Author: Matt Storey
01 May 2025
Non-financial misconduct is firmly on the regulatory radar.
For years, financial services firms have centred their Communications Surveillance programmes around mitigating the risks of financial misconduct, focusing on behaviours such as insider dealing, price manipulation, and collusion. Regulatory bodies, spearheaded by the UK's Financial Conduct Authority (FCA), are unequivocally signalling a paradigm shift. “Non-financial misconduct” (NFM) refers to unethical or inappropriate behaviour by individuals that does not involve financial wrongdoing, but which nonetheless breaches expected standards of conduct. In plain terms, it covers how people in an organization treat others - whether colleagues, clients, or subordinates - when it comes to respect, inclusion, and integrity. Crucially, regulators have made clear that such misconduct is still misconduct, even if no markets are manipulated.
The FCA has explicitly stated that firms must prioritise NFM, viewing it as a critical indicator of organisational health and a potential precursor to wider harms.
Historically, many behaviours now labelled as NFM might have been handled primarily by Human Resources (HR). However, the FCA's explicit linkage of NFM to its statutory objectives - market integrity and consumer protection - via its impact on firm culture elevates these issues to a regulatory matter demanding compliance oversight.
This blog aims to provide compliance professionals with a comprehensive overview of the NFM landscape, detailing regulatory expectations, cultural implications, broader risk connections, surveillance challenges, and the future outlook, thereby equipping them to navigate this emerging frontier.
Prefer to listen? Take this blog on the go with our AI-generated podcast by listening here.
Beyond HR: Non-financial misconduct is a regulatory priority, with the FCA and other agencies treating toxic workplace behaviours as critical indicators of firm culture and integrity.
Global Regulatory Landscape: While the FCA in the UK has explicitly tackled NFM under the Conduct Rules and SM&CR, US regulators (SEC, FINRA, CFTC) also address it through existing supervision and disclosure rules.
Accountability & Enforcement are Real: High-profile cases (e.g., Odey, Frensham) underscore regulators’ willingness to pursue individuals for NFM.
Practical Framework for Action: Addressing NFM requires a three-pronged approach: Culture (tone from the top), Proactive Detection (targeted, mature surveillance), Reactive Controls (impartial investigations, consistent discipline).
Examples of non-financial misconduct can range from a manager bullying an employee, to sexual harassment at a company social event, to racist or sexist remarks in emails or chats, or even reacting to a message with an inappropriate emoji. It also includes behaviours such as intimidation or humiliation of colleagues, fostering a hostile work environment, or turning a blind eye to discrimination. These incidents may occur in the office, on trading floors, in virtual meetings, or even off-site at work-sponsored events - regulators consider all such work-related contexts in scope. For instance, an off-colour joke in a team chat or a pattern of excluding certain staff from meetings due to bias would fall under non-financial misconduct. The common thread is a violation of professional conduct standards that undermines the culture and ethics of the firm, rather than directly violating financial laws.
A core challenge for firms is the lack of a single, exhaustive regulatory definition of NFM. The FCA employs the term broadly to capture a spectrum of behaviours detrimental to a healthy workplace culture and potentially impacting regulatory objectives.
Bullying
Discrimination (e.g., race, gender, disability, or potentially broader ‘demographic characteristics’ like socio-economic background)
Intimidation (threats or coercion in the workplace)
Misuse of company resources (e.g., expenses)
Sexual harassment
Substance or alcohol misuse in a work context
Violence or threats of violence
In practice, however, NFM can include additional forms of inappropriate behaviour, from offensive remarks in internal chats to repeated favouritism by managers. Hence, the concept is intentionally broad, ensuring that any behaviour undermining an ethical, inclusive workplace can be flagged.
Compounding the definitional challenge, the FCA has deliberately avoided defining what constitutes 'serious' NFM for the purposes of triggering COCON breaches or impacting FIT assessments. Firms are expected to make this judgement on a case-by-case basis. Proposed guidance offers some factors to consider such as whether the conduct was repeated (especially after warnings), the seniority of the perpetrator relative to the victim, and whether the conduct was discriminatory in nature. This lack of a bright-line test reinforces the need for firms to develop their own clear, documented, and consistently applied principles for evaluating the severity of NFM incidents.
