Article

ESG ratings providers: FCA consultation paper and high-level compare of UK vs. EU regimes

ESG ratings providers: FCA consultation paper and high-level compare of UK vs. EU regimes
Published Date
Feb 17 2026
Related people
Image of Tamara Cizeika
Tamara CizeikaCounsel, London
Image of Matthew Townsend
Matthew TownsendPartner, London
Image of Ken Rivlin
Ken RivlinPartner, New York
Image of Danae Wheeler
Danae WheelerSenior Associate, London
The FCA has issued a lengthy consultation paper setting out its proposed new regime for ESG ratings providers (FCA CP 25/34). From June 29, 2028, any firm wishing to provide ESG ratings in the UK will need FCA authorisation, subject to exceptions and detailed provisions on the scope of the new regime.

This bulletin contains a high-level summary of the FCA’s position, and a snapshot comparing the UK and EU regimes.

New UK regime for ESG ratings providers

The FCA’s consultation paper on ESG ratings providers (CP 25/34) has been a long time coming.

  • On March 30, 2023, HM Treasury launched a consultation proposing to bring ESG ratings providers within the scope of FCA regulation—this received support from industry. Over two years later, in October 2025, the government published legislation to this end. In December 2025, the legislation was issued in final form.
  • The Financial Services and Markets Act 2000 (Regulated Activities) (ESG Ratings) Order 2025 amends the Financial Services and Markets Act 2000 (Regulated Activities) Order 2001 (RAO) to make the provision of ESG ratings a regulated activity for the purposes of UK law, subject to exceptions.
  • The new regulated activity is set out in Article 63U of the RAO.
  • The order comes into full force on June 29, 2028, but certain provisions apply before then to enable the new regulatory regime for ESG ratings providers to be put into place.

The FCA’s consultation paper was published for that purpose on December 1, 2025:

  • It includes draft new rules for ESG ratings providers—these are to be introduced by inserting a new Chapter 6 into the FCA’s ESG Sourcebook. Chapter 6 is titled “Conduct rules for ESG ratings providers”.
  • Draft guidance is to be added to the FCA’s Perimeter Guidance manual (PERG) on when activities are likely to amount to the new regulated activity of providing an ESG rating.
  • As regards the “baseline” FCA rules that apply to most types of regulated firms, the consultation paper explains how the FCA proposes for these to apply to ESG ratings providers (e.g., PRIN, GEN, SUP, SYSC, TC, etc). The upshot is that much of the “baseline” regime will apply to ESG ratings providers, subject to specific exceptions—e.g., there is no need for an MLRO, a bespoke conflicts regime applies under the ESG sourcebook instead of the one in SYSC, the FCA’s consumer duty is disapplied, etc.

NB: On the subject of prudential requirements, interestingly, the following view has been taken: “We do not propose to introduce bespoke prudential requirements for rating providers. Our view is that existing requirements—Threshold Condition 2D (Appropriate resources), COND 2.4 and Principle 4 (a firm must maintain adequate financial resources)—provide a proportionate baseline.” Firms must therefore assess and maintain adequate financial resources and also have robust arrangements for an orderly wind-down. The FCA also makes clear the question of prudential requirements will remain under review

  • Finally, the FCA uses the consultation paper to set out its approach to authorisation applications and to explain how it proposes to supervise ESG ratings providers going forward.

The FCA is to be commended for the overall approach taken to the consultation—it has engaged with industry extensively on the subject of ESG ratings providers, and signalled its desire to take an open, practical and collaborative approach. Since the consultation was issued, it has continued these efforts, with further extensive stakeholder engagement, which has been very well received.

