to initiate or participate in negotiations regarding fees or payments with any rated item or issuer of a rated item or any person directly or indirectly linked to the rated item by control.
3. The persons referred to in paragraph 1, that are directly involved in the determination of an individual rating on a rated item, as well as a senior management position in the ESG rating provider, shall not buy or sell any financial instrument issued, guaranteed, or otherwise supported by any rated entity or any entity within the group of the rated entity, other than holdings in diversified collective investment schemes, including managed funds, or investments made under discretionary portfolio management, nor engage in any transaction in such financial instruments.
4. The persons referred to in paragraph 1 shall not be directly involved in or otherwise influence the determination of an ESG rating of the relevant rated item where those persons:
(a) own financial instruments of the rated item, other than holdings in diversified collective investment schemes, including managed funds, and investments made under discretionary portfolio management;
(b) own financial instruments of any entity related to a rated item, the ownership of which may cause or may be generally perceived as causing a conflict of interest, other than holdings in diversified collective investment schemes, including managed funds, and investments made under discretionary portfolio management;
(c) have had in the last year an employment, business or other relationship with the rated entity or any entity within the group of the rated item that may cause or may be generally perceived as causing a conflict of interest.
5. ESG rating providers shall ensure that the persons referred to in paragraph 1, as well as persons occupying a senior management position in the ESG rating provider:
(a) take all reasonable measures to protect property and records in possession of the ESG rating provider from fraud, theft or misuse, taking into account the nature, scale and complexity of the ESG rating provider’s business and the nature and range of ESG rating activities;
(b) do not share confidential information that has been entrusted to the ESG rating provider with anyone who is not directly involved in the provision of ESG rating activities, including rating analysts and employees of any person directly or indirectly linked to the ESG rating provider by control, and any other natural person whose services are or have been placed at the disposal of, or are under the control of, any person directly or indirectly linked to the ESG rating provider by control;
(c) do not use or share confidential information for any other purpose than the provision of ESG rating activities, including for the trading of financial instruments;
(d) do not solicit or accept money, gifts or favours from anyone with whom the ESG rating provider does business.
6. Persons ▌ referred to in paragraph 1 that consider that any other person ▌ referred to in paragraph 1 has engaged in conduct that they consider to be illegal shall immediately inform the oversight function thereof. The ESG rating provider shall ensure that such reporting does not have any negative consequences for the person reporting.
7. Where a rating analyst terminates his or her employment with the ESG rating provider and, within one year, joins a rated item or an issuer of a rated item which he or she has been directly involved in rating, the ESG rating provider shall review the work of the rating analyst over one year preceding his or her departure.
8. Persons as referred to in paragraph 1, as well as senior management of the ESG rating provider, shall not take up a senior management position within a rated item or an issuer of a rated item which they have been involved in rating for nine months after the provision of such rating.
Article 18
Record-keeping requirements
1. ESG rating providers shall record their ESG rating activities. Those records shall contain the information listed in Annexes I and II.
2. ESG rating providers shall keep the information referred to in paragraph 1 for at least five years and in such a form that it is possible to replicate and fully understand the determination of an ESG rating.
Article 19
Complaints-handling mechanism
1. ESG rating providers shall have in place and publish on their website procedures for receiving, investigating and retaining records concerning complaints made by users of ESG ratings, rated items and issuers of rated items. ESG rating providers shall also clearly provide information on their website about their complaints-handling mechanism and contact details.
2. The procedures referred to in paragraph 1 shall ensure that:
(a) the ESG rating provider makes publicly available the complaints-handling policy;
▌
(b) complaints are investigated in a timely and fair manner and that the outcome of the investigation is communicated to the complainant within a reasonable period of time, unless such communication would be contrary to objectives of public policy or to Regulation (EU) No 596/2014 of the European Parliament and of the Council(46);
(c) the inquiry is conducted independently of any personnel that has been involved in the subject-matter of the complaint.
3. Complaints may be submitted on:
(a) the sources of data used for a specific ESG rating, factual errors and mistakes;
(b) the way in which the rating methodology in relation to a specific ESG rating has been applied;
(c) whether a specific ESG rating is representative of the rated item or the issuer of the rated item.
Article 20
Reasoned concerns
1. ESG rating providers shall have in place procedures for receiving reasoned concerns by stakeholders, providing their names and position.
2. ESG rating providers, with the exception of smaller ESG rating providers, within the meaning of the maximum threshold of net turnover to define small undertakings in Directive 2013/34/EU, shall endeavour to reply to the reasoned concerns within 30 working days.
Article 21
Outsourcing
1. Outsourcing of important operational functions shall not materially impair the quality of the ESG rating provider’s internal control and the ability of the European Supervisory and Markets Authority (ESMA) to supervise the ESG rating provider’s compliance with its obligations under this Regulation.
2. ESG rating providers that outsource functions or any services or activities that are relevant for the provision of an ESG rating shall remain fully responsible for discharging all of the obligations under this Regulation.
3. ESG rating providers that outsource functions or any services or activities that are relevant for the provision of an ESG rating shall remain fully responsible for disclosing the information referred to in Annex II.
Article 22
Exemptions on governance requirements
1. ▌ An ESG rating provider may lodge a request to ESMA to be exempt from complying with the requirements referred to in Article 15(6), (8) and (10).
2. When assessing such a request, ESMA shall verify if the following conditions are met:
(a) the ESG rating provider is a small undertaking or a small group according to the criteria laid down in Article 3 of Directive 2013/34/EU;
(b) the ESG rating provider has implemented measures and procedures, and in particular internal control mechanisms, reporting arrangements and measures, that ensure the independence of rating analysts and persons approving ESG ratings and that ensure the effective compliance with this Regulation;
(c) the ESG rating provider has shown that the size of the ESG rating provider is not determined in such a way as to avoid compliance with this Regulation;
(d) the ESG provider has demonstrated with sufficient clarity that the requirements referred to in paragraph 1 are not proportionate to the nature, scale or complexity of the business of that ESG rating provider or in view of the nature or range of the issuance of its ESG ratings.
On the basis of those considerations, ESMA may exempt that ESG rating provider from all the requirements referred to in paragraph 1 or, in duly justified cases and based on the elements provided by the ESG rating provider pursuant to the first subparagraph, point (d), from some of those requirements only.
Chapter 2
Transparency requirements
Article 23
Disclosure of the methodologies, models, and key rating assumptions used in ESG rating activities to the public
1. ESG rating providers shall disclose on their website, as a minimum, the methodologies, models and key rating assumptions they use in their ESG rating activities, including the information referred to in point (d) of Annex I and point 1 of Annex III. This information should be published in a clear and transparent manner and identified in a separate section of the ESG rating provider’s website.
2. Separate E, S and G ratings shall be provided rather than a single ESG metric that aggregates E, S and G factors. ESG rating providers shall provide the disclosures referred to in this Article and in Article 24 separately for each factor.
3. By way of derogation from paragraph 2 of this Article, ESG rating providers may provide a single ESG rating that aggregates E, S and G factors, if they provide, without prejudice to further disclosure obligations under this Regulation, the information referred to in point (h) of point 1 of Annex III.
4. ESMA shall develop draft regulatory technical standards to specify further the elements that are to be disclosed in accordance with paragraph 1. These elements shall not include any additional disclosure requirements than those listed in point 1 of Annex III.
5. ESMA shall submit the draft regulatory technical standards of paragraph 4 to the Commission by ... [nine months from the date of entry into force].
Power is delegated to the Commission to adopt the regulatory technical standards referred to in the first subparagraph in accordance with the procedure laid down in Articles 10 to 14 of Regulation (EU) No 1095/2010.
6. The ESG rating provider shall provide the information referred to in point 1 of Annex III at the latest when it starts issuing ESG ratings.
7. ESMA may develop draft implementing technical standards to specify the data standards, formats and templates that ESG rating providers are to use to present the information referred to in paragraph 1.