The breadth of this concept is underscored by the FCA's 2021-2023 NFM survey, where 41% of reported incidents fell into an 'other' category defined by the firms themselves, highlighting the diverse nature of behaviours firms are grappling with and the potential difficulties in consistent labelling. The FCA uses the term 'incident' neutrally to describe any alleged or confirmed occurrence of NFM reported to or identified by the firm, regardless of whether it met formal reporting thresholds.
Different regulators have their own rule frameworks, but they converge on a similar message: individuals in finance must uphold high standards of integrity and ethical behaviour, and firms must address lapses seriously.
The FCA has been very explicit that it views non-financial misconduct as relevant to its conduct rules and fitness standards. Under the FCA’s Senior Managers & Certification Regime (SM&CR), all employees are subject to Individual Conduct Rule 1: “You must act with integrity.” A person who engages in harassment or bullying could be found in breach of this rule, as such behaviour shows a lack of integrity or honesty. In a high-profile recent case, the FCA fined and banned hedge fund manager Crispin Odey for a lack of integrity - he had interfered with his firm’s internal disciplinary process into longstanding sexual harassment allegations. Importantly, the FCA emphasized that senior managers should expect scrutiny of how even their conduct outside of work can impact their fitness and propriety to hold regulated roles. In other words, a bank executive’s drunken misconduct at a private party or a discriminatory post on social media might prompt regulatory questions about that person’s suitability to lead. The FCA’s Chief Executive, Nikhil Rathi, noted in a recent consultation foreword that cultures “in which allegations are ignored” are a regulatory concern because they undermine the firm’s ability to meet the standards Parliament set for the FCA. All this is backed by the FCA’s overarching principle that firms must conduct business with integrity and have effective governance. The regulator’s stance is summed up by an earlier statement from its Enforcement Director: “The FCA expects high standards of character, probity and fitness and properness from those who operate in the financial services industry and will take action to ensure these standards are maintained.”
A fundamental challenge for US compliance professionals is the lack of a uniform definition of NFM across the SEC, CFTC, and FINRA. Unlike the UK FCA, which has explicitly defined NFM to encompass behaviours like bullying, discrimination, and sexual harassment or misconduct , US regulators address these underlying behaviours through various existing lenses.
In the US, terms like "workplace misconduct," "unethical conduct," "conduct inconsistent with just and equitable principles of trade" (FINRA Rule 2010), "failure to supervise" (FINRA Rule 3110, CFTC Rule 166.3), or conduct impacting "fitness and propriety" (CFTC Part 3) often serve as the operative concepts through which NFM-related issues are addressed.
Consequently, US regulators primarily tackle NFM by applying existing rules related to:
Disclosure & Internal Controls (SEC): Assessing whether firms accurately disclose risks tied to their workforce and culture, and possess adequate controls to evaluate these risks.
Supervision (FINRA, CFTC): Determining if firms adequately supervise employee conduct to prevent rule violations and misconduct.
General Conduct Standards (FINRA): Evaluating whether conduct aligns with "high standards of commercial honor and just and equitable principles of trade".
Registrant Fitness (CFTC): Considering if misconduct impacts an individual's fitness for registration.
Whistleblower Protections (SEC, CFTC): Ensuring firms do not impede the reporting of potential violations, including misconduct.
A cornerstone of the SEC's approach involves Exchange Act Rule 13a-15(a), which mandates that public companies maintain disclosure controls and procedures (DCP). A notable example was the case of Activision Blizzard (a gaming company) in 2023: the SEC fined the company $35 million for failing to maintain adequate disclosure controls to collect and analyse employee complaints of workplace misconduct. Because the company lacked systems to understand the volume and severity of harassment claims, management couldn’t assess if there were material issues that needed to be disclosed to investors. An SEC official cautioned that without such controls, firms “lack the means to determine whether larger issues existed that needed to be disclosed to investors”. In addition, the SEC charged the company with violating whistleblower protection rules for using separation agreements that could silence staff. The clear takeaway is that even in the U.S., severe cultural problems (and how they’re handled internally) can rise to the level of securities law violations - for instance, if they reflect management’s failure to ensure proper internal controls or if investors are misled about why key executives left.
