The Rating Agencies' Problem: Why Blockchain Makes Their Business Model Hard to Justify

In 2008, Moody's and Standard & Poor's rated billions of dollars of mortgage-backed securities as investment grade — the highest designation of creditworthiness — weeks before those securities collapsed and helped trigger the worst financial crisis since the Great Depression. Both agencies had been paid by the banks that structured the securities to rate them. Neither faced meaningful legal or financial consequences. Both are still in business, still issuing ratings, still collecting fees from the issuers whose debt they evaluate.

The rating agency model has survived every scandal because it has been structurally necessary. Debt markets require a shared, legible signal about creditworthiness. Without it, every investor would have to conduct independent due diligence on every issuer — an impossible cost for any market operating at scale. Moody's, S&P, and Fitch exist because someone had to manufacture that signal, and once three firms established dominance, regulatory frameworks in the US and EU codified their status, requiring ratings for certain classes of institutional investment. The intermediary was mandated into permanence.

Blockchain doesn't eliminate the need for credit signals. It does something potentially more consequential: it makes a different kind of credit signal possible — one that is observable, auditable, and doesn't require trusting any single institution's judgment.

What Rating Agencies Actually Do

The core function of a rating agency is information aggregation under opacity. Issuers — governments, corporations, structured finance vehicles — provide financial data to agencies under non-disclosure agreements. Analysts at the agency review that data, apply proprietary models, and produce an opinion: AAA, Baa2, BB+, and so on down the scale. Investors who don't have access to the underlying data, or don't have the resources to analyse it, use the rating as a proxy.

The structural problem is the payment model. Issuers pay for ratings. An issuer who receives an unfavourable preliminary rating can shop for a more generous one — a practice documented extensively in the academic literature and confirmed in post-2008 congressional testimony. The agency's incentive is to maintain the relationship with the issuer, which creates pressure, however subtle, on the rating. This is not a theoretical concern. It is a mechanism that demonstrably produced AAA ratings on securities that defaulted within months.

The deeper problem is opacity itself. The rating is an opinion, not a data product. Investors cannot see the underlying analysis, cannot reproduce the model, cannot verify the inputs. They are trusting the agency's judgment and, implicitly, its incentives — both of which have repeatedly proven unreliable.

What On-Chain Credit History Offers Instead

Public blockchains are, among other things, an immutable ledger of financial behaviour. Every transaction, every loan origination, every repayment, every default, every liquidation is recorded publicly and permanently. For entities that operate on-chain — DeFi protocols, tokenised funds, on-chain treasuries, blockchain-native businesses — this creates something that has never previously existed: a complete, auditable, tamper-resistant credit history.

Credora, a crypto credit intelligence firm founded in 2020, has built an institutional credit assessment platform that uses real-time on-chain data as its primary input. Rather than a periodic rating based on disclosed financials, Credora provides continuous monitoring of on-chain positions — collateralisation levels, leverage exposure, liquidity, counterparty risk. For institutional lenders extending credit to crypto-native borrowers, this is a materially different product from a Moody's rating: it is current rather than retrospective, observable rather than opaque, and continuous rather than point-in-time.

Goldfinch, an on-chain lending protocol, takes a different approach to the same problem. It operates a decentralised credit assessment system in which auditors stake capital to back their assessments — they have skin in the game. If a borrower they approved defaults, auditors lose part of their stake. This is an attempt to solve the issuer-pays conflict of interest structurally rather than through regulation: the assessor's incentive is accuracy, not relationship management.

Neither model has yet operated at the scale or across the asset classes where traditional rating agencies are dominant — corporate bonds, sovereign debt, structured finance. That is the honest constraint. But the directional logic is clear: as more financial activity moves on-chain, the data that currently requires a rating agency to interpret becomes directly observable.

