Open navigation
Search
Search
All expertise
Explore our breadth of expertise.
International Desks
Helping you access overseas markets with support from our country and region-specific experts.
Sectors View all
Practice Areas View all
Offices
Discover the scope of our presence in the jurisdiction.
Global Reach
Learn about our capabilities beyond borders.
CMS United Kingdom
All insights
Leverage our expert analysis, intelligence and thought leadership for your strategic advantage.
Personalised updates
Receive tailored insights and intelligence that apply directly to your business.
Topics in Focus View all
Insights by type
CMS Spotlight: join our events and webinars!
CMS News
Stay up to date with our growth, evolution and our many successes.
CMS Press Office
Contact us
For all general enquiries.
About CMS
CMS Careers

Select your region

International Europe Africa Asia-Pacific The Americas Middle East
Legal Update

FCA consults on ESG ratings regime

02 Dec 2025 United Kingdom 10 min read

Overview

Following on from the publication of UK legislation regulating ESG ratings (see our previous client note here), on 1 December 2025 the FCA consulted on a comprehensive regulatory framework for ESG rating providers (see CP25/34 here).

The proposals are aimed at improving transparency, governance, systems and controls, stakeholder engagement and conflicts management, addressing well-documented concerns about opacity, reliability and independence in the ESG ratings market.

The regime is largely built on IOSCO’s recommendations and the ICMA Code of Conduct while tailoring rules to the UK context. Essentially, the FCA proposes to apply existing “baseline” rules like COND, PRIN, SYSC, GEN and SMCR to ESG ratings providers, as well as a more tailored regime for ESG ratings activities. There are many similarities to the EU ESG Ratings Regulation, but with important differences.

The consultation closes on 31 March 2026, with final rules expected in Q4 2026, the authorisations gateway opening in June 2027 and the regime going live on 29 June 2028.

Scope of FCA Consultation and Authorisation Process

The FCA rules are generally expressed to apply to ESG ratings providers, which are firms with a permission to carry on the regulated activity of providing an ESG rating. This regulated activity itself is subject to a number of exemptions (see our previous client note on the regulatory perimeter here), with one of the most significant of these being an exemption for persons who provide ESG ratings as part of other FCA regulated products or services. Persons who therefore provide ESG ratings within exemptions will not need to comply with the new FCA rules as consulted on. However, the FCA has raised the question in their consultation paper as to whether they may need to “improve standards in existing regulatory regimes to address the risk of harm” – with the potential for the FCA to consult on changes in future to address any significant gaps. Hence, firms relying on exemptions should monitor the outcome of this consultation as rules could be extended in future.

This initial scope is in contrast to aspects of the EU ESG Ratings Regulation which apply to firms relying on exemptions (see our client note on this here).

While the FCA has not set the perimeter of UK regulation, they are responsible for authorisations of ESG ratings providers. To enable this they are proposing that:

  • The FCA will issue PERG guidance to clarify scope and exclusions.
  • The authorisations gateway opens June 2027 and providers must be authorised by 29 June 2028 or cease rating activity.
  • Overseas firms must ensure sufficient UK presence to enable effective supervision and accountability, and higher-risk or complex models may be expected to incorporate a UK subsidiary.
  • Application fees are proposed to be tiered by forecast ESG rating revenue, with a threshold at £250,000 to distinguish larger providers.

Baseline FCA Requirements

The FCA intends to apply standard or “baseline” Handbook provisions to ESG ratings providers. Key points to note are:

  • General rules: The FCA says it will apply Threshold Conditions (COND), Principles for Businesses (PRIN), Systems and Controls (SYSC), and General Provisions (GEN) to ESG rating providers. Some of these rules have been adapted to reflect the more tailored rules for ESG rating providers – for instance the FCA is not proposing to apply the SYSC 10 general conflict of interest rules to ESG rating providers given bespoke requirements will apply instead, but in contrast will apply the outsourcing rules as rules (rather than guidance).
  • SMCR: ESG rating providers are proposed to be classified as Core firms under SMCR, with third-country branches following the branch application. The FCA notes ongoing SMCR reforms, and says that final requirements will reflect any changes adopted before the regime goes live.
  • Communications with clients: Principle 7 (clear, fair and not misleading) will apply even to professional clients, and the anti-greenwashing rule will also apply.
  • Consumer Duty: The Consumer Duty will not apply to ESG ratings activity on the basis it is typically a wholesale activity, although disclosure expectations are “Duty-aligned” for indirect retail use.
  • Prudential Obligations: No bespoke prudential regime is proposed by the FCA, although firms must maintain adequate financial resources and wind-down plans.
  • Financial Crime: UK MAR and the Financial Crime Guide will apply, but no MLRO function is required for ESG rating providers as the UK government has not applied the Money Laundering Regulations to them.

Tailored ESG Rating Rules

The FCA has broken down their tailored rules for ESG ratings providers into:

  • Transparency: Including minimum disclosure requirements so users better understand ratings, and rated entities understand how they are assessed.
  • Governance: Requiring firms to maintain operational responsibility over the ratings process, appropriate oversight and compliance with the regime.
  • Systems and Controls: Requiring robust arrangements to ensure the integrity of the ratings process.
  • Conflicts of Interest: Firms must identify, prevent, manage and disclose conflicts of interests and maintain the independence and integrity of ratings.
  • Stakeholder Engagement: Rated entities must have the opportunity to correct factual errors, and firms must have procedures to allow feedback and complaints.

The key elements of each of these are set out below:

Transparency

The FCA notes that users and rated entities often struggle to understand ratings, carry out proper due diligence or engage meaningfully with providers. The FCA therefore aims to improve transparency and clarify in ESG ratings without compromising providers’ intellectual property.

