NOTE 21 CONTINGENCIES
Given the nature of the Company's activities, Moody’s and its subsidiaries are subject to legal and tax proceedings, governmental, regulatory and legislative investigations, subpoenas and other inquiries, and claims and litigation by governmental and private parties that are based on ratings assigned by MIS or that are otherwise incidental to the Company’s business. Moody’s and MIS also are subject to periodic reviews, inspections, examinations and investigations by regulators in the U.S. and other jurisdictions, any of which may result in claims, legal proceedings, assessments, fines, penalties or restrictions on business activities. Moody’s also is subject to ongoing tax audits as addressed in Note 17 to the consolidated financial statements.
Management periodically assesses the Company’s liabilities and contingencies in connection with these matters based upon the latest information available. For claims, litigation and proceedings and governmental investigations and inquiries not related to income taxes, the Company records liabilities in the consolidated financial statements when it is both probable that a liability has been incurred and the amount of loss can be reasonably estimated and periodically adjusts these as appropriate. When the reasonable estimate of the loss is within a range of amounts, the minimum amount of the range is accrued unless some higher amount within the range is a better estimate than another amount within the range. In instances when a loss is reasonably possible but uncertainties exist related to the probable outcome and/or the amount or range of loss, management does not record a liability but discloses the contingency if material. As additional information becomes available, the Company adjusts its assessments and estimates of such matters accordingly. Moody’s also discloses material pending legal proceedings pursuant to SEC rules and other pending matters as it may determine to be appropriate.
In view of the inherent difficulty of assessing the potential outcome of legal proceedings, governmental, regulatory and legislative investigations and inquiries, claims and litigation and similar matters and contingencies, particularly when the claimants seek large or indeterminate damages or assert novel legal theories or the matters involve a large number of parties, the Company often cannot predict what the eventual outcome of the pending matters will be or the timing of any resolution of such matters. The Company also may be unable to predict the impact (if any) that any such matters may have on how its business is conducted, on its competitive position or on its financial position, results of operations or cash flows. As the process to resolve any pending matters progresses, management will continue to review the latest information available and assess its ability to predict the outcome of such matters and the effects, if any, on its operations and financial condition and to accrue for and disclose such matters as and when required. However, because such matters are inherently unpredictable and unfavorable developments or resolutions can occur, the ultimate outcome of such matters, including the amount of any loss, may differ from those estimates.
00011373602020-01-012020-12-310001137360sasb:FemaleMember2018-01-012018-12-31xbrli:pure0001137360sasb:MaleMember2018-01-012018-12-310001137360sasb:FemaleMember2019-01-012019-12-310001137360sasb:MaleMember2019-01-012019-12-310001137360sasb:FemaleMember2020-01-012020-12-310001137360sasb:MaleMember2020-01-012020-12-310001137360sasb:GenderNotAvailableOrNotDisclosedMember2020-01-012020-12-3100011373602019-01-012019-12-3100011373602020-12-31mco:employeemco:breachmco:customer0001137360sasb:ProfessionalIntegrityMember2020-01-012020-12-31iso4217:USD

XBRL Example - Moody’s SASB Report 2020

We have participated in the XBRL tagging pilot program in an effort to help advance more standards-based and comparable disclosure. Because the taxonomy for the tags is still being developed, not all are specifically applicable to our disclosure. We have made an effort to find applicable tags in order to make our information as comparable to others as possible. In addition, historical, current, and forward-looking sustainability-related statements may be based on standards for measuring progress that are still developing, internal controls and processes that continue to evolve, and assumptions that are subject to change in the future.