Feature | US Approach (SEC/CFTC/FINRA Composite) |
UK FCA Approach |
Regulatory Framework | Indirect, fragmented, leverages existing rules | Explicit, aims for unified framework (proposed) |
Key Rules Leveraged |
SEC: Exchange Act Rules 13a-15(a), 21F-17 CFTC: Rule 166.3, Part 3 FINRA: Rules 3110, 2010; Form U5 |
COCON, FIT, COND (proposed integration) |
Definition of NFM | Implicit; varies by regulator/context (workplace misconduct, failure to supervise, unethical conduct, impact on fitness) | Explicitly defined scope (bullying, harassment, discrimination, sexual misconduct) |
Primary Focus | Impact of NFM on disclosure, supervision, market integrity, investor protection, registrant fitness | The conduct itself as a potential breach; firm culture, psychological safety, D&I |
Enforcement Mechanism | Actions for related rule breaches (e.g., disclosure control failure, supervisory lapse, impeding whistleblowers) | Direct enforcement for NFM breaches under new rules (intended, but currently lacking) |
Data Collection | Less systematic/public regarding NFM specifically | Formal NFM surveys conducted; potential future reporting requirements (D&I reporting paused) |
Current Status | Existing rules actively enforced in NFM-related contexts | Explicit NFM rules delayed (next steps expected June 2025); lack of recent direct NFM enforcement actions |
In 2023, the FCA undertook a survey of over 1,000 wholesale financial firms (banks, asset managers, insurers, brokers) to collect data on non-financial misconduct incidents. The results, published in early 2025, were eye-opening. Across those firms, reported allegations of non-financial misconduct jumped from 1,363 in 2021 to 2,347 in 2023. That’s nearly a thousand additional incidents within two years - roughly a 70% increase. The survey found that the most commonly reported categories were bullying/harassment (26%) and discrimination (23%) of all incidents, with a large portion (41%) categorized as “other” types of misconduct. “Other” included things like intimidation, inappropriate language or communications, and even breaches of company policy that blur the line between pure conduct and performance issues. The FCA also learned how firms detect these issues - unsurprisingly, about half of incidents came through reactive channels like employee grievances or whistleblowing hotlines, but firms also reported using proactive monitoring to catch some problems. Disciplinary action was taken in 43% of cases, but in many others the outcome was no action or inconclusive, which raises questions about consistency. The FCA has signaled that it expects firms to benchmark themselves against these findings - i.e. to ask, “Are we finding and handling at least this many issues? If not, are we under-reporting or truly better?” - and to strengthen their culture accordingly. The survey was not a one-off; it provided a baseline for the FCA to track progress and to inform future rules.
Key Metric | Finding / Percentage | Notes |
Incident Trend (2021-2023) | +72% increase in reported incidents | FCA cautions interpretation (may reflect better reporting) |
Top NFM Types Reported | Bullying & Harassment (26%), Discrimination (23%), Other (41%) | Sexual Harassment reported at 6-16% (potential underreporting) |
Primary Detection Method | Formal Grievances (50%) | Reactive methods dominate; Surveillance detection low (1-10%) |
% Cases with Disciplinary Action | 43% overall | Higher for Violence/Intimidation (73%), Sexual Harassment (64%) |
% Cases 'Not Upheld' | Discrimination (62%), Bullying/Harassment (47%) | Raises questions about investigation effectiveness/evidence |
% Remuneration Adjustment Used | Rare (across all sectors) | Primarily applied to unvested variable pay when used |
% Board MI Gap | 38% (No board/committee MI on NFM) | Indicates significant oversight gap |
% Governance Structure Gap | 33% (No formal structure for NFM outcomes) | Suggests lack of dedicated process in many firms |
% Stated Intent to Include NFM in References | 92% | Actual inclusion increasing but still relatively low |
FCA officials have been increasingly vocal following the publication of the above survey results. In a February 2025 speech titled “Culture is Contagious,” Emily Shepperd underscored that “one of the clearest warning signs of a failing culture is non-financial misconduct - behaviours like bullying, harassment and discrimination.” She highlighted the survey’s statistic of ~2,347 allegations in 2023 (about 9 per day across the sector), using it to dispel any notion that these issues are rare or limited to a few bad apples.
