Financial Conduct Authority identifies weaknesses in UK credit rating agency surveillance methodologies and internal controls

The Financial Conduct Authority has published findings from a multi-firm review of UK-registered credit rating agencies, focused on surveillance processes, credit rating methodologies and internal controls. The review does not introduce new requirements, but it reinforces existing expectations under the UK Credit Rating Agencies Regulation and finds that, while some firms showed strong practices, others had weaknesses that could impair the timeliness, consistency and independence of ratings. The FCA said surveillance must go beyond the minimum annual review and that annual reviews should have governance, documentation and challenge at least equivalent to new ratings, with six-monthly reviews for sovereigns. It found some firms relied on light-touch portfolio reviews, optional or abbreviated committees, weak documentation, narrow or fragmented error frameworks, and delayed or filtered regulatory reporting of errors and breaches. On methodologies, the review highlighted limited annual review of models and assumptions, unclear model inventories, poor recording of divergences from methodologies, and insufficiently independent validation by review functions. Across compliance, independent review, risk management and internal audit, the FCA also found gaps in independence, technical depth, coverage and oversight. An annex also notes inconsistent treatment and disclosure of environmental, social, and governance factors, and says AI and models can support surveillance only if backed by effective governance. UK-registered credit rating agencies should assess these findings under board oversight and consider gap analysis and remediation where needed. The FCA will continue to engage with firms and may carry out spot checks, including targeted reviews of rating actions, methodologies or internal control outputs.