Moody’s SASB Report 2020
The Sustainability Accounting Standards Board (SASB) connects businesses and investors to the
financial impacts of sustainability. Moody’s reports in accordance with the SASB Standard for
Professional & Commercial Services industry. Moody’s will continue to examine ways to adjust its
disclosures as these topics change over time.
CONTENTS
Sustainability Disclosure Topics and Accounting Metrics
Data security
Workforce diversity and engagement
Unless otherwise noted, this document covers all of Moody’s Corporation (NYSE: MCO) and its subsidiaries, and all Professional integrity
quantitative data covers the period from January 1 to December 31, 2020.
Activity Metrics
Number of employees by:
(1) full time and part time, (2) temporary and (3) contract

SUSTAINABILITY DISCLOSURE TOPICS AND ACCOUNTING METRICS
TopicAccounting MetricCategoryCodeMoody’s Response
Data securityDescription of approach to identifying and addressing data security risksDiscussion and analysisSV-PS-230a.1
Moody’s protects the data and security of its stakeholders, investing in world-class IT systems and infrastructure. Moody’s employees uphold its security-first philosophy, and the Company holds its third-party partners to this same standard.
Moody’s is committed to developing and maintaining a best-in-class information security program that addresses, among other areas, privacy and data security, including of its customers’ data. Moody’s program integrates the Company’s business objectives with industry and internal best practices to provide a foundation for decision-making regarding the management, security and use of data within the organization. All employees receive global privacy and information security training at onboarding and periodically thereafter. Data is safeguarded based on requirements and controls determined by Moody’s Information Risk and Security, which include access and right-of-use controls. Security controls are periodically evaluated by Internal Audit.
The global pandemic and remote work raised new threats in cybersecurity and the growing intersection of supply chains, connectivity and access to data is increasing the potential for cyber attacks. As a result, Moody’s built on its existing disaster preparedness capabilities for working from home with enhanced training on new methods for cyber-attack management. The Company continued to monitor and strengthen its IT infrastructure and partner with leading organizations to share cuttingedge security solutions.
Security management
Moody’s combines expertise and technological innovation to outpace emerging threats. The Company’s employees take cybersecurity training to better recognize and respond to potential threats, including attack and phishing simulation exercises several times a year. Moody’s provides training portals on emerging cyber threats that help educate software-development teams on secure coding practices.
Data privacy
Moody’s policies comply with the data privacy laws in the jurisdictions in which it operates. Moody’s Privacy Policy explains how the Company collects personal information, how it uses, discloses and protects such information, and the choices its customers have concerning use of such data.
Reasonable organizational and technical measures were implemented to protect personal information within Moody’s organization, and the Company’s employees are required to take privacy and information security training that covers these concepts.


TopicAccounting MetricCategoryCodeMoody’s Response
Data security
Description of approach to identifying and addressing data security risks (continued)
 
Discussion and analysis
SV-PS-230a.1

Moody’s meets data governance obligations through:
» a dedicated and specialist Privacy team, internal data privacy policies and procedures, and a dedicated data subject rights process;
» enterprise-wide data privacy training for all employees at onboarding and periodically thereafter, and awareness and additional role-based training and guidance for teams handling personal data;
» Information Risk & Security teams, policies and procedures, including cybersecurity, incident management response and vendor cybersecurity;
» an Incident Response Management Plan involving all relevant departments; and
» a requirement that key vendors complete security assessments and execute appropriate terms to their vendor agreements if they are to process personal data controlled by Moody’s.
Technology risks for the Company and how they are addressed are disclosed in Item 1A – Risk Factors of Moody’s 2020 Form 10-K on pages 38–39.
For more information, see Moody’s 2020 Stakeholder Sustainability Report, Data privacy, page 10.
Description of policies
and practices relating to collection, usage, and retention of customer information
Discussion and analysis
SV-PS-230a.2
Moody’s policies comply with the data privacy laws in the jurisdictions in which the Company operates. Moody’s Privacy Policy explains how the Company collects personal information, how it uses, discloses and protects such information, and the choices its customers have concerning use of such data.
Reasonable organizational and technical measures were implemented to protect personal information within Moody’s organization, and the Company’s employees are required to take privacy and information security training that covers these concepts.
Moody’s privacy notices are publicly available online at:
(1) Number of data breaches, (2) percentage involving customers; confidential business information (CBI) or personally identifiable information (PII), (3) number of customers affected.QuantitativeSV-PS-230a.3
Moody’s does not disclose specific information in this area due to confidentiality constraints. Please see Moody’s Privacy Policy to learn more about its approach to customer privacy