More importantly, she made a connection between toxic workplace culture and risk to markets and consumers, as discussed earlier, framing healthy culture as a prerequisite for growth and innovation in financial services. The FCA has also used more direct communications: in January 2025, a “Dear CEO” letter to wholesale brokers listed “broker conduct and culture” as a supervisory focus for the coming year, warning that firms must have controls to detect misconduct and that the FCA will use tools like board effectiveness reviews and even capital requirements or business restrictions if firms fail to meet the standards for culture.
The FCA and Prudential Regulation Authority (PRA) launched a joint Discussion Paper (DP21/2) in 2021 on diversity and inclusion, which among other things asked if non-financial misconduct should explicitly factor into regulatory fitness tests. By September 2023, the FCA and PRA issued a Consultation Paper (CP23/20) with concrete proposals. In that consultation - tellingly subtitled “working together to drive change” - they proposed strengthening requirements for firms to monitor and address non-financial misconduct, and even suggested tying diversity & inclusion metrics to management accountability.
The key proposed changes included:
COCON (Conduct Rules): Explicitly bringing serious instances of NFM (bullying, harassment etc.) towards colleagues, group employees, and contractors within scope, where related to the firm's activities. Proposed guidance aimed to clarify the work-related vs. private life distinction and specify how NFM could breach Rule 1 (acting with integrity) or, for managers failing to address NFM, Rule 2 (acting with due skill, care and diligence).
FIT (Fit and Proper Test): Amending guidance to clarify that assessments must consider NFM in the workplace and serious NFM in private life (e.g., offences related to demographic characteristics, discriminatory practices) when evaluating honesty, integrity, and reputation. Explicitly linking conduct that could damage public confidence to a potential finding of not being fit and proper.
COND (Threshold Conditions - Suitability): Extending guidance so that a firm's own suitability to remain authorised could be impacted by NFM, for instance, by offences related to demographic characteristics committed by the firm or connected individuals, or by court/tribunal findings of discrimination.
Regulatory References (SYSC 22): Reinforcing the expectation that firms include relevant NFM information (i.e., conduct impacting fitness and propriety) in regulatory references provided for individuals moving between firms, and update references if new relevant information emerges.
Regulatory Area | Summary of Proposed Change | Key Implications for Firms |
COCON (Conduct Rules) | Explicitly cover serious NFM (bullying, harassment, etc.) towards colleagues/suppliers in relation to firm activities. Guidance on scope (work vs. private life) and links to Rule 1 (Integrity) and Rule 2 (Managerial Diligence). | Need to assess NFM against COCON standards if work-related nexus exists. Requires clear internal definition of 'serious'. Managers face liability for failing to address NFM. Need to notify FCA of disciplinary action for COCON breaches related to NFM. |
COND (Threshold Conditions - Suitability) | Extend guidance: Firm suitability potentially impacted by NFM, e.g., offences related to demographic characteristics or court findings of discrimination against the firm/connected individuals. | NFM issues, particularly systemic ones or those involving senior individuals, could pose a risk to the firm's authorisation status. Reinforces the need for strong governance and controls around NFM. |
FIT (Fit and Proper Test) | Clarify relevance of workplace NFM and serious private life NFM (e.g., discriminatory/sexual offences) to assessments of honesty, integrity, reputation. Conduct damaging public confidence likely means unfit. | Broader scope for FIT assessments, including potentially purely private conduct. Requires robust processes for identifying and assessing NFM's impact on FIT, both at onboarding and ongoing. Increased importance of background checks and considering all relevant information. |
Regulatory References (SYSC 22) | Reinforce expectation to include NFM information relevant to FIT assessments in references and update them as needed. | Requires processes to identify NFM relevant to FIT and ensure its accurate inclusion in outgoing references. Need to carefully consider incoming references flagging NFM. |
Regulators are backing up their talk with action. The case of Crispin Odey is a landmark: in March 2025, the FCA announced a £1.8 million fine and a permanent industry ban against Mr. Odey, a famous hedge fund founder, citing a “lack of integrity”. This enforcement was notable not just because of who he is, but how the FCA made its case. They focused on the fact that Odey allegedly frustrated and interfered with his firm’s internal investigation into multiple sexual harassment and assault allegations spanning years. He allegedly used his power to fire board members to delay disciplinary hearings - behaviour which clearly breached Conduct Rule 1 (integrity) in the FCA’s view.
