Regulation (EU) 2024/3005 of the European Parliament and of the Council of 27 November 2024 on the transparency and integrity of Environmental, Social and Governance (ESG) rating activities, and amending Regulations (EU) 2019/2088 and (EU) 2023/2859 (Text with EEA relevance)
Regulation (EU) 2024/3005 of the European Parliament and of the Councilof 27 November 2024on the transparency and integrity of Environmental, Social and Governance (ESG) rating activities, and amending Regulations (EU) 2019/2088 and (EU) 2023/2859(Text with EEA relevance)THE EUROPEAN PARLIAMENT AND THE COUNCIL OF THE EUROPEAN UNION,Having regard to the Treaty on the Functioning of the European Union, and in particular Article 114 thereof,Having regard to the proposal from the European Commission,After transmission of the draft legislative act to the national parliaments,Having regard to the opinion of the European Economic and Social CommitteeOJ C, C/2024/883, 6.2.2024, ELI: http://data.europa.eu/eli/C/2024/883/oj.,Acting in accordance with the ordinary legislative procedurePosition of the European Parliament of 24 April 2024 (not yet published in the Official Journal) and decision of the Council of 19 November 2024.,Whereas:(1)On 25 September 2015, the UN General Assembly adopted a new global sustainable development framework, the 2030 Agenda for Sustainable Development (the "2030 Agenda"), having at its core the Sustainable Development Goals (SDGs). The Commission’s Communication of 22 November 2016 entitled "Next steps for a sustainable European future: European action for sustainability" links the SDGs to the Union policy framework to ensure that all Union actions and policy initiatives, both within the Union and globally, take the SDGs on board at the outset. The European Council conclusions of 22 and 23 June 2017 confirmed the commitment of the Union and the Member States to the implementation of the 2030 Agenda in a full, coherent, comprehensive, integrated and effective manner and in close cooperation with partners and other stakeholders. In addition, the UN-supported Principles for Responsible Investment has, at the time of adoption of this Regulation, more than 5300 signatories representing over EUR 120 trillion of assets under management. On 11 December 2019, the Commission published its communication entitled "The European Green Deal" (the "European Green Deal"). On 30 June 2021, the European Climate Law was adopted as Regulation (EU) 2021/1119 of the European Parliament and of the CouncilRegulation (EU) 2021/1119 of the European Parliament and of the Council of 30 June 2021 establishing the framework for achieving climate neutrality and amending Regulations (EC) No 401/2009 and (EU) No 2018/1999 ("European Climate Law") (OJ L 243, 9.7.2021, p. 1)., which enshrines in Union law the goal set out in the European Green Deal of Union economy and society becoming climate-neutral by 2050.(2)The transition to a sustainable economy is key to ensuring the long-term competitiveness and sustainability of the Union economy and the quality of life of citizens in the Union, and to keeping global warming well below the 1,5 degree Celsius threshold. Sustainability has long been at the heart of Union policies and both the Treaty on European Union and the Treaty on the Functioning of the European Union (TFEU) recognise its social and environmental dimensions.(3)Achieving the objectives of the SDGs in the Union requires the channelling of capital flows towards sustainable investments. It is necessary to fully exploit the potential of the internal market for the achievement of those objectives. In that context, it is crucial to remove obstacles to the efficient movement of capital towards sustainable investments in the internal market, to prevent such obstacles from emerging, and to set rules and standards to, on the one hand, promote sustainable finance and, on the other, disincentivise investments that can adversely impact the achievement of the objectives of the SDGs.(4)The Union’s approach to sustainable and inclusive growth is anchored in the 20 principles of the European Pillar of Social Rights, as laid down in the Commission’s Communication of 26 April 2017 entitled "Establishing a European Pillar of Social Rights", which aim to ensure a fair transition towards such growth and to ensure policies which leave no one behind. Furthermore, the Union social acquis, including the Union of Equality Strategies, provides standards in the areas of labour law, equality, accessibility, health and safety at work, and anti-discrimination.(5)Financial markets play a crucial role in the channelling of capital towards investments that are necessary for the achievement of the Union climate and environmental objectives. In its communication of 8 March 2018, the Commission published its Action Plan on Financing Sustainable Growth, launching its strategy on sustainable finance. The objectives of that Action Plan are to mainstream sustainability factors into risk management and reorient capital flows towards sustainable investment in order to achieve sustainable and inclusive growth.(6)As part of the Action Plan on Financing Sustainable Growth, in 2021 the Commission commissioned a study entitled "Study on Sustainability-Related Ratings, Data and Research" to take stock of the developments in the sustainability-related products and services market, identify the main market participants and highlight potential shortcomings. That study provided an inventory and classification of market actors, sustainability products and services available in the market and an analysis of the use and perceived quality of sustainability-related products and services by market participants. The study highlighted the existence of conflicts of interest, the lack of transparency and accuracy of environmental, social and governance (ESG) ratings methodologies and the lack of clarity over the terminology and the operations of ESG rating providers.(7)In the framework of the European Green Deal, the Commission put forward an updated sustainable finance strategy, which was adopted in its communication of 6 July 2021 entitled "Strategy for Financing the Transition to a Sustainable Economy".(8)As a follow-up, the Commission announced in that strategy a public consultation on ESG ratings to feed into an impact assessment. In the public consultation that took place in 2022, stakeholders confirmed concerns regarding the lack of transparency of ESG rating methodologies and objectives and clarity over ESG rating activities. As trust is pivotal in the functioning of financial markets, such lack of transparency and reliability of ESG ratings should be urgently addressed.(9)At international level, the International Organization of Securities Commissions (IOSCO) issued a report in November 2021 containing a set of recommendations on ESG ratings and data product providers. The Commission and the European Supervisory Authority (European Securities and Markets Authority) (ESMA) established by Regulation (EU) No 1095/2010 of the European Parliament and of the CouncilRegulation (EU) No 1095/2010 of the European Parliament and of the Council of 24 November 2010 establishing a European Supervisory Authority (European Securities and Markets Authority), amending Decision No 716/2009/EC and repealing Commission Decision 2009/77/EC (OJ L 331, 15.12.2010, p. 84). should consider the application of those IOSCO recommendations when assessing the compliance of a third-country jurisdiction or ESG rating provider with the requirements of this Regulation for the purpose of equivalence, endorsement or recognition.(10)ESG ratings play an important role in global capital markets, as investors, borrowers and issuers increasingly use ESG ratings as part of the process of making informed decisions relating to sustainable investment and financing. Credit institutions, investment firms, insurance undertakings, assurance undertakings and reinsurance undertakings, amongst others, often use ESG ratings as a reference for the sustainability performance or the sustainability risks and opportunities in their investment activity. Consequently, ESG ratings have a significant impact on the operation of markets and on the trust and confidence of investors and consumers. To ensure that ESG ratings used in the Union are independent, comparable where possible, impartial, systematic and of adequate quality, it is important that ESG rating activities are conducted in accordance with the principles of integrity, transparency, responsibility and good governance, while contributing to the sustainable finance agenda of the Union. Better comparability and increased reliability of ESG ratings would enhance the efficiency of that fast-growing market, thereby facilitating progress towards the objectives of the European Green Deal.(11)ESG ratings play an enabling role for the proper functioning of the Union sustainable finance market by providing investors and financial institutions with important information for their investment strategies, risk management and disclosure obligations. It is therefore necessary to ensure that ESG ratings provide material decision-useful information to users of ESG ratings, and that users of ESG ratings better understand the objectives pursued by ESG ratings and the specific issues and metrics measured by such ratings.(12)It is necessary to acknowledge the various business models of the ESG rating market. A first business model is the user-paid model, where users of ESG ratings are mainly investors that purchase ESG ratings for the purpose of making investment decisions. A second business model is the issuer-paid model, where undertakings purchase ESG ratings for the purpose of assessing risks and opportunities within their operations. In order to ensure greater reliability of ESG ratings provided in the Union, rated items or, in the case of a financial instrument or a financial product, issuers of rated items should have the possibility of verifying the data used by an ESG rating provider and of highlighting any factual errors in the dataset used that could potentially impact the quality of future ratings. To that end, a rated item or an issuer of a rated item should be able to access, upon request, the dataset used to issue the ESG rating. The possibility of verifying that dataset should be a pure fact-checking tool and rated items or issuers of rated items should under no circumstances be able to influence in any manner the rating methodologies or rating outcome. The requirement for an ESG rating provider to notify the rated item or the issuer of a rated item before the issuance of the ESG rating should only apply before the first issuance of the rating and not to any following updates. That requirement serves as a means to inform the rated item or the issuer of a rated item that it is going to be rated by the ESG rating provider.(13)Member States neither regulate nor supervise the activities of ESG rating providers or the conditions for the provision of ESG ratings. Given the existing divergences, lack of transparency and absence of common rules, it is likely that Member States would adopt diverging measures and approaches impeding alignment with the objectives of the SDGs and the European Green Deal. Those diverging measures and approaches would have a direct negative impact on, and create obstacles to, the proper functioning of the internal market and be detrimental to the ESG rating market. ESG rating providers issuing ESG ratings for the use of financial institutions and undertakings in the Union would be subject to different rules in different Member States. Divergent standards and market practices would make it difficult to have clarity over the construction of ESG ratings and to compare them, thus creating uneven market conditions for users of ESG ratings. That would cause additional barriers within the internal market and would risk distorting investment decisions.(14)This Regulation complements existing Union legal acts in the field of sustainable finance and aims to facilitate information flows in order to facilitate investment decisions.(15)In order to adequately define the territorial scope, this Regulation should be based on the concept of "operating in the Union", distinguishing between, on the one hand, cases where ESG rating providers are established in the Union and, on the other, cases where ESG rating providers are established outside the Union. In the first case, ESG rating providers established in the Union should be considered to be operating in the Union when they issue and publish their ESG ratings on their website or through other means, or when they issue and distribute their ESG ratings by subscription or other contractual relationships to regulated financial undertakings in the Union, to undertakings within the scope of Directive 2013/34/EU of the European Parliament and of the CouncilDirective 2013/34/EU of the European Parliament and of the Council of 26 June 2013 on the annual financial statements, consolidated financial statements and related reports of certain types of undertakings, amending Directive 2006/43/EC of the European Parliament and of the Council and repealing Council Directives 78/660/EEC and 83/349/EEC (OJ L 182, 29.6.2013, p. 19)., to undertakings within the scope of Directive 2004/109/EC of the European Parliament and of the CouncilDirective 2004/109/EC of the European Parliament and of the Council of 15 December 2004 on the harmonisation of transparency requirements in relation to information about issuers whose securities are admitted to trading on a regulated market and amending Directive 2001/34/EC (OJ L 390, 31.12.2004, p. 38)., in particular with respect to third-country issuers whose securities are admitted to trading on Union regulated markets, or to Union institutions, bodies, offices and agencies or Member State public authorities. In the second case, ESG rating providers established outside the Union should only be considered to be operating in the Union when they issue and distribute their ESG ratings by subscription or other contractual relationships to the same entities as ESG rating providers established in the Union.(16)This Regulation is designed to govern the issuance, distribution and, where relevant, publication of ESG ratings, without being intended to regulate their use. Given that the territorial scope of this Regulation is tied to the concept of "operating in the Union", users of ESG ratings should engage with ESG rating providers that are authorised or registered under this Regulation. Nevertheless, in limited cases, a user of ESG ratings in the Union should be able to engage with an ESG rating provider established outside the Union and not authorised or recognised under this Regulation. Such cases should strictly adhere to specific conditions to avoid any risk of circumvention of the requirements of this Regulation.(17)To adequately define the range of products to which this Regulation applies, the definition of ESG rating should be limited to opinions or scores, or a combination thereof, that are based on both an established methodology and a defined ranking system such as rating categories. For instance, the assignment of an item to a category or a scale that is either positive or negative, based on an established methodology with regard to environmental, social and human rights, or governance factors or with regard to exposure to risks, should be considered a ranking system for the purposes of this Regulation.(18)This Regulation should not apply to the publication or distribution of data on environmental, social and human rights, and governance factors that do not result in the development of an ESG rating. Moreover, this Regulation should not apply to products or services that incorporate an element of an ESG rating, including investment research as laid down in Directive 2014/65/EU of the European Parliament and of the CouncilDirective 2014/65/EU of the European Parliament and of the Council of 15 May 2014 on markets in financial instruments and amending Directive 2002/92/EC and Directive 2011/61/EU (OJ L 173, 12.6.2014, p. 349).. External reviews of European Green Bonds, as provided for in Regulation (EU) 2023/2631 of the European Parliament and of the CouncilRegulation (EU) 2023/2631 of the European Parliament and of the Council of 22 November 2023 on European Green Bonds and optional disclosures for bonds marketed as environmentally sustainable and for sustainability-linked bonds (OJ L, 2023/2631, 30.11.2023, ELI: http://data.europa.eu/eli/reg/2023/2631/oj)., and external reviews and second-party opinions on bonds marketed as environmentally sustainable, sustainability-linked bonds, and bonds, loans and other types of debt instruments marketed as sustainable, should also fall outside the scope of this Regulation to the extent that such external reviews and second-party opinions do not contain ESG ratings issued by the external reviewer or the second-party opinion provider. External reviews include reviews of pre-issuance disclosures, such as European Green Bond factsheets or frameworks of bonds marketed as sustainable, as well as reviews of post-issuance disclosures, such as European Green Bond annual allocation reports, European Green Bond impact reports and reports on bonds marketed as sustainable. Furthermore, this Regulation should not apply to ratings developed exclusively for accreditation or certification processes, as such ratings do not target investment analysis, financial analysis, investment decision-making or financial decision-making. Lastly, this Regulation should not apply to ESG labelling activities provided that the labels granted to entities, financial instruments or products do not involve the disclosure of an ESG rating.(19)In addition, this Regulation should not apply to ratings issued by members of the European System of Central Banks (ESCB) when such ratings are not published or distributed for commercial purposes. That limitation in scope is to ensure that this Regulation does not unintentionally have an impact on measures of the ESCB that seek to take climate or other environmental, social and governance considerations into account in the ESCB’s monetary policy collateral framework when the ESCB is pursuing the primary objective of maintaining price stability and, without prejudice to that objective, supporting the general economic policies in the Union.(20)Where an undertaking or financial institution discloses information about its own sustainability impacts, risks and opportunities, or those of its value chain, such information should not be considered an ESG rating under this Regulation.(21)This Regulation should not apply to private ESG ratings issued pursuant to an individual order and provided exclusively to the person who placed the order and which are not intended for public disclosure or for distribution by subscription or other means. Nor should this Regulation apply to ESG ratings issued by regulated financial undertakings in the Union that are used exclusively for internal purposes or for providing in-house or intragroup financial services or products.(22)In order to further enhance the functioning of the internal market and the level of investor protection, it is important to ensure sufficient and consistent transparency of ESG ratings issued by regulated financial undertakings in the Union and incorporated in their financial products or services when such ratings are disclosed and are therefore visible to third parties. Investors should receive adequate information about the methodologies underlying the ESG ratings, which should be disclosed in the marketing communications. Therefore, this Regulation should also complement the disclosure obligations related to marketing communications established by Regulation (EU) 2019/2088 of the European Parliament and of the CouncilRegulation (EU) 2019/2088 of the European Parliament and of the Council of 27 November 2019 on sustainability-related disclosures in the financial services sector (OJ L 317, 9.12.2019, p. 1).. The same information should also be required from any other regulated financial undertaking in the Union that discloses an ESG rating issued by that regulated financial undertaking to a third party as part of its marketing communications, except where it is subject to Regulation (EU) 2019/2088. Investors should receive, via a link to the disclosures on the website of the regulated financial undertaking in the Union, the same information as that required from an ESG rating provider pursuant to point 1 of Annex III of this Regulation, while taking into account the content of any information already disclosed by financial market participants and financial advisors pursuant to Regulation (EU) 2019/2088. Other regulated financial undertakings in the Union should disclose the same information, taking into account the various types of financial products, their characteristics and the differences between them, as well as the need to avoid any duplication of information already published pursuant to other applicable regulatory requirements. In general, any duplication of applicable disclosure requirements should be avoided. With that same objective, regulated financial undertakings in the Union that issue ESG ratings and incorporate those ratings in the financial products or services that they offer to third parties should be excluded from the scope of this Regulation.(23)Non-profit organisations that issue ESG ratings for non-commercial purposes and that publish those ratings free of charge should not be deemed to fall within the scope of this Regulation. However, they should endeavour to integrate the transparency requirements laid down in this Regulation where applicable. Where non-profit organisations charge rated items and issuers of rated items to report data or to get rated through their platform, or where they charge users of ESG ratings to access any information on ESG ratings, they should be subject to the requirements of this Regulation.