Resolution JPRF-T-2025-0166: Reforming Chapter I 'Risk Rating Agencies' of the Unified Standard for Risk Rating Agencies and Risk Rating Applicable to the Financial, Securities, and Insurance Systems

Address: Av. Amazonas between Pereira and Unión Nacional de Periodistas Financial Management Governmental Platform. Red Block, 8th floor | Postal Code: 170507 | Quito - Ecuador | Resolution No. JPRF-T-2025-0166 THE FINANCIAL POLICY AND REGULATION BOARD

CONSIDERING:

That Article 82 of the Constitution of the Republic of Ecuador prescribes that the right to legal security is based on respect for the Constitution and the existence of prior, clear, public legal norms applied by competent authorities;

That Article 84 of the constitutional body prescribes that any organ with normative power shall have the obligation to adapt, formally and materially, laws and other legal norms to the rights provided in the Constitution;

That number 6 of Article 132 of the aforementioned Constitution grants public regulatory bodies the authority to issue norms of a general nature in matters within their competence, without being able to alter or innovate legal provisions;

That Article 226 of the Supreme Charter stipulates that State institutions, their bodies, dependencies, public servants, and persons acting by virtue of a state power shall exercise only the competencies and faculties attributed to them in the Constitution and the law; having the duty to coordinate actions to fulfill their purposes and make effective the enjoyment and exercise of rights recognized in the Constitution;

That Article 227 of the Supreme Norm establishes that public administration constitutes a service to the community governed by the principles of effectiveness, efficiency, quality, hierarchy, decentralization, coordination, participation, planning, transparency, and evaluation;

That Article 308 of the aforementioned norm indicates that financial activities are a public order service and may be exercised, with prior authorization from the State, in accordance with the law;

That the Organic Law of Public Integrity, published in the Third Supplement of the Official Register No. 68 of June 26, 2025, reformed several articles of Book I of the Organic Monetary and Financial Code, among them, it substituted Article 13 and created the Financial and Monetary Policy and Regulation Board, part of the Executive Function, as a public law legal entity, responsible for the formulation of monetary, credit, financial, securities, insurance, and prepaid comprehensive health care services policy and regulation;

That the Fourth Transitional Provision of the Organic Law for the Strengthening of Protected Areas, published in the Fourth Supplement of the Official Register No. 80 of July 14, 2025, provides that both the structure and faculties of the Financial Policy and Regulation Board, provided for in the Organic Monetary and Financial Code before June 26, 2025, will remain in force until the members of the Financial and Monetary Policy and Regulation Board are designated by the National Assembly;

That the Fifteenth Transitional Provision of the General Regulation to the Organic Law of Public Integrity, published in the Third Supplement of the Official Register No. 87 of July 23, 2025, provides that the Financial Policy and Regulation Board will guarantee the continuity of administrative, contractual, judicial, and extrajudicial processes, as well as various services, programs, projects, and processes already initiated, until they are assumed by the Financial and Monetary Policy and Regulation Board;

That the article numbered following Article 6, which collects international best practices, of the Organic Monetary and Financial Code, Book I, prescribes that bodies with regulatory, normative, or control capacity will seek to adopt as a reference framework international technical standards related to the scope of their competence for the issuance of regulations and the exercise of their functions, strictly adhering to the normative hierarchy established in the Constitution of the Republic of Ecuador;

Resolution No. JPRF-T-2025-0166 Page 2 of 8

---

Address: Av. Amazonas between Pereira and Unión Nacional de Periodistas Financial Management Governmental Platform. Red Block, 8th floor | Postal Code: 170507 | Quito - Ecuador |

That Article 13 of the Organic Monetary and Financial Code, Book I, prior to the reforms of June 26, 2025, mentioned above, created the Financial Policy and Regulation Board, part of the Executive Function, as a public law legal entity, with administrative, financial, and operational autonomy, responsible for the formulation of credit, financial, securities, insurance, and prepaid comprehensive health care services policy and regulation;

That Article 14, numbers 1, 2, and 3 of the aforementioned Organic Code, prior to the entry into force of the Organic Law of Public Integrity, establishes that within the scope of competencies of the Financial Policy and Regulation Board, there is: i) formulate financial, securities, and insurance policies; ii) issue regulations that allow maintaining the integrity, solidity, sustainability, and stability of the financial, securities, and insurance system; and, iii) issue micro-prudential regulations for the national financial, securities, and insurance sectors, based on proposals presented by the respective superintendencies, within their respective scopes of competence and without prejudice to their independence;