Odey is contesting the decision, but the case already stands as a statement of intent. It follows earlier actions in which the FCA barred individuals for non-financial crimes - for example, in 2020 the FCA banned three financial advisers who had been convicted of offences such as sexual assault and voyeurism, deeming them not fit and proper to work in finance. Those cases involved criminal convictions, whereas Odey’s case involves workplace misconduct; together they form a pattern of the FCA using its enforcement powers to uphold standards of personal conduct and “character” in the industry.
The Jon Frensham case involved an adviser convicted of sexual grooming offences outside work. The Upper Tribunal upheld the FCA's ban but criticised its initial reasoning that the offence alone demonstrated a lack of professional integrity. The Tribunal found the link required the private conduct to "realistically touch on" professional practice. However, it upheld the ban based on Mr. Frensham's subsequent lack of candour and handling of the consequences. This case highlights the legal complexities around private life conduct. While the FCA's proposed FIT guidance seems to lower the bar for considering such conduct, the Frensham precedent underscores the importance of establishing a clear link to regulatory standards or demonstrating how the individual's response (e.g., dishonesty) impacts their fitness and propriety.
While the cultural impacts of NFM are profound, its significance extends further, acting as a potential catalyst or indicator for broader operational, reputational, and even financial risks within a firm.
Operational risk, broadly defined by the Basel Committee as "the risk of loss resulting from inadequate or failed internal processes, people, and systems or from external events", has a clear connection to NFM. Failures related to 'people' - their behaviour, adherence to procedures, and the culture influencing them, are central to this definition. A workplace culture that tolerates NFM, such as bullying or discrimination, may signal deeper weaknesses in the firm's overall control environment. If employees disregard expected standards of interpersonal conduct, it raises questions about their adherence to other internal processes, policies, and controls, potentially increasing the risk of errors, process failures, or compliance breaches in other areas. The FCA itself reinforces this link, suggesting that tolerance for NFM raises "serious questions about a firm's wider decision-making and risk management".
A concerning potential link exists between NFM and traditional financial misconduct. The argument posits that individuals demonstrating a disregard for rules and ethical standards through NFM (e.g., bullying, dishonesty in expense claims) may be more likely to engage in financial wrongdoing, such as market abuse or fraud. NFM can thus serve as an 'early warning signal' of a potentially problematic individual risk profile. Furthermore, a culture that tolerates NFM - perhaps by failing to challenge senior perpetrators or prioritising revenue generation over ethical conduct, may also lack the necessary integrity and speak-up environment to effectively challenge or prevent financial misconduct. If minor rule-breaking (NFM) goes unchecked, it can create an environment where more serious breaches (financial misconduct) become more likely. This reinforces the importance of integrating NFM considerations into the overall compliance risk framework and viewing patterns of NFM as potential red flags for other forms of misconduct.
Addressing non-financial misconduct requires a three-pronged approach that combines a healthy culture, proactive strategies, and robust reactive controls. Culture is the foundation that shapes everyday behaviours and norms; proactive measures ensure potential issues are caught or prevented early; and reactive safeguards provide a structured, fair framework for dealing with incidents when they arise. A firm that focuses on only one or two of these dimensions will likely miss key risks and expectations, especially now that regulators explicitly prioritise non-financial misconduct.
A healthy culture is the first line of defense against harmful behaviour. The Board and CEO should make it clear that bullying, harassment, discrimination, and other forms of non-financial misconduct will not be tolerated. This zero-tolerance stance needs to be reinforced with visible leadership behaviours, so that senior managers demonstrate respect, take complaints seriously, and hold even high-performing employees accountable for crossing ethical lines.
An important next step is to refine and formalise policies. Conduct a robust review of your codes of conduct, ethics policies, and any documents addressing anti-harassment or discrimination, ensuring they reflect both employment law and financial regulatory standards (such as the FCA Conduct Rules). Clearly define key terms-like bullying, sexual harassment, and discriminatory remarks-in scenario-based training. This helps staff and managers recognize, prevent, and appropriately escalate potential issues. Emphasize that respectful conduct is part of being a regulated financial professional, not an optional “nice-to-have.”
