July 27, 2021

IOSCO Consults on Proposed Recommendations for ESG Ratings and Data Providers


On July 26, 2021, the International Organization of Securities Commissions (IOSCO) issued its Consultation Report on Environmental, Social and Governance (ESG) Ratings and Data Products Providers (Consultation Report) to seek feedback on a set of proposed recommendations.


In the related media release, IOSCO states that the Consultation Report:

“… aims at assisting IOSCO members in understanding the implications of the activities of ESG ratings and data providers and in establishing frameworks to mitigate risks stemming from these activities. In doing so, it proposes a set of recommendations to mitigate these risks and address some of the challenges faced by users of products and services from ESG ratings and data providers, and the companies that are the subject of these ESG ratings and data products.”


In the release, IOSCO also said that, to prepare the Consultation Report, it “undertook a fact-finding exercise” that:

“… revealed, amongst other risks and challenges, a lack of transparency about the methodologies underpinning ratings or data products and an often uneven coverage of products offered across industries and geographical areas. IOSCO has observed that this could lead to gaps and inconsistencies when applied to investment strategies and raise concerns around the management of potential conflicts of interest, such as fee structures and insufficient separation of business lines that provide advisory services to issuers to improve their ratings performance.”

And notes that:

“[T]he market for ESG ratings and data has grown considerably over the past few years due inter alia to a lack of consistent information disclosures at the entity level, the increasing interest of investors in ESG products and the legislative and regulatory focus on financial market participants’ consideration of the ESG characteristics of potential investments.”


The Consultation Report’s executive summary notes that IOSCO’s recommendations (emphasis added):

“… start with a proposal that regulators may wish to consider focusing greater attention on the use of ESG rating and data products and the activities of ESG rating and data products providers in their jurisdictions. This is followed by a set of proposed recommendations addressed to ESG rating and data products providers, proposing that they may wish to consider a number of factors related to issuing high quality ratings and data products, including publicly disclosed data sources, defined methodologies, management of conflicts of interest, high levels of transparency, and handling confidential information. The proposed recommendations also suggest that users of ESG ratings and data products may wish to consider conducting due diligence on the ESG rating and data products that they use within their internal processes. And the proposed recommendations close with suggestions that ESG rating and data products providers, and entities subject to assessment by [them] may wish to consider to improve information gathering processes, disclosures and communication between providers and entities subject to assessment.”

Of particular interest (since many Credit Rating Agencies also provide ESG ratings, scores or similar) is the recommendation in Chapter 5, Section 1 that:

“[W]here regulators have supervisory authority over Credit Rating Agencies (CRAs) that also issue ESG ratings and data products, they may wish to consider the extent to which the processes for determining ESG ratings and data products overlap with the processes for determining credit ratings. They may wish to consider whether there exists the potential for conflicts of interest between a CRA’s credit rating offerings and its ESG ratings or data product offerings, and if so, the steps to consider to mitigate and address those conflicts of interest.”

Feedback Sought

The Consultation Report seeks feedback on its recommendations and asks readers to ask themselves questions on specific issues.

For example, IOSCO asks that regulators consider:

  • Whether their existing regulatory regimes provide “sufficient oversight of ESG ratings and data products.”
  • Where they have supervisory authority over ESG ratings and data products providers:
  • “Potential conflicts of interest that may occur with ESG ratings and data product offerings and other business relationships with the covered entities such as provision of second party opinions for green finance products and ESG consulting services, and whether the corporate governance organizational and operational structures of the provider are sufficient to identify, manage and mitigate any conflicts of interest[.]”
  • “Whether the data and information sources that the provider relies on are publicly disclosed, including the use of industry averages, estimations or other methodologies when actual data is not available or not publicly disclosed[.]”
  • “Whether the provider’s methodologies are publicly disclosed, including whether and how the methodologies are defining the individual components [of] Environmental, Social, Governance of ‘ESG’, including the specific issues being assessed, the KPIs used and measurement methodologies underlying each KPI[.]”
  • “Whether the provider’s ESG ratings and data products are issued consistent with the relevant methodologies[.]”
  • “Whether the processes underlying ESG ratings and data products are subject to written policies and procedures and/or internal controls to ensure they are rigorous, systematic, and applied in a continuous manner[.]”

Deadline for Comments

Comments on the Consultation Report are due by September 6, 2021.

Related Services & Industries

Stay Up To Date With Our Insights

See how we use a multidisciplinary, integrated approach to meet our clients' needs.