Navigating Non-Financial Misconduct: Key Insights for Compliance and Culture Risk

Non-financial misconduct is firmly on the regulatory radar.

For years, financial services firms have centred their Communications Surveillance programmes around mitigating the risks of financial misconduct, focusing on behaviours such as insider dealing, price manipulation, and collusion. Regulatory bodies, spearheaded by the UK's Financial Conduct Authority (FCA), are unequivocally signalling a paradigm shift. “Non-financial misconduct” (NFM) refers to unethical or inappropriate behaviour by individuals that does not involve financial wrongdoing, but which nonetheless breaches expected standards of conduct. In plain terms, it covers how people in an organization treat others - whether colleagues, clients, or subordinates - when it comes to respect, inclusion, and integrity. Crucially, regulators have made clear that such misconduct is still misconduct, even if no markets are manipulated.

The FCA has explicitly stated that firms must prioritise NFM, viewing it as a critical indicator of organisational health and a potential precursor to wider harms.  

Historically, many behaviours now labelled as NFM might have been handled primarily by Human Resources (HR). However, the FCA's explicit linkage of NFM to its statutory objectives - market integrity and consumer protection - via its impact on firm culture elevates these issues to a regulatory matter demanding compliance oversight.

This blog aims to provide compliance professionals with a comprehensive overview of the NFM landscape, detailing regulatory expectations, cultural implications, broader risk connections, surveillance challenges, and the future outlook, thereby equipping them to navigate this emerging frontier.

Prefer to listen? Take this blog on the go with our AI-generated podcast by listening here.

Contents

• Key Insights

• What is Non-Financial Misconduct?

• Regulatory Expectations and Rules Involved

• Direction of Travel
• Speeches, Soundings and Warnings
• Rule Changes
• Enforcements

• NFM as a Catalyst for Broader Risk

• How to Monitor For Non-Financial Misconduct - An Actionable Checklist
• Scorecard

• Horizon Scanning: Future Regulatory Developments

• Conclusion
• Sources

Key Insights

• Beyond HR: Non-financial misconduct is a regulatory priority, with the FCA and other agencies treating toxic workplace behaviours as critical indicators of firm culture and integrity.

• Global Regulatory Landscape: While the FCA in the UK has explicitly tackled NFM under the Conduct Rules and SM&CR, US regulators (SEC, FINRA, CFTC) also address it through existing supervision and disclosure rules.

• Accountability & Enforcement are Real: High-profile cases (e.g., Odey, Frensham) underscore regulators’ willingness to pursue individuals for NFM.

• Practical Framework for Action: Addressing NFM requires a three-pronged approach: Culture (tone from the top), Proactive Detection (targeted, mature surveillance), Reactive Controls (impartial investigations, consistent discipline).

What is Non-Financial Misconduct?

Examples of non-financial misconduct can range from a manager bullying an employee, to sexual harassment at a company social event, to racist or sexist remarks in emails or chats, or even reacting to a message with an inappropriate emoji. It also includes behaviours such as intimidation or humiliation of colleagues, fostering a hostile work environment, or turning a blind eye to discrimination. These incidents may occur in the office, on trading floors, in virtual meetings, or even off-site at work-sponsored events - regulators consider all such work-related contexts in scope​. For instance, an off-colour joke in a team chat or a pattern of excluding certain staff from meetings due to bias would fall under non-financial misconduct. The common thread is a violation of professional conduct standards that undermines the culture and ethics of the firm, rather than directly violating financial laws.

A core challenge for firms is the lack of a single, exhaustive regulatory definition of NFM. The FCA employs the term broadly to capture a spectrum of behaviours detrimental to a healthy workplace culture and potentially impacting regulatory objectives.

Commonly Cited Examples

• Bullying

• Discrimination (e.g., race, gender, disability, or potentially broader ‘demographic characteristics’ like socio-economic background)

• Intimidation (threats or coercion in the workplace)

• Misuse of company resources (e.g., expenses)

• Sexual harassment

• Substance or alcohol misuse in a work context

• Violence or threats of violence

In practice, however, NFM can include additional forms of inappropriate behaviour, from offensive remarks in internal chats to repeated favouritism by managers. Hence, the concept is intentionally broad, ensuring that any behaviour undermining an ethical, inclusive workplace can be flagged.