(24)Natural persons, including academics and journalists, who publish and distribute ESG ratings for non-commercial purposes should not fall within the scope of this Regulation.(25)To assess the ESG profile of companies, and as part of their sustainable investment and financing decision-making processes, credit institutions, investment firms, insurance undertakings and reinsurance undertakings, amongst others, rely both on external ESG ratings and on external ESG data products. Financial institutions should bear responsibility in the event of greenwashing accusations concerning their financial products, while the sole distribution of ESG information on entities or financial products, relying on proprietary or established methodology, which includes, among others, datasets on emissions and data on ESG controversies, should not be covered by this Regulation. The Commission should carry out a review of this Regulation to assess whether the scope identified is sufficient to ensure the confidence of investors and consumers in the sustainability performance of financial products and services. The Commission should envisage, where needed, broadening the set of ESG data products and ESG data product providers covered by this Regulation.(26)It is important to lay down rules ensuring that ESG ratings provided by ESG rating providers authorised in the Union are of adequate quality, are subject to appropriate requirements that recognise the existence of different business models, and ensure market integrity. Those rules would apply to overall ESG ratings capturing environmental, social and governance factors, and to ratings that only assess a single environmental, social or governance factor or a sub-component of such a factor. Separate environmental (E), social (S) and governance (G) ratings should be provided rather than a single ESG rating that aggregates E, S and G factors. If ESG rating providers decide to provide aggregated ratings, they should disclose the rate and weight granted to each E, S and G category and present that information in a manner that ensures that each of those categories can be compared with the others.(27)Given the use of ESG ratings from providers established outside the Union, and in order to ensure market integrity, investor protection and proper enforcement of this Regulation, it is necessary to introduce requirements based on which ESG rating providers established outside the Union may offer their services in the Union. Therefore, three possible regimes are proposed for ESG rating providers established outside the Union: equivalence, endorsement and recognition. As a rule, supervision and regulation in a third country should be equivalent to Union supervision and regulation of ESG ratings. Therefore, ESG ratings provided by an ESG rating provider established outside the Union and authorised or registered as such in a third country should only be offered in the Union where a positive decision on equivalence of the third-country regime has been taken by the Commission. However, to avoid any adverse impact resulting from a possible abrupt cessation of the offering in the Union of ESG ratings provided by an ESG rating provider established outside the Union, it is necessary to provide for certain other regimes, namely of endorsement and recognition. Any ESG rating provider with a group structure should be able to use the endorsement regime for ESG ratings developed outside the Union. To do so, it should establish, within the group structure, an authorised ESG rating provider in the Union. That authorised ESG rating provider should ensure that the issuance and distribution of endorsed ESG ratings fulfils requirements which are at least as stringent as the requirements of this Regulation. Additionally, the ESG rating provider established in the Union should possess the necessary expertise to effectively monitor the issuance and distribution of ESG ratings provided by the ESG rating provider established outside the Union and there should be an objective reason why the endorsed ratings are issued by a provider established outside the Union. The requirement to demonstrate compliance with this Regulation should not be proven for each individual endorsed ESG rating but rather for the overall methodologies and procedures implemented by the ESG rating provider. For their part, ESG rating providers that are categorised as small undertakings or small groups according to the criteria laid down in Directive 2013/34/EU ("small ESG rating providers") should be able to benefit from the recognition regime. Where an ESG provider established outside the Union is subject to supervision in a third country, appropriate cooperation arrangements should be put in place in order to ensure an efficient exchange of information with the relevant third-country competent authority.(28)The notion of establishment extends to any real and effective activity exercised through stable arrangements. When determining whether an entity based outside the Union has an establishment in a Member State, it is pertinent to consider the degree of stability of those arrangements, the effective exercise of activities in the Union, and the specific nature of the economic activities and services provided.(29)The Union represents one of the main markets for ESG ratings. It is also one of the first jurisdictions to regulate the transparency and integrity of ESG ratings. The Commission should continue to work with international partners to foster convergence of the rules applying to ESG rating providers.(30)To ensure a high level of investor and consumer confidence in the internal market, ESG rating providers which provide ESG ratings in the Union should be required to be authorised. It is therefore necessary to lay down harmonised conditions for such authorisation and the procedure for granting or refusing and suspending or withdrawing such authorisation. Authorised ESG rating providers should notify ESMA of any material changes to the conditions for their initial authorisation without undue delay. Material changes include any opening or closing of a branch within the Union. In order to provide more clarity to ESG rating providers, ESMA should specify what constitutes a material change by issuing guidelines to that effect.(31)To ensure a high level of information to investors and other users of ESG ratings, information on ESG ratings and ESG rating providers should be made available on the European single access point (ESAP) established by Regulation (EU) 2023/2859 of the European Parliament and of the CouncilRegulation (EU) 2023/2859 of the European Parliament and of the Council of 13 December 2023 establishing a European single access point providing centralised access to publicly available information of relevance to financial services, capital markets and sustainability (OJ L, 2023/2859, 20.12.2023, ELI: http://data.europa.eu/eli/reg/2023/2859/oj)..(32)To ensure the quality and reliability of ESG ratings, ESG rating providers should use rating methodologies that are rigorous, systematic, independent, continuous and capable of justification and that apply continuously and in a transparent manner. ESG rating providers should be encouraged to address both aspects of the double materiality principle. ESG rating providers should review ESG rating methodologies on an ongoing basis and at least annually, taking into account Union and international developments affecting the E, S or G factors. However, it is important to leave it to the ESG rating providers themselves to determine their own methodologies in accordance with those principles.(33)ESG rating providers should disclose information to the public on the methodologies, models and key rating assumptions which those providers use in their ESG rating activities and in each of their ESG rating products. In light of the uses of ESG ratings by investors, rating products should clearly disclose which dimension of the double materiality principle the rating addresses, namely, whether it is both the material financial risk to the rated item or the issuer of the rated item and the material impact of the rated item or the issuer of the rated item on the environment and society in general, or whether it addresses only one of those matters. ESG rating providers should also clearly disclose whether the rating addresses other dimensions. For the same reason, ESG rating providers should provide more detailed information on the methodologies, models and key rating assumptions to users of ESG ratings. That information should enable users of ESG ratings to perform their own due diligence when assessing whether to rely on those ESG ratings. Disclosure of information concerning methodologies, models and key rating assumptions should however not reveal sensitive business information or impede innovation. ESG rating providers should also disclose whether they have taken into account E, S or G factors, or an aggregation thereof, the rating given to each relevant factor, and the weighting each of those factors is given in the aggregation. ESG rating providers should also disclose the limitations of the information available to them and the limitations of the methodology used, such as when they assess only one of the two dimensions of the double materiality principle or when the ESG rating is expressed in absolute or relative value. They should also disclose information about any possible engagement with stakeholders of the rated item or issuer of the rated item.(34)To ensure a sufficient level of quality, it is recommended that ESG ratings take into account Union objectives and international standards for each factor. As such, ESG rating providers should provide information on whether the ESG rating takes into account, amongst others, the targets and objectives of relevant international agreements, including those of the Paris Agreement adopted under the United Nations Framework Convention on Climate Change (the "Paris Agreement") approved by the Union on 5 October 2016Council Decision (EU) 2016/1841 of 5 October 2016 on the conclusion, on behalf of the European Union, of the Paris Agreement adopted under the United Nations Framework Convention on Climate Change (OJ L 282, 19.10.2016, p. 1). for the E factor, compliance with the International Labour Organisation’s core conventions on the right to organise and collective bargaining for the S factor, and alignment with international standards on tax evasion and avoidance for the G factor.(35)Regulation (EU) 2019/2088, Regulation (EU) 2020/852 of the European Parliament and of the CouncilRegulation (EU) 2020/852 of the European Parliament and of the Council of 18 June 2020 on the establishment of a framework to facilitate sustainable investment, and amending Regulation (EU) 2019/2088 (OJ L 198, 22.6.2020, p. 13). and Directive (EU) 2022/2464 of the European Parliament and of the CouncilDirective (EU) 2022/2464 of the European Parliament and of the Council of 14 December 2022 amending Regulation (EU) No 537/2014, Directive 2004/109/EC, Directive 2006/43/EC and Directive 2013/34/EU, as regards corporate sustainability reporting (OJ L 322, 16.12.2022, p. 15). represent landmark legislative initiatives to enhance the availability, quality and consistency of ESG requirements across the entire value chain of financial market participants, which contribute to improving the quality of ESG ratings.(36)This Regulation should not interfere with ESG rating methodologies or the content of ESG ratings. Diversity in the methodologies of ESG rating providers ensures that the broad requirements of users of ESG ratings can be met and promotes competition in the market.(37)Whilst an ESG rating provider should be permitted to use alignment with the taxonomy set out in Regulation (EU) 2020/852 as a relevant factor or key performance indicator in its rating methodology, ESG ratings within the scope of this Regulation should not be considered ESG labels indicating or providing assurances of compliance or alignment with Regulation (EU) 2020/852 or with any other standards.(38)ESG rating providers should ensure that they provide ESG ratings that are independent, impartial, systematic and of adequate quality. It is important to introduce organisational requirements ensuring the prevention and mitigation of potential conflicts of interest. To ensure their independence, ESG rating providers should avoid situations of conflict of interest and manage such conflicts adequately where they are unavoidable. ESG rating providers should disclose conflicts of interest in a timely manner. They should also keep records of all significant threats to their independence and that of their employees and other persons involved in the rating process, and of the safeguards applied to mitigate those threats. In addition, to avoid potential conflicts of interest, ESG rating providers should not be allowed to offer from within the same entity a number of other activities including consulting services, credit ratings, benchmarks, investment activities, auditing, activities of credit institutions or insurance and reinsurance activities. Finally, to prevent, identify, eliminate or manage and disclose any conflicts of interest and ensure at all times the quality, integrity and thoroughness of the ESG rating and review process, ESG rating providers should establish appropriate internal policies and procedures in relation to employees and other persons involved in the rating process. Such policies and procedures should, in particular, include internal control mechanisms and an oversight function.(39)In order to address the risks of conflicts of interest, some activities should be offered from separate legal entities. However, some of those activities could be offered from within the same legal entity where the ESG rating provider concerned has sufficient measures and procedures in place to ensure that each activity is exercised autonomously and to avoid creating potential risks of conflicts of interest in decision-making within its ESG rating activities. Such derogation should not be possible for credit rating activities and for auditing and consulting activities. Consulting activities include developing sustainability strategies and strategies to manage sustainability risks or impacts. With respect to the activity of the provision of benchmarks, ESMA should assess whether the measures proposed by the ESG rating provider are appropriate and sufficient regarding the potential risks of conflict of interest. Such an assessment should take into account whether the benchmark administrator offers benchmarks that pursue sustainability objectives and in particular EU Climate Transition Benchmarks and EU Paris-aligned Benchmarks in accordance with Regulation (EU) 2016/1011 of the European Parliament and of the CouncilRegulation (EU) 2016/1011 of the European Parliament and of the Council of 8 June 2016 on indices used as benchmarks in financial instruments and financial contracts or to measure the performance of investment funds and amending Directives 2008/48/EC and 2014/17/EU and Regulation (EU) No 596/2014 (OJ L 171, 29.6.2016, p. 1)..(40)ESG rating providers should ensure that their employees and other persons involved in the rating process do not participate in, or otherwise influence, the determination of an ESG rating of any rated item if there is any evidence of self-review, self-interest, advocacy or familiarity stemming from financial, personal, business, employment or other relationships between those persons and the rated item or the issuer of a rated item as a result of which an objective, reasonable and informed third party, taking into account the safeguards applied, would conclude that those persons’ independence is compromised. If, during the period in which employees of ESG rating providers or other persons involved in the rating process are part of the assessment activities, a rated item or an issuer of a rated item merges with, or acquires, another entity, those persons should identify and evaluate any current or recent interests or relationships which, taking into account available safeguards, could compromise those persons’ independence and ability to continue being involved in the assessment activities after the effective date of the merger or acquisition.(41)To bring more clarity to, and enhance trust regarding, the operations of ESG rating providers, it is necessary to lay down requirements for the ongoing supervision of ESG rating providers in the Union. In light of the significant similarities between the activities of credit rating agencies and those of ESG rating providers, the related close alignment of central aspects of the regulatory framework for ESG rating providers to the regulatory framework for credit rating agencies under Regulation (EC) No 1060/2009 of the European Parliament and of the CouncilRegulation (EC) No 1060/2009 of the European Parliament and of the Council of 16 September 2009 on credit rating agencies (OJ L 302, 17.11.2009, p. 1)., and in order to ensure a harmonised application of this Regulation as well as uniform supervision, it is deemed advisable, considering the decision taken under Regulation (EC) No 1060/2009 to entrust supervision to ESMA, to entrust the supervision of ESG rating providers to ESMA. The fact that this Regulation entrusts supervision to ESMA does not constitute a precedent and should not be interpreted as establishing a practice or policy on the attribution of supervisory responsibilities in the financial services sector.(42)Aside from their use in the financial services sector, ESG ratings are also used in the procurement and supply chain context. Therefore, in its supervision of ESG rating providers, ESMA should take account of the distinction between ESG rating providers in financial services sectors and those in non-financial services sectors.(43)ESMA should be able to require all information necessary to carry out its supervisory tasks effectively. It should therefore be able to demand such information from ESG rating providers, persons involved in ESG rating activities, rated items and issuers of rated items, third parties to whom ESG rating providers have outsourced operational functions or activities, persons otherwise closely and substantially related or connected to ESG rating providers or ESG rating activities, and legal representatives designated under the recognition regime.(44)ESMA should be able to perform its supervisory tasks, and in particular to compel ESG rating providers to bring an end to an infringement, to supply complete and correct information, or to submit to an investigation or an on-site inspection. To ensure that it is able to perform those supervisory tasks, ESMA should be able to impose fines and periodic penalty payments.(45)Given its role as the Union authority that authorises and supervises ESG rating providers, ESMA should develop draft regulatory technical standards and submit them to the Commission. ESMA should specify further the information needed for the authorisation of ESG rating providers. The Commission should be empowered to adopt those regulatory technical standards by means of delegated acts pursuant to Article 290 TFEU and in accordance with Articles 10 to 14 of Regulation (EU) No 1095/2010.(46)When authorising and supervising ESG rating providers, ESMA should be able to charge supervised entities supervisory fees. Such fees should be proportionate and appropriate to the size of the ESG rating providers and to the extent of their supervision.(47)In order to specify further technical elements of this Regulation, the power to adopt acts in accordance with Article 290 TFEU should be delegated to the Commission in respect of the specifications of the procedure to impose fines or periodic penalty payments, including provisions on rights of defence, temporal provisions, provisions on the collection of fines or periodic penalty payments, and detailed rules on the limitation periods for the imposition and enforcement of fines or periodic penalty payments, and in respect of the type of fees, the matters for which fees are due, the amount of the fees, and the manner in which those fees are to be paid. It is of particular importance that the Commission carry out appropriate consultations during its preparatory work, including at expert level, and that those consultations be conducted in accordance with the principles laid down in the Interinstitutional Agreement of 13 April 2016 on Better Law-MakingOJ L 123, 12.5.2016, p. 1.. In particular, to ensure equal participation in the preparation of delegated acts, the European Parliament and the Council receive all documents at the same time as Member States’ experts, and their experts systematically have access to meetings of Commission expert groups dealing with the preparation of delegated acts.(48)It is necessary to have in place a number of measures supporting small ESG rating providers to enable them to continue their activities, or to enter the market after the date of application of this Regulation. Against that background, a temporary regime should be introduced to facilitate the market entry of small ESG rating providers and support the development of existing small ESG rating providers already operating in the Union before the entry into force of this Regulation. Under that temporary regime, small ESG rating providers should register with ESMA, without the need to obtain authorisation to operate in the Union, and should only be subject to the provisions of this Regulation regarding organisational and transparency requirements. ESMA should be empowered to request information and to conduct general investigations and on-site inspections, as well as to adopt administrative measures. ESMA should ensure that risks of circumvention of this Regulation are avoided, particularly by preventing small undertakings within medium-sized or large groups according to the criteria laid down in Directive 2013/34/EU from benefitting from the temporary regime. Once the temporary regime comes to an end, small ESG rating providers should apply for authorisation to operate in the Union and benefit from proportionate governance requirements and supervisory fees proportionate to the annual net turnover of the ESG rating provider concerned.(49)Where an item, issuer of an item or an investor seeks an ESG rating from at least two ESG rating providers, it may consider appointing at least one ESG rating provider with a market share for ESG rating activities of no more than 10 % in the Union.(50)Since the objective of this Regulation, namely, to lay down a consistent and effective regime to address the shortcomings and vulnerabilities posed by ESG ratings, cannot be sufficiently achieved by the Member States but can rather, by reasons of the scale and effects, be better achieved at Union level, the Union may adopt measures, in accordance with the principle of subsidiarity as set out in Article 5 of the Treaty on European Union. In accordance with the principle of proportionality as set out in that Article, this Regulation does not go beyond what is necessary in order to achieve that objective.(51)This Regulation applies without prejudice to the application of Articles 101 and 102 TFEU.(52)The European Central Bank delivered its own initiative opinion on 4 October 2023,HAVE ADOPTED THIS REGULATION:
