Non-financial misconduct – embedding the new rules

Building on the FCA consultation paper, published in July 2025, the final policy reiterates that non-financial misconduct (including harassment, violence or bullying) can be a material risk. As such, it extends beyond HR’s remit and must be addressed within the regulatory framework. The new rules take effect from 1 September 2026 and won’t apply retrospectively. 

However, non-financial misconduct is inherently difficult to quantify, and it will be challenging to establish a perimeter for applying the rules with robust – yet proportionate – systems and controls. The new framework offers significant support through the updated Code of Conduct (COCON), changes to the Fit and Proper test for Employees and Senior Personnel (FIT) sourcebook, and supporting guidance. But these aren’t exhaustive, and firms will need to apply their own judgement over their application. 

Alignment with employment law

Non-financial misconduct does have similarities with employment law, but the former is broader. Firms should ensure they have a robust understanding of how these rules interact with each other, as well as broader legislation and regulatory approaches, as outlined below.

The Employment Rights Act 2025 

This introduced a prevention duty for employers to take all reasonable steps to prevent harassment both within the organisation and by third parties such as clients, customers and brokers. This is expected to take effect in October 2026.

The whistleblowing framework

Both chapter 18 of Senior Management Arrangements, Systems and Controls (SYSC) and the Public Interest Disclosure Act 1998 will include sexual harassment as a protected disclosure from 6 April 2026.

New rules on use of non-disclosure agreements

From 6 January 2026, clauses that stop workers speaking about harassment or discrimination (including the employer’s response) are void.  

Inclusion of private life 

Under the new non-financial misconduct rules, firms may consider any facts or unproven allegations from a person’s private life when assessing fit and proper requirements – if they could pose a material risk to the organisation. This includes repeated minor legal infractions or incidents of personal misconduct. However, it will be particularly challenging for firms to establish where their remit begins and ends. 

Social media 

Individuals can lawfully express views on social media, even if controversial, and that doesn’t automatically mean they fail to meet fit and proper requirements – however, it may be taken into account. 

Non-financial misconduct – FCA issues updated guidance

Read more

Key implications across the financial sector 

The updated non-financial misconduct framework will introduce a range of sector-specific challenges, and it’s essential to consider how it will affect their risk profile. 

Investment banking 

Firms will need to strengthen their surveillance and governance processes around interpersonal conduct to prevent non-financial misconduct. This includes clear escalation routes and training for desk heads who now face explicit 'reasonable steps' duties to prevent and respond to workplace harassment or bullying. Enhanced FIT scrutiny will impact hiring, mobility, regulatory references, and the management of high-risk trading or advisory teams, where culture issues are closely linked to market integrity risks. 

Retail banking  

The expanded COCON scope covers conduct that involves any colleague, where it relates to the performance of their role. As such, frontline and branch network managers will need further training to identify and respond to non-financial misconduct. It's also important to note that behaviour of customer-facing staff at firm-supported social or community events may fall within scope. To meet these requirements, conduct rule notifications and FIT assessments will need more structured evidence.  

Wholesale and retail insurance

Underwriters and brokers will need a more standardised approach to handling non-financial misconduct across all areas of the market; the (Lloyd’s Underwriting) Room, broking environments, and firms’ front and back-office operations. Managers must be able to demonstrate proportionate and proactive steps to maintain psychologically safe workplaces.

FIT assessments will require improved documentation, particularly where allegations arise between market participants or at industry events which, under the guidance, may still be considered work-related and therefore fall within the scope of COCON. 

London market firms will also need to ensure their own conduct and non-financial misconduct frameworks can interoperate with Lloyd’s current and future byelaws and expectations, including any new elements introduced under the forthcoming Lloyd’s Market Conduct and Behaviours Framework (LMCBF). 

Asset and wealth management  

Smaller and mid-sized firms must formalise processes that have previously relied on informal culture management, namely: clear COCON scope mapping, investigations protocols, and governance for remediating non-financial misconduct. For portfolio managers and analysts, behaviours that affect team dynamics or decision-making (including remote working or online interactions) may now be in scope. Firms need to update their policies and training materials, with more robust FIT processes to include repeated minor issues or relevant conduct outside work. 

What are the proposed changes to SM&CR?

Read more

Next steps

Historically, issues of non-financial misconduct have been under-escalated, resulting in a higher tolerance for risk. This is due to a reliance on high-revenue producers, relationship-led environments, and informal power structures. Moving forward, these behaviours will fall under the remit of SM&CR as a conduct, rather than HR issue. They will be directly relevant to SM&CR’s fitness and proprietary assessments, and application of the conduct rules. As such, firms will be assessed on how they identify, escalate, and act on non-financial misconduct.

This will be challenging in its own right, but firms also need to bear in mind the proposed changes to streamline SM&CR, in addition to the new financial misconduct rules, to determine how the approaches work together. Key considerations when establishing the non-financial misconduct framework include:

• aligning with SM&CR over handling, and escalation of, serious non-financial misconduct issues
• factoring in non-financial misconduct when considering SM&CR judgements for fitness and propriety tests, or conduct rules (ensuring they play a genuine, and practical role beyond inclusion in policies and procedures)
• creating non-financial misconduct thresholds, metrics and escalation processes across different business units, divisions or in-group entities
• collecting, retaining and leveraging appropriate data to support Board-level decision making and enable effective regulatory supervision
• defining what constitutes a conduct rule breach (with clear thresholds for escalation) and converting existing HR misconduct processes into regulator-defensible SM&CR activity. 

With the compliance deadline looming, firms have a lot of work ahead to update their approach to non-financial misconduct, recognising that the underlying changes to culture will take longer to achieve.

For further information on the non-financial misconduct rules, contact Jon Sperrin.