Leverage technology and data to your advantage. Ensure your Communication Surveillance models cover risks such as “Harassing / Offensive Communication”, “Inappropriate Behaviour”, “Conflict and Complaints”, and certain elements of “Conduct Risk” (e.g., favouritism, blackmail). By tailoring your surveillance lexicon, you can flag everything from explicit slurs to subtler signs of hostility (subscribe to our newsletter to be notified of follow-on pieces which will describe model governance and model deployment best practices).
Targeted training and psychological safety initiatives serve as another key layer of prevention. Managers, in particular, should receive specialised instruction on identifying and escalating NFM under rules like FINRA Rule 3110 or CFTC Rule 166.3. Equip them with the basics of investigation, documentation, and escalation procedures. Encourage an atmosphere of psychological safety, where team members feel comfortable challenging ideas or admitting mistakes without fear of retaliation.
Even in organizations with a robust culture and forward-looking strategies, misconduct can still happen. That’s why a well-designed reactive framework is essential. First, develop a clear investigation and disciplinary process. This means documenting how allegations of NFM will be received, who will investigate them, what timelines apply, and how outcomes are decided. Impartiality is critical: consider using independent counsel or compliance professionals not directly aligned with the accused individual’s reporting line. Consistency in sanctions is also paramount. Regulators, as well as employees, will scrutinise whether serious allegations are addressed with appropriate discipline, or if star performers receive leniency. Transparency about these procedures fosters trust and deters further misconduct.
To help you take a simple, straightforward pulse of your firm’s progress, we’ve created a quick Self-Assessment Scorecard. Just work through each item and give yourself a score from 0 (not in place) to 10 (fully embedded). The questions capture key pillars of an effective NFM programme, from leadership tone and training, to surveillance and whistleblowing, to investigation frameworks and more.
Tally up your total out of 150 at the end, and you’ll have an immediate snapshot of your firm’s strengths, gaps, and areas to prioritise for a healthier culture.
120-150: Mature program. Maintain momentum with regular audits and updates.
80-119: Decent framework; strengthen weaker areas for consistency and transparency.
<80: Immediate focus needed to embed NFM in culture, policies, and controls.
No. | Category | Item | Description | Score (0-10) |
1 | Culture & Leadership | Senior Sponsorship | The Board/CEO explicitly endorse a zero-tolerance stance on NFM, reinforced by visible leadership behaviours and accountability. | |
2 | Code of Conduct | The firm’s Code of Conduct explicitly addresses bullying, harassment, or discrimination, tying these definitions to relevant regulatory obligations (e.g. FCA Conduct Rules). | ||
3 | Policies & Training | Policy Inventory | Code of conduct, whistleblowing, and disciplinary policies clearly define non-financial misconduct and outline how such cases will be handled, with no gaps or conflicts. | |
4 | Tailored Training | Mandatory, scenario-based training for all staff; specialised training for managers on detecting/responding to bullying or harassment. | ||
5 | Proactive Monitoring & Tools | Communications Surveillance | Existing e-comms monitoring (email, chats) incorporates NFM-related keywords or flags (e.g., offensive language), with documented privacy/data-protection compliance (GDPR, ECPA, etc.). | |
6 | HR Analytics | Turnover rates, exit interviews, and performance data are routinely reviewed to identify “hot spots” or patterns suggesting cultural issues. | ||
7 | Speak-Up Culture & Whistleblowing | Multiple Reporting Avenues | There are multiple, clearly promoted channels (anonymous/confidential) for raising NFM concerns (hotlines, ombudsperson, direct to compliance), accessible to all employees. | |
8 | Anti-Retaliation Measures | Policy and practice ensure no retaliation against employees who report concerns; staff believe they can speak up safely (assessed via surveys, pulse checks, etc.). | ||
9 | Reactive Safeguards & Investigations | Investigation Framework | Formal, documented procedures for investigating alleged NFM (clear roles, independence, documented outcomes, timelines). | |
10 | Case Management Consistency | A centralised log or case management system tracks all NFM allegations; disciplinary outcomes are consistent, fair, and regularly reviewed for improvement. | ||
11 | Settlement & NDA Procedures | NDAs or confidentiality clauses do not prevent further reporting (e.g., to regulators); gross misconduct cases are not merely settled but lead to decisive disciplinary action. | ||
12 | HR Lifecycle Integration | Fit & Proper Checks | NFM history is considered in hiring, promotions, and certifications; serious misconduct can affect an individual’s “fitness and propriety” status. | |
13 | Regulatory References | References for senior/certified roles disclose material NFM findings; any new information is updated promptly so issues aren’t hidden from subsequent employers. | ||
14 | Continual Improvement & Oversight | Regular Risk Assessments | Non-financial misconduct is part of the firm’s broader risk review; there are defined triggers/thresholds for escalation or deeper investigations. | |
15 | Board & Executive Reporting | The Board or relevant committees receive periodic NFM reports (metrics, cases, outcomes); leaders act on these insights to drive continuous improvement. |
The regulatory landscape surrounding NFM is still evolving, both in the UK and internationally. Compliance professionals need to stay informed about potential future developments.