TITLE ISUBJECT MATTER, SCOPE AND DEFINITIONSArticle 1Subject matterThis Regulation introduces a common regulatory approach to enhance the integrity, transparency, comparability where possible, responsibility, reliability, good governance and independence of ESG rating activities, thereby contributing to the transparency and quality of ESG ratings and to the sustainable finance agenda of the Union. It aims to contribute to the smooth functioning of the internal market, while achieving a high level of consumer and investor protection and preventing greenwashing and other types of misinformation, including social washing, by introducing transparency requirements related to ESG ratings and rules on the organisation and conduct of ESG rating providers.Article 2Scope1.This Regulation applies to ESG ratings issued by ESG rating providers operating in the Union.ESG rating providers are considered to be operating in the Union in the following cases:(a)for ESG rating providers established in the Union:(i)when they issue and publish their ESG ratings on their website or through other means; or(ii)when they issue and distribute their ESG ratings by subscription or other contractual relationships to regulated financial undertakings in the Union, to undertakings that fall within the scope of Directive 2013/34/EU, to undertakings that fall within the scope of Directive 2004/109/EC, or to Union institutions, bodies, offices and agencies or Member State public authorities;(b)for ESG rating providers established outside the Union, when they issue and distribute their ESG ratings by subscription or other contractual relationships to regulated financial undertakings in the Union, to undertakings that fall within the scope of Directive 2013/34/EU, to undertakings that fall within the scope of Directive 2004/109/EC, or to Union institutions, bodies, offices and agencies or Member State public authorities.2.This Regulation does not apply to any of the following:(a)private ESG ratings that are not intended for public disclosure or for distribution;(b)ESG ratings issued by regulated financial undertakings in the Union that are used exclusively for internal purposes or for providing in-house or intragroup financial services or products;(c)ESG ratings issued by regulated financial undertakings in the Union that:(i)are incorporated in a product or a service, where such products or services are already regulated under Union law, including under Regulation (EC) No 883/2004 of the European Parliament and of the CouncilRegulation (EC) No 883/2004 of the European Parliament and of the Council of 29 April 2004 on the coordination of social security systems (OJ L 166, 30.4.2004, p. 1)., Regulation (EU) 2019/2088, Directives 2013/36/EUDirective 2013/36/EU of the European Parliament and of the Council of 26 June 2013 on access to the activity of credit institutions and the prudential supervision of credit institutions, amending Directive 2002/87/EC and repealing Directives 2006/48/EC and 2006/49/EC (OJ L 176, 27.6.2013, p. 338)., 2014/65/EU, 2009/138/ECDirective 2009/138/EC of the European Parliament and of the Council of 25 November 2009 on the taking-up and pursuit of the business of Insurance and Reinsurance (Solvency II) (OJ L 335, 17.12.2009, p. 1)., 2009/65/ECDirective 2009/65/EC of the European Parliament and of the Council of 13 July 2009 on the coordination of laws, regulations and administrative provisions relating to undertakings for collective investment in transferable securities (UCITS) (OJ L 302, 17.11.2009, p. 32)., 2011/61/EUDirective 2011/61/EU of the European Parliament and of the Council of 8 June 2011 on Alternative Investment Fund Managers and amending Directives 2003/41/EC and 2009/65/EC and Regulations (EC) No 1060/2009 and (EU) No 1095/2010 (OJ L 174, 1.7.2011, p. 1). and (EU) 2016/2341Directive (EU) 2016/2341 of the European Parliament and of the Council of 14 December 2016 on the activities and supervision of institutions for occupational retirement provision (IORPs) (OJ L 354, 23.12.2016, p. 37). of the European Parliament and of the Council and Regulations (EU) 2020/1503Regulation (EU) 2020/1503 of the European Parliament and of the Council of 7 October 2020 on European crowdfunding service providers for business, and amending Regulation (EU) 2017/1129 and Directive (EU) 2019/1937 (OJ L 347, 20.10.2020, p. 1)., (EU) 2023/1114Regulation (EU) 2023/1114 of the European Parliament and of the Council of 31 May 2023 on markets in crypto-assets, and amending Regulations (EU) No 1093/2010 and (EU) No 1095/2010 and Directives 2013/36/EU and (EU) 2019/1937 (OJ L 150, 9.6.2023, p. 40). and (EU) 2016/1011 of the European Parliament and of the Council; and(ii)are disclosed to a third party.In the situations covered by the first subparagraph of this point, where a regulated financial undertaking in the Union discloses an ESG rating to third parties as part of its marketing communications, it shall include on its website the same information as that required by point 1 of Annex III to this Regulation and it shall disclose in those marketing communications a link to those website disclosures, except where it is subject to Article 13(3) of Regulation (EU) 2019/2088.Competent authorities designated in accordance with the sectoral legislative acts referred to in the first subparagraph of this point shall monitor compliance by regulated financial undertakings in the Union with the requirements of the first subparagraph of this point, in accordance with the powers granted by those sectoral legislative acts;(d)ESG ratings issued by ESG rating providers established outside the Union that are not authorised or recognised under Title II and that meet the following conditions:(i)the ESG rating is distributed at the own exclusive initiative of the user of the ESG rating established in the Union without any prior contact, solicitation, promotion, advertisement or any other initiative by the ESG rating provider, or by any third party on behalf of the provider; an ESG rating distributed in the Union by a provider established outside the Union whose market share in the Union for its ESG rating activities becomes substantial or that has a website in at least one of the official languages of the Union, which is a language that is not customary in the sphere of international finance, shall not be considered to be distributed at the own exclusive initiative of the user of ESG rating.The own exclusive initiative of a user of ESG rating as referred to in the first subparagraph of this point shall not entitle an ESG rating provider established outside the Union to distribute ESG ratings to that user in a recurrent manner, nor to distribute ESG ratings to any other user of ESG ratings in the Union;(ii)there is no substitute for the ratings offered by any ESG rating provider authorised under this Regulation;(e)the publication or distribution of data on environmental, social and human rights, and governance factors;(f)credit ratings issued pursuant to Regulation (EC) No 1060/2009, and any ESG-related scores or assessments that are produced or published as part of the methodologies for credit ratings or as an input or output of the creditworthiness assessment;(g)products or services that incorporate an element of an ESG rating, including investment research as laid down in Directive 2014/65/EU;(h)external reviews of European Green Bonds, as provided for in Regulation (EU) 2023/2631;(i)external reviews or second-party opinions on bonds marketed as environmentally sustainable, sustainability-linked bonds, and bonds, loans and other types of debt instruments marketed as sustainable, to the extent that such external reviews and second-party opinions do not contain ESG ratings issued by the external reviewer or the second-party opinion provider;(j)ESG ratings issued by Union institutions, bodies, offices and agencies or Member State public authorities where such ratings are not published or distributed for commercial purposes;(k)ESG ratings issued by an authorised ESG rating provider where such ratings are published or distributed by a third party;(l)ESG ratings issued by members of the European System of Central Banks where such ratings are not published or distributed for commercial purposes;(m)mandatory disclosures pursuant to Articles 6, 8, 9, 10, 11 and 13 of Regulation (EU) 2019/2088;(n)disclosures pursuant to Articles 5, 6 and 8 of Regulation (EU) 2020/852;(o)ESG ratings developed exclusively for accreditation or certification processes, which do not target investment analysis, financial analysis, investment decision-making or financial decision-making;(p)labelling activities provided that the labels granted to the relevant entities, financial instruments or financial products do not involve the disclosure of an ESG rating;(q)ESG ratings published or distributed by non-profit organisations for non-commercial purposes.By way of derogation from the first subparagraph, point (q), where non-profit organisations charge rated items or issuers of rated items to report data or to get rated through their platform, or where they charge users of ESG ratings to access any information on ESG ratings, they shall be subject to the requirements of this Regulation.3.ESMA, the European Supervisory Authority (European Banking Authority) (EBA) established by Regulation (EU) No 1093/2010 of the European Parliament and of the CouncilRegulation (EU) No 1093/2010 of the European Parliament and of the Council of 24 November 2010 establishing a European Supervisory Authority (European Banking Authority), amending Decision No 716/2009/EC and repealing Commission Decision 2009/78/EC (OJ L 331, 15.12.2010, p. 12)., and the European Supervisory Authority (European Insurance and Occupational Pensions Authority) (EIOPA) established by Regulation (EU) No 1094/2010 of the European Parliament and of the CouncilRegulation (EU) No 1094/2010 of the European Parliament and of the Council of 24 November 2010 establishing a European Supervisory Authority (European Insurance and Occupational Pensions Authority), amending Decision No 716/2009/EC and repealing Commission Decision 2009/79/EC (OJ L 331, 15.12.2010, p. 48). (known collectively as "European Supervisory Authorities" or "ESAs") shall, through the Joint Committee, develop draft regulatory technical standards to specify the details of the presentation and content of the information to be disclosed pursuant to paragraph 2, first subparagraph, point (c), second subparagraph, taking into account the various types of financial products, their characteristics and the differences between them, and the need to avoid duplication of information already published in accordance with applicable regulatory requirements.ESMA shall submit the draft regulatory technical standards referred to in the first subparagraph to the Commission.Power is delegated to the Commission to supplement this Regulation by adopting the regulatory technical standards referred to in the first subparagraph of this paragraph, in accordance with Articles 10 to 14 of Regulations (EU) No 1093/2010, (EU) No 1094/2010 and (EU) No 1095/2010.Article 3DefinitionsFor the purposes of this Regulation, the following definitions apply:(1)"ESG rating" means an opinion or a score, or a combination of both, regarding a rated item’s profile or characteristics with regard to environmental, social and human rights, or governance factors, or regarding a rated item’s exposure to risks or impact on environmental, social and human rights, or governance factors, that is based on both an established methodology and a defined ranking system of rating categories, irrespective of whether such ESG rating is labelled as "ESG rating", "ESG opinion" or "ESG score";(2)"ESG opinion" means an ESG assessment that is based on a rule-based methodology and defined ranking system of rating categories, involving directly a rating analyst in the rating process;(3)"ESG score" means an ESG measure derived from data, using a rule-based methodology, and based only on a pre-established statistical or algorithmic system or model, without any additional substantial analytical input from a rating analyst;(4)"ESG rating provider" means a legal person whose activities include the issuance, and the publication or distribution, of ESG ratings on a professional basis;(5)"regulated financial undertaking in the Union" means an undertaking, regardless of its legal form, that is:(a)a credit institution as defined in Article 4(1), point (1), of Regulation (EU) No 575/2013 of the European Parliament and of the CouncilRegulation (EU) No 575/2013 of the European Parliament and of the Council of 26 June 2013 on prudential requirements for credit institutions and amending Regulation (EU) No 648/2012 (OJ L 176, 27.6.2013, p. 1).;(b)an investment firm as defined in Article 4(1), point (1), of Directive 2014/65/EU;(c)an AIFM as defined in Article 4(1), point (b), of Directive 2011/61/EU, including a manager of a qualifying venture capital fund as defined in Article 3, point (c), of Regulation (EU) No 345/2013 of the European Parliament and of the CouncilRegulation (EU) No 345/2013 of the European Parliament and of the Council of 17 April 2013 on European venture capital funds (OJ L 115, 25.4.2013, p. 1)., a manager of a qualifying social entrepreneurship fund as defined in Article 3, point (c), of Regulation (EU) No 346/2013 of the European Parliament and of the CouncilRegulation (EU) No 346/2013 of the European Parliament and of the Council of 17 April 2013 on European social entrepreneurship funds (OJ L 115, 25.4.2013, p. 18). and a manager of the ELTIF as defined in Article 2, point (12), of Regulation (EU) 2015/760 of the European Parliament and of the CouncilRegulation (EU) 2015/760 of the European Parliament and of the Council of 29 April 2015 on European long-term investment funds (OJ L 123, 19.5.2015, p. 98).;(d)a management company as defined in Article 2(1), point (b), of Directive 2009/65/EC;(e)an insurance undertaking as defined in Article 13, point (1), of Directive 2009/138/EC;(f)a reinsurance undertaking as defined in Article 13, point (4), of Directive 2009/138/EC;(g)an institution for occupational retirement provision as defined in Article 6, point (1), of Directive (EU) 2016/2341;(h)a pension institution operating pension schemes which are considered to be social security schemes covered by Regulations (EC) No 883/2004 and (EC) No 987/2009Regulation (EC) No 987/2009 of the European Parliament and of the Council of 16 September 2009 laying down the procedure for implementing Regulation (EC) No 883/2004 on the coordination of social security systems (OJ L 284, 30.10.2009, p. 1). of the European Parliament and of the Council, and any legal entity set up for the purpose of investment of such social security schemes;(i)an alternative investment fund, as defined in Article 4(1), point (a), of Directive 2011/61/EU, supervised under the applicable national law;(j)a UCITS as defined in Article 1(2) of Directive 2009/65/EC;(k)a central counterparty as defined in Article 2, point (1), of Regulation (EU) No 648/2012 of the European Parliament and of the CouncilRegulation (EU) No 648/2012 of the European Parliament and of the Council of 4 July 2012 on OTC derivatives, central counterparties and trade repositories (OJ L 201, 27.7.2012, p. 1).;(l)a central securities depository as defined in Article 2(1), point (1), of Regulation (EU) No 909/2014 of the European Parliament and of the CouncilRegulation (EU) No 909/2014 of the European Parliament and of the Council of 23 July 2014 on improving securities settlement in the European Union and on central securities depositories and amending Directives 98/26/EC and 2014/65/EU and Regulation (EU) No 236/2012 (OJ L 257, 28.8.2014, p. 1).;(m)an insurance or reinsurance special purpose vehicle authorised in accordance with Article 211 of Directive 2009/138/EC;(n)a securitisation special purpose entity as defined in Article 2, point (2), of Regulation (EU) 2017/2402 of the European Parliament and of the CouncilRegulation (EU) 2017/2402 of the European Parliament and of the Council of 12 December 2017 laying down a general framework for securitisation and creating a specific framework for simple, transparent and standardised securitisation, and amending Directives 2009/65/EC, 2009/138/EC and 2011/61/EU and Regulations (EC) No 1060/2009 and (EU) No 648/2012 (OJ L 347, 28.12.2017, p. 35).;(o)an insurance holding company as defined in Article 212(1), point (f), of Directive 2009/138/EC or a mixed financial holding company as defined in Article 212(1), point (h), of Directive 2009/138/EC, which is part of an insurance group that is subject to supervision at the level of the group pursuant to Article 213 of that Directive and which is not exempted from group supervision pursuant to Article 214(2) of that Directive;(p)a financial holding company as defined in Article 4(1), point (20), of Regulation (EU) No 575/2013;(q)a payment institution as defined in Article 4, point (4), of Directive (EU) 2015/2366 of the European Parliament and of the CouncilDirective (EU) 2015/2366 of the European Parliament and of the Council of 25 November 2015 on payment services in the internal market, amending Directives 2002/65/EC, 2009/110/EC and 2013/36/EU and Regulation (EU) No 1093/2010, and repealing Directive 2007/64/EC (OJ L 337, 23.12.2015, p. 35).;(r)an electronic money institution as defined in Article 2, point (1), of Directive 2009/110/EC of the European Parliament and of the CouncilDirective 2009/110/EC of the European Parliament and of the Council of 16 September 2009 on the taking up, pursuit and prudential supervision of the business of electronic money institutions amending Directives 2005/60/EC and 2006/48/EC and repealing Directive 2000/46/EC (OJ L 267, 10.10.2009, p. 7).;(s)a crowdfunding service provider as defined in Article 2(1), point (e), of Regulation (EU) 2020/1503;(t)a crypto-asset service provider as defined in Article 3(1), point (15), of Regulation (EU) 2023/1114 when performing one or more crypto-asset services as defined in Article 3(1), point (16), of Regulation (EU) 2023/1114;(u)a trade repository as defined in Article 2, point (2), of Regulation (EU) No 648/2012;(v)a securitisation repository as defined in Article 2, point (23), of Regulation (EU) 2017/2402;(w)an administrator of benchmarks as defined in Article 3(1), point (6), of Regulation (EU) 2016/1011;(x)a credit rating agency as defined in Article 3(1), point (b), of Regulation (EC) No 1060/2009;(6)"rating analyst" means a person who performs analytical functions for the purpose of issuing ESG ratings;(7)"rated item" means a legal person, a financial instrument, a financial product, a public authority or a body governed by public law which is explicitly or implicitly rated in the ESG rating, irrespective of whether such rating has been requested and irrespective of whether the legal person, public authority or body governed by public law has provided information for that ESG rating;(8)"financial instrument" means any of the instruments listed in Section C of Annex I to Directive 2014/65/EU;(9)"user of ESG ratings" means a natural or legal person, a public authority, an agency or other body governed by public law, to which an ESG rating is distributed by subscription or other contractual relationships;(10)"competent authorities" means the authorities designated by each Member State in accordance with Article 30 of this Regulation;(11)"management body" means an ESG rating provider’s body or bodies, which are appointed in accordance with national law, which are empowered to set the ESG rating provider’s strategy, objectives and overall direction, which oversee and monitor management decision-making in the ESG rating provider, and which include the persons who effectively direct the business of the ESG rating provider;(12)"senior management" means the person or persons who effectively direct the business of the ESG rating provider and the member or members of the ESG rating provider’s administrative or supervisory board;(13)"group of ESG rating providers" means a group of undertakings established in the Union consisting of a parent undertaking and its subsidiary undertakings within the meaning of Article 2 of Directive 2013/34/EU, and undertakings linked to each other by a relationship, whose activities include the provision of ESG ratings.TITLE IIPROVISION OF ESG RATINGS IN THE UNIONArticle 4Requirements to operate in the UnionAny legal person that wishes to operate as an ESG rating provider in the Union shall be subject to one of the following:(a)an authorisation issued by ESMA as referred to in Article 6;(b)an equivalence decision as referred to in Article 10 and fulfilment of the conditions referred to in that Article;(c)an authorisation for endorsement as referred to in Article 11;(d)a recognition as referred to in Article 