Power is delegated to the Commission to adopt the implementing technical standards referred to in the first subparagraph in accordance with the procedure laid down in Article 15 of Regulation (EU) No 1095/2010.
Article 24
Disclosures to users of ESG ratings and rated entities
1. ESG rating providers shall make available, as a minimum, the information referred to in point 2 of Annex III to the users of ESG ratings and to the rated entities on an on-going basis.
2. An ESG rating provider shall ensure that when it authorises the subscriber to disclose the ESG rating, the link to the information of point 1 of Annex III is attached to the ESG rating.
3. ESMA shall develop draft regulatory technical standards to specify further the elements that are to be disclosed in accordance with paragraph 1. Those elements shall not include any additional disclosure requirements than those listed in point 2 of Annex III.
4. ESMA shall submit those draft regulatory technical standards to the Commission by ... [nine months from the date of entry into force].
Power is delegated to the Commission to adopt the regulatory technical standards referred to in the first subparagraph in accordance with the procedure laid down in Articles 10 to 14 of Regulation (EU) No 1095/2010.
5. ESMA may develop draft implementing technical standards to specify the data standards, formats and templates that ESG rating providers are to use to present the information as referred to in paragraph 1.
Power is delegated to the Commission to adopt the implementing technical standards referred to in the first subparagraph in accordance with the procedure laid down in Article 15 of Regulation (EU) No 1095/2010.
Chapter 3
Independence and conflicts of interest
Article 25
Independence and avoidance of conflicts of interest
1. ESG rating providers shall have in place robust governance arrangements, including a clear organisational structure with well-defined, transparent, and consistent roles and responsibilities for all persons involved in the provision of an ESG rating.
2. ESG rating providers shall take all necessary steps to ensure that any ESG rating provided is not affected by any existing or potential conflict of interest, or by any business or other relationship, either from the ESG rating provider itself or from their shareholders, managers, rating analysts, employees or any other natural person whose services are placed at the disposal or under the control of the ESG rating providers, or any person directly or indirectly linked to them by control or any third-party provider to whom functions or any services or activities have been outsourced.
3. Where there is a risk of a conflict of interest within an ESG rating provider due to the ownership structure, controlling interests, or activities of that ESG rating provider, of any entity owning or controlling the ESG rating provider, of an entity that is owned or controlled by the ESG rating provider, or of any the ESG rating provider’s affiliates or third-party provider, ESMA shall take action. ESMA may require the ESG rating provider to take measures to mitigate that risk. ▌
Where a conflict of interest as referred to in the first subparagraph is not adequately managed through specific risk mitigation, ESMA shall require ESG rating provider to bring the infringement to an end. If necessary, ESMA may require the ESG rating provider to cease the activities or relationships that create the conflict of interest, or ▌ to cease providing the ESG ratings.
4. A shareholder or a member of an ESG rating provider holding a significant influence as defined in Article 2, point 13, of Directive 2013/34/EU in that ESG rating provider, or in an undertaking which has the power to exercise control or a dominant influence over that ESG rating provider, shall be prohibited from doing any of the following:
(a) holding significant influence in any other ESG rating provider;
(c) having the right or the power to appoint or remove members of the administrative or supervisory board of any other ESG rating provider;
(d) being a member of the administrative or supervisory board of any other ESG rating provider.
This paragraph does not apply to investments in other ESG rating providers belonging to the same group of ESG rating providers or to investments in ESG rating providers that are micro or small-sized undertakings according to the criteria laid down in Article 3 of Directive 2013/34/EU.
5. ESG rating providers shall disclose to ESMA all existing or potential conflicts of interest, including conflicts of interest arising from the ownership or control of the ESG rating providers.
6. ESG rating providers shall establish and operate policies, procedures, and effective organisational arrangements for the identification, disclosure, prevention, management and mitigation of conflicts of interest. ESG rating providers shall regularly review and update those policies, procedures and arrangements. Those policies, procedures and arrangements shall specifically prevent, manage and mitigate conflicts of interest due to the ESG rating provider’s ownership or control or due to other interests in the ESG rating provider’s group, or conflicts of interest that are caused by other persons that exercise influence or control over the ESG rating provider in relation to determining the ESG rating.
7. ESG rating providers shall review their operations to identify potential conflicts of interests at least each year.
Article 26
Management of potential conflicts of interests from employees
1. ESG rating providers shall ensure that their employees and any other natural persons whose services are placed at their disposal or under their control and who are directly involved in the provision of an ESG rating:
(a) have the skills that are necessary for performing their tasks and duties and are subject to effective management and supervision;
(b) are not subject to undue influence or conflicts of interest;
(c) are not compensated and their performance is not evaluated in such a manner as to create conflicts of interest or otherwise impinge upon the integrity of the ESG rating determination process;
(d) do not have any interests or business connections that compromise the activities of the ESG rating provider;
(e) are prohibited from contributing to an ESG rating determination by way of engaging in bids, offers and trades on a personal basis or on behalf of market participants, except where such contribution is explicitly required as part of the ESG rating methodology and is subject to specific rules laid down therein;
(f) are subject to effective procedures to control the exchange of information with other employees involved in activities that may create a risk of conflicts of interest or with third parties, where that information may affect the ESG rating.
2. ESG rating providers shall establish specific internal control procedures to ensure the integrity and reliability of the employee or person determining the ESG rating, including internal sign-off by management before the dissemination of the ESG rating.
Article 27
Fair, reasonable, transparent and non-discriminatory treatment of users of ESG ratings
1. ESG rating providers shall take steps that are adequate to ensure that fees charged to clients are fair, reasonable, transparent and non-discriminatory.
2. For the purposes of paragraph 1, ESMA may require ESG rating providers to provide it with documented evidence on their pricing policy, including the fee structure and pricing criteria. ESMA may take supervisory measures in accordance with Article 35, and may decide to impose fines in accordance with Article 36 where it finds that fees from ESG rating providers are not fair, reasonable, transparent and non-discriminatory.
Chapter 4
Supervision by ESMA
Section 1
General principles
Article 28
Non-interference with the content of ratings or methodologies
In carrying out their duties under this Regulation, ESMA, the Commission or any public authorities of a Member State shall not interfere with the content of ESG ratings or methodologies.
Article 29
ESMA
1. In accordance with Article 16 of Regulation (EU) No 1095/2010, ESMA shall issue and update guidelines on the cooperation between ESMA and the competent authorities for the purposes of this Regulation, including the procedures and detailed conditions relating to the delegation of tasks.
2. In accordance with Article 16 of Regulation (EU) No 1095/2010, ESMA shall, in cooperation with the EBA and EIOPA, issue and update guidelines on the application of the endorsement regime referred to in Article 10 of this Regulation by ... [nine months from the date of entry into force].
3. ESMA shall publish an annual report on the application of this Regulation, including on supervisory measures taken and penalties imposed by ESMA under this Regulation, including fines and periodic penalty payments. That report shall contain, in particular, information on the evolution of ESG Ratings market and an assessment of the application of the third country regimes referred to in Articles 10, 11 and 12.
ESMA shall present the annual report referred to in the first subparagraph to the European Parliament, the Council and the Commission.
4. ESMA shall publish annually on its website a list of ESG rating providers listed in the register referred to in Article 14(1), indicating their total market share in the Union. The publication shall take stock of the market structure, including concentration levels and the diversity of ESG rating providers.
5. For the purposes of paragraph 4, the market share shall be measured by reference to the annual turnover generated from ESG rating activities at group level in the Union.
6. ESMA shall cooperate with the EBA and EIOPA in performing its tasks and shall consult the EBA and EIOPA before issuing and updating guidelines and submitting draft regulatory technical standards.
Article 30
Competent authorities
1. By ... [15 months from the entry into force of this Regulation], each Member State shall designate a competent authority for the purposes of this Regulation.
2. Competent authorities shall be adequately staffed, with regard to capacity and expertise, to be able to apply this Regulation.