TopicAccounting MetricCategoryCodeMoody’s Response
Workforce diversity and engagementPercentage of gender
and racial/ethnic group representation for
(1) executive management
and (2) all other employees		QuantitativeSV-PS-330a.1
Gender statistics: global workforce1
201820192020
Employee category2
FemaleMaleFemaleMaleNot disclosed FemaleMaleNot disclosed
Executives26%74%30%70%33%67%0%
Senior managers33%67%33%67%33%67%0%
Mid-level managers32%68%33%67%33%67%0%
First-level managers39%61%37%63%37%63%0%
Non-managers50%50%48%52%48%51%1%
Total41%58%1%41%58%1%
Race and ethnicity statistics: United States1
20192020
White49%49%
Underrepresented groups3
46%46%
Not disclosed5%5%
Race and ethnicity statistics: United States officers and managers4
2020
White53%
Underrepresented groups3
43%
Not disclosed4%
1 The data represents employees that are integrated in Moody’s IT systems. For 2020, this coverage is approximately 85% of the total Moody’s full-time equivalent employees as reported in the 2020 Form 10-K. Non-employees (such as non-payroll consultants) and temporary employment workers (such as interns) are excluded from the analysis. Headcount as of December 31 of respective year.
2 Executives represent managing directors, executive directors and CEO direct reports; senior managers represent senior vice presidents and senior directors; mid-level managers represent vice presidents and directors; first-level managers represent assistant vice presidents and associate directors; non-managers represent managers, associates and analysts.
3 Underrepresented groups include those who identified as Asian, Hispanic, Black, Native American/Alaskan Native, Hawaiian/Other Pacific Island or two or more races.
4 Officers and managers are calculated using the job categories: executives, senior managers, mid-level managers and first-level managers. The data is based on Company records and may involve estimates or assumptions.
Moody’s is an equal opportunity employer and does not make employment decisions on the basis of race, ethnicity, gender or any other protected characteristic.
Moody’s recognizes that many different factors – for example, business growth and related new openings, successful recruitment of diverse applicants, and turnover
– will play key roles in whether or not the Company achieves its goals. Where it is within its control, the Company is focusing on each of these factors to create a robust diversity, equity and inclusion strategy that reflects its desire to be a market leader in this space.



TopicAccounting MetricCategoryCodeMoody’s Response
Workforce diversity and engagement(1) Voluntary and (2) involuntary turnover rate for employeesQuantitativeSV-PS-330a.2
Employee turnover rate1
20192020
Voluntary turnover12%7%
Involuntary turnover3%4%
The decline in the Company’s voluntary turnover rates in 2020 compared to 2019 is likely due to the effects of COVID-19 on the labor market
1 The data represents employees that are integrated in our IT systems. For 2020, this coverage is approximately 85% of the total Moody’s full-time equivalent employees as reported in the 2020 Form 10-K. Non-employees (such as nonpayroll consultants) and temporary employment workers (such as interns) are excluded from the analysis. Headcount as of December 31 of respective year.
Employee engagement as QuantitativeSV-PS-330a.32019 *2020 **
a percentage
Employee engagement score2
7176
* Employees participating in employee engagement surveys in 2019 - 87%
** Employees participating in employee engagement surveys in 2020 - 86%
The 2020 global benchmark is 74.3
2 Moody’s engagement score consists of an average of two questions: “How happy are you at Moody’s?” and” Would you recommend Moody’s?”.
3 Glint’s global benchmark definition: “Cross-client, cross-industry and cross-country, Glint’s global benchmark represents companies that have a home base in various countries and may or may not operate outside of their home country. Combining panel and employee data, our benchmarks include employees from well over 500 companies that have greater than 5,000 employees each, of which over 50 companies have over 100,000 employees each. Respondents are included from over 150 countries. Given our unique approach, our benchmarks represent tens of millions of employees.”