12.Article 5Temporary regime for small ESG rating providers1.By way of derogation from Article 4, an ESG rating provider categorised as a small undertaking or as a small group within the meaning of Article 3(2), first subparagraph, or Article 3(5), first subparagraph, respectively, of Directive 2013/34/EU (the "small ESG rating provider") that is established in the Union and wishes to operate in the Union shall only be subject to Article 15(1), (5) and (7), Articles 23 and 24 and Articles 32 to 37 of this Regulation, provided that it:(a)notifies ESMA of its intention to operate in the Union; and(b)has been registered by ESMA before it starts operating in the Union.2.Within 90 working days of receipt of the notification referred to in paragraph 1, point (a), ESMA shall decide whether to register the notifier as a small ESG rating provider. ESMA shall inform the notifier of its decision within five working days thereof.3.Where an ESG rating provider referred to in paragraph 1 of this Article ceases to be categorised as a small ESG rating provider, or three years after its registration in accordance with paragraph 1, point (b), of this Article, whichever occurs first, the ESG rating provider shall become subject to all provisions of this Regulation and shall within six months apply for authorisation to operate in the Union pursuant to Chapter 1 of this Title.4.The ESG rating providers referred to in paragraph 1 of this Article may choose to opt in to this Regulation by applying to ESMA for authorisation pursuant to Article 6. Where ESG rating providers choose to opt in, this Regulation shall become applicable to them in its entirety.CHAPTER 1Authorisation of ESG rating providers established in the Union to operate in the UnionArticle 6Application for authorisation to operate in the Union1.Legal persons established in the Union that wish to operate in the Union pursuant to Article 2(1), point (a), shall apply to ESMA for authorisation.2.An application for authorisation as referred to in paragraph 1 shall contain all of the information listed in Annex I to this Regulation and shall be submitted in any of the official languages of the Union. Council Regulation No 1Council Regulation No 1 determining the languages to be used by the European Economic Community (OJ 17, 6.10.1958, p. 385). shall apply mutatis mutandis to any other communication between ESMA and ESG rating providers and their staff.3.ESMA shall develop draft regulatory technical standards to specify further the information listed in Annex I.ESMA shall submit the draft regulatory technical standards referred to in the first subparagraph to the Commission by 2 October 2025.Power is delegated to the Commission to supplement this Regulation by adopting the regulatory technical standards referred to in the first subparagraph of this paragraph in accordance with the procedure laid down in Articles 10 to 14 of Regulation (EU) No 1095/2010.4.An authorised ESG rating provider shall comply at all times with the requirements under which the initial authorisation was granted.5.ESG rating providers shall notify ESMA of any material changes to the circumstances under which the initial authorisation was granted, including any opening or closing of a branch within the Union, without undue delay.Article 7Examination by ESMA of the application for authorisation to operate in the Union as an ESG rating provider1.Within 25 working days of receipt of an application as referred to in Article 6(2), ESMA shall assess whether the application is complete. Where the application is not complete, ESMA shall set a deadline by which the applicant is to provide any missing information.2.Once it assesses that an application is complete, ESMA shall notify the applicant thereof.3.Within 90 working days of the notification referred to in paragraph 2 of this Article, ESMA shall adopt a fully reasoned decision, as referred to in Article 8(1), to grant or refuse authorisation to operate as an ESG rating provider in the Union.4.ESMA may extend the period referred to in paragraph 3 of this Article to 120 working days, in particular where the applicant:(a)envisages endorsing ESG ratings as referred to in Article 11;(b)envisages using outsourcing; or(c)requests exemption from compliance in accordance with Article 22.5.The decision adopted by ESMA pursuant to paragraph 3 shall take effect on the fifth working day following its adoption.6.If the applicant does not provide any requested missing information by the expiry of the deadline referred to in paragraph 1, ESMA shall reject the application.If no decision is adopted by ESMA within the period referred to in paragraph 3 or 4, the application shall be deemed rejected.Article 8Decision to grant or refuse authorisation to operate in the Union and notification of that decision1.ESMA shall adopt a fully reasoned decision authorising an applicant to operate in the Union as an ESG rating provider where it concludes from its examination of the application referred to in Article 7 that the applicant complies with the requirements for the provision of ESG ratings set out in this Regulation.Where ESMA, after examining the application, concludes that the applicant does not meet the requirements for the provision of ESG ratings set out in this Regulation, it shall adopt a fully reasoned decision refusing that authorisation.2.ESMA shall inform the applicant within five working days of the decision referred to in paragraph 1.3.ESMA shall inform the Commission, EBA and EIOPA of any decision taken pursuant to paragraph 1.4.The authorisation shall be effective for the entire territory of the Union.Article 9Suspension or withdrawal of authorisation1.ESMA shall adopt a decision suspending or withdrawing the authorisation of an ESG rating provider referred to in Article 8(1), first subparagraph, where the ESG rating provider:(a)has expressly renounced the authorisation or has provided no ESG ratings for the preceding 12 months;(b)has obtained its authorisation by making false statements or by any other irregular means;(c)no longer meets the conditions under which it was authorised; or(d)has seriously or repeatedly infringed this Regulation.2.ESMA shall inform the ESG rating provider without undue delay of any decision taken pursuant to paragraph 1. The decision on the withdrawal or suspension of authorisation shall take immediate effect throughout the Union.3.ESMA shall also inform the competent authorities, the Commission, EBA and EIOPA of any decision taken pursuant to paragraph 1.CHAPTER 2Equivalence, endorsement and recognition of ESG rating providers established outside the Union to operate in the UnionArticle 10Equivalence regime1.An ESG rating provider established outside the Union that wishes to operate in the Union pursuant to Article 2(1), point (b), shall only be able to do so where it is included in the register referred to in Article 14 and provided that all of the following conditions are met:(a)the ESG rating provider established outside the Union is authorised or registered as an ESG rating provider in the third country concerned and is subject to supervision in that third country;(b)the ESG rating provider established outside the Union has notified ESMA that it wishes to operate in the Union and has submitted to ESMA proof of its authorisation or registration as an ESG rating provider, the documents required for such authorisation or registration in the third country concerned, as well as the name of the third-country competent authority responsible for its supervision, and has received confirmation from ESMA as regards the completeness of the information provided;(c)the Commission has adopted an equivalence decision pursuant to paragraph 2;(d)the cooperation arrangements referred to in paragraph 4 are operational.2.The Commission may adopt an equivalence decision by means of an implementing act stating that the legal framework and supervisory practice of a third country ensure that:(a)ESG rating providers authorised or registered in that third country comply with binding requirements which are equivalent to the requirements of this Regulation;(b)compliance with the binding requirements referred to in point (a) is subject to effective supervision and enforcement on an ongoing basis in that third country.Such an implementing act shall be adopted in accordance with the examination procedure referred to in Article 48.3.The Commission may adopt a delegated act in accordance with Article 47 to specify the conditions referred to in paragraph 2, first subparagraph, of this Article. The Commission may subject the application of the implementing act referred to in paragraph 2 of this Article to:(a)the effective fulfilment on an ongoing basis by the third country concerned of any condition set out in that implementing act that aims to ensure equivalent supervisory and regulatory standards;(b)the ability of ESMA to effectively exercise the monitoring responsibilities referred to in Article 33 of Regulation (EU) No 1095/2010.4.ESMA shall establish cooperation arrangements with the third-country competent authorities whose legal framework and supervisory practices have been recognised as equivalent in accordance with paragraph 2. Such arrangements shall specify at least the following:(a)the mechanism for exchanging information on a regular and ad hoc basis between ESMA and the third-country competent authorities concerned, including access to all relevant information requested by ESMA regarding the ESG rating provider authorised or registered in that third country;(b)the mechanism for prompt notification to ESMA where a third-country competent authority deems that the ESG rating provider authorised or registered in that third country and supervised by that third-country competent authority is breaching the conditions of its authorisation or registration, or other provisions of national law in that third country;(c)the procedures concerning the coordination of supervisory activities, including on-site inspections;(d)the mechanism for prompt notification to ESMA where a third-country competent authority takes any regulatory or supervisory actions in relation to the ESG rating provider authorised or registered in that third country, including any change that might have an impact on the ESG rating provider’s continued compliance with applicable laws and regulations;(e)the mechanism for prompt notification to the third-country competent authority where ESMA issues a public notice in accordance with Article 35 to the ESG rating provider authorised or registered in that third country.For the purpose of the first subparagraph of this paragraph, where ESMA is informed that an ESG rating provider established outside the Union no longer meets the conditions to be authorised or registered in its country of authorisation or registration, ESMA shall remove it from the register referred to in Article 14.5.For the purpose of paragraph 1, point (b), ESMA shall assess whether the information is complete within 20 working days of its receipt. If ESMA deems that the information is not complete, ESMA shall set a deadline by which the ESG rating provider is to provide any missing information. Once it assesses that a submission is complete, ESMA shall inform the ESG rating provider of the outcome of the process no later than 60 working days from the date of the initial notification.Article 11Endorsement of ESG ratings provided by ESG rating providers established outside the Union1.An ESG rating provider established in the Union and authorised in accordance with Article 8 may endorse ESG ratings provided by an ESG rating provider established outside the Union and belonging to the same group provided that all of the following conditions are met:(a)the ESG rating provider established in the Union has applied to ESMA for authorisation of such endorsement;(b)the ESG rating provider established in the Union fulfils the following indicators of minimum substance:(i)it has its own premises or premises for its exclusive use in a Member State;(ii)it has at least one active bank account of its own in the Union; and(iii)it has an appropriate analytical and decision-making presence in the Union having regard to the nature, scale or complexity of its activities in the Union;(c)the endorsement of the ESG rating does not impair the quality of the assessment of the rated item, or the issuer of a rated item, or the arrangement of on-site reviews or visits, where provided for in the ESG rating methodology used by the ESG rating provider established outside the Union;(d)the ESG rating provider established in the Union has verified and is able to demonstrate on an ongoing basis to ESMA that the issuance and distribution of endorsed ESG ratings fulfils requirements which are at least as stringent as the requirements of this Regulation; the ESG rating provider established in the Union shall be permitted to demonstrate compliance with those requirements without being required to refer to the specific process followed for each individual rating;(e)the ESG rating provider established in the Union has the necessary expertise to effectively monitor the ESG ratings provided by the ESG rating provider established outside the Union, in order to manage any associated risks;(f)there is an objective reason why the ESG ratings need to be endorsed for their use in the Union, which can include factors such as the specificities of the ESG ratings, the need for proximity of the production of the ESG ratings to the issuer or to a specific economic reality, a particular industry, centres of excellence for sub-components of environmental, social and human rights, or governance factors, the availability of specific skills required for the production of the ESG ratings, the material availability of input data and the development of ESG ratings through the collaboration of global teams;(g)the ESG rating provider established in the Union provides ESMA at its request with all information necessary to enable ESMA to supervise compliance by the ESG rating provider established outside the Union, where relevant to the endorsed rating, with this Regulation on an ongoing basis;(h)where an ESG rating provider established outside the Union is subject to supervision, an appropriate cooperation arrangement is in place between ESMA and the competent authority of the third country where the ESG rating provider is established, to ensure an efficient exchange of information.2.An ESG rating provider established in the Union that applies for authorisation of an endorsement as referred to in paragraph 1, point (a), shall provide ESMA with all information necessary to satisfy ESMA that, at the time of application, the conditions referred to in that paragraph are fulfilled.3.Within 45 working days of receipt of a complete application for authorisation of an endorsement as referred to in paragraph 1, point (a), but no later than 85 working days after receipt of the initial application, ESMA shall examine the application and decide either to authorise the endorsement or to refuse it. ESMA shall notify the applicant of that decision within five working days.4.An endorsed ESG rating shall be considered to be an ESG rating provided by the endorsing ESG rating provider. The endorsing ESG rating provider shall not use the endorsement to avoid or circumvent the requirements of this Regulation.5.An endorsing ESG rating provider shall remain fully responsible for the endorsed ESG ratings and for compliance with the requirements of this Regulation.6.Where ESMA has well-founded reasons to consider that the conditions laid down in this Article are no longer fulfilled, it shall have the power to require the endorsing ESG rating provider to cease the endorsement, without prejudice to the imposition of any applicable supervisory measures, fines and periodic penalty payments in accordance with Articles 35, 36 and 37.Article 12Recognition of ESG rating providers established outside the Union1.Until such time as the Commission has adopted an equivalence decision as referred to in Article 10 or, where adopted, in the event that the equivalence decision is repealed, an ESG rating provider established outside the Union with an annual net turnover of all of its activities that is below the maximum amount set in Article 3(2), second subparagraph, of Directive 2013/34/EU, for each of the last three consecutive years may operate in the Union provided that ESMA has recognised that ESG rating provider in accordance with this Article. An ESG rating provider established outside the Union that belongs to a group as defined in Article 2, point (11), of Directive 2013/34/EU whose consolidated annual net turnover of all of the group’s activities is below the maximum amount set in Article 3(5), second subparagraph, of Directive 2013/34/EU, for each of the last three consecutive years may operate in the Union provided that ESMA has recognised that ESG rating provider in accordance with this Article. To that end, ESMA may take into account either an assessment by an independent external auditor or a certification of the competent authority of the third country where the ESG rating provider is established.2.ESG rating providers established outside the Union that wish to be recognised as referred to in paragraph 1 shall comply with the requirements laid down in this Regulation and submit an application for recognition to ESMA.3.An ESG rating provider established outside the Union that wishes to be recognised as referred to in paragraph 1 shall have a legal representative. That legal representative shall be a legal person established in the Union and expressly appointed by the ESG rating provider to act on its behalf. The legal representative shall demonstrate to ESMA that the ESG rating provider meets the requirements of this Regulation on an ongoing basis and shall be accountable to ESMA in that respect. The legal representative shall, upon request, provide ESMA with all information necessary to satisfy ESMA that the ESG rating provider fulfils the requirements of this Regulation.4.An ESG rating provider established outside the Union shall, when submitting an application for recognition as referred to in paragraph 2, provide ESMA with the following:(a)all information listed in Annex I;(b)all information necessary to demonstrate that the conditions laid down in paragraph 1 of this Article are met;(c)all information necessary to satisfy ESMA that the ESG rating provider established outside the Union has established the necessary arrangements to meet the requirements referred to in paragraphs 2 and 3 of this Article;(d)the list of its actual or prospective ESG ratings which are intended for distribution in the Union;(e)where applicable, the name and contact details of the third-country competent authority responsible for its supervision.Within 90 working days of receipt of the application for recognition referred to in paragraph 2, ESMA shall decide whether to grant recognition. ESMA shall inform the applicant of its decision within five working days of the decision.5.ESMA shall recognise the ESG rating provider established outside the Union provided that all of the following conditions are met:(a)the ESG rating provider established outside the Union has complied with paragraphs 2, 3 and 4;(b)where the ESG rating provider established outside the Union is subject to supervision, ESMA shall seek to put in place an appropriate cooperation arrangement with the relevant competent authority of the third country where the ESG rating provider is established, in order to ensure an efficient exchange of information.6.ESMA shall adopt a decision rejecting the application where ESMA is prevented from exercising effectively its supervisory functions under this Regulation by the laws, regulations or administrative provisions of the third country where the ESG rating provider is established, or, where applicable, by limitations in the supervisory and investigatory powers of that third country’s competent authority.7.ESMA shall impose fines in accordance with Article 36, or suspend or, where appropriate, withdraw the recognition referred to in paragraph 1 of this Article, in line with Article 9, where it has well-founded reasons, based on documented evidence, to consider that the ESG rating provider:(a)is acting, or has been acting, in a manner which is clearly prejudicial to the interests of users of ESG ratings or to the orderly functioning of markets;(b)has seriously infringed this Regulation;(c)has made false statements or used any other irregular means to obtain the recognition.8.Where the ESG rating provider recognised under this Article by ESMA no longer meets the conditions laid down in paragraph 1, it shall notify ESMA thereof without undue delay.The ESG rating provider shall notify ESMA within three months of the date when it no longer meets the conditions laid down in paragraph 1 if it wishes to continue offering its services in the Union and shall apply for authorisation within 12 months of that date. In the absence of such notification, the ESG rating provider shall cease to operate in the Union.9.ESMA shall develop draft regulatory technical standards to determine the form and content of the application for recognition referred to in paragraph 2 and, in particular, the presentation of the information required in paragraph 4.ESMA shall submit the draft regulatory technical standards referred to in the first subparagraph to the Commission by 2 October 2025.Power is delegated to the Commission to supplement this Regulation by adopting the regulatory technical standards referred to in the first subparagraph of this paragraph in accordance with the procedure laid down in Articles 10 to 14 of Regulation (EU) No 1095/2010.Article 13Cooperation arrangements1.Any cooperation arrangement as referred to in Article 10(4), Article 11(1), point (h), and Article 12(5), point (b), shall be subject to guarantees of professional secrecy which are at least equivalent to those set out in Article 46. The exchange of information performed under such cooperation arrangements shall