Compounding the definitional challenge, the FCA has deliberately avoided defining what constitutes 'serious' NFM for the purposes of triggering COCON breaches or impacting FIT assessments. Firms are expected to make this judgement on a case-by-case basis. Proposed guidance offers some factors to consider such as whether the conduct was repeated (especially after warnings), the seniority of the perpetrator relative to the victim, and whether the conduct was discriminatory in nature. This lack of a bright-line test reinforces the need for firms to develop their own clear, documented, and consistently applied principles for evaluating the severity of NFM incidents.  

The breadth of this concept is underscored by the FCA's 2021-2023 NFM survey, where 41% of reported incidents fell into an 'other' category defined by the firms themselves, highlighting the diverse nature of behaviours firms are grappling with and the potential difficulties in consistent labelling. The FCA uses the term 'incident' neutrally to describe any alleged or confirmed occurrence of NFM reported to or identified by the firm, regardless of whether it met formal reporting thresholds. 

Regulatory Expectations and Rules Involved

Different regulators have their own rule frameworks, but they converge on a similar message: individuals in finance must uphold high standards of integrity and ethical behaviour, and firms must address lapses seriously.

United Kingdom (FCA - Financial Conduct Authority)

The FCA has been very explicit that it views non-financial misconduct as relevant to its conduct rules and fitness standards. Under the FCA’s Senior Managers & Certification Regime (SM&CR), all employees are subject to Individual Conduct Rule 1: “You must act with integrity.” A person who engages in harassment or bullying could be found in breach of this rule, as such behaviour shows a lack of integrity or honesty. In a high-profile recent case, the FCA fined and banned hedge fund manager Crispin Odey for a lack of integrity - he had interfered with his firm’s internal disciplinary process into longstanding sexual harassment allegations​. Importantly, the FCA emphasized that senior managers should expect scrutiny of how even their conduct outside of work can impact their fitness and propriety to hold regulated roles. In other words, a bank executive’s drunken misconduct at a private party or a discriminatory post on social media might prompt regulatory questions about that person’s suitability to lead. The FCA’s Chief Executive, Nikhil Rathi, noted in a recent consultation foreword that cultures “in which allegations are ignored” are a regulatory concern because they undermine the firm’s ability to meet the standards Parliament set for the FCA​. All this is backed by the FCA’s overarching principle that firms must conduct business with integrity and have effective governance. The regulator’s stance is summed up by an earlier statement from its Enforcement Director: “The FCA expects high standards of character, probity and fitness and properness from those who operate in the financial services industry and will take action to ensure these standards are maintained.”

​

United States (SEC & FINRA)

A fundamental challenge for US compliance professionals is the lack of a uniform definition of NFM across the SEC, CFTC, and FINRA. Unlike the UK FCA, which has explicitly defined NFM to encompass behaviours like bullying, discrimination, and sexual harassment or misconduct , US regulators address these underlying behaviours through various existing lenses.

In the US, terms like "workplace misconduct," "unethical conduct," "conduct inconsistent with just and equitable principles of trade" (FINRA Rule 2010), "failure to supervise" (FINRA Rule 3110, CFTC Rule 166.3), or conduct impacting "fitness and propriety" (CFTC Part 3) often serve as the operative concepts through which NFM-related issues are addressed.

Consequently, US regulators primarily tackle NFM by applying existing rules related to:

• Disclosure & Internal Controls (SEC): Assessing whether firms accurately disclose risks tied to their workforce and culture, and possess adequate controls to evaluate these risks.  

• Supervision (FINRA, CFTC): Determining if firms adequately supervise employee conduct to prevent rule violations and misconduct.  

• General Conduct Standards (FINRA): Evaluating whether conduct aligns with "high standards of commercial honor and just and equitable principles of trade".  

• Registrant Fitness (CFTC): Considering if misconduct impacts an individual's fitness for registration.  

