Non-financial misconduct in the financial sector: regulatory risks for firms

Non-financial misconduct (NFM) is a highly topical area of increasing regulatory scrutiny.

It has its roots in the Me Too movement and is used by the Financial Conduct Authority (FCA) to describe behaviour including bullying, sexual harassment and discrimination, whether inside or outside of the workplace. The FCA views NFM as misconduct falling within the scope of its regulatory jurisdiction, notwithstanding that by its very essence, such misconduct is non­financial in nature.

It expects firms to have effective systems in place to identify and mitigate risks relating to NFM and has proposed a new set of rules to bring NFM more squarely within its regulatory framework. It is important that FCA authorised firms are aware of these proposals and are taking steps now to address the regulatory risks.

The FCA has consistently, and over a number of years, taken the view that NFM falls within its regulatory jurisdiction. However, it has faced challenges and criticism in its approach to regulating NFM and there has been a lack of clarity over the expectations of authorised firms.

In addition to a number of well-publicised letters and speeches voicing its concerns with respect to the prevalence of NFM in the financial sector, the FCA has imposed prohibition orders (prohibiting the relevant individual from performing any function in relation to any regulated activity) against a number of individuals in connection with criminal convictions, including convictions for sexual offences, sexual grooming of children and grievous bodily harm.

The most notable of these cases is the prohibition order issued to Jon Frensham in March 2021. Mr Frensham had a criminal conviction for attempting to meet a child following sexual grooming. The FCA issued a prohibition order to Mr Frensham on the basis that he lacked integrity as a result of his conviction (notwithstanding that he did not commit the offence at work and it did not involve dishonesty).

Mr Frensham referred the FCA's decision to the Upper Tribunal claiming that the FCA had wrongly applied the fitness and propriety test. While the Upper Tribunal upheld the FCA's decision to impose a prohibition order, it was critical of certain aspects of the FCA's case and reasoning. The Upper Tribunal considered that Mr Frensham's conviction was, by itself, insufficient to reach a finding that he lacked fitness and propriety. It criticised the FCA for too readily linking his misconduct outside of the office to the conclusion that he lacked fitness and propriety to perform his professional role. Notwithstanding this, the Upper Tribunal agreed with the outcome determined by the FCA on the basis of Mr Frensham's conduct after he was arrested and charged, including his failure to be open and transparent with the FCA and his breach of bail conditions.

The Frensham case illustrates some of the difficulties faced by the FCA in bringing regulatory action with respect to conduct which occurs in someone's personal life and the importance of evidencing the necessary link to an individual's professional integrity.

The current proposals

The FCA's current proposals are contained in its September 2023 consultation paper "Diversity and inclusion in the financial sector — working together to drive change". The consultation closed on 18 December 2023 and the final new rules are expected to be published in a policy statement later this year, and to come into force 12 months thereafter.

The consultation paper seeks to address some of the issues noted above by incorporating NFM more clearly into the regulatory framework. There are two key parts to the proposals: (i) rules which will apply to all FCA authorised firms; and (ii) additional requirements for "large" firms with more than 250 employees.

Under the proposals set out below, the FCA has proposed to set a base level requirement for all FCA authorised firms with the aim of reducing discrimination and misconduct across the financial sector.

First, the Conduct Rules (which apply to most employees within financial firms) would be amended to include express reference to NFM, such that is it clear that the rules cover "serious instances of bullying, harassment and similar behaviour" (paragraph 4.19 of the consultation paper).

Second, the FCA would amend the guidance to the "Fit and Proper Test for Employees and Senior Personnel" section of its handbook to explain that "bulling and similar misconduct within the workplace is relevant to fitness and propriety and that similarly serious behaviour in a person's personal or private life" is also relevant (paragraph 4.14 of the consultation paper). Firms must apply the fitness and propriety test, on an ongoing basis, to assess whether individuals performing senior management functions or certification functions are "fit and proper" to carry out their role.