The FCA's final policy statement and rules specifically addressing NFM, stemming from the proposals in CP23/20, have faced delays. Originally anticipated in late 2024, the FCA announced in March 2025 that it needed further time to ensure the approach is "proportionate and aligned with planned legislation." The regulator has committed to setting out its "next steps" by the end of June 2025. Despite this delay, and the decision to drop the wider D&I data reporting and target-setting proposals from CP23/20, the FCA has consistently reaffirmed that tackling NFM remains a priority. Once the final policy is published, the original proposal suggested a 12-month implementation period for firms. Firms should monitor FCA communications closely around June 2025 for clarification on the final rules and timelines. Rumours abound that clarification and specific guidance is due within months.
The FCA is at the forefront of explicitly regulating NFM, though while related themes are gaining traction globally, the US Securities and Exchange Commission does not have a regulatory framework directly equivalent to the FCA's NFM proposals. However, its enforcement activities demonstrate an increasing interest in areas that overlap with NFM concerns. This includes a focus on corporate culture, robust enforcement of whistleblower protection rules (Rule 21F-17(a)) prohibiting actions that impede reporting to the SEC (including problematic clauses in severance or settlement agreements), and scrutiny of firms' disclosure controls and procedures.
Regulators across jurisdictions, led by the FCA in the UK, view workplace misconduct such as bullying, harassment, or discrimination not just as an internal personnel matter, but as a critical indicator of a firm’s broader governance, risk culture, and capacity to protect consumers and markets. High-profile enforcement actions, like the FCA’s recent case against Crispin Odey, are sending a clear message: when individuals interfere with due process or otherwise compromise a firm’s ethical foundations, regulators will not hesitate to impose significant sanctions.
For compliance professionals, this shift places a new set of obligations front and centre. Firms need coherent, well-documented definitions of NFM and robust processes for detecting, reporting, and remediating it. Proactive risk assessments, targeted communications monitoring, and a genuine speak-up culture help identify hidden “culture gaps.” Critically, disciplinary outcomes must be fair, consistent, and transparent, and the link between NFM and wider risk, operational, reputational, or even financial misconduct-should guide surveillance priorities and escalation triggers.
Ultimately, the rise of NFM on the regulatory agenda heralds a future in which workplace culture, ethical conduct, and diversity and inclusion are treated as core elements of systemic resilience and market integrity. Firms that grasp this connection, and respond with robust policies, effective controls, and above all a genuine commitment to respectful conduct will be best placed to meet evolving regulatory expectations.
Clifford Chance - Non-Financial Misconduct In Financial Services Regulation - Where Do We Stand?
FCA: Letter to provide Information - Non Financial Misconduct
Investment Week - Zero cases of non-financial misconduct have been opened by FCA in two years
Pinsent Masons - FCA enforcement action highlights focus on non-financial misconduct
About
LOCATIONS
United Kingdom - 5th Floor, 55 Strand, London, WC2N 5LR
United States - 600 Fifth Avenue, New York, NY 10020
Singapore - 600 North Bridge Road #23-01 Parkview Square Singapore 188778
Portugal - Av. da Liberdade 747 1ºD, 4710-251 Braga
India - No. 613, 12th Main, HAL 2nd Stage, Bangalore - 560008
STEELEYE LIMITED, A COMPANY REGISTERED IN ENGLAND AND WALES WITH COMPANY NUMBER: 10581067, VAT NUMBER: 260818307 AND REGISTERED ADDRESS AT 55 STRAND, LONDON, WC2N 5LR.