Rating Agencies are Playing New Versions of the Same Old Games
Short history of credit rating agencies. The credit rating business dates back to 1909, when John Moody published the first rating on railroad bonds. Fitch Publishing was established in 1922, and the two companies that merged to create Standard & Poor’s began as Poor’s Publishing in 1916 and Standard Statistics Company in 1922 (White 2009).
There were two important events in the history of credit ratings agencies (“CRAs”). In 1936, regulators set new requirements for banks to hold investment-grade bonds and prohibited them from holding speculative bonds. The policy justification for these new requirements was that the core regulatory function of banks is “prudential regulation” and thus every effort must be made to keep the banks solvent (White 2013). This was a major regulatory shift because up until then, banks could choose to completely disregard ratings in considering which bonds they held. Effectively, this regulatory change was the beginning of a transfer of the rating business from regulators to private, third-party companies, namely CRAs.
The second important historical event for CRAs occurred in 1975 when the SEC recognized that, similar to commercial banks, broker-dealers and securities firms needed to take into account the riskiness of the bonds that they hold with respect to their available net capital. In effect, the banks’ regulatory obligation of “prudential regulation” now also applied to securities firms. The only issue in implementing the regulation was that the SEC did not understand how to designate which CRAs were qualified to assess the grade of a bond.
In response, the Nationally Recognized Statistical Rating Organization (NRSRO) designation was created. Rating agencies could only obtain a NRSRO designation with a certification from the SEC. Over the next 25 years, after the regulatory change of 1975, only four firms were certified. The barrier to entry into the rating business became stratospherically high thanks to the SEC-required NRSRO designation. Currently, there are ten NRSROs. As a consequence of these regulatory changes, firms that used to conduct their own credit analysis started to use a bond’s NRSRO rating to properly assess risk and remain in regulatory compliance.
The NRSRO proved not to be a panacea for the bond market, however. During the financial crisis, many blamed the rating agencies for their role in misrepresenting the credit quality of mortgage-backed securities and structured products linked to those securities. In the Financial Crisis Inquiry Commission’s report, the commission concluded that “The mortgage-related securities at the heart of the crisis could not have been marketed and sold without their seal of approval” (Angelides et al. 2011, 26). The commission specifically called out the big three rating agencies (Moody’s Investors Service, Standard & Poor’s, and Fitch Ratings) for their role in the crisis.
Historically, the CRAs’ business model was based on subscription fees that investors paid to access ratings. In the 1970s, the invention of copying machines disrupted that business model because it became possible to photocopy rating reports and distribute them for free.
As the rating agencies adapted, they changed their business model to an issuer-pays model. Issuers pay the agencies to obtain a rating that allows them to market and borrow money. As we now know, the issuer-pays model created incentives and conflicts of interest that were partially responsible for the credit crisis of 2008.
The credit crisis is not the only time when CRAs attracted public attention and ire, however. During the Enron debacle in 2001, just five days before the company declared bankruptcy, the big three agencies had an investment-grade rating on Enron bonds.
Despite their errors in judgment and stumbles, CRAs are essential for the robust functioning of the market. The Dodd-Frank Act, signed into law in 2010, found that CRAs are “systematically important for the financial system” primarily because they uniquely possess the access to data and expertise to evaluate the quality of complex credit securities and provide a quantitative metric for investors to make informed decisions.10
Because of the crucial role that CRAs play in the global financial system, any business model issues that affect their ability to accurately and objectively assess the quality of bonds can have a massive impact on the financial system, as we saw in 2008. Two particularly important issues presently plaguing CRAs are discussed below.