Article 31
Exercise of the powers referred to in Articles 32 to 34
The powers conferred on ESMA or any official of or other person authorised by ESMA by Articles 32, 33 and 34 shall not be used to require the disclosure of information or documents which are subject to legal privilege.
Article 32
Requests for information
1. ESMA may by simple request or by decision require ESG rating providers, persons involved in ESG rating activities, rated items and issuers of rated items, third parties to whom the ESG rating providers have outsourced operational functions or activities, and persons otherwise closely and substantially related or connected to ESG rating providers or ESG rating activities, to provide all information that it needs to carry out its duties under this Regulation.
2. When sending a simple request for information under paragraph 1, ESMA shall:
(a) refer to this Article as the legal basis for the request;
(b) state the purpose of the request;
(c) specify what information is required;
(d) set a reasonable time-limit within which the information is to be provided and the format in which the information is to be provided;
(e) inform the person from whom the information is requested that there is no obligation to provide the information but that any reply to the request for information must not be incorrect or misleading;
(f) indicate the fine provided for in Article 36, where the answers to questions asked are incorrect or misleading.
3. When requiring the supply of information under paragraph 1 by decision, ESMA shall:
(a) refer to this Article as the legal basis for the request;
(b) state the purpose of the request;
(c) specify what information is required;
(d) set a reasonable time-limit within which the information is to be provided and the format in which the information is to be provided;
(e) indicate the periodic penalty payments provided for in Article 37 where the production of the required information is incomplete;
(f) indicate the fine provided for in Article 36, where the answers to questions asked are incorrect or misleading;
(g) indicate the right to appeal the decision before the Board of Appeal and to have the decision reviewed by the Court of Justice of the European Union in accordance with Articles 60 and 61 of Regulation (EU) No 1095/2010.
4. The persons referred to in paragraph 1 or their representatives and, in the case of legal persons or of associations having no legal personality, the persons authorised to represent them by law or by their constitution, shall supply the information requested. Lawyers duly authorised to act may supply the information on behalf of their clients. Those clients shall remain fully responsible if the information supplied by the lawyers is incomplete, incorrect or misleading.
5. ESMA shall, without delay, send a copy of the simple request or of its decision to the competent authority of the Member State where the persons referred to in paragraph 1 who are concerned by the request for information are domiciled or established.
Article 33
General investigations
1. In order to carry out its duties under this Regulation, ESMA may conduct all necessary investigations of persons referred to in Article 32(1). To that end, the officials of and other persons authorised by ESMA shall be empowered to:
(a) examine any records, data, procedures and any other material relevant to the execution of its tasks irrespective of the medium on which they are stored;
(b) take or obtain certified copies of or extracts from such records, data, procedures and other material;
(c) summon and ask any person referred to in Article 32(1), or their representatives or staff for oral or written explanations on facts or documents related to the subject matter and purpose of the investigation and to record the answers;
(d) interview any other natural or legal person who consents to be interviewed for the purpose of collecting information relating to the subject matter of an investigation;
(e) request records of telephone and data traffic.
2. The officials of and other persons authorised by ESMA for the purposes of the investigations referred to in paragraph 1 shall exercise their powers upon production of a written authorisation specifying the subject matter and purpose of the investigation. That authorisation shall also indicate the periodic penalty payments provided for in Article 37(1) where the production of the required records, data, procedures or any other material, or the answers to questions asked of the persons referred to in Article 32(1) are not provided or are incomplete, and the fines provided for in Article 36, where the answers to questions asked of the persons referred to in Article 32(1) are incorrect or misleading.
3. The persons referred to in Article 32(1) shall submit to investigations launched on the basis of a decision of ESMA. The decision shall specify the subject matter and purpose of the investigation, the periodic penalty payments provided for in Article 3, the legal remedies available under Regulation (EU) No 1095/2010 and the right to have the decision reviewed by the Court of Justice of the European Union.
4. In good time before the investigation, ESMA shall inform the competent authority of the Member State where the investigation is to be carried out of the investigation and of the identity of the authorised persons. Officials of the competent authority concerned shall, upon the request of ESMA, assist those authorised persons in carrying out their duties. Officials of the competent authority concerned may also attend the investigations upon request.
5. If a request for records of telephone or data traffic referred to in paragraph 1, point (e), requires authorisation from a judicial authority according to national rules, such authorisation shall be applied for. Such authorisation may also be applied for as a precautionary measure.
6. Where authorisation as referred to in paragraph 5 is applied for, the national judicial authority shall control that the decision of ESMA is authentic and that the coercive measures envisaged are neither arbitrary nor excessive having regard to the subject matter of the investigations. In its control of the proportionality of the coercive measures, the national judicial authority may ask ESMA for detailed explanations, in particular relating to the grounds ESMA has for suspecting that an infringement of this Regulation has taken place and the seriousness of the suspected infringement and the nature of the involvement of the person subject to the coercive measures. However, the national judicial authority shall not review the necessity for the investigation or demand that it be provided with the information on ESMA’s file. The lawfulness of ESMA's decision shall be subject to review only by the Court of Justice of the European Union following the procedure set out in Regulation (EU) No 1095/2010.
Article 34
On-site inspections
1. In order to carry out its duties under this Regulation, ESMA may conduct all necessary on-site inspections at the business premises of the legal persons referred to in Article 32(1). Where the proper conduct and efficiency of the inspection so require, ESMA may carry out the on-site inspection without prior announcement.
2. The officials of and other persons authorised by ESMA to conduct an on-site inspection may enter any business premises and land of the legal persons subject to an investigation decision adopted by ESMA and shall have all the powers stipulated in Article 33(1). They shall also have the power to seal any business premises and books or records for the period of, and to the extent necessary for, the inspection.
3. The officials of and other persons authorised by ESMA to conduct an on-site inspection shall exercise their powers upon production of a written authorisation specifying the subject matter and purpose of the inspection, and the periodic penalty payments provided for in Article 33 where the persons concerned do not submit to the inspection. In good time before the inspection, ESMA shall give notice of the inspection to the competent authority of the Member State where it is to be conducted.
4. The persons referred to in Article 32(1) shall submit to on-site inspections ordered by decision of ESMA. The decision shall specify the subject matter and purpose of the inspection, specify the date on which it is to begin and indicate the periodic penalty payments provided for in Article 33, the legal remedies available under Regulation (EU) No 1095/2010 as well as the right to have the decision reviewed by the Court of Justice of the European Union. ESMA shall take such decisions after consulting the competent authority of the Member State where the inspection is to be conducted.
5. Officials of, as well as those authorised or appointed by, the competent authority of the Member State where the inspection is to be conducted shall, upon the request of ESMA, actively assist the officials of and other persons authorised by ESMA. To that end, they shall enjoy the powers set out in paragraph 2. Officials of the competent authority of the Member State concerned may also attend the on-site inspections upon request.
6. ESMA may also require competent authorities to carry out specific investigatory tasks and on-site inspections as provided for in this Article and in Article 33(1) on its behalf. To that end, competent authorities shall enjoy the same powers as ESMA as set out in this Article and in Article 33(1).
7. Where the officials of and other accompanying persons authorised by ESMA find that a person opposes an inspection ordered pursuant to this Article, the competent authority of the Member State concerned shall afford them the necessary assistance, requesting, where appropriate, the assistance of the police or of an equivalent enforcement authority, so as to enable them to conduct their on-site inspection.
8. If the on-site inspection provided for in paragraph 1 or the assistance provided for in paragraph 7 requires authorisation by a judicial authority according to national rules, such authorisation shall be applied for. Such authorisation may also be applied for as a precautionary measure.