TopicAccounting MetricCategoryCodeMoody’s Response
Professional integrityDescription of approach
to ensuring professional integrity		Discussion and analysisSV-PS-510a.1
Every Moody’s employee, as well as each member of the Board of Directors, is required to abide by Moody’s Code of Business Conduct, which outlines the principles and policies they are expected to follow in their daily business activities. The Legal department is responsible for updates and distribution of the Code. HR is responsible for distribution of the Code to new employees.
The Code, which is revised and republished at least every two years, is available in 11 languages: Arabic, Chinese, Dutch, English, French, Japanese, Korean, Portuguese, Russian, Slovak and Spanish. Upon hiring and periodically thereafter, including when a new version is published, all employees must certify that they have read, understand and will adhere to the Code. View Moody’s Code of Business Conduct and other corporate governance documents: bit.ly/moodyscgsp.
In addition to the Code of Business Conduct, Moody’s Investors Service has a Code of Professional Conduct that governs the credit rating process.
Moody’s has implemented a Supplier Code of Conduct describing its expectations of incumbent and prospective vendors in the areas of business integrity, labor practices, employee health and safety, diversity and inclusion, and environmental stewardship.
In 2020, Moody’s published its Human Rights Statement, which provides an overview of how Moody’s endeavors to meet its responsibility to respect human rights.
Moody’s is committed to fostering a culture and work environment in which all employees feel comfortable asking questions, seeking advice and raising issues that are important to them, including reporting allegations of non-compliance with laws, regulations and policies. The Company elevates voices and concerns through its Open Door Policy, which supports employees in holding frank discussions with their immediate supervisors or other senior managers, as well as with members of the Compliance, HR and Legal departments. As part of this policy, Moody’s prohibits, and does not tolerate, any form of retaliation against employees who raise concerns in good faith.
All employees have a number of channels to report concerns: managers; HR, Compliance and Legal departments; and the Integrity Hotline. The Integrity Hotline allows employees to report any suspected wrongdoing anonymously, is staffed by a third party and is available at all times and in multiple languages. Reports made via the Integrity Hotline are forwarded to Moody’s Legal and Compliance departments for follow-up, and all reports of suspected violations are promptly investigated and remediated.
Finally, Moody’s provides extensive compliance and ethics training both to new employees and to existing employees to help reinforce the resources available to them to raise concerns and ask questions and as an integral part of their overall professional development. Depending on the line of business and work location, within their first 90 days of employment, new hires to Moody’s must complete between five and eight-and-a-half hours of online training that is aligned with Moody’s codes of conduct and policies. This training is designed to help Moody’s employees clearly understand and execute their ethical responsibilities and regulatory obligations.
Learn more about Moody’s mechanisms for reporting concerns and receiving advice about potential policy violations or ethical issues in its Code of Business Conduct (pages 11–13).
In 2020, Moody’s deployed or conducted over 35 mandatory online and instructor-led courses to educate and refresh the knowledge of existing employees on compliance policies and codes of conduct.
Total amount of monetary losses as a result of legal proceedings associated with professional integrityQuantitativeSV-PS-510a.2
Material legal proceedings for the Company are disclosed in Note 21, Contingencies, on page 127 of Moody’s 2020 Form 10-K.





Activity MetricCategoryCodeMoody’s Response
Number of employees by:
(1) full time and part time, (2) temporary, and (3) contract		QuantitativeSV-PS-000.A
As of December 31, 2020, the number of Moody’s full-time equivalent employees was 11,490. The majority of Moody’s employees are employed on full-time contracts. A proportion of the Company’s employees are part time, and their terms and conditions are otherwise the same as for full-time staff. Moody’s may engage temporary employees, contractors and consultants for a variety of business purposes. There are no significant variations in Moody’s employment numbers during the year (such as seasonal variations).
Global employee breakdown by gender1
20192020
Male58%58%
Female41%41%
Not disclosed1%1%
Global employee breakdown by region2
20192020
Americas (excluding U.S.)633681
Asia-Pacific3,4643,401
EMEA3,0743,183
U.S.3,9094,225
For additional information on Moody’s workforce, see Moody’s 2020 Stakeholder Sustainability Metric Summary, page 3.
1 The data represents employees that are integrated in Moody’s IT systems. For 2020, this coverage is approximately 85% of the total Moody’s full-time equivalent employees as reported in the 2020 Form 10-K. Non-employees (such as non-payroll consultants) and temporary employment workers (such as interns) are excluded from the analysis. Headcount as of December 31 of respective year.
2 The data represents the total Moody’s full-time equivalent employees as reported in the 2020 Form 10-K. Headcount as of December 31 of respective year.










Questions? sustainability@moodys.com