The Securities and Exchange Commission has issued annual staff reports on credit rating agencies registered as nationally recognized statistical rating organizations (NRSROs). The news in the annual report, summarizing examinations of each NRSRO, as required by the 2010 Dodd-Frank Act, is cautiously good. It shows that NRSROs have made operational improvements and have enhanced process accountability, controls and governance.

A separate annual report, mandated by the 2006 Credit Rating Agency Reform Act, discusses the state of competition, transparency, and conflicts of interest at NRSROs.  It notes that some smaller NRSROs have continued to increase their market share, particularly for credit ratings of asset-backed securities.  The report also discusses new requirements for NRSROs that took effect in June to address internal controls, conflicts of interest, disclosure of credit rating performance statistics, procedures to protect the integrity and transparency of rating methodologies, disclosures to promote the transparency of credit ratings, and standards for training, experience, and competency of credit analysts.

Despite industry improvements, specific failings (although not specific firms) are noted in the two reports:

On numerous occasions, two larger NRSROs and one smaller NRSRO failed to adhere to their ratings policies and procedures, methodologies, or criteria, or to properly apply quantitative models.

At one NRSRO, ratings determinations made by rating committees were subsequently changed at the prompting of senior ratings personnel, which contravened policies and procedures governing the rating process. 

Another larger NRSRO did not adhere to its internal policies and procedures by assigning several ratings that differed from the ratings implied by the quantitative model without properly documenting in rating committee materials the rationale for this difference. When reviewing certain financial institutions ratings, this NRSRO did not adhere to its internal policies and procedures concerning withdrawals of ratings, the process for issuers to appeal ratings, and communicating with an issuer concerning the withdrawal and appeal processes.

Two larger NRSROs and one smaller NRSRO did not always adhere to some of their policies and procedures concerning review and revision of methodology, criteria, and models.

Analytical personnel at a larger NRSRO noticed an error in calculations used to determine certain surveillance ratings, but subsequent rating publications did not disclose that error or its ratings implications.

One larger NRSRO and one smaller NRSRO did not always adhere to their IT policies and procedures concerning access, updates, and use of third-party vendors.

At one larger NRSRO, several rating files were missing required documents and information or contained inaccurate information, including notifications to issuers, the purpose of the rating committee, and references to applicable policies, procedures, and criteria. At another firm, some rating files were missing required documents, including communications with the issuer and the inputs to quantitative models used to determine the rating of structured finance securities.

More detailed information on the reports can be found here.