9. Where authorisation as referred to in paragraph 8 is applied for, the national judicial authority shall control that the decision of ESMA is authentic and that the coercive measures envisaged are neither arbitrary nor excessive having regard to the subject matter of the inspection. In its control of the proportionality of the coercive measures, the national judicial authority may ask ESMA for detailed explanations, in particular relating to the grounds ESMA has for suspecting that an infringement of this Regulation has taken place and the seriousness of the suspected infringement and the nature of the involvement of the person subject to the coercive measures. However, the national judicial authority shall not review the necessity for the inspection or demand to be provided with the information on ESMA’s file. The lawfulness of ESMA’s decision shall be subject to review only by the Court of Justice of the European Union following the procedure set out in Regulation (EU) No 1095/2010.
Section 2
Administrative sanctions and other administrative measures
Article 35
Supervisory measures by ESMA
1. Where ESMA ▌ finds that an ESG rating provider has not complied with its obligations under this Regulation, it shall take one or more of the following supervisory measures:
(a) withdraw or suspend the authorisation or recognition of the ESG rating provider;
(b) temporarily prohibit the ESG rating provider from publishing or distributing ESG ratings, until the infringement has been brought to an end;
▌
(c) require the ESG rating provider to bring the infringement to an end;
(d) impose fines pursuant to Article 36;
(e) issue public notices.
2. ESMA may also take one or more of the supervisory measures, referred to in paragraph 1, points (b) to (e), towards any person operating in the Union pursuant to Article 2(1):
(i) without complying with the conditions set out in Article 4 or in case ESMA has withdrawn or suspended such authorisation or recognition,
(ii) without complying with the conditions to benefit from any exclusion set out in Article 2(2).
3. ESMA may also take the supervisory measure, referred to in paragraph 1, point (e), in the event that an ESG rating activity of an ESG rating provider operating in the Union poses a serious threat to the market integrity or to investor protection in the Union.
In order to verify whether a person is operating in the Union pursuant to Article 2(1), ESMA may use its powers conferred by Articles 32 to 34 towards the concerned person or any third parties who enable it to carry out the ESG rating activity.
4. The supervisory measures referred to in paragraph 1 shall be effective, proportionate, and dissuasive.
5. When taking the supervisory measures referred to in paragraph 1, ESMA shall take into account the nature and seriousness of the infringement, having regard to the following criteria:
(a) the duration and frequency of the infringement;
(b) whether financial crime has been occasioned, facilitated or otherwise attributable to the infringement;
(c) whether the infringement has been committed intentionally or negligently;
(d) the degree of responsibility of the person responsible for the infringement;
(e) the financial strength of the ESG rating provider, as indicated by its total annual net turnover;
(f) the impact of the infringement on the interests of investors’ and on other users;
(g) the importance of the profits gained and losses avoided by the ESG rating provider or the losses for third parties derived from the infringement, insofar as such profits and losses can be determined;
(h) the level of cooperation of the ESG rating provider with ESMA, without prejudice to the need to ensure disgorgement of profits gained or losses avoided by that ESG rating provider;
(i) previous infringements by the ESG rating provider;
(j) measures taken after the infringement by the ESG rating provider to prevent its repetition.
6. ESMA shall notify any action taken pursuant to paragraph 1 to the person responsible for the infringement without undue delay. ESMA shall publish any such action on its website within 10 working days from the date when it was adopted.
The publication referred to in the first subparagraph shall contain all of the following:
(a) a statement affirming the right of the ESG rating provider to appeal the decision;
(b) where relevant, a statement affirming that an appeal has been lodged and specifying that such an appeal does not have suspensive effect;
(c) a statement asserting that it is possible for ESMA to suspend the application of the contested decision in accordance with Article 60(3) of Regulation (EU) No 1095/2010.
7. ESMA may also require the infringing ESG rating provider to inform the users of its ESG ratings of the supervisory measure taken by ESMA pursuant to paragraph 1.
Article 36
Fines
1. Where ESMA finds that an ESG rating provider, or, where applicable, its legal representative, has, intentionally or negligently, infringed this Regulation, it shall adopt a decision imposing a fine. The maximum amount of the fine shall be 10 % of the total annual net turnover of the ESG rating provider, calculated on the basis of the most recent available financial statements approved by the management body of the ESG rating provider. An infringement shall be considered to have been committed intentionally if ESMA finds objective elements which demonstrate that a person acted deliberately to commit the infringement.
2. Where the ESG ratings provider is a parent undertaking or a subsidiary of a parent undertaking which is required to prepare consolidated financial accounts pursuant to Directive 2013/34/EU, the relevant total annual net turnover shall be either the total annual net turnover, or the corresponding type of income in accordance with the relevant Union law in the area of accounting, according to the most recent available consolidated accounts approved by the management body of the ultimate parent undertaking.
3. When determining the level of a fine pursuant to paragraph 1, ESMA shall take into account the criteria set out in Article 35(5).
4. Notwithstanding paragraph 3, where the ESG rating provider has directly or indirectly benefited financially from the infringement, the amount of the fine shall be at least equal to that benefit.
5. Where an act or omission of an ESG rating provider constitutes more than one infringement to this Regulation, only the higher fine calculated in accordance with paragraph 2 and relating to one of those infringements shall apply.
Article 37
Periodic penalty payments
1. ESMA shall, by decision, impose periodic penalty payments to compel:
(a) an ESG ratings provider to put an end to an infringement in accordance with a decision taken pursuant to Article 35;
(b) the persons referred to in Article 32(1):
(i) to supply complete information which has been requested by a decision taken pursuant to Article 32;
(ii) to submit to an investigation and in particular to produce complete records, data, procedures or any other material required and to complete and correct other information provided in an investigation launched by a decision taken pursuant to Article 32;
(iii) to submit to an on-site inspection ordered by a decision taken pursuant to Article 34.
2. A periodic penalty payment shall be effective and proportionate. ESMA shall impose the periodic penalty payment on a daily basis until the ESG rating provider or person concerned complies with the relevant decision referred to in paragraph 1.
3. Notwithstanding paragraph 2, the amount of the periodic penalty payments shall be 3 % of the average daily turnover in the preceding business year, or, in the case of natural persons, 2 % of the average daily income in the preceding calendar year. It shall be calculated from the date stipulated in the decision imposing the periodic penalty payment.
4. A periodic penalty payment shall be imposed for a maximum period of six months following the notification of ESMA’s decision. Following the end of that period, ESMA shall review the measure.
Article 38
Disclosure, nature, enforcement and allocation of fines and periodic penalty payments
1. ESMA shall disclose to the public every fine and every periodic penalty payment that it has imposed pursuant to Articles 36 and 37, unless such disclosure to the public would seriously jeopardise the Union financial markets or cause disproportionate damage to the parties involved. Such disclosure shall not contain personal data within the meaning of Regulation (EU) 2018/1725.
2. Fines and periodic penalty payments imposed pursuant to Articles 36 and 37 shall be of an administrative nature.
3. Fines and periodic penalty payments imposed pursuant to Articles 36 and 37 shall be enforceable.
Enforcement of the fines and periodic payments shall be governed by the rules of procedure in force in the Member State or third country in which it is carried out.
4. The fines and periodic penalty payments shall be allocated to the general budget of the European Union.
Section 3
Procedures and review
Article 39
Procedural rules for taking supervisory measures and imposing fines
1. Where ESMA finds that there are serious indications of a possible infringement of this Regulation, ESMA shall appoint an independent investigation officer within ESMA to investigate the matter. That appointed officer shall not be involved or have been directly or indirectly involved in the supervision of the ESG ratings to which the infringement relates and shall perform his or her functions independently from ESMA’s Board of Supervisors.
2. The investigation officer referred to in paragraph 1 shall investigate the alleged infringements, take into account any comments submitted by the persons who are subject to the investigation, and shall submit a complete file with his or her findings to ESMA’s Board of Supervisors.
3. The investigation officer shall have the power to request information in accordance with Article 32 and to conduct investigations and on-site inspections in accordance with Articles 33 and 34.
4. When carrying out his or her tasks, the investigation officer shall have access to all documents and information that have been gathered by ESMA in its supervisory activities.
5. The rights of defence of the persons subject to the investigation shall be fully respected during investigations under this Article.
