The Securities and Exchange Commission (SEC) issued a report Tuesday cautioning credit rating agencies about deceptive ratings conduct.
The SEC also reminded the agencies of the importance of sufficient internal controls over the policies, procedures, and methodologies that they use to determine credit ratings.
"Investors rely upon statements that NRSROs make in their applications and reports submitted to the Commission, particularly those that describe how the [nationally recognized statistical rating organization (NRSRO)] determines credit ratings," said Robert Khuzami, director of the SEC's division of enforcement.
Khuzami said that NRSROs must take the steps to ensure the accuracy of ratings and have in place sufficient internal controls over the procedures they to determine credit ratings.
The SEC's report stems from an enforcement division inquiry into whether Moody's Investors Service violated the registration provisions or the anti-fraud provisions of the federal securities laws.
The report said that because of uncertainty regarding a jurisdictional nexus between the U.S. and the relevant ratings conduct, the Commission declined to pursue a fraud enforcement action in this matter.
It also noted that Dodd-Frank Wall Street Reform and Consumer Protection Act provided expressly that federal district courts have jurisdiction over SEC enforcement actions alleging violations of the antifraud provisions of the securities laws when conduct includes significant steps, or a foreseeable substantial effect, within the U.S.
The Dodd-Frank Act, according to the report, amended the securities laws to require NRSROs to "establish, maintain, enforce, and document an effective internal control structure governing the implementation of and adherence to policies, procedures, and methodologies for determining credit ratings."
A Moody's analyst discovered in early 2007 that a computer coding error had upwardly impacted by 1.5 to 3.5 notches the model output used to determine the agency's credit ratings for certain constant proportion debt obligation notes, the report said.
Nevertheless, shortly thereafter during a meeting in Europe, a Moody's rating committee voted against taking responsive rating action, in part because of concerns that doing so would negatively impact the firm's business reputation.
Moody's applied in June 2007 to be registered with the Commission as an NRSRO. The report noted that the European rating committee's self-serving consideration of non-credit related factors in support of the decision to maintain the credit ratings constituted conduct that was contrary to the the agency's procedures used to determine credit ratings as described in the Moody's application to the SEC.
In the report on the investigation, the Commission made it clear that credit rating agencies registered with the SEC must implement and follow appropriate internal controls and procedures governing their determination of credit ratings, and must also take reasonable steps to ensure the accuracy of statements in applications or reports submitted to the SEC.
The report warned NRSROs that, when appropriate, the Commission will pursue anti-fraud enforcement actions against deceptive ratings conduct, including actions pursuant to the Dodd-Frank Act provisions regarding conduct that physically occurs outside the U.S. but involves significant steps or foreseeable effects within the U.S.