In two actions released last week, the Securities and Exchange Commission (“SEC”) signaled its new focus on credit rating agencies and foretold the seriousness with which it will approach the expanded regulatory authority granted to the SEC by the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 (“Dodd-Frank Act”). On August 31, 2010, the SEC released a Section 21(a) report on its investigation of Moody’s Investors Service, Inc. (“MIS”), the credit rating segment of Moody’s Corp. (the “21(a) Report”), and on September 2, 2010, instituted administrative proceedings against another credit rating agency, LACE Financial Corp. (“LACE”) and its founder. The 21(a) Report outlines MIS’s failure to downgrade the credit ratings of foreign debt offerings after MIS discovered that the original credit ratings had been assigned in error. While the SEC decided not to bring an enforcement action against MIS for stated jurisdictional reasons, the 21(a) Report indicates that credit rating agencies – or nationally recognized statistical rating organizations (“NRSROs”) – will receive greater enforcement attention by the SEC in the future. The enforcement action against LACE found that the company made misrepresentations in its application to become an NRSRO and violated SEC rules governing the conduct of NRSROs. Together with the increase in SEC regulatory authority over NRSROs and expanded liability of NRSROs contained in the Dodd-Frank Act, the SEC’s actions augur more SEC enforcement actions, and likely private lawsuits as well, against NRSROs.

SEC Investigates Moody’s Investors Service, Inc.’s Credit Rating Practices

The SEC’s report regarding MIS, Report of Investigation Pursuant to Section 21(a) of the Securities Exchange Act of 1934: Moody’s Investors Service, Inc., Exchange Act Release No. 62802, concludes that MIS made false statements in its application to register with the SEC as a NRSRO and that MIS failed to follow its procedures and methodologies for determining credit ratings. In 2006, MIS developed a methodology for rating a newly created promissory note: constant proportion debt obligations (“CPDOs”). With its new rating model, MIS assigned ratings on notes marketed in Europe for eleven different CPDO issuers. In January 2007, MIS discovered a coding error in the rating model that had assigned ratings for the CPDO notes. The notes affected by the coding error had a combined notional value of just under $1 billion.

MIS later held several internal rating committee meetings in France and the United Kingdom to address the coding error, which was corrected by February 2007. MIS, however, made no changes to the outstanding credit ratings for the CPDO notes, even though MIS knew that the ratings for these notes had been given in error. Internal MIS emails concerning the discovery of the coding error reveal that MIS did not want to publicly disclose the error in order to protect its reputation. In April 2007, after further analysis, the MIS rating committee voted not to downgrade the affected ratings for the CPDO notes. Because the notes were performing well, the notes could not be downgraded absent disclosing the coding error. The SEC concluded that the MIS rating committee’s decision not to downgrade the affected CPDO notes was based on the following inappropriate considerations: (1) negative impact on Moody’s reputation; (2) impact on investors who relied on the original ratings; and (3) the desire not to substantiate the criticism made by a Moody’s competitor concerning Moody’s ratings of CPDO notes.

In June 2007, MIS applied with the SEC to become a recognized NRSRO. In connection with this application, MIS submitted information concerning its procedures and methodologies for determining credit ratings, in which MIS stated that it would not “refrain from taking a rating action based on the potential effect (economic, political or otherwise) of the action on Moody’s, an issuer, an investor, or any other market participant” and that MIS, in arriving at a credit rating, “will only consider analytical factors relevant to the rating opinion.”

The 21(a) Report chides MIS’s April 2007 decision not to downgrade the CPDO notes as inconsistent with the procedures that MIS submitted to the SEC just a few months later in connection with its NRSRO application.

In January 2008, the MIS rating committee that had decided not to downgrade the affected CPDO notes in April 2007 voted to begin downgrading the same notes, though MIS cited reasons other than the coding error as the basis for the downgrade, a tactic the SEC criticized as “effectively conceal[ing] its prior failure to downgrade.” In May 2008, the coding error finally became public when the Financial Times published an article about the CPDO offerings and cited MIS internal documents showing that MIS had known of the coding error for many months. MIS later conducted an internal investigation concerning the CPDO credit ratings and terminated senior level employees on the affected credit rating committee.