That Article 14.1 numbers 1, 7, 9, 25, and 27 of the aforementioned Organic Monetary and Financial Code, Book I, prior to the entry into force of the reforms of the Organic Law of Public Integrity, establishes that it corresponds to the Financial Policy and Regulation Board, among other faculties, the following: i) regulate the creation, constitution, organization, activities, operation, and liquidation of securities entities; ii) issue the prudential regulatory framework to which securities entities must adhere; iii) issue the non-prudential regulatory framework for all securities entities, which will include, among others, norms of transparency and information disclosure; iv) apply the provisions of said organic code and resolve cases not provided for therein, within the scope of its competence; and, v) exercise the other functions, duties, and faculties assigned to it by the Organic Monetary and Financial Code and the law, respectively;

That Articles 150 and 151 of the aforementioned Organic Code, Book I, establish that entities of the national financial system will be subject to the regulation issued by the Monetary and Financial Policy and Regulation Board - currently the Financial Policy and Regulation Board - and that said Institution must recognize the nature and particular characteristics of each of the sectors of the national financial system;

That Article 25.1, number 1, of the Organic Monetary and Financial Code, Book I, prior to the reforms provided for in the Organic Law of Public Integrity, prescribes within the functions of the Technical Secretariat of this Board, the elaboration of technical and legal reports that support the regulation proposals that the Financial Policy and Regulation Board will issue;

That the Fifty-Fourth Transitional Provision of the aforementioned code determines the transitional regime of resolutions of the Codification of the Monetary and Financial Policy and Regulation Board, establishing that: "(...) Resolutions contained in the Codification of Monetary, Financial, Securities, and Insurance Resolutions of the Monetary and Financial Policy and Regulation Board and norms issued by control bodies will maintain their validity until the Monetary Policy and Regulation Board and the Financial Policy and Regulation Board resolve what corresponds, within the scope of their competencies.";

That Article 9 of the Organic Monetary and Financial Code, Book II, in its numbers 1, 4, 6, 20, 24, and 25 indicate that within the attributions held by the Financial Policy and Regulation Board regarding the securities market, there are those of: (i) regulate the general functioning of the securities market; (ii) issue the necessary resolutions for the application of the Securities Market Law; (iii) regulate the creation and functioning of risk rating agencies, as well as the services they provide; (iv) ensure the observance and compliance with regulations relative to the securities market; (v) define, when the present Law has not done so, the terms of general use in matters of securities market; (vi) establish the norms that are necessary to prevent cases of conflict of interest and linkage of market participants, respectively;

Resolution No. JPRF-T-2025-0166 Page 3 of 8

---

Address: Av. Amazonas between Pereira and Unión Nacional de Periodistas Financial Management Governmental Platform. Red Block, 8th floor | Postal Code: 170507 | Quito - Ecuador |

That Article 188 of the Organic Monetary and Financial Code, Book II, prescribes that the Financial Policy and Regulation Board is competent to regulate aspects related to rating criteria, in particular to determine systems, procedures, rating categories, and periodicity thereof, in consideration of their nature as fixed or variable income securities;

That the Nineteenth General Provision of the Organic Monetary and Financial Code, Book II, "Securities Market Law" prescribes: "Substitute in all current norms the denomination National Securities Council or C.N.V. by Monetary and Financial Policy and Regulation Board or MONETARY AND FINANCIAL POLICY AND REGULATION BOARD in the same way in all current norms substitute the denomination Superintendence of Companies by Superintendence of Companies, Securities, and Insurance, without modifying their nature or functions.";

That Article 237 of Book I, Article 177 of Book II, and Article 32 of Book III of the Organic Monetary and Financial Code determine that risk rating agencies will rate the solvency and capacity of entities of the national financial, securities, and insurance systems to manage risks with third parties and fulfill their obligations with the public. These ratings will be based on minimum parameters that include a uniform risk rating scale by financial, securities, and insurance sectors, according to the norms issued by this regulatory body;

That the Twentieth Transitional Provision of the General Regulation to the Organic Law of Public Integrity states that resolutions contained in the Codification of Monetary, Financial, Securities, and Insurance Resolutions issued by the Financial Policy and Regulation Board and by the Monetary Policy and Regulation Board will maintain their validity until the Financial and Monetary Policy and Regulation Board adopts the corresponding decisions within the scope of their competencies;

That the Technical Secretary of the Financial Policy and Regulation Board, through Memorandum No. JPRF-ST-2025-0057-M of September 10, 2025, submits to the President of the Board the Technical Report No. JPRF-ST-2025-004 of September 10, 2025, issued by the Technical Secretariat of this Board, and the Legal Report No. JPRF-CJF-2025-038 of September 10, 2025, issued by the Legal Coordination of Financial Policy and Norms of this Board, as well as the respective draft resolution;