Key points from the FCA’s draft rules

The new Chapter 6 to be inserted into the FCA’s ESG sourcebook for ESG ratings providers includes provisions on the following topics:

  • Governance, systems and controls—including the methodology for formulating ESG ratings, and quality control, record keeping and outsourcing requirements, as well as the need to rely on up-to-date information when formulating ratings. One interesting point to note is that the FCA prohibits a firm from outsourcing “operational responsibility for the ESG ratings process”.
  • Engagement—including the obligation to make certain notifications when the firm first decides to produce a particular ESG rating. Such a notification must include (among other things) the nature of the rating, the methodology, a summary of key data inputs, and an explanation of any rights to request data and how to notify the firm of errors. The FCA rules require information rights to be given to “notifiable persons”1 (e.g., so they can obtain certain data). The rules also impose various obligations—e.g., the firm must establish a procedure for receiving and processing feedback from stakeholders, and comply with certain requirements when requesting data.
  • Complaints handling—the new regime will enable complaints by a ratings user, a “notifiable person” and “any other person with an interest in the ESG rating”.
  • Transparency—this includes rules and guidance on disclosures designed to enhance the transparency and comparability of ESG ratings. It includes: (1) minimum public facing disclosures (including on conflicts and complaints handling); (2) disclosures and notifications to ESG ratings users and other “notifiable persons”. Further requirements apply where the firm wishes to make a change to a methodology.

The requirements on transparency contain an exception where information would qualify as a trade secret—the rules then prescribe what disclosures must be made instead.

  • Conflicts—there is a bespoke and fairly extensive regime in ESG 6 on conflicts. Among other things, this includes rules on information barriers, and a conflicts of interest report to be regularly provided to senior management. The FCA rules also require ESG ratings to be free from political or economic interference.

Recommendations for firms

  • Firms that will fall within the scope of the new regime will presumably be getting up to speed on the draft new rules proposed by the FCA and considering how to approach implementation and an authorisation application process.
  • Firms that are frequent users of ESG ratings, and entities or firms that are (or have products that are) the subject of ESG ratings, may wish to review the FCA’s consultation paper so as to provide a response.

They may also wish to get involved in the work being done by relevant industry bodies on the subject of ESG ratings generally.

Broader landscape

Three other points worth mentioning from the consultation paper:

  • The FCA notes that the UK government has identified sustainable finance as a growth-driving sector of the UK economy in “The UK’s Modern Industrial Strategy”.2
  • The FCA notes that total global spending on ESG data is estimated to reach around USD2.2 billion in 2025, with further growth expected beyond that.
  • The FCA refers to the evolving international landscape and the fact that several jurisdictions (including the EU) are introducing regulatory frameworks for ESG ratings providers. “Our proposals are designed to be consistent with international standards, particularly the IOSCO recommendations, to support cross-border coherence and reduce the risk of regulatory fragmentation.”

It is not clear, however, how much comfort this last statement by the FCA will provide in practice. For international groups, or firms doing business globally, having to face slightly different regulatory requirements across a number of different jurisdictions is far from ideal.

EU position

Turning then to the EU position, this is working to a timeline slightly ahead of the UK.

  • The EU has introduced Regulation (EU) 2024/3005 of the European Parliament and of the Council of 27 November 2024 on the transparency and integrity of Environmental, Social and Governance (ESG) rating activities.
  • This will begin to apply in the main from July 2, 2026. The UK regime, in the main, will begin to apply from June 29, 2028.
  • ESMA has been working on regulatory technical standards (RTS) to support the new regime, and on October 15, 2025, published a final report on three draft RTS:

- One on authorisation and recognition—this deals with the information to be provided in applications to ESMA for authorisation and recognition.

- One on the separation of business (i.e., to address conflicts risks)—this deals with safeguards to be put in place to mitigate conflicts risks within firms that conduct more than just ESG ratings activities.

- One on disclosures to be made by ESG ratings providers to the public, users of ratings, rated entities, and (where relevant) the providers or issuers of rated items.

ESMA also confirmed as follows: “ESMA has submitted the draft technical standards to the European Commission for adoption by means of a Commission Delegated Regulation (for RTS). The technical standards will also be subject to non-objection by the European Parliament and Council.”

UK vs. EU position

In terms of a side-by-side comparison on scope, see the following.

