FCA’s tougher stance on workplace misconduct: what financial firms and executives must know

Posted: 08/07/2025

'By amending the scope of our Code of Conduct in non-banks, we’re giving them greater confidence about what is in scope of our requirements, strengthening their ability to take action and prevent harm.' Sarah Pritchard (deputy chief executive, Financial Conduct Authority).

In a press release dated 2 July 2025, the Financial Conduct Authority (FCA) outlined its expectations for firms to take decisive action against non-financial misconduct. This marks a significant shift in regulatory culture and has far-reaching implications for firms, senior managers, and compliance teams. 

The FCA has issued a clear and forceful message to the financial services industry: bullying, harassment, and violence will no longer be tolerated as internal HR issues - they are regulatory matters. 

The FCA statement reinforces its expectations that all financial services firms must take decisive action against bullying, harassment, and violence in the workplace. This move is part of the FCA’s broader effort to deepen trust in the financial sector and ensure that firms foster healthy, inclusive cultures. 

The policy statement can be found here. 

Key points:

• Zero tolerance: The FCA expects firms to treat non-financial misconduct - such as bullying, harassment, and violence - with the same seriousness as financial misconduct.
• Senior accountability: Senior managers are expected to lead by example and will be held accountable for the culture within their firms. 
• Fit and proper assessments: The FCA will consider non-financial misconduct when assessing whether individuals are fit and proper to work in financial services. 
• Regulatory action: Firms that fail to address such misconduct risk regulatory consequences, including enforcement action. 
• Cultural health: The FCA views workplace culture as a key driver of conduct and a critical factor in maintaining market integrity and consumer trust. 

The press release follows findings from the FCA’s recent non-financial misconduct survey, which revealed a significant number of reported incidents across the sector, particularly involving bullying and harassment.

What’s changing? 

From 1 September 2026, the FCA’s expectations will apply to all 37,000 regulated firms, not just banks and insurers. This expansion ensures a consistent approach across the sector and reflects the regulator’s growing focus on culture as a driver of conduct risk. 

Key implications for firms

Misconduct Is now a regulatory issue
The FCA are changing the rules governing the scope of COCON as it applies to non-banking firms to make it clear that serious misconduct such as bullying, harassment and violence is a matter of regulatory concern. Firms must treat bullying, harassment, and violence with the same seriousness as financial misconduct. They must consider non-financial misconduct -including behaviour in private life and on social media - when assessing whether individuals are fit and proper to work in financial services. Therefore these behaviours are now considered relevant to the 'fit and proper' status of individuals under the Senior Managers and Certification Regime (SMCR). 

Senior management accountability
Firms are expected to foster a culture where misconduct is challenged and addressed. Senior managers are expected to lead by example. A failure to do so may raise red flags about a firm’s risk management and decision-making processes and call into question their competence and integrity -potentially triggering enforcement action. 

Regulatory references and hiring
Serious, substantiated cases of poor personal behaviour will now need to be shared through regulatory references, in the same way financial misconduct currently is, making it harder for individuals to avoid consequences by moving from firm to firm. Therefore firms must include relevant non-financial misconduct in regulatory references, making it harder for individuals to escape scrutiny by moving between firms. 

Whistleblower protection
Firms must ensure safe, confidential channels for raising concerns. Retaliating against whistleblowers or failing to provide a safe environment for raising concerns may breach conduct rule 1 (integrity) and conduct rule 2 (skill, care, and diligence).

Governance and culture reviews
The FCA will scrutinise how firms handle allegations of misconduct. Weaknesses in governance, risk management, or cultural oversight may lead to supervisory intervention. 

What should firms do now? 

• Review internal policies on conduct, grievance handling, and whistleblowing.
• Train managers and staff on the regulatory implications of non-financial misconduct.
• Update fit and proper assessments to include behavioural and cultural factors.
• Audit past cases to ensure they were handled in line with the FCA’s expectations.
• Engage legal counsel to assess exposure and prepare for the upcoming changes. 

Next steps

The FCA is currently consulting on its draft guidance (CP25/18) until 10 September 2025. Firms should consider submitting feedback and begin preparing for implementation well ahead of the September 2026 deadline. You can respond using the FCA's dedicated online survey or one of the other methods in the ‘How to respond’ section. The FCA has confirmed it will then plan to review the feedback and set out its final regulatory approach before the end of this year. 

How we can help 

At Penningtons Manches Cooper, we advise financial institutions on regulatory compliance, governance, and employment law. 

Our teams can assist with:

• Conducting risk assessments, policy reviews and updates.
• Training for boards and senior managers.
• Regulatory reference audits.
• Whistleblowing frameworks.

For tailored advice or to schedule a consultation, please: call us on 0845 365 0051, use our enquiry form, or visit our financial services page. 

Return to news headlines