6. Upon submission of the file with his or her findings to ESMA’s Board of Supervisors, the investigation officer shall notify the persons who are subject to the investigation.
7. On the basis of the file containing the investigation officer’s findings and, where requested by the persons concerned after having heard those persons in accordance with Article 40, the Board of Supervisors of ESMA shall assess whether one or more persons subject to the investigation have committed the infringements concerned and shall, where it comes to the conclusion that such infringements have been committed, take a supervisory measure as referred to in Article 35 and impose a fine in accordance with Article 36.
8. The investigation officer shall not participate in the deliberations of ESMA’s Board of Supervisors or in any other way intervene in the decision-making process of ESMA’s Board of Supervisors.
9. The Commission shall supplement this Regulation by adopting further rules of procedure for the exercise of ESMA’s power to impose fines or periodic penalty payments, including provisions on rights of defence, temporal provisions, and the collection of fines or periodic penalty payments, and by adopting detailed rules on the limitation periods for the imposition and enforcement of penalties.
The rules referred to in the first subparagraph shall be adopted by means of delegated acts in accordance with Article 47.
10. ESMA shall refer matters for criminal prosecution to the national authorities concerned where, in carrying out its tasks under this Regulation, it finds that there are serious indications of the possible existence of facts liable to constitute criminal offences. ESMA shall refrain from imposing fines or periodic penalty payments where a prior acquittal or conviction arising from an identical fact or facts which are substantially the same has already acquired the force of res judicata as the result of criminal proceedings under national law.
Article 40
Hearing of the persons subject to investigations
1. Before taking any decision pursuant to Articles 35, 36 and 37, ESMA shall give the persons subject to the proceedings the opportunity to be heard on its findings. ESMA shall base its decisions only on findings on which the persons subject to the proceedings have had an opportunity to comment.
The first subparagraph shall not apply where urgent action pursuant to Article 35 is needed to prevent significant and imminent damage to the financial system. In such a case, ESMA may adopt an interim decision and shall give the persons concerned the opportunity to be heard as soon as possible after taking its decision.
2. The rights of defence of the persons subject to the proceedings shall be fully respected in the investigations. They shall be entitled to have access to ESMA’s file, subject to the legitimate interest of other persons in the protection of their business secrets. The right of access to the file shall not extend to confidential information or ESMA’s internal preparatory documents.
Article 41
Review by the Court of Justice
The Court of Justice shall have unlimited jurisdiction to review decisions whereby ESMA has imposed a fine or a periodic penalty payment. It may annul, reduce, or increase the fine or periodic penalty payment imposed.
Section 4
Fees and delegation
Article 42
Supervisory fees
1. ESMA shall charge proportionate fees to the ESG rating providers in accordance with the delegated act adopted pursuant to paragraph 2. Those fees shall fully cover ESMA’s necessary expenditure relating to the supervision of ESG rating providers and the reimbursement of any costs that the competent authorities may incur carrying out work pursuant to this Regulation, and in particular as a result of any delegation of tasks in accordance with Article 43.
2. The amount of an individual fee shall be proportionate to the annual net turnover of the ESG ratings provider concerned.
By ▌ ... [12 months from the date of entry into force], the Commission shall adopt delegated acts in accordance with Article ▌47 to supplement this Regulation by specifying the type of fees, the matters for which fees are due, the amount of the fees and the respective justification, the manner in which they are to be paid and, where applicable, the way in which ESMA is to reimburse competent authorities in respect of any costs that they may have incurred carrying out work pursuant to this Regulation, in particular as a result of any delegation of tasks as referred to in Article 43. Those delegated acts shall establish fees which are proportionate and adequate to the size of the ESG rating providers and to the extent of their supervision, in particular when they are categorized as small undertakings or small groups according to the criteria laid down in Article 3 of Directive 2013/34/EU.
Chapter 5
Cooperation between ESMA and national competent authorities
Article 43
Delegation of tasks by ESMA to competent authorities
1. Where necessary for the proper performance of a supervisory task, ESMA may delegate the following supervisory tasks to the competent authority of a Member State in accordance with the guidelines issued by ESMA pursuant to Article 16 of Regulation (EU) No 1095/2010 ▌:
(a) the power to carry out requests for information in accordance with Article 32;
(b) the power to conduct investigations and on-site inspections in accordance with Articles 33 and 34.
2. Prior to the delegation of a task in accordance with paragraph 1, ESMA shall consult the relevant competent authority about:
(a) the scope of the task to be delegated;
(b) the timetable for the performance of the task;
(c) the transmission of necessary information by and to ESMA.
3. ESMA shall reimburse a competent authority for costs incurred as a result of carrying out delegated tasks. Costs to be reimbursed shall comprise all the fixed costs, as well as variable costs related to the performance of the delegated tasks or the assistance provided to ESMA.
4. ESMA shall review any delegation made in accordance with paragraph 1 at appropriate intervals. ESMA may revoke a delegation at any time.
5. A delegation of tasks shall not affect the responsibility of ESMA nor limit ESMA’s ability to conduct and oversee the delegated activity. ESMA shall not delegate supervisory responsibilities, including authorisation decisions, final assessments and follow-up decisions concerning infringements.
Article 44
Exchange of information
ESMA and the competent authorities, shall, without undue delay, provide each other with the information required for carrying out their duties under this Regulation or their respective supervisory responsibility and mandates.
Article 45
Notifications and suspension requests by competent authorities
1. A competent authority of a Member State that finds that acts infringing this Regulation are being, or have been, carried out on the territory of its own or of another Member State shall inform ESMA thereof. A competent authority that considers it appropriate for investigatory purposes may suggest to ESMA that it assesses the need to use the powers under Article 32 in relation to the ESG rating provider involved in those acts.
2. ESMA shall take appropriate action. ESMA shall inform the notifying competent authority of the outcome and, as far as possible, of any significant interim developments.
3. A notifying competent authority of a Member State that considers that an ESG rating provider that is listed in the register referred to in Article 14 and whose ESG ratings are used within the territory of that Member State has infringed this Regulation in such a way that the protection of investors or the stability of the financial system in that Member State are significantly impacted, may request ESMA to suspend the provision of ESG ratings by the ESG rating provider concerned. The notifying competent authority shall provide ESMA with full reasons for its request.
4. Where ESMA considers that the request referred to in paragraph 3 is not justified, it shall inform the notifying competent authority thereof in writing, setting out the reasons for its opinion. Where ESMA considers that the request is justified, it shall take the measures appropriate to resolve the issue and it shall inform the notifying competent authority thereof in writing.
Article 46
Professional secrecy
1. The obligation of professional secrecy shall apply to ESMA, the competent authorities, and all persons who work or who have worked for ESMA, for the competent authorities or for any other person to whom ESMA has delegated tasks, including auditors and experts contracted by ESMA. Information covered by professional secrecy may not be disclosed to any other person or authority except by virtue of provisions laid down by Union or national law.
2. All the information exchanged under this Regulation between ESMA, the competent authorities, the EBA, EIOPA and the ESRB that concerns business or operational conditions and other economic or personal affairs shall be considered confidential, except:
(a) where ESMA or the competent authority or another authority or body concerned states at the time of communication that such information may be disclosed;
(b) where disclosure is necessary for legal proceedings;
(c) where the information disclosed is used in a summary or in an aggregate form in which individual financial market participants cannot be identified.
Title IV
Delegated and implementing acts
Article 47
Exercise and revocation of the delegation and objections to delegated acts
1. The power to adopt delegated acts is conferred on the Commission subject to the conditions laid down in this Article.
2. The power to adopt delegated acts referred to in Articles 10(3), 39(9) and 42(2) shall be conferred on the Commission for a period of five years from ... [date of entry into force of this Regulation]. The Commission shall draw up a report in respect of the delegation of power not later than nine months before the end of that period. The delegation of power shall be tacitly extended for periods of an identical duration, unless the European Parliament or the Council opposes such extension not later than three months before the end of each period.