Article 63U of the Financial Services and Markets Act 2000 (Regulated Activities) Order 2001 (RAO)Regulation (EU) 2024/3005 of the European Parliament and of the Council of 27 November 2024 on the transparency and integrity of Environmental, Social and Governance (ESG) rating activities

63Z7

“ESG factor” means an environmental, social or governance factor;

“ESG rating” means an assessment regarding one or more ESG factors, which -

(a) is produced in the form of an opinion, a score or a combination of both, where -

(i) “score” means a measure derived from data and a pre-established statistical or algorithmic system or model, without additional substantial analytical input from an analyst, and

(ii) “opinion” means an assessment involving substantial analytical input from an analyst, and

(b) is prepared using an established methodology and a defined ranking system of rating categories, whether or not it is characterised as an ESG rating;” “‘providing’, in relation to an ESG rating, means producing it and making it available, and a person (“P”) – (a) does not provide an ESG rating unless they both produce it and make it available, … ”

Article 3 (definitions)

“(1) ‘ESG rating’ means an opinion or a score, or a combination of both, regarding a rated item’s profile or characteristics with regard to environmental, social and human rights, or governance factors, or regarding a rated item’s exposure to risks or impact on environmental, social and human rights, or governance factors, that is based on both an established methodology and a defined ranking system of rating categories, irrespective of whether such ESG rating is labelled as ‘ESG rating’, ‘ESG opinion’ or ‘ESG score’;”

“(2) ‘ESG opinion’ means an ESG assessment that is based on a rule-based methodology and defined ranking system of rating categories, involving directly a rating analyst in the rating process;”

“(3) ‘ESG score’ means an ESG measure derived from data, using a rule-based methodology, and based only on a pre-established statistical or algorithmic system or model, without any additional substantial analytical input from a rating analyst;”

“(4) ‘ESG rating provider’ means a legal person whose activities include the issuance, and the publication or distribution, of ESG ratings on a professional basis;”

“(7) ‘rated item’ means a legal person, a financial instrument, a financial product, a public authority or a body governed by public law which is explicitly or implicitly rated in the ESG rating, irrespective of whether such rating has been requested and irrespective of whether the legal person, public authority or body governed by public law has provided information for that ESG rating;”

“63U. (1) Unless paragraph (2) applies, providing an ESG rating is a specified kind of activity, where that rating is likely to influence a decision to make an investment specified in Part 3 [e.g. shares, bonds, funds etc].

(2) This paragraph applies where the person providing an ESG rating could not reasonably have expected it to influence a decision to make an investment specified in Part 3.

(3) For the purposes of paragraph (1), it is immaterial whether the ESG rating is solicited or unsolicited.

(4) In paragraphs (1) and (2), “make”, in relation to an investment specified in Part 3, has the meaning given in article 63Z7.”

Article 4 Requirements to operate in the Union Any legal person that wishes to operate as an ESG rating provider in the Union shall be subject to one of the following:

(a) an authorisation issued by ESMA as referred to in Article 6;

(b) an equivalence decision as referred to in Article 10 and fulfilment of the conditions referred to in that Article; (c) an authorisation for endorsement as referred to in Article 11; (d) a recognition as referred to in Article 12.

Snapshot of ESG ratings regime—UK vs. EU3

SubjectUK proposed new regimeEU new regime
Main application date
  • Applies from June 29, 20284
  • Applies from July 2, 202
Other key dates
  • The Financial Services and Markets Act 2000 (Regulated Activities) (ESG Ratings) Order 2025 was made on December 15, 2025
  • FCA published CP 25/34 with its draft rules for ESG ratings providers —December 1, 2025
  • Consultation closes—March 31, 2025
  • FCA to publish a policy statement and rules in final form—Q4 2026
  • Pre-gateway support period for firms that wish to apply for authorisation—late 2026 to June 2027
  • FCA authorisation gateway to open—June 2027
  • ESG Rating Regulation dated November 27, 2024
  • Published in the Official Journal—December 12, 2024
  • Entered into force—January 2, 2025
Regulator
  • FCA
  • ESMA
Transitional regime
  • Transitional relief is available for an existing ESG ratings provider that has made an application for authorisation by a deadline to be determined by the FCA, where the application has not been determined in time. Subject to conditions, the firm can continue to make pre-existing ESG ratings available, but no new ones. The transitional relief will last for one year.
  • Existing ESG ratings providers5 already operating in the EU on January 2, 2025 (i.e., when the regulation came into force) must notify ESMA by August 2, 2026 if they want to apply for authorisation or recognition. In general terms, these firms are listed in a register and able to continue to operate until their application is approved or denied. But they must submit an application for authorisation by November 2, 2026.
  • Temporary light-touch requirements for small EU ESG ratings providers. They must notify ESMA of their intention to operate and have been registered by ESMA. They are then subject to some (not all) of the regime. The regime will apply in full to them three years after their registration and they must apply for authorisation within six months of that date.
Exclusions and exemptions