be intended for the performance of the tasks of ESMA or the third-country competent authorities.2.With regard to transfers of personal data to a third country, ESMA shall apply Regulation (EU) 2018/1725 of the European Parliament and of the CouncilRegulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC (OJ L 295, 21.11.2018, p. 39)..CHAPTER 3Register and accessibility of informationArticle 14Register of ESG rating providers and accessibility of information on the European single access point1.ESMA shall establish and maintain a register that contains the following information:(a)the identities of the ESG rating providers authorised pursuant to Article 8 or registered under the temporary regime for small ESG rating providers pursuant to Article 5(1);(b)the identities of the ESG rating providers established outside the Union that comply with the conditions laid down in Article 10 and the third-country competent authorities responsible for the supervision of those ESG rating providers;(c)the identities of the endorsing ESG rating providers and the endorsed ESG rating providers established outside the Union referred to in Article 11, and, where applicable, the third-country competent authorities responsible for the supervision of the endorsed ESG rating providers;(d)the identities of the ESG rating providers established outside the Union that have been recognised in accordance with Article 12, the legal representatives established in the Union of those ESG rating providers and, where applicable, the third-country competent authorities responsible for the supervision of those ESG rating providers.2.The register referred to in paragraph 1 shall be publicly accessible on the website of ESMA and shall be updated without delay, as necessary.3.From 1 January 2028, when making public any information referred to in Article 19(1) and Article 23(1) of this Regulation, the ESG rating provider shall submit that information at the same time to the collection body referred to in paragraph 6 of this Article for the purpose of making it accessible on the European single access point (ESAP) established under Regulation (EU) 2023/2859.4.That information shall comply with the following requirements:(a)be prepared in a data extractable format as defined in Article 2, point (3), of Regulation (EU) 2023/2859 or, where required under Union law, in a machine-readable format, as defined in Article 2, point (4), of Regulation (EU) 2023/2859;(b)be accompanied by the following metadata:(i)a full business name and, if applicable, the name used for marketing purposes and the abbreviation of the name of the ESG rating provider to which that information relates;(ii)where available, the legal entity identifier of the ESG rating provider as specified pursuant to Article 7(4), point (b), of Regulation (EU) 2023/2859;(iii)the type of information as classified pursuant to Article 7(4), point (c), of Regulation (EU) 2023/2859;(iv)the size of the ESG rating provider as specified pursuant to Article 7(4), point (d), of Regulation (EU) 2023/2859;(v)an indication of whether the information contains personal data.5.For the purposes of paragraph 4, point (b)(ii), the ESG rating provider shall obtain a legal entity identifier.6.For the purpose of making the information referred to in paragraph 1 of this Article accessible on ESAP, the collection body as defined in Article 2, point (2), of Regulation (EU) 2023/2859 shall be ESMA.7.From 1 January 2028, the information referred to in paragraph 1 and in Article 11(3), Article 35(6) and Article 38(1) of this Regulation shall be made accessible on ESAP. For that purpose, the collection body as defined in Article 2, point (2), of Regulation (EU) 2023/2859 shall be ESMA.That information shall:(a)be prepared in a data extractable format as defined in Article 2, point (3), of Regulation (EU) 2023/2859;(b)be accompanied by the following metadata:(i)all the names of the ESG rating providers to which the information relates;(ii)where available, the legal entity identifier of the ESG rating provider as specified pursuant to Article 7(4), point (b), of Regulation (EU) 2023/2859;(iii)the type of information as classified pursuant to Article 7(4), point (c), of Regulation (EU) 2023/2859;(iv)an indication of whether the information contains personal data.8.For the purpose of ensuring an efficient collection and management of information submitted in accordance with paragraph 3, ESMA shall develop draft implementing technical standards to specify:(a)any other metadata to accompany the information;(b)the structuring of data in the information;(c)for which information a machine-readable format is required and which machine-readable format is to be used.For the purposes of the first subparagraph, point (c), ESMA shall assess the advantages and disadvantages of different machine-readable formats and conduct appropriate field tests, in consultation with relevant stakeholders.ESMA shall submit the draft implementing technical standards referred to in the first subparagraph to the Commission.Power is conferred on the Commission to adopt the implementing technical standards referred to in the first subparagraph of this paragraph in accordance with Article 15 of Regulation (EU) No 1095/2010.9.Where necessary, ESMA shall adopt guidelines for entities to ensure that the metadata submitted in accordance with paragraph 8, first subparagraph, point (a), are correct.TITLE IIIINTEGRITY AND RELIABILITY OF ESG RATING ACTIVITIESCHAPTER 1Organisational requirements, processes and documents concerning governanceArticle 15General principles1.ESG rating providers shall ensure the independence of their rating activities, including from all political and economic influences or constraints.2.ESG rating providers shall have in place rules and procedures that ensure that their ESG ratings are issued, published and distributed in accordance with this Regulation.3.ESG rating providers shall employ systems, resources and procedures that are adequate and effective to comply with their obligations under this Regulation.4.ESG rating providers shall adopt and implement written policies and procedures that ensure that their ESG ratings are based on a thorough analysis of all information available to them that is relevant to their analysis in accordance with their rating methodologies.5.ESG rating providers shall adopt and implement internal due diligence policies and procedures that ensure that their business interests do not impair the independence or accuracy of the ESG rating activities.6.ESG rating providers shall adopt and implement sound administrative and accounting procedures, internal control mechanisms, and effective control and safeguard arrangements for information processing systems.7.ESG rating providers shall use rating methodologies for the ESG ratings they provide that are rigorous, systematic, independent and capable of justification and shall apply those rating methodologies continuously and in a transparent manner.8.ESG rating providers shall review the rating methodologies referred to in paragraph 7 on an ongoing basis and at least annually.9.ESG rating providers shall monitor and evaluate the adequacy and effectiveness of the systems, resources and procedures referred to in paragraph 3 at least annually and take appropriate measures to address any deficiencies.10.ESG rating providers shall establish and maintain a permanent, independent and effective oversight function to ensure oversight over all aspects of the provision of their ESG ratings.The oversight function shall have the necessary resources and expertise and have access to all information necessary to perform its duties. It shall have direct access to the management body of the ESG rating provider.ESG rating providers shall develop and maintain robust procedures regarding their oversight function.11.ESG rating providers shall adopt all necessary measures to ensure that the information they use in issuing ESG ratings is of sufficient quality and from reliable sources. ESG rating providers shall clearly state that their ESG ratings are their own opinion.12.ESG rating providers shall notify the rated item or the issuer of the rated item during its working hours and at least two full working days before the first issuance of the ESG rating in order to give the rated item or the issuer of the rated item an opportunity to inform the ESG rating providers of any factual errors. To that end, ESG rating providers shall make available, upon request by the rated item or by the issuer of the rated item, free of charge and on a non-commercial basis, the information referred to in point 1, points (b) and (c), and point 2, point (b)(ii), of Annex III, together with the date of the last update of data as well as, where relevant, any other data collected, estimated or computed that relates to the rated item or the issuer of a rated item.13.ESG rating providers shall not be obliged to disclose information about their intellectual capital, intellectual property, know-how or the results of innovation that would qualify as trade secrets as defined in Article 2, point (1), of Directive (EU) 2016/943 of the European Parliament and of the CouncilDirective (EU) 2016/943 of the European Parliament and of the Council of 8 June 2016 on the protection of undisclosed know-how and business information (trade secrets) against their unlawful acquisition, use and disclosure (OJ L 157, 15.6.2016, p. 1)..14.ESG rating providers shall only make changes to their ESG ratings in accordance with their rating methodologies published pursuant to Article 23.Article 16Separation of business and activities1.ESG rating providers shall not provide any of the following activities:(a)consulting activities to investors or undertakings;(b)the issuance and distribution of credit ratings as defined in Article 3(1), point (a), of Regulation (EC) No 1060/2009;(c)the provision of benchmarks as defined in Article 3(1), point (5), of Regulation (EU) 2016/1011;(d)investment services and activities as defined in Article 4(1), point (2), of Directive 2014/65/EU;(e)statutory auditing on financial statements and assurance engagements on sustainability reporting within the meaning of Directive 2013/34/EU;(f)activities of credit institutions within the meaning of the Regulation (EU) No 575/2013, and insurance or reinsurance activities within the meaning of Directive 2009/138/EC.2.By way of derogation from paragraph 1, an ESG rating provider may provide the activities referred to in paragraph 1, point (d) or (f), provided that it puts in place, in addition to the measures referred to in Articles 25 and 26, specific measures:(a)to ensure that each activity is exercised autonomously;(b)to avoid the creation of potential risks of conflicts of interest in decision-making within its ESG rating activities;(c)to ensure that its employees who are directly involved in the assessment process of a rated item do not provide any of the activities referred to in paragraph 1, point (d) or (f).In implementing such measures, the ESG rating provider shall also take into account the activities of the group to which it belongs, if applicable.3.By way of derogation from paragraph 1, point (c), an ESG rating provider may lodge a request with ESMA to be authorised to provide benchmarks provided that it puts in place specific measures, including those referred to in paragraph 2. ESMA shall decide whether the measures proposed by the ESG rating provider are appropriate and sufficient regarding the potential risks of conflicts of interest. If ESMA considers that the measures are not appropriate or sufficient regarding the potential risks of conflicts of interest, paragraph 1, point (c), shall apply.Any substantial change in the measures taken by the ESG rating provider or in their implementation shall be notified to ESMA by the ESG rating provider before such change is implemented. ESMA shall decide whether the measures remain appropriate and sufficient regarding the potential risks of conflicts of interest. If ESMA considers that the measures are no longer appropriate or sufficient regarding the potential risks of conflicts of interest, paragraph 1, point (c), shall apply.ESMA shall take a decision as referred to in the first and second subparagraphs of this paragraph within 30 working days of receipt of complete information about the measures proposed by the ESG rating provider or any substantial changes thereto, or within the deadlines laid down in Article 7 where ESMA’s assessment forms part of its evaluation of the ESG rating provider’s application for authorisation.4.An ESG rating provider shall ensure that its employees who are directly involved in the assessment process of a rated item do not provide any of the activities referred to in paragraph 1, points (a), (b) and (e).5.ESMA shall develop draft regulatory technical standards to specify the details of the measures and safeguards to be implemented pursuant to paragraphs 2, 3 and 4.ESMA shall submit the draft regulatory technical standards referred to in the first subparagraph to the Commission by 2 October 2025.Power is delegated to the Commission to supplement this Regulation by adopting the regulatory technical standards referred to in the first subparagraph of this paragraph in accordance with Articles 10 to 14 of Regulations (EU) No 1095/2010.6.ESG rating providers shall ensure that the provision of services other than those referred to in paragraph 1 does not create risks of conflicts of interest within its ESG rating activities. Where there are risks of conflicts of interest, ESG rating providers shall refrain from offering such other services.Article 17Rating analysts, employees and other persons involved in the provision of ESG ratings1.ESG rating providers shall ensure that rating analysts, employees and any other natural person under their control or whose services are placed at their disposal, for example by way of a contractual arrangement, and who are directly involved in the provision of ESG ratings, including rating analysts directly involved in the rating process and persons involved in the provision of ESG scores, are appropriately trained and have the knowledge and experience necessary for the performance of the duties and tasks assigned, including, where appropriate, a sufficient understanding of any potential material financial risk to the rated item and any potential material impact of the rated item on the environment and on society in general.2.ESG rating providers shall ensure that the persons referred to in paragraph 1 are not allowed to initiate or participate in negotiations regarding fees or payments with any rated item or issuer of a rated item, or with any person directly or indirectly linked to the rated item or the issuer of a rated item by control.3.With the exception of holdings in diversified collective investment schemes, including managed funds, and of investments made under discretionary portfolio management:(a)the persons referred to in paragraph 1 who are directly involved in the determination of an individual rating of a rated item shall not buy or sell any financial instrument issued, guaranteed, or otherwise supported by any entity that is rated within their area of analytical responsibility or by any entity within the group of that entity, nor engage in any transaction in such financial instruments;(b)persons occupying a senior management position in the ESG rating provider shall not buy or sell any financial instrument issued, guaranteed or otherwise supported by any entity rated by the ESG rating provider, or by any entity within the group of that entity, nor engage in any transaction in such financial instruments.4.The persons referred to in paragraph 1 shall not be directly involved in or otherwise influence the determination of an ESG rating of the relevant rated item where those persons:(a)own financial instruments of the rated item, other than holdings in diversified collective investment schemes, including managed funds, and investments made under discretionary portfolio management;(b)own financial instruments of any entity related to a rated item, the ownership of which might cause or might be generally perceived as causing a conflict of interest, other than holdings in diversified collective investment schemes, including managed funds, and investments made under discretionary portfolio management;(c)have had in the last year an employment, business or other relationship with the entity rated by the ESG rating provider or any entity within the group of that entity that might cause or might be generally perceived as causing a conflict of interest.5.ESG rating providers shall ensure that the persons referred to in paragraph 1 and persons occupying a senior management position in the ESG rating provider:(a)take all reasonable measures to protect property and records in the possession of the ESG rating provider from fraud, theft or misuse, taking into account the nature, scale and complexity of the ESG rating provider’s business and the nature and range of its ESG rating activities;(b)do not share confidential information that has been entrusted to the ESG rating provider with anyone who is not directly involved in the provision of ESG rating activities, including rating analysts and employees of any person directly or indirectly linked to the ESG rating provider by control, and any other natural person whose services are or have been placed at the disposal of, or are under the control of, any person directly or indirectly linked to the ESG rating provider by control;(c)do not use or share confidential information for any other purpose than the provision of ESG rating activities, including for the trading of financial instruments; and(d)do not solicit or accept money, gifts or favours from anyone with whom the ESG rating provider does business.6.Where the persons referred to in paragraph 1 consider that any other person referred to in that paragraph has engaged in conduct that they consider to be illegal, they shall immediately report that to the oversight function. The ESG rating provider shall ensure that such reporting does not have any negative consequences for the person reporting.7.Where a rating analyst terminates his or her employment with the ESG rating provider and, within one year of that termination, joins a rated item or an issuer of a rated item the determination of an individual rating of which he or she has been directly involved in, the ESG rating provider shall review the relevant work of the rating analyst over the one-year period preceding his or her departure in order to verify whether there has been any conflict of interest.8.The persons referred to in paragraph 1, and persons occupying a senior management position in the ESG rating provider, shall not take up a senior management position within a rated item or an issuer of a rated item the determination of an individual rating of which they have been involved in for a period of nine months after the date of such rating.Article 18Record-keeping requirements1.ESG rating providers shall record their ESG rating activities. Those records shall contain the information listed in Annexes I and II.2.ESG rating providers shall keep the information referred to in paragraph 1 for at least five years and in such a form that it is possible to replicate and fully understand the determination of an ESG rating.Article 19Complaints-handling mechanism1.ESG rating providers shall have in place and publish on their website procedures for receiving, investigating and retaining records concerning complaints made by users of ESG ratings, by rated items and by issuers of rated items. ESG rating providers shall also clearly provide information on their website about their complaints-handling mechanism and contact details.2.The procedures referred to in paragraph 1 shall ensure that:(a)the ESG rating provider makes publicly available the complaints-handling policy;(b)complaints are investigated in a timely and fair manner and the outcome of the investigation is communicated to the complainant within a reasonable period of time, unless such communication would be contrary to objectives of public policy or to Regulation (EU) No 596/2014 of the European Parliament and of the CouncilRegulation (EU) No 596/2014 of the European Parliament and of the Council of 16 April 2014 on market abuse (market abuse regulation) and repealing Directive 2003/6/EC of the European Parliament and of the Council and Commission Directives 2003/124/EC, 2003/125/EC and 2004/72/EC (OJ L 173, 12.6.2014, p. 1).; and(c)the inquiry is conducted independently of any personnel who have been involved in the determination of an individual rating about which the complaint is made.3.Complaints may be submitted in respect of any of the following:(a)the sources of data used for an individual ESG rating, factual errors and mistakes;(b)the way in which the rating methodology in relation to an individual ESG rating has been applied;(c)whether an individual ESG rating is representative of the rated item or the issuer of the rated item.Article 20Reasoned concerns1.ESG rating providers shall have in place procedures for receiving reasoned concerns from stakeholders that provide their names and position.2.ESG rating providers, with the exception of small ESG rating providers, within the meaning of Article 5(1) of this Regulation, shall endeavour to reply to the reasoned concerns within 30 working days of receipt thereof.Article 21Outsourcing1.Outsourcing of important operational functions shall not be undertaken in such a way as to materially impair the quality of an ESG rating provider’s internal controls and the ability of ESMA to supervise the ESG rating provider’s compliance with its obligations under this Regulation.2.ESG rating providers that outsource functions or any services or activities that are relevant for the provision of an ESG rating shall remain fully responsible for discharging all of their obligations under this Regulation and for disclosing the information referred to in Annex II.Article 22Exemptions