That the Financial Policy and Regulation Board, in an extraordinary session held by technological means, convened on September 10, 2025, and carried out via video conference on September 11, 2025, reviewed the Memorandum No. JPRF-ST-2025-0057-M of September 10, 2025, issued by the Technical Secretary of the Board; as well as the aforementioned Technical Report No. JPRF-ST-2025-004 and Legal Report No. JPRF-CJF-2025-038, in addition to the corresponding draft resolution;

That the Financial Policy and Regulation Board, in an extraordinary session held by technological means, convened on September 10, 2025, and carried out via video conference on September 11, 2025, reviewed and approved the following Resolution; and,

In exercise of its functions,

RESOLVES:

ARTICLE FIRST.- Substitute the first paragraph of Article 15 "Risk Rating Methodology" of Subsection I "Requirements, Authorization, and Maintenance of Licenses for Risk Rating Agencies", Section IV "Authorization License for the Operation of Risk Rating Agencies", Chapter I "Risk Rating Agencies", Title I "Unified Standard for Risk Rating Agencies and Risk Rating Applicable to the Financial, Securities, and Insurance Systems", Book V "Common Application Norms for Regulated Sectors" of the Codification of Monetary, Financial, Securities, and Insurance Resolutions, with the following:

"Competent control bodies will verify that the risk rating methodologies of the rating objects are governed by criteria of technical rigor, which allow analyzing the risk management, solvency, financial stability, and economic capacity of the rated subject. Additionally, economic environment, systemic risks, the analysis of policies and procedures for administration and operational management, governance, and others that the risk rating agency considers pertinent. In the case of methodologies applicable to managed investment funds, these must expressly incorporate the evaluation of market risks, including factors such as sensitivity to interest rates, concentration, liquidity, and other elements that may impact the stability and performance of the fund."

ARTICLE SECOND.- Substitute the text of Article 27 "Contract Signing" of Section V "Selection, Contracting, and Termination of Contract", Chapter I "Risk Rating Agencies", Title I "Unified Standard for Risk Rating Agencies and Risk Rating Applicable to the Financial, Securities, and Insurance Systems", Book V "Common Application Norms for Regulated Sectors" of the Codification of Monetary, Financial, Securities, and Insurance Resolutions, with the following:

"Contracts with the selected risk rating agency for the global rating of financial institutions and the financial strength of insurers must be signed by legal representatives by the last day of February of each year. If the legal representative does not sign the contract by the date established in the preceding paragraph for reasons attributable to them, the control bodies will apply the corresponding sanctions. For other rating processes, including the rating of managed funds, as well as of issuers and their securities, contracting deadlines shall be governed by agreement between the parties. To contract risk rating agencies, legal representatives must verify that they maintain their license and registration in the Public Registry of the Securities Market, when applicable."

ARTICLE THIRD.- Substitute the text of Article 37 "Constitution, Functions of the Risk Rating Committee, and Management of Minutes" of Section VI "Risk Management and Rating Committee", Chapter I "Risk Rating Agencies", Title I "Unified Standard for Risk Rating Agencies and Risk Rating Applicable to the Financial, Securities, and Insurance Systems", Book V "Common Application Norms for Regulated Sectors" of the Codification of Monetary, Financial, Securities, and Insurance Resolutions, with the following text:

"Risk rating agencies must have a Risk Rating Committee, constituted as a technical body integrated by an odd number of at least three (3) titular members, with their respective alternates. The figure of the alternate implies the designation of a person who acts as a substitute or replacement for a titular member in case of temporary or definitive absence. The Risk Rating Committee may be constituted by the members of the governing bodies, technical personnel of the company, or by independent professionals who meet the required technical level. The condition and mechanism for the election of committee members must be duly defined in the statutes. It will be the responsibility of this committee to evaluate and assign ratings with strict compliance with what is established in the Law, the internal regulations of the risk rating agencies, and this norm. The analyst or analysts who perform the evaluation of the rating object cannot be part of the Rating Committee. Risk rating agencies must establish an internal policy for the rotation of the technical rating team. The risk rating agency must notify the competent control body of any modification that occurs in the composition of its technical, governing team, and the constitution of the Rating Committee.