• Whistleblower Protections (SEC, CFTC): Ensuring firms do not impede the reporting of potential violations, including misconduct.  

A cornerstone of the SEC's approach involves Exchange Act Rule 13a-15(a), which mandates that public companies maintain disclosure controls and procedures (DCP). A notable example was the case of Activision Blizzard (a gaming company) in 2023: the SEC fined the company $35 million for failing to maintain adequate disclosure controls to collect and analyse employee complaints of workplace misconduct​. Because the company lacked systems to understand the volume and severity of harassment claims, management couldn’t assess if there were material issues that needed to be disclosed to investors​. An SEC official cautioned that without such controls, firms “lack the means to determine whether larger issues existed that needed to be disclosed to investors”. In addition, the SEC charged the company with violating whistleblower protection rules for using separation agreements that could silence staff. The clear takeaway is that even in the U.S., severe cultural problems (and how they’re handled internally) can rise to the level of securities law violations - for instance, if they reflect management’s failure to ensure proper internal controls or if investors are misled about why key executives left.

Direction of Travel

FCA’s Culture Survey and Findings (UK)

In 2023, the FCA undertook a survey of over 1,000 wholesale financial firms (banks, asset managers, insurers, brokers) to collect data on non-financial misconduct incidents​. The results, published in early 2025, were eye-opening. Across those firms, reported allegations of non-financial misconduct jumped from 1,363 in 2021 to 2,347 in 2023​. That’s nearly a thousand additional incidents within two years - roughly a 70% increase. The survey found that the most commonly reported categories were bullying/harassment (26%) and discrimination (23%) of all incidents, with a large portion (41%) categorized as “other” types of misconduct. “Other” included things like intimidation, inappropriate language or communications, and even breaches of company policy that blur the line between pure conduct and performance issues​. The FCA also learned how firms detect these issues - unsurprisingly, about half of incidents came through reactive channels like employee grievances or whistleblowing hotlines, but firms also reported using proactive monitoring to catch some problems. Disciplinary action was taken in 43% of cases, but in many others the outcome was no action or inconclusive, which raises questions about consistency. The FCA has signaled that it expects firms to benchmark themselves against these findings - i.e. to ask, “Are we finding and handling at least this many issues? If not, are we under-reporting or truly better?” - and to strengthen their culture accordingly​. The survey was not a one-off; it provided a baseline for the FCA to track progress and to inform future rules.

Speeches, Soundings, and Warnings

FCA officials have been increasingly vocal following the publication of the above survey results. In a February 2025 speech titled “Culture is Contagious,” Emily Shepperd underscored that “one of the clearest warning signs of a failing culture is non-financial misconduct - behaviours like bullying, harassment and discrimination.”​ She highlighted the survey’s statistic of ~2,347 allegations in 2023 (about 9 per day across the sector)​, using it to dispel any notion that these issues are rare or limited to a few bad apples.

More importantly, she made a connection between toxic workplace culture and risk to markets and consumers, as discussed earlier, framing healthy culture as a prerequisite for growth and innovation in financial services. The FCA has also used more direct communications: in January 2025, a “Dear CEO” letter to wholesale brokers listed “broker conduct and culture” as a supervisory focus for the coming year, warning that firms must have controls to detect misconduct and that the FCA will use tools like board effectiveness reviews and even capital requirements or business restrictions if firms fail to meet the standards for culture​.

Rule Changes

The FCA and Prudential Regulation Authority (PRA) launched a joint Discussion Paper (DP21/2) in 2021 on diversity and inclusion, which among other things asked if non-financial misconduct should explicitly factor into regulatory fitness tests. By September 2023, the FCA and PRA issued a Consultation Paper (CP23/20) with concrete proposals. In that consultation - tellingly subtitled “working together to drive change” - they proposed strengthening requirements for firms to monitor and address non-financial misconduct, and even suggested tying diversity & inclusion metrics to management accountability.

