FCA publishes culture and NFM survey findings

The FCA has published key findings from a survey sent to 1,028 wholesale financial services firms requesting information in relation to recorded incidents of non-financial misconduct during a three year period (2021-2023).  Respondents fell into four sectors/portfolios: (i) London market insurers (Lloyd's managing agents and London market insurers including protection and indemnity clubs); (ii) London market intermediaries (Lloyd's and London market insurance intermediaries and managing general agents); (iii) wholesale banks; and (iv) wholesale brokers.

The FCA defined "incident" to include an alleged or confirmed occurrence of non-financial misconduct that was reported to or identified by the firm (including incidents not already reported to the FCA or that did not meet the FCA's reporting threshold). 

What is non-financial misconduct?

The term non-financial misconduct captures a broad range of behaviour including discrimination, harassment, victimisation and bullying ("NFM").  The scope of the FCA's information request included incidents that took place in the workplace, working from home, working offsite and social situations related to work.  According to the FCA, within scope included incidents that happened in any work-related capacity or event which may include events organised through work such as social events, off-site training and conferences, client entertainment or sponsored events.   This definition is aligned with the proposed amendments to guidance in the Conduct rules under CP23/20.

Despite this guidance the survey results demonstrate that the definition of NFM remains subjective and a wide range of behaviours were included in the 'other' category.  Respondents included the following types of behaviour: (i) intoxication or misuse of alcohol within the workplace or work-related environment (sometimes contributing to poor conduct and other inappropriate behaviour); (ii) inappropriate or offensive language or communication style within the firm or towards third parties (both verbally and in electronic communications); (iii) data protection and information technology security breaches (such as inappropriate sharing, access or misuse of confidential information); (iv) employees engaging in retaliatory behaviour in relation to allegations made against them; (v) misuse of expenses or gifts and hospitality; (vi) performance issues and related conduct breaches; (vii) breaches of firms' policy and procedures.  The FCA has noted that this broad range of possible misconduct (some of which could be categorised as financial misconduct or employee performance issues) demonstrates the need for relatively flexible policies and procedures designed around principles so firms can respond proportionately to unexpected incidents.

Key findings

Findings include:

• The number of reported NFM incidents increased over the three year period
• The number of confidentiality and settlement agreements signed by complainants fell over the same timeframe in relation to wholesale banks only (no clear trend could be identified in the other three sectors surveyed).  Discrimination had the highest percentage of incidents resulting in a settlement or confidentiality agreements (23% of cases on average across all sectors).
• The distribution of types of NFM varied by sector; however the highest proportion across all sectors fell within the 'other' NFM category (41%), followed by bullying and harassment (26%) and discrimination (23%)
• 50% of incidents were identified through what the FCA terms as "reactive routes" such as grievances or similar formal process or alternative routes such as whistleblowing.  Other detection methods included market surveillance.  Where the same incident was identified through more than one method, it will be recorded a number of times within the data.  Wholesale banks and brokers were more likely to be using communications monitoring and surveillance (in order to meet market abuse obligations, for example) as compared to the insurance portfolios
• Disciplinary or 'other' actions were taken in 43% of reported incidents. The remainder of outcomes included cases where: no investigation was undertaken; an investigation was unable to conclude; the reported incident was not upheld; the incident was upheld with no other action or investigations were ongoing
• Some types of NFM, such as violence, intimidation and sexual harrassent more often resulted in disciplinary action than other types, such as discrimination (62% of which were not upheld).  Incidents most likely to lead to a dismissal included: possession or use of illegal drugs (21%), sexual harassment (22%) and violence or intimidation (21%).
• Remuneration adjustments were rare across all sectors and, when adjusted, was mostly against unvested variable pay.
• 92% of respondents said they would include NFM incidents in a regulatory reference (should the situation arise).  In practice, according to the survey results, the number of regulatory references containing information relating to NFM is steadily increasing from 16 in 2021, 21 in 2022 and 43 in 2023.  The number of individuals being hired where an incident of NFM was included in the regulatory reference halved across all portfolios from 10 in 2021 to 5 in 2023.
• Policies such as whistleblowing and disciplinary policies were not in place in all firms surveyed.