SEC Uses the Moody’s Investigation to Warn All Credit Rating Agencies

After citing the decision of the MIS rating committee not to downgrade the credit ratings of the CPDO notes on account of reputational concerns and other non-credit related considerations, the SEC cautioned all credit ratings agencies: “The Commission cautions NRSROs that deceptive ratings conduct is unlawful under the antifraud provisions of the federal securities laws.” When relating the SEC’s decision not to bring an enforcement action against MIS for concealing the coding error, the 21(a) Report cited jurisdictional problems with the nexus between the foreign securities offerings to foreign investors and the United States. But the 21(a) Report then cites a provision in the Dodd-Frank Act giving the SEC authority to bring an enforcement action with respect to (1) “conduct within the United States that constitutes significant steps in furtherance of the violation, even if the securities transaction occurs outside the United States and involves only foreign investors” or (2) “conduct occurring outside the United States that has a foreseeable substantial effect within the United States.” The SEC cautioned NRSROs in the 21(a) Report, “NRSROs should expect that the Commission, where appropriate, will pursue antifraud enforcement actions, including pursuant to such jurisdiction.”

Referring to MIS’s attempt to conceal its rating errors, the 21(a) Report cites other provisions of the Dodd-Frank Act enhancing the SEC’s regulatory authority over NRSROs: (1) requiring NRSROs to establish, maintain, enforce, and document an effective internal control structure governing the implementation of and adherence to policies, procedures, and methodologies for determining credit ratings and (2) requiring the Board of Directors of an NRSRO to oversee the establishment, maintenance, and enforcement of policies and procedures for determining credit ratings and the effectiveness of the internal control system with respect to policies and procedures for determining credit ratings.

SEC Files Cease and Desist Order Against President of Credit Rating Agency

Just two days after the SEC’s 21(a) Report warning NRSROs of fraud enforcement, the SEC issued a cease and desist order against the president of a registered NRSRO, LACE Financial Corp. (“LACE”), based on allegedly false statements that LACE made in its application with the SEC to become a NRSRO. In the Matter of LACE Financial Corp. and Barron Putnam, Exchange Act Release No. 62834 (September 2, 2010). The SEC found that in its application for registration with the SEC as an NRSRO, signed by its founder and president, Barron Putnam, LACE made false statements regarding the amount of revenue from its largest client and engaged in accounting misstatements to avoid disclosing to the SEC or its auditors the total revenue from that large client. Further, the SEC found that LACE performed an extra layer of review, not detailed in the procedures contained in its application to the SEC or included in its written guidelines, for those issuers whose securities were managed by LACE’s largest client. The SEC also noted LACE’s failure to establish procedures for the retention of emails regarding credit ratings and the failure of LACE’s president to recuse himself from discussions on credit ratings for entities in which he owned stock. In a separate parallel cease and desist action, the SEC alleged that another president of LACE also assisted in the false statements made to the SEC. In the Matter of Damyon Mouzon, Exchange Act Release no. 62835 (September 2, 2010). These findings regarding LACE’s false statements in the NRSRO application, which are similar in nature to the facts of the 21(a) Report with respect to the Moody’s investigation, reinforce the SEC’s resolve to wield the newly granted authority that the Dodd-Frank Act conferred on the SEC over NRSROs.

The Dodd-Frank Act’s Additional Impact on Credit Rating Agencies

The Dodd-Frank Act provides the SEC with a number of other regulatory powers over NRSROs and their associated persons, including analysts. The SEC’s 21(a) Report and the LACE administrative proceeding show that the SEC is aware of these new powers and is prepared to use them.

Though not referred to in the 21(a) Report, the Dodd-Frank Act also subjects NRSROs to liability under Section 11 of the Securities Exchange Act of 1934 for false or misleading statements contained in a registration statement when their credit ratings form part of the registration statement. In response to this provision, the largest NRSROs publicly announced that they would not consent to have their credit ratings in the offering documents, a decision that froze the asset backed securities (“ABS”) market; under Regulation AB, ABS offerings require the inclusion of credit ratings when the issuance of securities is conditioned on the assignment of particular credit ratings. In a No-Action Letter issued July 22, 2010, the SEC provided a temporary fix by exempting ABS offerings from the requirement of Regulation AB that credit ratings appear in the registration statements. This exemption will apply until January 24, 2011. When this exemption expires, however, the SEC will face a similar dilemma of whether to extend the exemption or enforce all of the newly enacted powers in the Dodd-Frank Act and permit a possible stalling of certain credit markets.