from governance requirements1.An ESG rating provider may lodge a request with ESMA to be exempted from complying with the requirements laid down in Article 15(6), (8) and (10).2.When assessing a request as referred to in paragraph 1 of this Article, ESMA shall verify whether the following conditions are met:(a)the ESG rating provider is a small ESG rating provider, within the meaning of Article 5(1);(b)the ESG rating provider has implemented measures and procedures, and in particular internal control mechanisms, reporting arrangements and measures, that ensure the independence of rating analysts and persons approving ESG ratings and that ensure effective compliance with this Regulation;(c)the ESG rating provider has shown that its size has not been determined in such a way as to circumvent the requirements of this Regulation;(d)the ESG rating provider has demonstrated with sufficient clarity that the requirements laid down in Article 15(6), (8) and (10) are not proportionate to the nature, scale or complexity of the business of that ESG rating provider or in view of the nature or range of the issuance of ESG ratings.On the basis of those considerations, ESMA may exempt the ESG rating provider from all of the requirements laid down in Article 15(6), (8) and (10) or, in duly justified cases and based on the elements provided by the ESG rating provider pursuant to the first subparagraph, point (d), of this paragraph, from some of those requirements only.CHAPTER 2Transparency requirementsArticle 23Disclosure to the public of the methodologies, models and key rating assumptions used in ESG rating activities1.ESG rating providers shall disclose on their website, as a minimum, the methodologies, models and key rating assumptions that they use in their ESG rating activities, including the information referred to in point (d) of Annex I and point 1 of Annex III. Such disclosure shall be made in a clear and transparent manner and identified in a separate section of the ESG rating provider’s website.The ESG rating provider shall disclose the information referred to in point 1 of Annex III at the latest when it starts issuing ESG ratings.2.Separate E, S and G ratings shall be provided rather than a single ESG rating that aggregates E, S and G factors. ESG rating providers shall provide the disclosures referred to in this Article and in Article 24 separately for each factor.3.By way of derogation from paragraph 2 of this Article, ESG rating providers may provide a single ESG rating that aggregates E, S and G factors if they provide, without prejudice to further disclosure obligations under this Regulation, the information referred to in point (h) of point 1 of Annex III.4.ESMA shall develop draft regulatory technical standards to specify further the elements to be disclosed in accordance with paragraph 1, first subparagraph. Those elements shall not include any additional disclosure requirements other than those listed in point 1 of Annex III.ESMA shall submit the draft regulatory technical standards referred to in the first subparagraph of this paragraph to the Commission by 2 October 2025.Power is delegated to the Commission to supplement this Regulation by adopting the regulatory technical standards referred to in the first subparagraph of this paragraph in accordance with the procedure laid down in Articles 10 to 14 of Regulation (EU) No 1095/2010.5.ESMA may develop draft implementing technical standards to specify the data standards, formats and templates that ESG rating providers are to use to present the information referred to in paragraph 1.ESMA shall submit the draft implementing technical standards referred to in the first subparagraph of this paragraph to the Commission.Power is conferred on the Commission to adopt the implementing technical standards referred to in the first subparagraph of this paragraph in accordance with the procedure laid down in Article 15 of Regulation (EU) No 1095/2010.Article 24Disclosures to users of ESG ratings, rated items and issuers of rated items1.ESG rating providers shall disclose, as a minimum, the information referred to in point 2 of Annex III to users of ESG ratings, rated items and issuers of rated items on an ongoing basis.2.An ESG rating provider shall ensure that when it authorises a user of ESG ratings to disclose an ESG rating, a link to the information referred to in point 1 of Annex III is attached to the ESG rating.3.ESMA shall develop draft regulatory technical standards to specify further the elements that are to be disclosed in accordance with paragraph 1. Those elements shall not include any additional disclosure requirements other than those listed in point 2 of Annex III.ESMA shall submit the draft regulatory technical standards referred to in the first subparagraph to the Commission by 2 October 2025.Power is delegated to the Commission to supplement this Regulation by adopting the regulatory technical standards referred to in the first subparagraph of this paragraph in accordance with the procedure laid down in Articles 10 to 14 of Regulation (EU) No 1095/2010.4.ESMA may develop draft implementing technical standards to specify the data standards, formats and templates that ESG rating providers are to use to present the information referred to in paragraph 1.ESMA shall submit the draft implementing technical standards referred to in the first subparagraph of this paragraph to the Commission.Power is conferred on the Commission to adopt the implementing technical standards referred to in the first subparagraph of this paragraph in accordance with the procedure laid down in Article 15 of Regulation (EU) No 1095/2010.CHAPTER 3Independence and conflicts of interestArticle 25Independence and avoidance of conflicts of interest1.ESG rating providers shall have in place robust governance arrangements, including a clear organisational structure with well-defined, transparent and consistent roles and responsibilities for all persons involved in the provision of an ESG rating.2.ESG rating providers shall take all necessary steps to ensure that any ESG rating provided is not affected by any existing or potential conflict of interest, or by any business or other relationship, arising either from the ESG rating providers themselves or from their shareholders, managers, rating analysts, employees or any other natural persons whose services are placed at the disposal or under the control of the ESG rating providers, or any persons directly or indirectly linked to them by control or any third-party providers to whom functions or any services or activities have been outsourced.3.Where there is a risk of a conflict of interest within an ESG rating provider due to the ownership structure, controlling interests or activities of that ESG rating provider, of any entity owning or controlling the ESG rating provider, of an entity that is owned or controlled by the ESG rating provider, or of any of the ESG rating provider’s affiliates or third-party providers, ESMA shall take appropriate action. ESMA may require the ESG rating provider to take measures to mitigate that risk.Where a conflict of interest as referred to in the first subparagraph is not adequately managed through the risk mitigation measures referred to in the first subparagraph, ESMA shall require the ESG rating provider to resolve that conflict of interest. If necessary, ESMA may require the ESG rating provider to cease the activities or relationships that create the conflict of interest, or to cease providing the ESG ratings.4.A shareholder or a member of an ESG rating provider exercising significant influence within the meaning of Article 2, point (13), second sentence, of Directive 2013/34/EU over that ESG rating provider, or over an undertaking which has the power to exercise control or a dominant influence over that ESG rating provider, shall be prohibited from doing any of the following:(a)exercising significant influence over any other ESG rating provider;(b)having the right or the power to appoint or remove members of the administrative or supervisory board of any other ESG rating provider;(c)being a member of the administrative or supervisory board of any other ESG rating provider.The first subparagraph of this paragraph shall not apply to investments in other ESG rating providers belonging to the same group of ESG rating providers or to investments in ESG rating providers that are micro-undertakings or small undertakings according to the criteria laid down in Article 3(1) and Article 3(2), first subparagraph, respectively, of Directive 2013/34/EU.5.ESG rating providers shall disclose to ESMA all existing or potential conflicts of interest, including conflicts of interest arising from the ownership or control of the ESG rating providers.6.ESG rating providers shall establish and operate policies, procedures and effective organisational arrangements for the identification, disclosure, prevention, management and mitigation of conflicts of interest. ESG rating providers shall regularly review and update those policies, procedures and arrangements. Those policies, procedures and arrangements shall specifically prevent, manage and mitigate conflicts of interest due to the ESG rating provider’s ownership or control or due to other interests in the ESG rating provider’s group, or conflicts of interest that are caused by other persons that exercise influence or control over the ESG rating provider in relation to determining the ESG rating.7.ESG rating providers shall review their operations to identify potential conflicts of interest at least annually.Article 26Management of potential conflicts of interest arising from employees1.ESG rating providers shall ensure that their employees and any other natural persons whose services are placed at their disposal or under their control and who are directly involved in the provision of an ESG rating:(a)have the skills that are necessary for performing their tasks and duties and are subject to effective management and supervision;(b)are not subject to undue influence or conflicts of interest;(c)are not compensated and their performance is not evaluated in such a manner as to create conflicts of interest or otherwise impinge upon the integrity of the ESG rating determination process;(d)do not have any interests or business connections that compromise the activities of the ESG rating provider;(e)are prohibited from contributing to an ESG rating determination by way of engaging in bids, offers and trades on a personal basis or on behalf of market participants, except where such contribution is expressly required as part of the ESG rating methodology and is subject to specific rules laid down therein; and(f)are subject to effective procedures to control the exchange of information with other employees involved in activities that might create a risk of conflicts of interest or with third parties, where that information might affect the ESG rating.2.ESG rating providers shall establish specific internal control procedures to ensure the integrity and reliability of the employee or person determining the ESG rating, including internal approval by management before the distribution of the ESG rating.Article 27Fair, reasonable, transparent and non-discriminatory treatment of users of ESG ratings1.ESG rating providers shall take steps that are adequate to ensure that fees charged to clients are fair, reasonable, transparent and non-discriminatory.2.For the purposes of paragraph 1 of this Article, ESMA may require ESG rating providers to provide it with documented evidence on their pricing policy, including the fee structure and pricing criteria. ESMA may take supervisory measures in accordance with Article 35, and may decide to impose fines in accordance with Article 36 where it finds that fees charged by ESG rating providers are not fair, reasonable, transparent and non-discriminatory.CHAPTER 4Supervision by ESMASection 1General principlesArticle 28Non-interference with the content of ESG ratings or methodologiesIn carrying out their duties under this Regulation, ESMA, the Commission or any Member State public authorities shall not interfere with the content of ESG ratings or methodologies.Article 29ESMA1.In accordance with Article 16 of Regulation (EU) No 1095/2010, ESMA shall issue and update guidelines on the cooperation between ESMA and the competent authorities for the purposes of this Regulation, including the procedures for, and detailed conditions relating to, the delegation of tasks.2.In accordance with Article 16 of Regulation (EU) No 1095/2010, ESMA shall, in cooperation with EBA and EIOPA, issue and update guidelines on the application of the endorsement regime referred to in Article 11 of this Regulation by 2 October 2025.3.ESMA shall publish an annual report on the application of this Regulation, including on the supervisory measures taken and fines and periodic penalty payments imposed by ESMA under this Regulation. That report shall contain, in particular, information on the evolution of the ESG ratings market in the Union and an assessment of the application of the third-country regimes referred to in Articles 10, 11 and 12.ESMA shall present the annual report referred to in the first subparagraph to the European Parliament, the Council and the Commission.4.ESMA shall publish annually on its website a list of ESG rating providers included in the register referred to in Article 14(1), indicating their total market share in the Union. The publication shall take stock of the market structure, including concentration levels and the diversity of ESG rating providers.5.For the purposes of paragraph 4, the market share shall be measured by reference to the annual turnover generated from ESG rating activities at group level in the Union.6.ESMA shall cooperate with EBA and EIOPA in performing its tasks and shall consult EBA and EIOPA before issuing and updating guidelines and submitting draft regulatory technical standards under this Regulation.Article 30Competent authorities1.By 2 April 2026, each Member State shall designate a competent authority for the purposes of this Regulation.2.The competent authorities shall be adequately staffed, with regard to capacity and expertise, to be able to carry out their tasks under this Regulation.Article 31Exercise of the powers referred to in Articles 32, 33 and 34The powers conferred on ESMA or on any official, or other person authorised by, ESMA by Articles 32, 33 and 34 shall not be used to require the disclosure of information or documents which are subject to legal privilege.Article 32Requests for information1.ESMA may by simple request or by decision require ESG rating providers, persons involved in ESG rating activities, rated items and issuers of rated items, third parties to whom ESG rating providers have outsourced operational functions or activities, and persons otherwise closely and substantially related or connected to ESG rating providers or ESG rating activities, to provide all information that it needs to carry out its duties under this Regulation.2.When sending a simple request for information under paragraph 1 of this Article, ESMA shall:(a)refer to this Article as the legal basis for the request;(b)state the purpose of the request;(c)specify what information is required;(d)set a reasonable time limit within which the information is to be provided and the format in which the requested information is to be provided;(e)inform the person from whom the information is requested that there is no obligation to provide the information but that any reply to the request for information must not be incorrect or misleading;(f)indicate the fines provided for in Article 36, where the information supplied is incorrect or misleading.3.When requiring the provision of information by decision under paragraph 1 of this Article, ESMA shall:(a)refer to this Article as the legal basis for the request;(b)state the purpose of the request;(c)specify what information is required;(d)set a reasonable time limit within which the information is to be provided and the format in which the requested information is to be provided;(e)indicate the periodic penalty payments provided for in Article 37 where the requested information is not submitted within the set time limit or is incomplete;(f)indicate the fines provided for in Article 36 where the information supplied is incorrect or misleading;(g)indicate the right to appeal the decision before the Board of Appeal in accordance with Article 60 of Regulation (EU) No 1095/2010 and to have the decision reviewed by the Court of Justice of the European Union in accordance with Article 61 of Regulation (EU) No 1095/2010.4.The persons referred to in paragraph 1 or their representatives, and, in the case of legal persons or of associations having no legal personality, the persons authorised to represent them by law or by their constitution, shall supply the information requested. Lawyers duly authorised to act may supply the information on behalf of their clients. Those clients shall remain fully responsible if the information supplied by their lawyers is incomplete, incorrect or misleading.5.ESMA shall, without delay, send a copy of the simple request or of its decision to the competent authority of the Member State where the persons referred to in paragraph 1 who are concerned by the request for information are domiciled or established.Article 33General investigations1.In order to carry out its duties under this Regulation, ESMA may conduct all necessary investigations of the persons referred to in Article 32(1). To that end, the officials and other persons authorised by ESMA shall be empowered to:(a)examine any records, data, procedures and any other material relevant to the execution of their tasks irrespective of the medium on which they are stored;(b)take or obtain certified copies of or extracts from such records, data, procedures and other material;(c)summon and ask any person referred to in Article 32(1), or their representatives or staff, for oral or written explanations on facts or documents related to the subject matter and purpose of the investigation and to record the answers;(d)interview any other natural or legal person who consents to be interviewed for the purpose of collecting information relating to the subject matter of an investigation;(e)request records of telephone and data traffic.2.The officials and other persons authorised by ESMA for the purposes of the investigations referred to in paragraph 1 shall exercise their powers upon the production of a written authorisation specifying the subject matter and purpose of the investigation. That authorisation shall also indicate the periodic penalty payments provided for in Article 37(1) where the production of the required records, data, procedures or any other material, or the information supplied by the persons referred to in Article 32(1), are not provided or are incomplete, and the fines provided for in Article 36 where the information supplied by the persons referred to in Article 32(1) is incorrect or misleading.3.The persons referred to in Article 32(1) of this Regulation shall submit to investigations launched on the basis of a decision of ESMA. The decision shall specify the subject matter and purpose of the investigation, the periodic penalty payments provided for in Article 37 of this Regulation, the legal remedies available under Regulation (EU) No 1095/2010 and the right to have the decision reviewed by the Court of Justice of the European Union.4.In good time before the investigation, ESMA shall inform the competent authority of the Member State in whose territory that investigation is to be carried out of the investigation and of the identity of the persons authorised by ESMA for the purposes of the investigation. Officials of the competent authority concerned shall, upon the request of ESMA, assist those authorised persons in carrying out their duties. Officials of the competent authority concerned may also attend the investigation upon request.5.If a request for records of telephone or data traffic referred to in paragraph 1, point (e), requires authorisation from a judicial authority according to national rules, such authorisation shall be applied for. Such authorisation may also be applied for as a precautionary measure.6.Where an authorisation as referred to in paragraph 5 is applied for, the national judicial authority shall verify that the decision of ESMA is authentic and that the coercive measures envisaged are neither arbitrary nor excessive having regard to the subject matter of the investigation. When verifying the proportionality of the coercive measures, the national judicial authority may ask ESMA for detailed explanations, in particular relating to the grounds ESMA has for suspecting that an infringement of this Regulation has taken place, the seriousness of the suspected infringement and the nature of the involvement of the person subject to the coercive measures. However, the national judicial authority shall not review the necessity for the investigation or demand that it be provided with the information on ESMA’s file. The lawfulness of ESMA’s decision shall be subject to review only by the Court of Justice of the European Union following the procedure set out in Regulation (EU) No 1095/2010.Article 34On-site inspections1.In order to carry out its duties under this Regulation, ESMA may conduct all necessary on-site inspections at the business premises of the legal persons referred to in Article 32(1). Where the proper conduct and efficiency of the inspection so require, ESMA may carry out the on-site inspection without prior announcement.2.The officials and other persons authorised by ESMA to conduct an on-site inspection may enter any business premises and land of the legal persons subject to an investigation decision adopted by ESMA and shall have the powers provided for in Article 33(1). They shall also have the power to seal any business premises and books or records for the period of, and to the extent necessary for, the inspection.3.The officials and other persons