The rise of the non-big three. Below is the list of NRSROs. The list shows that there are currently ten institutions operating in the rating business.11
Moody’s Investors Service, Inc. (“MIS”)
S&P Global Ratings (“S&P”)12
Fitch Ratings, Inc. (“Fitch”)
Non-Government Security Rating by Agencies
A.M. Best Rating Services, Inc. (“AMB”)13
DBRS, Inc. (“DBRS”)
Egan-Jones Ratings Company (“EJR”)
HR Ratings de México, S.A. de C.V. (“HR”)
Japan Credit Rating Agency, Ltd. (“JCR”)
Kroll Bond Rating Agency, Inc. (“KBRA”)14
Morningstar Credit Ratings, LLC (“MCR”)15
As Exhibit 16 shows, there are now seven more NRSROs in addition to the Big Three. Because of these new additions, and the subsequent increase in competition, it is reasonable to anticipate that the quality of ratings will improve and we will collectively avoid some of the rate inflations that we saw before the crisis. However, as the graph below shows, there is a clear lack of diversification in the relative importance of the NRSROs. The Big Three control 84% of the ratings for non-governmental securities.
As we can see, the Big Three have garnered most of the rating business in the non-government sector, which includes the rating of corporate bonds, the most liquidity-sensitive of the trading bonds. Subsequently, the Big Three still overwhelmingly generate the major share of profits in the rating business. Exhibit 17 shows the percentage of revenue generated by all ratings agencies since 2014. As one can clearly see in Exhibit 17, the Big Three are still pocketing more than 90% of the total revenues in the rating business (US Securities and Exchange Commission 2018).
The barriers to entry in the rating business, a consequence of the SEC’s 1975 regulatory efforts, and the lack of diversification in terms of revenues and business share are dangerous factors that will impede the efficient functioning of the rating business. It could lead to polarization and homogenization in bond ratings and quite possibly rating inflation on the part of the smaller players given the natural incentives created by the issuer-pays business model. From a business economics perspective, as the smaller players try to grow, it is conceivable that in trying to keep what few customers they have happy, they will be motivated to please their bond issuers by inflating their ratings. The lack of diversification is undesirable in any industry, but particularly dangerous in the bond ratings market because of the deep trust placed by investors in bond ratings.
Lack of full implementation of regulatory reforms. Given the critical role that the credit rating agencies played in the financial crisis, the Dodd-Frank Act requires the SEC and the Government Office of Accountability (GAO) to implement three regulatory modifications to the business model of NRSROs.
Revenues from the Big Three versus Others over Time
The first requirement is for the SEC and GAO to examine the issuer-pays model for NRSROs and propose a new business model that would be less sensitive to rating inflation. If no business model is found suitable, Dodd-Frank requires that ratings be randomly assigned to the pool of NRSROs. Although the SEC studied various alternative business models and found pros and cons in each of the models they examined, they did not conclude their study and, therefore, did not implement this set of Dodd-Frank recommendations (Rivlin and Soroushian 2017).
The second requirement is for the SEC to diminish the influence of NRSROs by removing and replacing the use of credit ratings in certain capital requirement rules for financial institutions and insurance companies. This requirement includes the use of designated non-NRSROs to mitigate the risk of the concentration of businesses and the lack of diversification in the ratings business.
The third requirement is for the SEC to find ways to increase the legal liabilities attached to the ratings determined by rating agencies and create a legal framework to build accountability into the business of rating bonds. Finally, Dodd-Frank increased the SEC’s oversight reach in general in the regulation of the rating agencies.
These requirements were designed to systematically and logically address the weaknesses of the rating agencies that were revealed when examining the contributing factors in the financial crisis. However, many of these requirements have not been fulfilled, even as years have lapsed since the crisis. For example, the SEC has not yet proposed an alternative to the issuer-pays business model. In addition, the requirement of randomly assigning ratings to the agencies has also not been implemented by the SEC. In spite of the fact that the SEC publishes an annual report in which it examines the functioning of the rating agencies, it has not yet been able to propose and enforce regulations that address the risk of rating inflation and the lack of diversification in the business of bond rating.
11 2018 Summary Report of Commission Staff ’s examination of each Nationally Recognized Statistical Rating Organization, US Securities and Exchange Commission, December 2018.