The FCA suggested exercising caution in terms of the limitations of the data when reviewed in isolation and without an understanding of the context of incidents.

What does the FCA expect in relation to NFM?

The FCA confirmed that it is still considering feedback to its consultation CP23/20 'Diversity and inclusion in the financial sector – working together to drive change' and finalised policy would follow "in due course." 

In the absence of finalised policy in this area, the FCA reiterated its expectation that firms should have robust processes, systems and controls to mitigate the risk of NFM and these should be embedded within a culture which values integrity and accountability.  As indicated previously, the FCA's view is that a corporate culture which tolerates sexual harassment or other NFM is unlikely to be one in which people feel able to speak up and challenge decisions or have faith that concerns will be independently and fairly assessed.  The FCA emphasised the importance of a robust speak-up culture alongside safe avenues of reporting, such as whistleblowing.

The FCA explained that its intention in publishing the survey results was to help drive momentum on improving culture with financial services firms. 

What do firms need to do?

The FCA's expectation is that firms will use the data:

• As a benchmark against peers.
• To reflect on whether processes are robust both in terms of detection of NFM and any outcomes (although the FCA acknowledges that not all incidents may result in a disciplinary outcome).  This includes ensuring there are ways to raise concerns including putting in place/maintaining a current whistleblowing policy.
• Consider whether there is compliance with regulatory responsibilities and reporting requirements for NFM.

The FCA has encouraged firms to use the data as a "catalyst" for boards to prioritise and act on issues of NFM, which should be discussed at both senior manager and board level.  Boards should ensure:

• All incidents are subject to an "appropriate" investigation by a "competent party dependent on the nature of the alleged behaviour".
• Documented policies are adhered to and a full and fair procedure is conducted in relation to reported NFM incident
• As part of this procedure, ensure formal governance arrangements around decision making are in place (such as independent committees to decide the outcome and any disciplinary actions in NFM cases (33% of respondents did not) .
• Meaningful management information ("MI") on NFM is reported to the board or board level committee on an ongoing basis (38% of respondents did not receive NFM MI).
• Consider regulatory notification obligations on an ongoing basis.

Depending on the outcome of the investigation, firms will need to:

• Make an assessment of the ongoing fitness and propriety of any senior managers (or other certified staff).
• Where relevant, firms will also need to consider whether to include information concerning NFM in regulatory references. 

The FCA has acknowledged that where no disciplinary action was taken this may fall outside the regulatory reference requirements.  However, the FCA has warned firms not to withhold information which they reasonably believe would impact the assessment of an individual's fitness and propriety which, in the FCA's view, would include circumstances where the individual left while under investigation.  The FCA has noted that firms should consider their obligations under the relevant competency rule within SYSC and ensure that individual remains fit and proper. 

The FCA has acknowledged that there may be reasons why firms use confidentiality agreements or clauses within settlement agreements, such as protecting commercially sensitive information when an employee leaves.  However, firms must include a term making it clear nothing prevents the employee from making a protected disclosure and the FCA expects an explicit carve out permitting disclosure to regulators and other law enforcement agencies, for example. 

Why do senior managers need to take NFM seriously?

The FCA has highlighted that each senior manager making decisions in relation to NFM incidents could be personally liable if the FCA decides subsequently that there was a failure to take steps to address NFM, for example (which could lead the FCA to determine that the relevant senior manager is not fit and proper).

What will the FCA do next?

The FCA has made it clear it will continue to engage with firms to understand the results and how they have used the data and will take action where firms fail to adhere to requirements.

As noted above, finalised policy in relation to the FCA's consultation CP23/20 is awaited.