authorised by ESMA to conduct an on-site inspection shall exercise their powers upon production of a written authorisation specifying the subject matter and purpose of the inspection. That authorisation shall also indicate the periodic penalty payments provided for in Article 37 where the persons concerned do not submit to the inspection. In good time before the inspection, ESMA shall give notice of the inspection to the competent authority of the Member State where it is to be conducted.4.The persons referred to in Article 32(1) of this Regulation shall submit to on-site inspections ordered by decision of ESMA. The decision shall specify the subject matter and purpose of the inspection, the date on which it is to begin, the periodic penalty payments provided for in Article 37 of this Regulation, the legal remedies available under Regulation (EU) No 1095/2010 and the right to have the decision reviewed by the Court of Justice of the European Union. ESMA shall take such decisions after consulting the competent authority of the Member State where the inspection is to be conducted.5.Officials and other persons authorised or appointed by the competent authority of the Member State where the inspection is to be conducted shall, upon the request of ESMA, actively assist the officials and other persons authorised by ESMA. To that end, they shall enjoy the powers set out in paragraph 2. Officials of the competent authority of the Member State concerned may also attend the on-site inspections upon request.6.ESMA may also require the competent authorities to carry out specific investigatory tasks and on-site inspections on its behalf, as provided for in this Article and in Article 33(1). To that end, the competent authorities shall enjoy the same powers as ESMA as set out in this Article and in Article 33(1).7.Where the officials and other persons authorised by ESMA find that a person opposes an inspection ordered pursuant to this Article, the competent authority of the Member State concerned shall afford them the necessary assistance, requesting, where appropriate, the assistance of the police or of an equivalent enforcement authority, so as to enable them to conduct their on-site inspection.8.If the on-site inspection provided for in paragraph 1 or the assistance provided for in paragraph 7 requires authorisation by a judicial authority according to national rules, such authorisation shall be applied for. Such authorisation may also be applied for as a precautionary measure.9.Where an authorisation as referred to in paragraph 8 is applied for, the national judicial authority shall verify that the decision of ESMA is authentic and that the coercive measures envisaged are neither arbitrary nor excessive having regard to the subject matter of the inspection. When verifying the proportionality of the coercive measures, the national judicial authority may ask ESMA for detailed explanations, in particular relating to the grounds ESMA has for suspecting that an infringement of this Regulation has taken place, the seriousness of the suspected infringement and the nature of the involvement of the person subject to the coercive measures. However, the national judicial authority shall not review the necessity for the inspection or demand to be provided with the information on ESMA’s file. The lawfulness of ESMA’s decision shall be subject to review only by the Court of Justice of the European Union following the procedure set out in Regulation (EU) No 1095/2010.Section 2Supervisory measures and penaltiesArticle 35Supervisory measures by ESMA1.Where ESMA finds that an ESG rating provider has not complied with its obligations under this Regulation, it shall take one or more of the following supervisory measures:(a)suspend or withdraw the authorisation or recognition of the ESG rating provider;(b)temporarily prohibit the ESG rating provider from publishing or distributing ESG ratings, until the infringement has been brought to an end;(c)require the ESG rating provider to bring the infringement to an end;(d)impose fines pursuant to Article 36;(e)issue public notices.2.ESMA may also take one or more of the supervisory measures referred to in paragraph 1, points (b) to (e), of this Article in respect of any ESG rating provider that operates in the Union pursuant to Article 2(1):(a)without complying with Article 4, or where ESMA has suspended or withdrawn the ESG rating provider’s authorisation or recognition referred to in that Article;(b)without complying with the conditions to benefit from any exclusion set out in Article 2(2).3.ESMA may also take the supervisory measure referred to in paragraph 1, point (e), in the event that an ESG rating activity of an ESG rating provider operating in the Union poses a serious threat to market integrity or to investor protection in the Union.In order to verify whether a person is operating in the Union pursuant to Article 2(1), ESMA may use the powers conferred on it by Articles 32, 33 and 34 in respect of the person concerned or any third parties who enable the person concerned to carry out the ESG rating activity.4.The supervisory measures referred to in paragraph 1 shall be effective, proportionate and dissuasive.5.When taking any of the supervisory measures referred to in paragraph 1, ESMA shall take into account the nature and seriousness of the infringement, having regard to the following criteria:(a)the duration and frequency of the infringement;(b)whether financial crime has been committed or facilitated or is otherwise attributable to the infringement;(c)whether the infringement has been committed intentionally or negligently;(d)the degree of responsibility of the person responsible for the infringement;(e)the financial strength of the ESG rating provider, as indicated by its total annual net turnover;(f)the impact of the infringement on the interests of investors and on other users of ESG ratings;(g)the importance of the profits gained and losses avoided by the ESG rating provider or the losses for third parties derived from the infringement, insofar as such profits and losses can be determined;(h)the level of cooperation of the ESG rating provider with ESMA, without prejudice to the need to ensure the disgorgement of profits gained or losses avoided by that ESG rating provider due to the infringement;(i)any previous infringements by the ESG rating provider;(j)measures taken after the infringement by the ESG rating provider to prevent its repetition.For the purposes of the first subparagraph, point (c), an infringement shall be considered to have been committed intentionally if ESMA finds objective elements which demonstrate that a person acted deliberately to commit the infringement.6.ESMA shall notify any decision to take a supervisory measure pursuant to paragraph 1 to the person responsible for the infringement without undue delay. ESMA shall publish any such decision on its website within 10 working days of the date when it was adopted.The publication referred to in the first subparagraph shall contain all of the following:(a)a statement affirming the right of the ESG rating provider to appeal the decision;(b)where relevant, a statement affirming that an appeal has been lodged and specifying that such an appeal does not have suspensive effect;(c)a statement asserting that it is possible for ESMA to suspend the application of the contested decision in accordance with Article 60(3) of Regulation (EU) No 1095/2010.7.ESMA may also require the infringing ESG rating provider to inform the users of its ESG ratings of any supervisory measure taken by ESMA pursuant to paragraph 1.Article 36Fines1.Where ESMA finds that an ESG rating provider, or, where applicable, its legal representative, has, intentionally or negligently, infringed this Regulation, it shall adopt a decision imposing a fine. The maximum amount of the fine shall be 10 % of the total annual net turnover of the ESG rating provider, calculated on the basis of the most recent available financial statements approved by the management body of the ESG rating provider.2.Where the ESG rating provider referred to in paragraph 1 of this Article is a parent undertaking or a subsidiary of a parent undertaking which is required to prepare consolidated financial accounts in accordance with Directive 2013/34/EU, the relevant total annual net turnover shall be either the total annual net turnover, or the corresponding type of income in accordance with applicable Union law in the area of accounting, according to the most recent available consolidated accounts approved by the management body of the ultimate parent undertaking.3.When determining the level of a fine pursuant to paragraph 1 of this Article, ESMA shall take into account the criteria set out in Article 35(5).4.Notwithstanding paragraph 3, where the ESG rating provider referred to in paragraph 1 has directly or indirectly benefitted financially from the infringement, the amount of the fine shall be at least equal to that benefit.5.Where an act or omission of an ESG rating provider constitutes more than one infringement of this Regulation, only the higher fine calculated in accordance with paragraph 2 and relating to one of those infringements shall apply.Article 37Periodic penalty payments1.ESMA shall, by decision, impose periodic penalty payments to compel:(a)an ESG rating provider to put an end to an infringement in accordance with a decision taken pursuant to Article 35(1), point (c);(b)the persons referred to in Article 32(1):(i)to supply complete information which has been requested by a decision taken pursuant to Article 32(3);(ii)to submit to an investigation and in particular to produce complete records, data, procedures or any other material required and to complete and correct other information provided in an investigation launched by a decision taken pursuant to Article 33(3);(iii)to submit to an on-site inspection ordered by a decision taken pursuant to Article 34(4).2.A periodic penalty payment shall be effective and proportionate. ESMA shall impose the periodic penalty payment on a daily basis until the ESG rating provider or person concerned complies with the relevant decision referred to in paragraph 1.3.Notwithstanding paragraph 2, the amount of the periodic penalty payments shall be 3 % of the average daily turnover in the preceding business year or, in the case of natural persons, 2 % of the average daily income in the preceding calendar year. It shall be calculated from the date stipulated in the decision imposing the periodic penalty payment.4.A periodic penalty payment shall be imposed for a maximum period of six months following notification of ESMA’s decision referred to in paragraph 1. Following the end of the period for which the periodic penalty payment is imposed, ESMA shall review the measure.Article 38Disclosure, nature, enforcement and allocation of fines and periodic penalty payments1.ESMA shall disclose to the public every fine and every periodic penalty payment that it has imposed pursuant to Articles 36 and 37 of this Regulation, unless such disclosure would seriously jeopardise Union financial markets or cause disproportionate damage to the parties involved. Such disclosure shall not contain personal data within the meaning of Regulation (EU) 2018/1725.2.Fines and periodic penalty payments imposed pursuant to Articles 36 and 37 shall be of an administrative nature.3.Fines and periodic penalty payments imposed pursuant to Articles 36 and 37 shall be enforceable.Enforcement of fines and periodic penalty payments shall be governed by the rules of procedure in force in the Member State or third country in which the fines and periodic penalty payments are enforced.4.Fines and periodic penalty payments shall be allocated to the general budget of the Union.Section 3Procedures and reviewArticle 39Procedural rules for taking supervisory measures and imposing fines1.Where ESMA finds that there are serious indications of a possible infringement of this Regulation, ESMA shall appoint an independent investigation officer within ESMA to investigate the matter. That investigation officer shall not be directly or indirectly involved or have been directly or indirectly involved in the supervision of the ESG ratings to which the infringement relates and shall perform his or her functions independently from ESMA’s Board of Supervisors.2.The investigation officer referred to in paragraph 1 shall investigate the alleged infringements, take into account any comments submitted by the persons who are subject to the investigation, and submit a complete file with his or her findings to ESMA’s Board of Supervisors.3.The investigation officer shall have the power to request information in accordance with Article 32 and to conduct investigations and on-site inspections in accordance with Articles 33 and 34.4.When carrying out his or her tasks, the investigation officer shall have access to all documents and information that have been gathered by ESMA in its supervisory activities.5.The rights of defence of the persons subject to the investigation shall be fully respected during investigations under this Regulation.6.Upon submission of the file with his or her findings to ESMA’s Board of Supervisors, the investigation officer shall notify the persons who are subject to the investigation.7.On the basis of the file containing the investigation officer’s findings, and where requested by the persons concerned after having heard those persons in accordance with Article 40, ESMA’s Board of Supervisors shall assess whether one or more persons subject to the investigation have committed the infringements concerned and shall, where it comes to the conclusion that such infringements have been committed, take a supervisory measure as referred to in Article 35 and impose a fine in accordance with Article 36.8.The investigation officer shall not participate in the deliberations of ESMA’s Board of Supervisors or in any other way intervene in the decision-making process of ESMA’s Board of Supervisors.9.The Commission shall adopt delegated acts in accordance with Article 47 to supplement this Regulation by adopting further rules of procedure for the exercise of ESMA’s power to impose fines or periodic penalty payments, including provisions on rights of defence, temporal provisions and the collection of fines or periodic penalty payments, and by adopting detailed rules on the limitation periods for the imposition and enforcement of fines and periodic penalty payments.10.ESMA shall refer matters for criminal prosecution to the national authorities concerned where, in carrying out its tasks under this Regulation, it finds that there are serious indications of the possible existence of facts liable to constitute criminal offences. ESMA shall refrain from imposing fines or periodic penalty payments where a prior acquittal or conviction arising from an identical fact or facts which are substantially the same has already acquired the force of res judicata as the result of criminal proceedings under national law.Article 40Hearing of persons subject to investigations1.Before taking any decision imposing a supervisory measure, fine or periodic penalty payment pursuant to Article 35, 36 or 37, ESMA shall give the persons subject to the investigations the opportunity to be heard on its findings. ESMA shall base its decisions only on findings on which the persons subject to the investigations have had an opportunity to comment.The first subparagraph shall not apply where urgent action pursuant to Article 35 is needed to prevent significant and imminent damage to the financial system. In such a case, ESMA may adopt an interim decision and shall give the persons concerned the opportunity to be heard as soon as possible after taking its decision.2.The rights of defence of the persons subject to the investigations shall be fully respected during the investigations. They shall be entitled to have access to ESMA’s file, subject to the legitimate interest of other persons in the protection of their business secrets. The right of access to the file shall not extend to confidential information or ESMA’s internal preparatory documents.Article 41Review by the Court of Justice of the European UnionThe Court of Justice of the European Union shall have unlimited jurisdiction to review decisions of ESMA imposing a fine or a periodic penalty payment. It may annul, or reduce or increase the amount of, the fine or periodic penalty payment imposed.Section 4Fees and delegationArticle 42Supervisory fees1.ESMA shall charge proportionate fees to ESG rating providers in accordance with the delegated acts adopted pursuant to paragraph 2. Those fees shall fully cover ESMA’s necessary expenditure relating to the supervision of ESG rating providers and the reimbursement of any costs that the competent authorities might incur when carrying out tasks pursuant to this Regulation, and in particular as a result of any delegation of tasks in accordance with Article 43.2.The amount of an individual fee shall be proportionate to the annual net turnover of the ESG rating provider concerned.By 2 January 2026, the Commission shall adopt delegated acts in accordance with Article 47 to supplement this Regulation by specifying the type of fees, the matters for which fees are due, the amount of the fees and the respective justification, the manner in which they are to be paid and, where applicable, the way in which ESMA is to reimburse the competent authorities in respect of any costs that they might incur when carrying out tasks pursuant to this Regulation, in particular as a result of any delegation of tasks as referred to in Article 43. Those delegated acts shall establish fees which are proportionate and appropriate to the size of ESG rating providers and to the extent of their supervision, in particular when they are categorised as small ESG rating providers.CHAPTER 5Cooperation between ESMA and the competent authoritiesArticle 43Delegation of tasks by ESMA to the competent authorities1.Where necessary for the proper performance of a supervisory task, ESMA may delegate the following supervisory tasks to the competent authority of a Member State in accordance with the guidelines issued by ESMA pursuant to Article 16 of Regulation (EU) No 1095/2010:(a)the power to request information in accordance with Article 32 of this Regulation;(b)the power to conduct investigations and on-site inspections in accordance with Articles 33 and 34 of this Regulation.2.Prior to the delegation of a task in accordance with paragraph 1, ESMA shall consult the relevant competent authority about:(a)the scope of the task to be delegated;(b)the timetable for the performance of the task; and(c)the transmission of necessary information by and to ESMA.3.ESMA shall reimburse the relevant competent authority for costs incurred as a result of carrying out delegated tasks. The costs to be reimbursed shall comprise all fixed costs, as well as variable costs related to the performance of the delegated tasks or the assistance provided by the competent authority to ESMA.4.ESMA shall review any delegation made in accordance with paragraph 1 at appropriate intervals. ESMA may revoke a delegation at any time.5.A delegation of tasks shall not affect the responsibility of ESMA nor limit ESMA’s ability to conduct and oversee the delegated activity. ESMA shall not delegate supervisory responsibilities, including authorisation decisions, final assessments and follow-up decisions concerning infringements.Article 44Exchange of informationESMA and the competent authorities shall, without undue delay, provide each other with the information required for carrying out their duties under this Regulation or their respective supervisory responsibility and mandates.Article 45Notifications and suspension requests by the competent authorities1.A competent authority of a Member State that finds that acts infringing this Regulation are being, or have been, carried out by an ESG rating provider on the territory of its own or of another Member State shall inform ESMA thereof. Where a competent authority considers it appropriate for investigatory purposes, that competent authority may suggest to ESMA that it assess the need to use the powers under Article 32 in relation to the ESG rating provider involved in those acts.2.ESMA shall take appropriate action. ESMA shall inform the notifying competent authority of the outcome and, as far as possible, of any significant interim developments.3.A notifying competent authority of a Member State that considers that an ESG rating provider listed in the register referred to in Article 14 whose ESG ratings are used within the territory of that Member State has infringed this Regulation in such a way that the protection of investors or the stability of the financial system in that Member State is significantly impacted, may request ESMA to suspend the provision of ESG ratings by the ESG rating provider concerned. The notifying competent authority shall provide ESMA with full reasons for its request.4.Where ESMA considers that the request referred to in paragraph 3 is not justified, it shall inform the notifying competent authority thereof in writing, setting out the reasons for its opinion. Where ESMA considers that the request is justified, it shall take appropriate measures to resolve the issue and it shall inform the notifying competent authority thereof in writing.Article 46Professional secrecy1.The obligation of professional secrecy shall apply to ESMA, the competent authorities and all persons who work or who have worked for ESMA, for the competent authorities or for any other person to whom ESMA has delegated tasks, including auditors and experts contracted by ESMA. Information covered by professional secrecy shall not be disclosed to any other person or authority except by virtue of Union or national law.2.All information exchanged under this Regulation between ESMA, the competent authorities, EBA, EIOPA, and the European Systemic Risk Board established by Regulation (EU) No 1092/2010 of the European Parliament and of the