Under new Articles 63V to 63Z6 of the RAO, the following apply, subject to conditions:6

  • Firms authorised to conduct another regulated activity (and certain other prescribed activities) are given a limited exclusion where they create an ESG rating in the course of carrying on that other activity.
  • An exclusion applies to a firm providing an ESG rating in the course of providing a benchmark excluded under certain provisions from the UK Benchmarks Regulations.
  • An exclusion applies to a firm providing an ESG rating in the course of providing a credit rating, score etc excluded under certain provisions from the post Brexit UK credit ratings regime.
  • An exclusion applies to an ESG ratings provider that provides a rating to another member of its group where (1) it does not reasonably expect the rating to be made available to third parties or (2) if otherwise, it reasonably expects such availability will fall within the exclusion in the first bullet above
  • Broadly speaking, an exclusion applies where a rating is provided about a subject, having been commissioned by that subject for its private use.
  • An exclusion applies for journalists, academics and charities, subject to conditions.
  • An exclusion is provided for an ESG rating provided by a public authority, central bank or certain international organisations—e.g., where the UK is a member.
  • An exclusion applies in respect of ratings developed exclusively for accreditation or certification processes, where the purpose of that accreditation or certification is not to influence a decision to make a specified investment.
  • An exclusion applies in respect of a rating provided solely for the purpose of complying with a regulatory or legal requirement (e.g., regulatory reporting).
  • An exclusion applies to proxy adviser services.
  • An exclusion applies to a firm that falls within the overseas person exclusion in the RAO.

Under Article 2(2) of the ESG ratings regulation:

  • Private ESG ratings not intended for public disclosure or for distribution. ESG ratings issued by regulated EU financial undertakings used exclusively for internal purposes or for providing in-house or intra group financial services and products.
  • ESG ratings issued by regulated EU financial undertakings in the EU that are incorporated in a product or a service (where those products or services are already regulated under EU law) and that are disclosed to a third-party.7
  • ESG ratings issued by ESG rating providers established outside the EU that are not authorised or recognised under the regulation and that meet the following conditions: (1) The ESG rating is distributed at the own exclusive initiative8 of the user of the ESG rating established in the EU without any prior contact, solicitation, promotion, advertisement or any other initiative by the ESG rating provider, or by any third party on behalf of the provider. (2) There is no substitute for the ratings offered by any ESG rating provider authorised under the regulation.
  • The publication or distribution of data on environmental, social and human rights, and governance factors.
  • Credit ratings and ESG-related scores/assessments produced or published as part of the methodology for a credit rating or as an input/output of a creditworthiness assessment.
  • Products or services that incorporate an element of an ESG rating, including investment research as defined in MiFID.
  • External reviews of European Green Bonds.
  • External reviews or second-party opinions on bonds, loans, etc marketed as environmentally sustainable, sustainability-linked etc, subject to conditions.
  • ESG ratings issued by EU institutions etc, member states, etc provided the ratings are not published or distributed for commercial purposes.
  • ESG ratings issued by an authorised ESG rating provider where the ratings are published or distributed by a third party.
  • Certain mandatory disclosures under the EU Taxonomy Regulation or SFDR.
  • ESG ratings developed exclusively for accreditation or certification processes that do not target investment analysis, financial analysis, or investment or financial decision-making.
  • Labelling activities, provided the label granted to the relevant entities, product etc does not involve the disclosure of an ESG rating.
  • ESG ratings published or distributed by non-profit organisations for non-commercial purposes.
Extraterritoriality