The key proposed changes included:  

• COCON (Conduct Rules): Explicitly bringing serious instances of NFM (bullying, harassment etc.) towards colleagues, group employees, and contractors within scope, where related to the firm's activities. Proposed guidance aimed to clarify the work-related vs. private life distinction and specify how NFM could breach Rule 1 (acting with integrity) or, for managers failing to address NFM, Rule 2 (acting with due skill, care and diligence).  

• FIT (Fit and Proper Test): Amending guidance to clarify that assessments must consider NFM in the workplace and serious NFM in private life (e.g., offences related to demographic characteristics, discriminatory practices) when evaluating honesty, integrity, and reputation. Explicitly linking conduct that could damage public confidence to a potential finding of not being fit and proper.  

• COND (Threshold Conditions - Suitability): Extending guidance so that a firm's own suitability to remain authorised could be impacted by NFM, for instance, by offences related to demographic characteristics committed by the firm or connected individuals, or by court/tribunal findings of discrimination.  

• Regulatory References (SYSC 22): Reinforcing the expectation that firms include relevant NFM information (i.e., conduct impacting fitness and propriety) in regulatory references provided for individuals moving between firms, and update references if new relevant information emerges.

Enforcements

Regulators are backing up their talk with action. The case of Crispin Odey is a landmark: in March 2025, the FCA announced a £1.8 million fine and a permanent industry ban against Mr. Odey, a famous hedge fund founder, citing a “lack of integrity”​. This enforcement was notable not just because of who he is, but how the FCA made its case. They focused on the fact that Odey allegedly frustrated and interfered with his firm’s internal investigation into multiple sexual harassment and assault allegations spanning years​. He allegedly used his power to fire board members to delay disciplinary hearings - behaviour which clearly breached Conduct Rule 1 (integrity) in the FCA’s view.

Odey is contesting the decision, but the case already stands as a statement of intent. It follows earlier actions in which the FCA barred individuals for non-financial crimes - for example, in 2020 the FCA banned three financial advisers who had been convicted of offences such as sexual assault and voyeurism, deeming them not fit and proper to work in finance​. Those cases involved criminal convictions, whereas Odey’s case involves workplace misconduct; together they form a pattern of the FCA using its enforcement powers to uphold standards of personal conduct and “character” in the industry.

The Jon Frensham case involved an adviser convicted of sexual grooming offences outside work. The Upper Tribunal upheld the FCA's ban but criticised its initial reasoning that the offence alone demonstrated a lack of professional integrity. The Tribunal found the link required the private conduct to "realistically touch on" professional practice. However, it upheld the ban based on Mr. Frensham's subsequent lack of candour and handling of the consequences. This case highlights the legal complexities around private life conduct. While the FCA's proposed FIT guidance seems to lower the bar for considering such conduct, the Frensham precedent underscores the importance of establishing a clear link to regulatory standards or demonstrating how the individual's response (e.g., dishonesty) impacts their fitness and propriety.  

NFM as a Catalyst for Broader Risk

While the cultural impacts of NFM are profound, its significance extends further, acting as a potential catalyst or indicator for broader operational, reputational, and even financial risks within a firm.

Operational risk, broadly defined by the Basel Committee as "the risk of loss resulting from inadequate or failed internal processes, people, and systems or from external events", has a clear connection to NFM. Failures related to 'people' - their behaviour, adherence to procedures, and the culture influencing them, are central to this definition. A workplace culture that tolerates NFM, such as bullying or discrimination, may signal deeper weaknesses in the firm's overall control environment. If employees disregard expected standards of interpersonal conduct, it raises questions about their adherence to other internal processes, policies, and controls, potentially increasing the risk of errors, process failures, or compliance breaches in other areas. The FCA itself reinforces this link, suggesting that tolerance for NFM raises "serious questions about a firm's wider decision-making and risk management".