Third, the FCA would amend the guidance to the suitability criteria for firms to operate in the financial sector to include offences such as sexual or racially motivated offences and court findings that the firm (or an associated person such as a director) has committed discrimination.

The FCA also has also proposed that all FCA authorised firms excluding "limited scope SMCR firms" (as defined within the FCA Handbook) annually report their number of employees.

In addition, the FCA has proposed further requirements for larger firms, which include: (i) introducing diversity & inclusion (D&I) strategies; (ii) setting targets to address underrepresentation; (iii) data reporting with respect to demographic characteristics, inclusion metrics and targets; (iv) public disclosures of D&I data; and (v) introducing D&I as a non-financial risk to be addressed within the firm's governance structures.

Separately, the FCA has written to firms in the insurance sector compelling them to provide data on NFM within their organisations. This letter appears to be the survey announced by the FCA during evidence to the Treasury Committee on 17 January, for the committee's inquiry into "Sexism in the City". The FCA has indicated that the banking sector will follow next.

The Treasury Committee has recently published its report on the Sexism in the City inquiry. The purpose of the inquiry was to consider whether enough is being done to tackle sexism and misogyny in the financial services sector. The findings are damning, with the report observing that "it is shocking to hear how prevalent sexual harassment and bullying, up to and including serious sexual assault and rape, still are in financial services, and how poorly firms handle allegations of such behaviours". The report concludes that not much had changed since the predecessor committee reviewed the matter in 2018.

Interestingly, the Treasury Committee's report raised concerns with respect to the FCA's proposal on data reporting, noting that this is likely to be treated by firms as another "tick box" compliance exercise, as opposed to driving cultural change. It remains to be seen how the FCA will address this on its review of the feedback to the policy proposals.

Issues for firms to consider

Firms should be thinking now about changes and enhancements they might need to make to their policies, processes and practices to ensure that they are aligned with the FCA's expectations in this area.

Firms are required to notify the FCA if they take disciplinary action for NFM that is a breach of the Conduct Rules and where they form the opinion that an individual may no longer satisfy the fit and proper test.

In order to comply with the requirements, it is important that firms have adequate systems in place to mitigate the risks associated with NFM. In particular, firms should consider whether their systems and controls address the risk areas outlined below.

Detect and escalate NFM incidents appropriately

Effective whistleblowing policies and procedures are crucial, as is fostering a "speak up" culture, which encourages employees to come forward with any concerns about the behaviours of others (including senior management). There has been a marked increase in the number of internal and external whistleblower reports over recent years and the FCA has indicated that a low number of whistleblower complaints at a firm is a possible indicator of poor culture.

Consider any additional training needs

Firms should consider whether additional training is required to support and educate staff and managers on D&I and culture issues, with specific reference to the risk areas identified by the FCA.

Foster a zero-tolerance culture toward sexual harassment and abuse

This requires complaints to be handled fairly, promptly and confidentially, with appropriate consequences for perpetrators and protection for victims.

Ensure regular communications between the HR and compliance teams to deal with and manage NFM incidents

Historically, complaints relating to issues such as bullying and sexual harassment may have been dealt with only by a firm's HR team, without involving the compliance function. This approach will no longer be appropriate for individuals within the scope of the regulatory framework.

Assess what may amount to "serious" misconduct

The proposed expansion of the Conduct Rules and the fitness and propriety test applies to "serious" instances of NFM. The FCA has not defined what "serious" means in this context and it therefore appears that it will be a matter for firms to assess on a case by case basis.

Accurately record NFM incidents

While it is currently unclear as to whether the FCA's data reporting proposals for large firms will be implemented, firms should ensure that they are keeping accurate and detailed records of NFM incidents (including how they were detected, escalated, managed and dealt with) so that they can respond to any regulatory inquiries appropriately.

The FCA proposals may change in their scope following the feedback to the consultation paper but at least one thing is certain: the regulatory focus on NFM is here to stay. 

This article was first published in the May 2024 issue of Financier Worldwide magazine.