A structured set of disclosures is therefore proposed:

  • Public disclosures: These aim to provide a set of clear baseline information for direct and indirect users, prospective users, rated entities and other stakeholders. 

    The information for products would include: objectives of a product (risk, impact or other), scope of E/S/G factors, rating scales and their meaning, information on absolute vs relative ratings and peer group selection, coverage decisions, a summary of methodologies (including data types and sources, assumptions, data policies, and review cadence), engagement approach and key risks that could materially affect accuracy. 

    In addition disclosures on conflicts of interest and complaints handling are required.
     
  • Disclosures to direct users and rated entities: The FCA notes that direct users and rated entities require more detailed information than the public, so they propose further minimum disclosures for these groups. They include:
    • Product-level: a full methodological explanation, review policy and outcomes, mitigation of material limitations, and quality control measures and remediation.
    • Rating-level: coverage of business activities/group, inheritance rules, factors, criteria, data and weights, sources of data, estimation approaches and handling of data gaps, unresolved factual challenges, update cycles and reasons for material rating/data changes.

The FCA has emphasised general expectations around these disclosures including that they are easily accessible, prominent and free to obtain, in a clear and easy to understand format, are accurate, fair and not misleading, and shared as required and updated as soon as practicable.

Governance and systems and controls

The FCA seeks to build on the “baseline” rules they are applying to ESG rating providers to ensure that they have robust processes and effective systems across the ESG ratings process. Proposed requirements include:

  • Robust arrangements to ensure integrity, independence and reliability of ratings and data.
  • Defined, thorough, systematically applied methodologies with periodic review and advance notice of material changes.
  • Quality control over the ratings process, including checks on data timeliness and accuracy, adherence to methodology, and review of stakeholder feedback.
  • Record-keeping must be sufficient to reproduce ratings, including data used, governance and decision-making in the process, methodology changes and conflict management steps.
  • Outsourcing is permitted but operational responsibility and key obligations cannot be outsourced other than intra-group; ultimate accountability remains with the provider.
  • Personal transactions policies restricting staff trades that could contravene MAR, misuse confidential information or undermine rating independence and monitoring and records in line with modified COBS 11.7 principles.

Conflicts of interest

The FCA flags that conflicts of interest can lead to biases in the ESG ratings process, and create ratings that unfairly favour or disadvantage certain business models or rated entities. Market participants should be able to trust that ESG ratings are produced with integrity and independence, and hence the FCA aims to ensure that ESG ratings providers have robust conflicts of interest management processes. The FCA is therefore proposing to require:

  • Identification, prevention, management and (if necessary) disclosure of conflicts that present a material risk to rating integrity or independence.
  • Annual senior management reporting and record-keeping on conflicts.
  • Public disclosure where mitigation cannot reasonably ensure integrity, to be used only as a last resort.
  • A conflicts policy appropriate to business scale and complexity, reviewed at least annually. 
    The regime is tailored to ESG market structures and replaces generic SYSC 10 conflicts rules.

Stakeholder engagement and complaints

The FCA wishes to ensure that stakeholders (including users and rated entities) can engage with providers and that fair and transparent complaints procedures are in place. With this in mind they are proposing:

  • Rated entities must be notified in advance of first-time ratings, given appropriate contact points, and allowed to request underlying data free of charge and correct factual errors before and after publication, with proportionate timelines.
  • Providers must maintain procedures for broader stakeholder feedback and publicise complaints policies on websites, handle complaints fairly and within reasonable periods, and use complaints data to identify systemic issues.

Comparison to EU ESG Ratings Regulation

The fundamental principles of the proposed FCA regime are similar to the EU ESG Ratings Regulation, particularly the focus on transparency and conflicts of interest management, and with common themes such as engagement with rated entities. However, there are also key differences that will be relevant for firms operating across both regimes, including:

The FCA disclosure requirements are somewhat less prescriptive than the EU rules, although they are still fairly detailed.

  • The FCA does not propose requirements around “business separation” and non-ratings activities that are as prescriptive and “black and white” as those under the EU regime.
  • The UK rules do not have obligations for fair, reasonable, non-discriminatory and transparent pricing like the EU rules. This will give firms more flexibility in their business models in the UK.
  • Conversely, the UK SMCR requirements that are proposed to apply to ESG ratings providers are arguably more extensive than senior management rules in the EU ESG Ratings Regulation.

Firms will therefore have to assess gaps and differences carefully, and consider whether a “highest common denominator” approach should be taken.

Next Steps for ESG Ratings Providers

The FCA has set out a clear timeline for how the regime will be brought in:

  • Consultation closes: 31 March 2026
  • Policy Statement and final rules: Q4 2026
  • Authorisations gateway opens: June 2027
  • Regime live: 29 June 2028

Impacted firms could assess the proposed rules now and consider their strategy for obtaining authorised and putting in place the required compliance procedures in the UK, in advance of updating these assessments against the final rules next year.

More insights
Asset Based Financing Insurance Corporate Sustainability ESG Scotland

Explore more

Brochures United Kingdom

Highlights of our experience in Asset Backed Finance in the UK

2 min read
Event United Kingdom

ESG: Breaking Down the Buzzword

23 Apr 2026
Expert Guide International

Employment issues in M&A transactions in United Kingdom

16 min read
Back to top Back to top
You will now find all Law-Now content on CMS.law
Explore more
Law-Now, RegZone, LEXplicite and Blogtt have moved to CMS.law. Law-Now has moved to CMS.law. RegZone has moved to CMS.law. LEXplicite has moved to CMS.law. Blogtt has moved to CMS.law.
Learn more Learn more Learn more Learn more
If you want to use third party tools, please enable personalisation cookies as part of your cookie preferences. You can change this setting at any time via the button below or in our Cookie Notice.