The Regulatory Moat and How Durable It Is

The rating agencies' durability is not primarily a function of analytical quality — the 2008 record disposes of that argument. It is a function of regulatory entrenchment. The SEC's designation of Moody's, S&P, Fitch, KBRA, DBRS, and a handful of others as Nationally Recognised Statistical Rating Organisations (NRSROs) gives their ratings a specific legal status. Money market funds, pension funds, and insurance companies operating under US regulation are required to hold only securities rated above certain thresholds by NRSROs. The rating is not a market preference — it is a legal prerequisite for a large portion of institutional capital.

This regulatory moat is real and should not be minimised. It means that even if on-chain credit assessment were demonstrably superior to Moody's methodologically — which it is not yet, for traditional asset classes — it would face a decade of regulatory process before institutional capital could substitute one for the other. The SEC's NRSRO designation process is slow by design, and incumbents have every incentive to participate in the regulatory process in ways that raise barriers to new entrants.

The more plausible near-term scenario is not replacement but bifurcation. Traditional rated debt for traditional institutional investors; on-chain credit assessment for on-chain capital markets. As tokenised assets grow as a share of total capital markets activity — a process that is underway but will take years to reach material scale — the on-chain credit infrastructure will grow with it. At some point, regulators will face pressure to recognise on-chain credit assessment for tokenised securities, because the alternative is requiring a Moody's rating for an asset whose entire financial history is publicly readable on Ethereum.

The Specific Vulnerability: Structured Finance

If there is one segment of the rating agency business most exposed to on-chain disruption in the medium term, it is structured finance — the category that includes collateralised loan obligations, asset-backed securities, and mortgage-backed securities. This is also, not coincidentally, the category that produced the most spectacular rating failures in 2008.

Structured finance rating is complex because the underlying asset pool is dynamic: loans are originated, paid down, prepaid, or default over the life of the security. Rating agencies model expected cash flows under different scenarios and rate the security's tranches — the senior tranches absorb losses last and receive the highest ratings; junior tranches absorb losses first and receive lower ratings. The models are proprietary, the inputs are provided by the issuer, and the ongoing monitoring of the asset pool has historically been inadequate.

Tokenised credit pools — of which there are now several operating on-chain, including deals structured by Centrifuge and Maple Finance — put the asset pool on-chain. Every loan in the pool, its origination date, its outstanding balance, its payment history, and its delinquency status are recorded on a public ledger. Any market participant can run their own analysis on the pool at any time. The information asymmetry that makes a rating agency necessary in traditional structured finance is structurally reduced.

Centrifuge has processed over $600 million in real-world asset financing through its on-chain protocol. Maple Finance, which focuses on institutional crypto lending, has originated over $4 billion in loans since its launch. Neither number is large relative to the traditional structured finance market, which runs into the tens of trillions. But both represent proof that the infrastructure can handle real transactions at institutional scale.

What Moody's and S&P Are Actually Doing About This

Both firms have made visible moves toward the on-chain world, though the strategic logic of those moves varies. Moody's launched an on-chain smart contract scoring system in 2023, assigning scores to DeFi protocols based on governance structure, code quality, and financial metrics. S&P Global has issued assessments of stablecoin stability and, separately, of specific DeFi protocols.

The cynical read of these moves is that they are defensive — an attempt to establish brand presence in a market that might otherwise develop without them. The more charitable read is that the agencies understand their core competency (interpreting complex financial data for institutional audiences) is transferable to on-chain contexts, even if the data source changes.

The honest assessment is that neither reading is clearly wrong. If on-chain capital markets reach scale, there will be demand for institutional-grade credit analysis of on-chain instruments. The incumbents have brand recognition, regulatory relationships, and analytical infrastructure that new entrants lack. What they do not have is credibility on the specific question of whether issuer-pays rating models produce reliable assessments of creditworthiness — a question the last twenty years have not answered in their favour.

The infrastructure of trust in debt markets is being rebuilt from the data layer up. Rating agencies built their business on information asymmetry. As that asymmetry shrinks — slowly, unevenly, asset class by asset class — the business model shrinks with it. Not overnight, and not without resistance. But the direction is not ambiguous.