CouncilRegulation (EU) No 1092/2010 of the European Parliament and of the Council of 24 November 2010 on European Union macro-prudential oversight of the financial system and establishing a European Systemic Risk Board (OJ L 331, 15.12.2010, p. 1)., that concerns business or operational conditions or other economic or personal affairs shall be considered confidential, except where:(a)ESMA or the competent authority or another authority or body concerned states at the time of communication that such information can be disclosed;(b)disclosure of such information is necessary for legal proceedings;(c)the information disclosed is used in a summary or in an aggregate form in which individual financial market participants cannot be identified.TITLE IVDELEGATED AND IMPLEMENTING ACTSArticle 47Exercise and revocation of the delegation and objections to delegated acts1.The power to adopt delegated acts is conferred on the Commission subject to the conditions laid down in this Article.2.The power to adopt delegated acts referred to in Article 10(3), Article 39(9) and Article 42(2) shall be conferred on the Commission for a period of five years from 1 January 2025. The Commission shall draw up a report in respect of the delegation of power not later than nine months before the end of that five-year period. The delegation of power shall be tacitly extended for periods of an identical duration, unless the European Parliament or the Council opposes such extension not later than three months before the end of each period.3.The delegation of power referred to in Article 10(3), Article 39(9) and Article 42(2) may be revoked at any time by the European Parliament or by the Council. A decision to revoke shall put an end to the delegation of the power specified in that decision. It shall take effect the day following the publication of the decision in the Official Journal of the European Union or at a later date specified therein. It shall not affect the validity of any delegated acts already in force.4.Before adopting a delegated act, the Commission shall consult experts designated by each Member State in accordance with the principles laid down in the Interinstitutional Agreement of 13 April 2016 on Better Law-Making.5.As soon as it adopts a delegated act, the Commission shall notify it simultaneously to the European Parliament and to the Council.6.A delegated act adopted pursuant to Article 10(3), Article 39(9) and Article 42(2) shall enter into force only if no objection has been expressed either by the European Parliament or by the Council within a period of three months of notification of that act to the European Parliament and the Council or if, before the expiry of that period, the European Parliament and the Council have both informed the Commission that they will not object. That period shall be extended by three months at the initiative of the European Parliament or of the Council.7.If, on expiry of the period referred to in paragraph 6, neither the European Parliament nor the Council has objected to the delegated act, it shall be published in the Official Journal of the European Union and shall enter into force on the date stated therein. The delegated act may be published in the Official Journal of the European Union and enter into force before the expiry of that period if the European Parliament and the Council have both informed the Commission of their intention not to raise objections.8.If either the European Parliament or the Council objects to the delegated act within the period referred to in paragraph 1, it shall not enter into force. In accordance with Article 296 TFEU, the institution which objects shall state the reasons for objecting to the delegated act.Article 48Committee procedure1.The Commission shall be assisted by the European Securities Committee established by Commission Decision 2001/528/ECCommission Decision 2001/528/EC of 6 June 2001 establishing the European Securities Committee (OJ L 191, 13.7.2001, p. 45).. That committee shall be a committee within the meaning of Regulation (EU) No 182/2011 of the European Parliament and of the CouncilRegulation (EU) No 182/2011 of the European Parliament and of the Council of 16 February 2011 laying down the rules and general principles concerning mechanisms for control by Member States of the Commission’s exercise of implementing powers (OJ L 55, 28.2.2011, p. 13)..2.Where reference is made to this paragraph, Article 5 of Regulation (EU) No 182/2011 shall apply.Article 49Amendment to Regulation (EU) 2019/2088In Article 13 of Regulation (EU) 2019/2088, the following paragraph is added:"3.Where a financial market participant or a financial adviser issues and discloses to third parties an ESG rating, as defined in Article 3, point (1), of Regulation (EU) 2024/3005 of the European Parliament and of the CouncilRegulation (EU) 2024/3005 of the European Parliament and of the Council of 27 November 2024 on the transparency and integrity of Environmental, Social and Governance (ESG) rating activities, and amending Regulations (EU) 2019/2088 and (EU) No 2023/2859 (OJ L, 2024/3005, 12.12.2024, ELI: http://data.europa.eu/eli/reg/2024/3005/oj)."., as part of its marketing communications, it shall include on its website the same information as that required by point 1 of Annex III to that Regulation and it shall disclose in those marketing communications a link to those website disclosures.The ESAs shall, through the Joint Committee, develop draft regulatory technical standards to specify the information referred to in the first subparagraph of this paragraph, taking into account the information already disclosed pursuant to Article 10 of this Regulation.The ESAs shall submit the draft regulatory technical standards referred to in the second subparagraph to the Commission.Power is delegated to the Commission to supplement this Regulation by adopting the regulatory technical standards referred to in the second subparagraph of this paragraph, in accordance with Articles 10 to 14 of Regulations (EU) No 1093/2010, (EU) No 1094/2010 and (EU) No 1095/2010.
----------------------
Regulation (EU) 2024/3005 of the European Parliament and of the Council of 27 November 2024 on the transparency and integrity of Environmental, Social and Governance (ESG) rating activities, and amending Regulations (EU) 2019/2088 and (EU) No 2023/2859 (OJ L, 2024/3005, 12.12.2024, ELI: http://data.europa.eu/eli/reg/2024/3005/oj).".Article 50Amendment to Regulation (EU) 2023/2859In Part A of the Annex to Regulation (EU) 2023/2859, the following entry is added:"20.Regulation (EU) 2024/3005 of the European Parliament and of the Council of 27 November 2024 on the transparency and integrity of Environmental, Social and Governance (ESG) rating activities, and amending Regulations (EU) 2019/2088 and (EU) No 2023/2859 (OJ L, 2024/3005, 12.12.2024, ELI: http://data.europa.eu/eli/reg/2024/3005/oj).".TITLE VTRANSITIONAL AND FINAL PROVISIONSArticle 51Transitional provisions1.ESG rating providers which operated in the Union at the date of entry into force of this Regulation shall notify ESMA by 2 August 2026 if they wish to continue operating in the Union and apply for authorisation or recognition in accordance with Title II. In that case, they shall apply for authorisation or recognition within four months of 2 July 2026. In the absence of such an application to ESMA within that four-month period, they shall cease their activities.2.After notifying ESMA pursuant to paragraph 1, the ESG rating provider shall be temporarily listed in the register referred to in Article 14 and be permitted, until its application has been approved or denied, to continue operating in the Union, and may endorse an ESG rating provided by an ESG rating provider established outside the Union and belonging to the same group under Article 11.3.By way of derogation from paragraph 1 of this Article, ESG rating providers categorised as small ESG rating providers, within the meaning of Article 5(1), which operated in the Union at the date of entry into force of this Regulation shall notify ESMA in accordance with Article 5 no later than 2 November 2026 if they wish to continue operating in the Union. In the absence of such notification by that date, they shall cease their activities.Article 52Review1.The Commission shall evaluate the application of this Regulation by 2 January 2029.2.The Commission shall present a report on the main findings of the evaluation to the European Parliament and the Council. In carrying out the evaluation, the Commission shall take into account market developments and the relevant evidence at its disposal. The report shall in particular assess the following:(a)the impact of this Regulation on the transition to a sustainable economy, on the gap of investments needed to meet the Union climate targets as set out in Regulation (EU) 2021/1119, and on redirecting private capital flows towards sustainable investments;(b)the impact of this Regulation on the market structure, including the evolution of the number and diversity of ESG rating providers;(c)whether the scope of this Regulation is appropriate to achieve its objectives in accordance with Article 1, including whether providers of data products on environmental, social and human rights, and governance factors should be included in the scope of this Regulation;(d)the adequacy of the requirements for ESG rating providers established outside the Union to operate in the Union;(e)the functioning of the market of ESG rating providers in the Union, including potential conflicts of interest, and its supervision by ESMA;(f)whether this Regulation, including the non-interference principle referred to in Article 28, have contributed to improving the quality and reliability of ESG ratings and reduced the use of misleading ESG ratings.3.Where the Commission finds it appropriate, the report shall be accompanied by a legislative proposal for amendment of the relevant provisions of this Regulation.Article 53Entry into force and applicationThis Regulation shall enter into force on the twentieth day following that of its publication in the Official Journal of the European Union.It shall apply from 2 July 2026.This Regulation shall be binding in its entirety and directly applicable in all Member States.Done at Strasbourg, 27 November 2024.For the European ParliamentThe PresidentR. MetsolaFor the CouncilThe PresidentBóka J.ANNEX IINFORMATION TO BE PROVIDED IN THE APPLICATION FOR AUTHORISATIONAn application for authorisation shall contain all of the following information:(a)the full name of the applicant, the address of its registered office within the Union, the applicant’s website and, where available, the applicant’s legal entity identifier (LEI);(b)the name and contact details of a contact person at the applicant;(c)the legal status of the applicant;(d)the ownership structure of the applicant;(e)the identity of entities within the ownership structure of the applicant that will provide ESG ratings or any of the activities listed in Article 16(1);(f)the identity of the members of the senior management of the applicant and their level of qualification, experience and training;(g)the number of rating analysts, employees and other persons working for the applicant who are directly involved in ESG rating activities, and their level of experience and training;(h)the expected market coverage of ESG ratings;(i)a description of the procedures and methodologies used to issue and review ESG ratings implemented by the applicant, whether the applicant expects to use information disclosed under Regulation (EU) 2019/2088 and Directive 2013/34/EU, and whether the applicant expects to use methodologies that are based on scientific evidence and takes into account the targets and objectives of the Paris Agreement or any other relevant international agreements;(j)the policies or procedures implemented by the applicant to identify, manage and disclose any conflicts of interest as referred to in Article 15 of this Regulation;(k)where applicable, documents and information related to any existing or planned outsourcing arrangements for activities covered by this Regulation;(l)where applicable, information about other activities, including expected endorsement, carried out by the applicant, or which the applicant intends to carry out;(m)where applicable, information about the specific measures implemented by the applicant as referred to in Article 16(2) and (3) of this Regulation;(n)where applicable, information about previous ESG rating activities.ANNEX IIORGANISATIONAL REQUIREMENTS1.Record keeping informationESG rating providers shall keep records of all of the following:(a)for each ESG rating, where applicable:(i)the identity of the rating analysts participating in the determination of the ESG rating, the identity of the persons who have approved the ESG rating, information as to whether the ESG rating was solicited or unsolicited, and the date on which the ESG rating action was taken;(ii)the identity of the persons responsible for the development of the rule-based methodology, and the identity of the persons who have approved the rating methodology;(b)the account records relating to fees received from any rated item or issuer of the rated item or related third party or any user of ESG ratings;(c)the account records for each user of ESG ratings;(d)the records documenting the established procedures and rating methodologies used by the ESG rating provider to determine ESG ratings;(e)the internal records and external communications and files, including non-public information and work papers, used to form the basis of any ESG rating decision taken;(f)records of the procedures and measures implemented by the ESG rating provider to comply with this Regulation;(g)the methodology used for the determination of an ESG rating;(h)changes in, or deviations from, standard procedures and methodologies;(i)all documents relating to any complaint, including those submitted by a complainant.2.OutsourcingWhere ESG rating providers outsource to a service provider functions or any relevant services or activities in the provision of an ESG rating, the ESG rating provider shall ensure that the following conditions are met:(a)the service provider has the ability, capacity, and any authorisation required by law, to perform the outsourced functions, services or activities reliably and professionally;(b)the ESG rating provider takes appropriate action if it appears that the service provider might not be carrying out the outsourced functions effectively and in compliance with applicable law and regulatory requirements;(c)the ESG rating provider retains the necessary expertise to supervise the outsourced functions effectively and to manage the risks associated with the outsourcing;(d)the service provider discloses to the ESG rating provider any development that might have a material impact on its ability to carry out the outsourced functions effectively and in compliance with applicable law and regulatory requirements;(e)the ESG rating provider is able to terminate the outsourcing arrangements where necessary;(f)the ESG rating provider takes reasonable steps, including contingency plans, to avoid undue operational risk related to the participation of the service provider in the ESG rating determination process.ANNEX IIIDISCLOSURE REQUIREMENTS1.Minimum disclosures to the publicIn accordance with Article 23 of this Regulation, ESG rating providers shall, at a minimum, disclose to the public on their website and through the European single access point (ESAP) the following:(a)an overview of the rating methodologies used and changes thereto, including whether analysis is backward-looking or forward-looking and the time horizon covered;(b)the industry classification used;(c)an overview of data sources, including whether data is sourced from sustainability statements required under Directive 2013/34/EU or from information disclosed under Regulation (EU) 2019/2088 and whether sources are public or non-public, and an overview of data processes, estimation of input data in case of unavailability and frequency of data updates;(d)the ownership structure of the ESG rating provider;(e)information on whether and how the rating methodologies are based on scientific evidence;(f)information on the ESG rating’s clearly defined objective and marking whether the rating is assessing risks, impacts, or both, according to the double materiality principle, or any other dimensions, and in the case of double materiality the proportion of the risk and impact materiality;(g)the ESG rating’s scope, namely, whether it covers an individual E, S, or G factor or whether it is an aggregated rating aggregating E, S and G factors, or whether it covers specific issues such as transition risks;(h)in the case of an aggregated ESG rating, the weighting of the three overarching E, S and G categories of factors (for example 33 % for the E factor, 33 % for the S factor, 33 % for the G factor), and the explanation of the weighting method, including weight per individual E, S and G category;(i)within the E, S or G factors, specification of the topics covered by the ESG rating, and whether they correspond to the topics from the sustainability reporting standards developed pursuant to Article 29b of Directive 2013/34/EU;(j)information on whether the rating is expressed in absolute or relative value;(k)where applicable, reference to the use of artificial intelligence in the data collection or rating process including information about current limitations and risks of using artificial intelligence;(l)general information on criteria used for establishing fees charged to clients, specifying the various elements taken into consideration, and general information on the business/payment model;(m)any limitation in data sources and methodologies used for the construction of ESG ratings;(n)the main risks of conflicts of interest and the steps taken to mitigate them;(o)if an ESG rating of a rated item covers the E factor, information on whether that rating takes into account the targets and objectives of the Paris Agreement or any other relevant international agreements;(p)if an ESG rating of a rated item covers the S and G factors, information on whether that rating takes into account any relevant international agreements;(q)any limitation on the information available to ESG rating providers.2.Additional disclosures to users of ESG ratings and rated items within the scope of Directive 2013/34/EUIn accordance with Article 24 and in addition to the minimum disclosures to the public referred to in point 1 of this Annex, ESG rating providers shall make available the following information to users of ESG ratings, rated items and issuers of a rated item, if applicable, that are the subject of such rating:(a)a more granular overview of the rating methodologies used and changes thereto, including:(i)where applicable, scientific evidence and assumptions on which the ratings are based;(ii)the relevant key performance indicators per E, S and G factor, and weighting method;(iii)in the case of an aggregated ESG rating, the result of the assessment for each E, S and G category of factors, presented in a manner that ensures comparability of the E, S and G category;(iv)any potential shortcomings of methodologies, and the measures taken to address those shortcomings;(v)policies for the revision of methodologies;(vi)when an ESG rating has been upgraded or downgraded due to any material changes to rating methodologies, models, key rating assumptions or data sources (including estimates), the reasons for those changes and their implications for the given rating;(vii)date of the last revision of methodologies;(viii)where the ESG rating covers the E factor, whether and to what extent the ESG rating is correlated with the percentage of taxonomy-alignment under Regulation (EU) 2020/852, or aligned with other international agreements, together with an explanation of any significant deviations therefrom;(b)a more granular overview of data processes, including:(i)a more detailed explanation of data sources used, including whether public or non-public, whether subject to assurance engagement, and whether derived from the sustainability reporting standards developed pursuant to Articles 19a and 29b of Directive 2013/34/EU concerning sustainable economic activities and disclosure of information pursuant to Regulation (EU) 2020/852 and Regulation (EU) 2019/2088, including whether and how information on companies’ transition plans derived from such sustainability reporting standards is used;(ii)where applicable, the use of estimation and industry average and explanation of the underlying methodology;(iii)the policies for updating data and revising historical data, and the date of last updates of data;(iv)data quality controls, their frequency and the remediation process if issues arise;(v)where applicable, any steps taken to address limitations in data sources;(c)where applicable, information about engagement with rated items and issuers of rated items, including whether on-site reviews or visits have been performed by the ESG rating provider and at what frequency;(d)where an ESG rating provider issues an unsolicited rating, a prominent statement to that effect in the ESG rating, including information on whether the rated item or a related third party has been informed that it would be rated, whether it participated in the rating process and whether the ESG rating provider had access to the management and relevant internal documents of the rated item or a related third party;(e)where applicable, an explanation of any artificial intelligence methodology used in the data collection or rating process;(f)in the case of major new information in respect of a rated item that has the possibility to affect the result of an ESG rating, ESG rating providers shall explain how they have taken that information into account and whether they have amended the corresponding ESG rating;Where applicable, the information referred to in point 2 of this Annex shall be specific to each ESG rating distributed.