September 27, 2023

The FCA Consults: D&I Standards for Large Firms, Nonfinancial Misconduct Rules for All

On 25 September, the Financial Conduct Authority (FCA) published its consultation paper CP23/20: Diversity and inclusion in the financial sector – working together to drive change alongside a similar consultation paper published by the Prudential Regulation Authority (PRA), CP18/23 – Diversity and inclusion in PRA-regulated firms.

The 131-page CP sets out the FCA’s proposals for all firms to better integrate nonfinancial misconduct (NFM) considerations into their senior manager and certification regime (SMCR), including rules for staff fitness and propriety assessments, the FCA Conduct Rules, and threshold conditions for firms.

For firms with more than 250 staff members that are not classified as limited-scope SMCR firms — which includes certain self-managed alternative-investment funds and service companies noted in our Alert Trading Venues in the UK: Regulatory Clarity for Fintech Providers; Implications for Crypto-Trading and DeFi? (large firms) — the FCA is also proposing diversity and inclusion (D&I) requirements that would compel companies to:

  • report their average number of employees to the FCA on an annual basis
  • collect, report, and disclose certain D&I data
  • establish, implement, and maintain a D&I strategy
  • determine and set appropriate diversity targets
  • recognise a lack of D&I as a nonfinancial risk

The CP makes it clear that nonpart 4A firms, such as payment services and e-money firms, which are subject to different legal and regulatory frameworks, are not within the scope of the CP.

The consultation period under the CP closes on 18 December 2023 with a Policy Statement targeted for 2024, and the implementation date for changes is 12 months after publication of the Policy Statement. The new rules and guidance are thus likely in the first or second quarter of 2025.


The FCA’s proposed imposition of D&I requirements is not as wide ranging as some may have expected and will not apply to most, of our clients in the private-funds and fintech sectors. The extent to which out-of-scope firms may seek to follow the requirements as standards of good practice has yet to be seen, as is the case with the question of whether investors would expect businesses not strictly caught by the requirements to comply with them.

The NFM proposals are not new and reflect the FCA’s direction of travel in bringing enforcement actions such as those in Decision Notice 2020: Jon Frensham (formerly known as Jonathan James Hunt) and reflects comments of the Upper Tribunal in Jon Frensham v. FCA, especially the link between conduct and damage to public confidence in the profession as a foundational principle for assessing whether the conduct is NFM.

From a practical point of view, NFM will have an effect on questions about notifications to the FCA and the contents of regulatory references, which firms are often forced to grapple with in the context of employment and disciplinary issues.

The NFM Proposals

The CP indicates that NFM proposals support the FCA’s aims of promoting healthy and inclusive workplace cultures and reducing the risk of groupthink within the financial-services sector. The more specific proposals are as follows:

  • Conduct rules. Expansion of the Code of Conduct for Staff sourcebook (COCON) to make it clear that COCON covers serious instances of bullying, harassment, and similar behaviour towards fellow employees and employees of group companies and contractors. Guidance is to be added that sets out the types of behaviour that will fall within the expanded scope of COCON and what conduct is out of scope because it relates to an employee’s personal or private life.
  • Fit and Proper assessments. Clarification on how NFM forms part of the Fit and Proper test for employees and senior personnel, how bullying and similar misconduct within the workplace is relevant to fitness and propriety, and that similarly serious behaviour in a person’s personal or private life is also relevant. Examples of NFM are to include sexual or racially motivated offences. Apparently following the approach taken in Upper Tribunal proceedings, the FCA seeks to hold that conduct that could damage public confidence likely means the person is not fit and proper.
  • Suitability guidance on the threshold conditions. Extension of the guidance on the suitability threshold condition to include, for example, offences relating to a person or group’s demographic characteristics (such as sexual or racially motivated offences) and tribunal or court findings that the firm or someone connected with the firm (such as a director) has engaged in discriminatory practices.

The D&I Proposals

Additional D&I requirements for large firms, as well as all capital requirements regulations firms, such as banks and insurers subject to Solvency II, are as follows:

  • D&I strategies. A requirement to develop D&I strategies. These will need to contain information about a firm’s D&I objectives and goals, a plan for meeting goals and measuring progress, a summary of arrangements in place to identify and manage obstacles, and ways to ensure adequate knowledge of the D&I strategy among staff.
  • Setting targets. A requirement to set targets to address underrepresentation and a proposal that these targets and the progress towards them be publicly disclosed.
  • Data reporting. Requirements to annually collect and report to the FCA (and PRA for banks and insurers) in numerical figures, data across a range of demographic characteristics, inclusion metrics, and targets via a regulatory return.
  • Data disclosure. A requirement to make public disclosures on D&I data to increase transparency and scrutiny.
  • Risk and governance. Guidance for firms to make clear that matters relating to D&I are to be considered as a nonfinancial risk and treated appropriately within a firm’s governance structures.

To discuss the contents of this alert, please contact the authors or your usual Goodwin contact.