A concerning potential link exists between NFM and traditional financial misconduct. The argument posits that individuals demonstrating a disregard for rules and ethical standards through NFM (e.g., bullying, dishonesty in expense claims) may be more likely to engage in financial wrongdoing, such as market abuse or fraud. NFM can thus serve as an 'early warning signal' of a potentially problematic individual risk profile. Furthermore, a culture that tolerates NFM - perhaps by failing to challenge senior perpetrators or prioritising revenue generation over ethical conduct, may also lack the necessary integrity and speak-up environment to effectively challenge or prevent financial misconduct. If minor rule-breaking (NFM) goes unchecked, it can create an environment where more serious breaches (financial misconduct) become more likely. This reinforces the importance of integrating NFM considerations into the overall compliance risk framework and viewing patterns of NFM as potential red flags for other forms of misconduct.

How to Monitor For Non-Financial Misconduct - An Actionable Checklist

Addressing non-financial misconduct requires a three-pronged approach that combines a healthy culture, proactive strategies, and robust reactive controls. Culture is the foundation that shapes everyday behaviours and norms; proactive measures ensure potential issues are caught or prevented early; and reactive safeguards provide a structured, fair framework for dealing with incidents when they arise. A firm that focuses on only one or two of these dimensions will likely miss key risks and expectations, especially now that regulators explicitly prioritise non-financial misconduct.

Establish a Culture

A healthy culture is the first line of defense against harmful behaviour. The Board and CEO should make it clear that bullying, harassment, discrimination, and other forms of non-financial misconduct will not be tolerated. This zero-tolerance stance needs to be reinforced with visible leadership behaviours, so that senior managers demonstrate respect, take complaints seriously, and hold even high-performing employees accountable for crossing ethical lines.

An important next step is to refine and formalise policies. Conduct a robust review of your codes of conduct, ethics policies, and any documents addressing anti-harassment or discrimination, ensuring they reflect both employment law and financial regulatory standards (such as the FCA Conduct Rules). Clearly define key terms-like bullying, sexual harassment, and discriminatory remarks-in scenario-based training. This helps staff and managers recognize, prevent, and appropriately escalate potential issues. Emphasize that respectful conduct is part of being a regulated financial professional, not an optional “nice-to-have.”

Proactive Strategies (Prevention & Early Detection)

Leverage technology and data to your advantage. Ensure your Communication Surveillance models cover risks such as “Harassing / Offensive Communication”, “Inappropriate Behaviour”, “Conflict and Complaints”, and certain elements of “Conduct Risk” (e.g., favouritism, blackmail). By tailoring your surveillance lexicon, you can flag everything from explicit slurs to subtler signs of hostility (subscribe to our newsletter to be notified of follow-on pieces which will describe model governance and model deployment best practices).

Targeted training and psychological safety initiatives serve as another key layer of prevention. Managers, in particular, should receive specialised instruction on identifying and escalating NFM under rules like FINRA Rule 3110 or CFTC Rule 166.3. Equip them with the basics of investigation, documentation, and escalation procedures. Encourage an atmosphere of psychological safety, where team members feel comfortable challenging ideas or admitting mistakes without fear of retaliation.

Reactive Controls (Structured & Fair Framework)

Even in organizations with a robust culture and forward-looking strategies, misconduct can still happen. That’s why a well-designed reactive framework is essential. First, develop a clear investigation and disciplinary process. This means documenting how allegations of NFM will be received, who will investigate them, what timelines apply, and how outcomes are decided. Impartiality is critical: consider using independent counsel or compliance professionals not directly aligned with the accused individual’s reporting line. Consistency in sanctions is also paramount. Regulators, as well as employees, will scrutinise whether serious allegations are addressed with appropriate discipline, or if star performers receive leniency. Transparency about these procedures fosters trust and deters further misconduct.

Scorecard

To help you take a simple, straightforward pulse of your firm’s progress, we’ve created a quick Self-Assessment Scorecard. Just work through each item and give yourself a score from 0 (not in place) to 10 (fully embedded). The questions capture key pillars of an effective NFM programme, from leadership tone and training, to surveillance and whistleblowing, to investigation frameworks and more.

Tally up your total out of 150 at the end, and you’ll have an immediate snapshot of your firm’s strengths, gaps, and areas to prioritise for a healthier culture.

• 120-150: Mature program. Maintain momentum with regular audits and updates.