Resolution No. JPRF-T-2025-0166 Page 5 of 8

---

Address: Av. Amazonas between Pereira and Unión Nacional de Periodistas Financial Management Governmental Platform. Red Block, 8th floor | Postal Code: 170507 | Quito - Ecuador |

The legal representative of the risk rating agency or their delegate will act as secretary of the Rating Committee and will be responsible for the elaboration, custody, and management of the minutes. These minutes must be generated and stored preferably in digital format, with security guarantees through authentication, encryption, and traceability systems. Each minute must be electronically signed by the committee members and comply with the provisions established by the competent control body. The digital tools employed must ensure the availability of minutes for internal audits and external supervision at any time, aligning with international standards of integrity, security, and transparency."

ARTICLE FOURTH.- Substitute number 3 of Article 45 "Rating and Review of Rating Reports" of Section VII "Information Required by the Rating Agency", Chapter I "Risk Rating Agencies", Title I "Unified Standard for Risk Rating Agencies and Risk Rating Applicable to the Financial, Securities, and Insurance Systems", Book V "Common Application Norms for Regulated Sectors" of the Codification of Monetary, Financial, Securities, and Insurance Resolutions, with the following:

"3. Securities System: The rating of issued securities and managed investment funds that have a risk rating must be reviewed semi-annually, while the securities have not been redeemed, as applicable."

ARTICLE FIFTH.- Substitute the text of Article 46 "Term for Delivery of Information by the Rated Object" of Section VII "Information Required by the Rating Agency", Chapter I "Risk Rating Agencies", Title I "Unified Standard for Risk Rating Agencies and Risk Rating Applicable to the Financial, Securities, and Insurance Systems", Book V "Common Application Norms for Regulated Sectors" of the Codification of Monetary, Financial, Securities, and Insurance Resolutions, with the following text:

"To proceed with the annual risk rating of entities of the national financial system (December 31), the rated object must deliver to the risk rating agency the pertinent information, no later than March 15 of the year following the rating cutoff date; the information required to perform quarterly reviews must be delivered within fifteen (15) days after March 31, June 30, or September 30 of each year, as applicable. In the case of the securities market, the information required to rate issuers and their securities, as well as for managed investment funds, must be provided by the contracting entity or the rated entity within the terms of the contract, and cannot exceed two (2) months of age. For the case of risk rating corresponding to the insurance system whose rating is annual, the information must be delivered by March 15 of the year following the rating cutoff date; the information required to perform the semi-annual review established for the contracting entity must be delivered within fifteen (15) days after June 30."

ARTICLE SIXTH.- Substitute the text of Article 55 "Grading of Risk Rating Categories" of Section I "General Norms and Conditions for Risk Rating", Chapter II "Risk Rating", Title I "Unified Standard for Risk Rating Agencies and Risk Rating Applicable to the Financial, Securities, and Insurance Systems", Book V "Common Application Norms for Regulated Sectors" of the Codification of Monetary, Financial, Securities, and Insurance Resolutions, with the following text:

"The signs (+) or (–) can be assigned to categories to indicate their relative position within the same category. The grading of rating categories must be carried out in accordance with the criteria established in the rating methodology."

ARTICLE SEVENTH.- Substitute the text of Article 58 "Categories of Managed Investment Funds" of Section III "Risk Categories Applicable to the Securities System", Chapter II "Risk Rating", Title I "Unified Standard for Risk Rating Agencies and Risk Rating Applicable to the Financial, Securities, and Insurance Systems", Book V "Common Application Norms for Regulated Sectors" of the Codification of Monetary, Financial, Securities, and Insurance Resolutions, with the following text:

"The rating categories for managed investment funds are defined according to their capacity to meet investment objectives and manage the risks inherent to their operation. The rating will take into account factors such as portfolio quality, investment policy, risk management, cost structure, and technical, financial, legal, and operational aspects of the fund administrator. Ratings will be grouped into the following categories: AAA: The fund presents excellent capacity to meet its investment objectives. It has a portfolio of

Resolution No. JPRF-T-2025-0166 Page 6 of 8

---

Address: Av. Amazonas between Pereira and Unión Nacional de Periodistas Financial Management Governmental Platform. Red Block, 8th floor | Postal Code: 170507 | Quito - Ecuador |

Risk Rating Applicable to the Financial, Securities, and Insurance Systems", Book V "Common Application Norms for Regulated Sectors" of the Codification of Monetary, Financial, Securities, and Insurance Resolutions, with the following text:

"The rating categories for managed investment funds are defined according to their capacity to meet investment objectives and manage the risks inherent to their operation. The rating will take into account factors such as portfolio quality, investment policy, risk management, cost structure, and technical, financial, legal, and operational aspects of the fund administrator. Ratings will be grouped into the following categories: AAA: The fund presents excellent capacity to meet its investment objectives. It has a portfolio of high-quality assets, low risk, and effective risk management."