3. The delegation of power referred to in Articles 10(3), 39(9) and 42(2) may be revoked at any time by the European Parliament or by the Council. A decision to revoke shall put an end to the delegation of the power specified in that decision. It shall take effect the day following the publication of the decision in the Official Journal of the European Union or at a later date specified therein. It shall not affect the validity of any delegated acts already in force.
4. Before adopting a delegated act, the Commission shall consult experts designated by each Member State in accordance with the principles laid down in the Inter-institutional Agreement of 13 April 2016 on Better Law-Making.
5. As soon as it adopts a delegated act, the Commission shall notify it simultaneously to the European Parliament and to the Council.
6. A delegated act adopted pursuant to Articles 10(3), 39(9) and 42(2) shall enter into force only if no objection has been expressed either by the European Parliament or by the Council within a period of three months of notification of that act to the European Parliament and the Council or if, before the expiry of that period, the European Parliament and the Council have both informed the Commission that they will not object. That period shall be extended by three months at the initiative of the European Parliament or of the Council.
7. If, on expiry of the period referred to in paragraph 6, neither the European Parliament nor the Council has objected to the delegated act, it shall be published in the Official Journal of the European Union and shall enter into force on the date stated therein. The delegated act may be published in the Official Journal of the European Union and enter into force before the expiry of that period if the European Parliament and the Council have both informed the Commission of their intention not to raise objections.
8. If either the European Parliament or the Council objects to the delegated act within the period referred to in paragraph 1, it shall not enter into force. In accordance with Article 296 TFEU, the institution which objects shall state the reasons for objecting to the delegated act.
▌
Article 48
Committee procedure
1. The Commission shall be assisted by the European Securities Committee established by Commission Decision 2001/528/EC(47). That committee shall be a committee within the meaning of Regulation (EU) No 182/2011 of the European Parliament and of the Council(48).
2. Where reference is made to this paragraph, Article 5 of Regulation (EU) No 182/2011 shall apply.
Title V
Transitional and final provisions
Article 49
Transitional provisions
1. ESG rating providers which operated in the Union at the date of entry into force of this Regulation shall notify ESMA by ... [19 months from the date of entry into force of this Regulation] if they wish to continue operating in the Union and apply for authorisation or recognition in accordance with the procedures under Title II. In that case, they shall apply for authorisation or recognition within four months from the date of application of this Regulation. In the absence of such an application to ESMA within those four months, they shall cease their activities.
2. After notifying ESMA pursuant to paragraph 1, the ESG rating provider shall be temporarily registered in the register referred to in Article 14 and be authorised, until its application has been approved or denied, to continue operating in the Union and may endorse ESG rating provided by an ESG rating provider established outside the Union and belonging to the same group under Article 11.
3. By way of derogation from paragraph 1, ESG rating providers categorized as small undertakings or as small groups according to the criteria laid down in Article 3 of the Directive 2013/34/EU which operated in the Union at the date of entry into force of this Regulation shall notify ESMA following the provisions of Article 5 within 22 months from the entry into force of this Regulation. In the absence of such notification within 22 months from the entry into force of this Regulation, they shall cease their activities.
Article 50
Amendments to Regulation (EU) 2019/2088
Regulation (EU) 2019/2088 is amended as follows:
In Article 13, the following paragraph 3 is added:"
‘3. Where a financial market participant or a financial adviser discloses to third-parties an ESG rating as part of its marketing communications, it shall include on its website the same information as those required by point 1 of Annex III of Regulation X (ESG ratings regulation) and it shall disclose in that marketing communications a link to those website disclosures.
The ESAs shall, through the Joint Committee, develop draft regulatory technical standards to specify the information referred to in the first subparagraph, taking into account the information already disclosed pursuant to Article 10 of this regulation.
Power is delegated to the Commission to supplement this Regulation by adopting the regulatory technical standards referred to in the second subparagraph of this paragraph, in accordance with Articles 10 to 14 of Regulations (EU) No 1093/2010, (EU) No 1094/2010 and (EU) No 1095/2010.’.
"
Article 51
Review
1. The Commission shall evaluate the application of this Regulation by … [four years from the entry into force of this Regulation].
2. The Commission shall present a report on the main findings of the evaluation to the European Parliament and the Council. In carrying out the evaluation, the Commission shall take into account market developments and the relevant evidence at its disposal. The report shall in particular assess:
(a) the impact of this Regulation on the transition to a sustainable economy, on the gap of investments needed to meet the Union climate targets as set out in Regulation (EU) 2021/1119 of the European Parliament and of the Council(49), and on redirecting private capital flows towards sustainable investments;
(b) the impact of this Regulation on the market structure, including the evolution of the number and the diversity of ESG rating providers;
(c) whether the scope of this Regulation is appropriate to achieve its objectives in accordance with Article 1, including whether providers of data products on environmental, social and human rights, and governance factors should be included in the scope of this Regulation;
(d) the adequacy of the requirements for ESG rating providers established outside the Union to operate in the Union;
(e) the functioning of the market of ESG rating providers in the EU, including potential conflicts of interests, and its supervision by ESMA;
(f) whether this Regulation, including the non-interference principle referred to in Article 28, have contributed to improving the quality and reliability of ESG ratings and reduced the use of misleading ESG ratings.
3. Where the Commission finds it appropriate, the report shall be accompanied by a legislative proposal for amendment of relevant provisions of this Regulation.
Article 52
Entry into force and application
This Regulation shall enter into force on the 20th day following that of its publication in the Official Journal of the European Union.
It shall apply from ... [18 months from the entry into force of this Regulation].
This Regulation shall be binding in its entirety and directly applicable in all Member States.
Done at …,
For the European Parliament For the Council
The President The President
ANNEX I
INFORMATION TO BE PROVIDED IN THE APPLICATION FOR AUTHORISATION
An application for authorisation shall contain all of the following information:
(a) the full name of the applicant, the address of the registered office within the Union, the applicant’s website and, where available, the legal entity identifier (LEI);
(b) the name and contact details of a contact person;
(c) the legal status of the applicant;
(d) the ownership structure of the applicant;
(e) the identity of entities within the ownership structure that will provide ESG ratings or any of the activities listed in Article 16(1);
(f) the identity of the members of the senior management of the applicant and their level of qualification, experience and training;
(g) the number of the analysts, employees and other persons directly involved in ESG rating activities, and their level of experience and training working for the applicant and their level of experience and training;
(h) the expected market coverage of its ESG ratings;
(i) a description of the procedures and methodologies used to issue and review ESG ratings implemented by the applicant, and whether the ESG rating provider expects to use information disclosed under Regulation (EU) 2019/2088, and Directive 2013/34/EU, and whether they expect to use methodologies that are based on scientific evidence and take into account the targets and objectives of the Paris Agreement or any other relevant international agreements;
(j) the policies or procedures implemented by the applicant to identify, manage and disclose any conflicts of interests as referred to in Article 15 of the Regulation;
(k) where applicable, documents and information related to any existing or planned outsourcing arrangements for activities covered by this Regulation;
(l) where applicable, information about other activities, including expected endorsement, carried out by the applicant, or which the applicant intends to provide;
(m) where applicable, information about the specific measures implemented by the ESG rating providers as referred to in Article 16(2) and (3);
(n) where applicable, information about previous ESG rating activities.
ANNEX II
ORGANISATIONAL REQUIREMENTS
1. Record Keeping information
ESG rating providers shall keep records of all of the following:
(a) for each ESG rating, where applicable:
(i) the identity of the rating analysts participating in the determination of the ESG rating, the identity of the persons who have approved the ESG rating, information as to whether the ESG rating was solicited or unsolicited, and the date on which the ESG rating action was taken;
(ii) the identity of the persons responsible for the development of the rule-based methodology, and the identity of the persons who have approved the rating methodology;
▌
(b) the account records relating to fees received from any rated item or issuer of the rated item or related third party or any user of ratings;
(c) the account records for each subscriber to the ESG ratings;
(d) the records documenting the established procedures and rating methodologies used by the ESG rating provider to determine ESG ratings;
(e) the internal records and external communications and files, including non-public information and work papers, used to form the basis of any ESG rating decision taken;
(f) records of the procedures and measures implemented by the ESG rating provider to comply with this Regulation;
(g) the methodology used for the determination of an ESG rating;
(h) changes in or deviations from standard procedures and methodologies;
(i) all documents relating to any complaint, including those submitted by a complainant.