(1) New PERG 18.5 Q14 (proposed by CP 25/34) (see also Articles 72(5G) and (5H) of the RAO):

“18.5 Territorial scope Q14. What is the territorial scope of the regime? A provider needs FCA authorisation to provide ESG ratings if: (1) it is a firm ‘located in the United Kingdom’ (whether it provides the ESG rating to a person who is in the UK or overseas); or (2) it is located overseas but provides an ESG rating to a person ‘located in the United Kingdom’ and is remunerated for it (by any person).”9

(2) New PERG 18.5 Q15 (proposed by CP 25/34) (see also Articles 63Z7 in the RAO, definition of “providing”):

“Q15. I am distributing my ratings to UK users via an overseas intermediary, so I am producing the rating but not making it available myself to anyone in the UK, am I out of scope? No. Where a provider makes a rating available to one or more third parties outside the UK but reasonably expects it to be provided to a person in the UK, the activity is in scope of regulation (see the definition of ‘providing’ in article 63Z7 Regulated Activities Order).”

Article 63Z7:

““providing”, in relation to an ESG rating, means producing it and making it available, and a person (“P”) - (a) does not provide an ESG rating unless they both produce it and make it available, and (b) is to be regarded as providing an ESG rating to a person located in the United Kingdom (“R”) where P – (i) is not located in the United Kingdom, and (ii) produces and makes available an ESG rating to a person other than R in circumstances where P could reasonably expect the rating to be made available to R;”.

The EU regime provides three potential routes for a third-country firm:

(1) Equivalence—The Commission must have decided the third country is equivalent in terms of regulation and supervision, subject to conditions—e.g., the firm must notify ESMA and be listed on a register ESMA would maintain.

(2) Endorsement—A duly authorised ESG ratings provider in the same group endorses the rating, subject to extensive conditions—e.g., verification, monitoring etc.

(3) Recognition—A small EG ratings provider in a third country for which there is no equivalence decision may provide ESG ratings to regulated EU financial undertakings, subject to obtaining recognition from ESMA.

Footnotes 

1. A “notifiable person” will be defined as follows: “(a) a person reasonably identifiable by an ESG rating provider, who is: (a) the issuer of a rated item; (b) the person who commissioned the ESG rating; (c) a body corporate or other legal person, which is a rated item; (d) a UK AIFM, where the AIF is a rated item; (e) a SEF manager in relation to any SEF that it manages, which is a rated item; or (f) a RVECA manager in relation to any RVECA that it manages, which is a rated item.”

2. Published in November 2025—see https://assets.publishing.service.gov.uk/media/69256e16367485ea116a56de/industrial_strategy_policy_paper.pdf 

3. NB: This is a high-level summary – for further advice, please email your usual AOS contact.

4. Certain provisions come into force earlier for practical purposes—e.g., to enable the FCA to make rules for ESG providers.

5. Other than small or medium sized undertakings. NB: The deadline for small or medium sized ESG ratings providers providing services on January 2, 2025 to notify ESMA if they wish to continue—November 2, 2026.

6. As above, this is a high-level summary only—a number of the exclusions are also complex and subject to qualifications (e.g., in some cases an exclusion falls away if a particular rating is provided on a standalone basis). They must therefore be considered in detail and used with care, where relevant.

7. Subject to certain disclosure requirements.

8. Further detailed provisions and qualifications apply in respect of this concept, which must therefore be considered with care where relevant.

9. CP 25/34: “4.20 Rating providers will need to have a sufficient presence and accountability in the UK, ie individuals with genuine operational responsibility and capability to exert control over the ESG rating process. Rating providers should familiarise themselves with our expectations on UK presence in the Authorisations chapter of this CP (Chapter 8).”

Downloads

FCA consultation paper and high-level compare of UK vs. EU regimes

pdf924.3 KB

Related capabilities