• 80-119: Decent framework; strengthen weaker areas for consistency and transparency.

• <80: Immediate focus needed to embed NFM in culture, policies, and controls.

Horizon Scanning: Future Regulatory Developments

The regulatory landscape surrounding NFM is still evolving, both in the UK and internationally. Compliance professionals need to stay informed about potential future developments.

Anticipated FCA Policy Statement

The FCA's final policy statement and rules specifically addressing NFM, stemming from the proposals in CP23/20, have faced delays. Originally anticipated in late 2024, the FCA announced in March 2025 that it needed further time to ensure the approach is "proportionate and aligned with planned legislation." The regulator has committed to setting out its "next steps" by the end of June 2025. Despite this delay, and the decision to drop the wider D&I data reporting and target-setting proposals from CP23/20, the FCA has consistently reaffirmed that tackling NFM remains a priority. Once the final policy is published, the original proposal suggested a 12-month implementation period for firms. Firms should monitor FCA communications closely around June 2025 for clarification on the final rules and timelines. Rumours abound that clarification and specific guidance is due within months.

The FCA is at the forefront of explicitly regulating NFM, though while related themes are gaining traction globally, the US Securities and Exchange Commission does not have a regulatory framework directly equivalent to the FCA's NFM proposals. However, its enforcement activities demonstrate an increasing interest in areas that overlap with NFM concerns. This includes a focus on corporate culture, robust enforcement of whistleblower protection rules (Rule 21F-17(a)) prohibiting actions that impede reporting to the SEC (including problematic clauses in severance or settlement agreements), and scrutiny of firms' disclosure controls and procedures.

Conclusion

Regulators across jurisdictions, led by the FCA in the UK, view workplace misconduct such as bullying, harassment, or discrimination not just as an internal personnel matter, but as a critical indicator of a firm’s broader governance, risk culture, and capacity to protect consumers and markets. High-profile enforcement actions, like the FCA’s recent case against Crispin Odey, are sending a clear message: when individuals interfere with due process or otherwise compromise a firm’s ethical foundations, regulators will not hesitate to impose significant sanctions.

For compliance professionals, this shift places a new set of obligations front and centre. Firms need coherent, well-documented definitions of NFM and robust processes for detecting, reporting, and remediating it. Proactive risk assessments, targeted communications monitoring, and a genuine speak-up culture help identify hidden “culture gaps.” Critically, disciplinary outcomes must be fair, consistent, and transparent, and the link between NFM and wider risk, operational, reputational, or even financial misconduct-should guide surveillance priorities and escalation triggers.

Ultimately, the rise of NFM on the regulatory agenda heralds a future in which workplace culture, ethical conduct, and diversity and inclusion are treated as core elements of systemic resilience and market integrity. Firms that grasp this connection, and respond with robust policies, effective controls, and above all a genuine commitment to respectful conduct will be best placed to meet evolving regulatory expectations.

Sources

• ACAS Guidance on Bullying & Harassment (UK)

• BASEL - OPE10

• CFTC Rule 166.3 (Supervision)

• CFTC Rule 165.19 (Whistleblower Protections)

• Clifford Chance - Non-Financial Misconduct In Financial Services Regulation - Where Do We Stand?

• EEOC Harassment Prevention Resources (US)

• Eversheds Sutherland: Non-Financial Misconduct Insights

• FCA: Bans Jon Frensham from working in financial services

• FCA: Culture is Contagious

• FCA: FCA decides to fine and ban Robin Crispin Odey

• FCA: Letter to provide Information - Non Financial Misconduct

• FCA: Senior Managers & Certification Regime (SM&CR)

• FCA: Non-Financial Misconduct and Conduct Rules

• FINRA Rule 3110 (Supervision)

• Investment Week - Zero cases of non-financial misconduct have been opened by FCA in two years

• ISO 45003: Psychological Health & Safety at Work

• Pinsent Masons - FCA enforcement action highlights focus on non-financial misconduct

• SEC Rule 21F-17 (Whistleblower Protections)

• SRA (Solicitors Regulation Authority) Code of Conduct