2. Outsourcing
Where ESG rating providers outsource to a service provider functions or any relevant services or activities in the provision of an ESG rating, the ESG rating provider shall ensure that the following conditions are met:
(a) the service provider has the ability, capacity, and any authorisation required by law, to perform the outsourced functions, services or activities reliably and professionally;
(b) the ESG rating provider takes appropriate action if it appears that the service provider may not be carrying out the outsourced functions effectively and in compliance with applicable law and regulatory requirements;
(c) the ESG rating provider retains the necessary expertise to supervise the outsourced functions effectively and to manage the risks associated with the outsourcing;
(d) the service provider discloses to the ESG rating provider any development that may have a material impact on its ability to carry out the outsourced functions effectively and in compliance with applicable law and regulatory requirements;
(e) the ESG rating provider is able to terminate the outsourcing arrangements where necessary;
(f) the ESG rating provider takes reasonable steps, including contingency plans, to avoid undue operational risk related to the participation of the service provider in the ESG rating determination process.
ANNEX III
DISCLOSURE REQUIREMENTS
1. Minimum disclosures to the public
In accordance with Article 23 of the Regulation, ESG rating providers shall, at the minimum, disclose to the public on their website and through the European Single Access Point (ESAP) the following:
(a) ▌ overview of the rating methodologies used (and changes thereto), including whether analysis is backward-looking or forward-looking and the time horizon covered;
(b) the industry classification used;
(c) ▌ overview of data sources including whether data is sourced from sustainability statements required under Directive 2013/34/EU or from information disclosed under Regulation (EU) 2019/2088 and whether sources are public or non-public and an overview of data processes, estimation of input data in case of unavailability and frequency of data updates ▌ ;
(d) the ownership structure of the ESG rating provider;
(e) information on whether and how the methodologies are based on scientific evidence;
(f) information on the ratings’ clearly defined objective and marking whether the rating is assessing risks, impacts, or both, according to the double materiality principle, or any other dimensions, and in the case of double materiality the proportion of the risk and impact materiality;
(g) the rating’s scope, i.e. whether it covers an individual factor E, S, or G or whether it is an aggregated rating aggregating E, S and G factor, or whether it covers specific issues such as transition risks;
(h) in the case of an aggregated ESG rating, weighting of the three overarching ESG factors categories (for example 33 % Environment, 33 % Social, 33 % Governance), and the explanation of the weighting method, including weight per individual E, S and G factors;
(i) within the E, S or G factors, specification of the topics covered by the ESG rating/score, and whether they correspond to the topics from the sustainability reporting standards developed pursuant to Article 29b of Directive 2013/34/EU;
(j) information on whether the rating is expressed in absolute or relative values;
(k) where applicable, reference to the use of Artificial Intelligence (AI) in the data collection or rating/scoring process including information about current limitations or risks of using AI;
(l) general information on criteria used for establishing fees to clients, specifying the various elements taken into consideration, and general information on the business/payment model;
(m) any limitation in data sources and methodologies used for the construction of ESG ratings.
(n) the main risks of conflicts of interest and the steps taken to mitigate them;
(o) if an ESG rating of a rated item covers the E factor, information on whether that rating take into account the targets and objectives of the Paris Agreement or any other relevant international agreements;
(p) if an ESG rating of an entity covers the S and G factors, information on whether that rating takes into account any relevant international agreements;
(q) any limitation on the information available to ESG rating providers.
▌
2. Additional disclosures to users of ESG ratings and rated undertakings in scope of Directive 2013/34/EU
In accordance with Article 24 and in addition to the minimum disclosure to the public referred to in point 1 of this Annex, ESG rating providers shall make available the following information to users and rated item and issuers of the rated item, if applicable, that are the subject of such rating:
(a) a more granular overview of the rating methodologies used (and changes thereto), including:
(i) where applicable, scientific evidence and assumptions on which the ratings are based;
▌
(ii) the relevant KPIs per E, S and G factor, and weighting method;
(iii) in the case of an aggregated ESG rating, the result of the assessment for each ESG factor category, presented in a manner that ensures comparability of the E, S and G category;
(iv) any potential shortcomings of methodologies, and the measures taken to address those shortcomings;
(v) policies for the revision of methodologies;
(vi) when an ESG rating has been upgraded or downgraded, due to any material changes to rating methodologies, models, key rating assumptions or data sources (including estimates), the reasons for these changes and their implications on the given rating;
(vii) last date of the revision;
(viii) where the ESG rating covers the E factor, whether and to what extent the ESG rating is correlated with the percentage of taxonomy-alignment under Regulation (EU) 2020/852, or aligned with other international agreements, together with an explanation of any significant deviations therefrom;
(b) a more granular overview of data processes, including:
(i) a more detailed explanation of data sources used – including whether public or non-public, whether subject to assurance engagement, mentioning whether derived from the sustainability reporting standards developed pursuant to Articles 19 and 29b of Directive 2013/34/EU concerning sustainable economic activities and disclosure of information pursuant to Regulation (EU) 2020/852 and Regulation (EU) 2019/2088, including whether and how information on companies’ transition plans derived from such sustainability reporting standards is used;
(ii) where applicable the use of estimation and industry average and explanation of the underlying methodology;
(iii) the policies for updating data and revising historical data, date of last updates of data;
(iv) data quality controls, their frequency and the remediation process if issues arise;
(v) any steps taken to address limitations in data sources, where applicable;
(c) where applicable, information about engagement with rated entities, including whether on-site reviews or visits have been performed by the ESG rating provider and at what frequency;
(d) where an ESG rating provider issues an unsolicited rating, a prominent statement to that effect in the rating, including information on whether the entity or a related third party has been informed that it would be rated, whether it participated in the rating process and whether the ESG rating provider had access to the management and other relevant internal documents for the rated entity or a related third party;
(e) where applicable, an explanation of any AI methodology used in the data collection or rating process;
(f) in case of a major new information on a rated item that has the possibility to affect the result of an ESG rating, ESG rating providers shall inform how they have taken that information into account and whether they have amended the corresponding ESG rating;
(g) where applicable, the information referred to in point 2 of this Annex shall be specific to each ESG rating distributed.
European Commission, Directorate-General for Financial Stability, Financial Services and Capital Markets Union, Study on sustainability-related ratings, data and research, Publications Office of the European Union, 2021, https://data.europa.eu/doi/10.2874/14850.
Directive 2013/34/EU of the European Parliament and of the Council of 26 June 2013 on the annual financial statements, consolidated financial statements and related reports of certain types of undertakings, amending Directive 2006/43/EC of the European Parliament and of the Council and repealing Council Directives 78/660/EEC and 83/349/EEC (OJ L 182, 29.6.2013, p. 19).
Directive 2004/109/EC of the European Parliament and of the Council of 15 December 2004 on the harmonisation of transparency requirements in relation to information about issuers whose securities are admitted to trading on a regulated market and amending Directive 2001/34/EC (OJ L 390, 31.12.2004, p. 38).
Directive 2014/65/EU of the European Parliament and of the Council of 15 May 2014 on markets in financial instruments and amending Directive 2002/92/EC and Directive 2011/61/EU (recast) (OJ L 173, 12.6.2014, p. 349).
Regulation (EU) 2019/2088 of the European Parliament and of the Council of 27 November 2019 on sustainability‐related disclosures in the financial services sector (OJ L 317, 9.12.2019, p. 1).
Regulation (EU) 2023/2859 of the European Parliament and of the Council of 13 December 2023 establishing a European single access point providing centralised access to publicly available information of relevance to financial services, capital markets and sustainability (OJ L 2023/2859, 20.12.2023, ELI: http://data.europa.eu/eli/reg/2023/2859/oj).
Regulation (EU) 2020/852 of the European Parliament and of the Council of 18 June 2020 on the establishment of a framework to facilitate sustainable investment, and amending Regulation (EU) 2019/2088 (OJ L 198, 22.6.2020, p. 13).
Directive (EU) 2022/2464 of the European Parliament and of the Council of 14 December 2022 amending Regulation (EU) No 537/2014, Directive 2004/109/EC, Directive 2006/43/EC and Directive 2013/34/EU, as regards corporate sustainability reporting (OJ L 322, 16.12.2022, p. 15).
Regulation (EU) 2016/1011 of the European Parliament and of the Council of 8 June 2016 on indices used as benchmarks in financial instruments and financial contracts or to measure the performance of investment funds and amending Directives 2008/48/EC and 2014/17/EU and Regulation (EU) No 596/2014 (OJ L 171, 29.6.2016, p. 1).
Regulation (EC) No 1060/2009 of the European Parliament and of the Council of 16 September 2009 on credit rating agencies (OJ L 302, 17.11.2009, p. 1).
Regulation (EU) No 1095/2010 of the European Parliament and of the Council of 24 November 2010 establishing a European Supervisory Authority (European Securities and Markets Authority), amending Decision No 716/2009/EC and repealing Commission Decision 2009/77/EC (OJ L 331, 15.12.2010, p. 84).
Directive 2013/36/EU of the European Parliament and of the Council of 26 June 2013 on access to the activity of credit institutions and the prudential supervision of credit institutions, amending Directive 2002/87/EC and repealing Directives 2006/48/EC and 2006/49/EC (OJ L 176, 27.6.2013, p. 338).
Directive 2009/138/EC of the European Parliament and of the Council of 25 November 2009 on the taking-up and pursuit of the business of Insurance and Reinsurance (Solvency II) (recast) (OJ L 335, 17.12.2009, p. 1).
Directive 2009/65/EC of the European Parliament and of the Council of 13 July 2009 on the coordination of laws, regulations and administrative provisions relating to undertakings for collective investment in transferable securities (UCITS) (OJ L 302, 17.11.2009, p. 32).
Directive 2011/61/EU of the European Parliament and of the Council of 8 June 2011 on Alternative Investment Fund Managers and amending Directives 2003/41/EC and 2009/65/EC and Regulations (EC) No 1060/2009 and (EU) No 1095/2010 (OJ L 174, 1.7.2011, p. 1).
Directive (EU) 2016/2341 of the European Parliament and of the Council of 14 December 2016 on the activities and supervision of institutions for occupational retirement provision (IORPs) (OJ L 354, 23.12.2016, p. 37).
Commission Implementing Regulation (EU) No 883/2014 of 5 August 2014 entering a name in the register of protected designations of origin and protected geographical indications (Jamón de Serón (PGI)) (OJ L 242, 14.8.2014, p. 3).
Regulation (EU) 2020/1503 of the European Parliament and of the Council of 7 October 2020 on European crowdfunding service providers for business, and amending Regulation (EU) 2017/1129 and Directive (EU) 2019/1937 (OJ L 347, 20.10.2020, p. 1).
Regulation (EU) 2023/1114 of the European Parliament and of the Council of 31 May 2023 on markets in crypto-assets, and amending Regulations (EU) No 1093/2010 and (EU) No 1095/2010 and Directives 2013/36/EU and (EU) 2019/1937 (OJ L 150, 9.6.2023, p. 40).
Regulation (EU) No 1093/2010 of the European Parliament and of the Council of 24 November 2010 establishing a European Supervisory Authority (European Banking Authority), amending Decision No 716/2009/EC and repealing Commission Decision 2009/78/EC (OJ L 331, 15.12.2010, p. 12).
Regulation (EU) No 1094/2010 of the European Parliament and of the Council of 24 November 2010 establishing a European Supervisory Authority (European Insurance and Occupational Pensions Authority), amending Decision No 716/2009/EC and repealing Commission Decision 2009/79/EC (OJ L 331, 15.12.2010, p. 48).
Regulation (EU) No 575/2013 of the European Parliament and of the Council of 26 June 2013 on prudential requirements for credit institutions and investment firms and amending Regulation (EU) No 648/2012 (OJ L 176, 27.6.2013, p. 1).
Regulation (EU) No 345/2013 of the European Parliament and of the Council of 17 April 2013 on European venture capital funds (OJ L 115, 25.4.2013, p. 1).
Regulation (EU) No 346/2013 of the European Parliament and of the Council of 17 April 2013 on European social entrepreneurship funds (OJ L 115, 25.4.2013, p. 18).
Regulation (EU) 2015/760 of the European Parliament and of the Council of 29 April 2015 on European long-term investment funds (OJ L 123, 19.5.2015, p. 98).
Regulation (EC) No 987/2009 of the European Parliament and of the Council of 16 September 2009 laying down the procedure for implementing Regulation (EC) No 883/2004 on the coordination of social security systems (OJ L 284, 30.10.2009, p. 1).
Regulation (EU) No 648/2012 of the European Parliament and of the Council of 4 July 2012 on OTC derivatives, central counterparties and trade repositories (OJ L 201, 27.7.2012, p. 1).
Regulation (EU) No 909/2014 of the European Parliament and of the Council of 23 July 2014 on improving securities settlement in the European Union and on central securities depositories and amending Directives 98/26/EC and 2014/65/EU and Regulation (EU) No 236/2012 (OJ L 257, 28.8.2014, p. 1).
Regulation (EU) 2017/2402 of the European Parliament and of the Council of 12 December 2017 laying down a general framework for securitisation and creating a specific framework for simple, transparent and standardised securitisation, and amending Directives 2009/65/EC, 2009/138/EC and 2011/61/EU and Regulations (EC) No 1060/2009 and (EU) No 648/2012 (OJ L 347, 28.12.2017, p. 35).
Directive (EU) 2015/2366 of the European Parliament and of the Council of 25 November 2015 on payment services in the internal market, amending Directives 2002/65/EC, 2009/110/EC and 2013/36/EU and Regulation (EU) No 1093/2010, and repealing Directive 2007/64/EC (OJ L 337, 23.12.2015, p. 35).
Directive 2009/110/EC of the European Parliament and of the Council of 16 September 2009 on the taking up, pursuit and prudential supervision of the business of electronic money institutions amending Directives 2005/60/EC and 2006/48/EC and repealing Directive 2000/46/EC (OJ L 267, 10.10.2009, p. 7).
Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC (OJ L 295, 21.11.2018, p. 39).
Directive (EU) 2016/943 of the European Parliament and of the Council of 8 June 2016 on the protection of undisclosed know-how and business information (trade secrets) against their unlawful acquisition, use and disclosure (OJ L 157, 15.6.2016, p. 1).
Regulation (EU) No 596/2014 of the European Parliament and of the Council of 16 April 2014 on market abuse (market abuse regulation) and repealing Directive 2003/6/EC of the European Parliament and of the Council and Commission Directives 2003/124/EC, 2003/125/EC and 2004/72/EC (OJ L 173, 12.6.2014, p. 1).
Regulation (EU) No 182/2011 of the European Parliament and of the Council of 16 February 2011 laying down the rules and general principles concerning mechanisms for control by Member States of the Commission’s exercise of implementing powers (OJ L 55, 28.2.2011, p. 13).
Regulation (EU) 2021/1119 of the European Parliament and of the Council of 30 June 2021 establishing the framework for achieving climate neutrality and amending Regulations (EC) No 401/2009 and (EU) 2018/1999 (‘European Climate Law’) (OJ L 243, 9.7.2021, p. 1).