The UK’s Financial Conduct Authority and Prudential Regulation Authority have released a joint consultation on new regulatory framework on diversity and inclusion. This article focuses on the FCA’s Consultation Paper CP23/20.
With starting points: (1) non-financial misconduct (“NFM”) is misconduct for regulatory purposes; and (2) greater diversity and inclusion can lead to better customer outcomes, the UK’s Financial Conduct Authority (“FCA”) and Prudential Regulation Authority (“PRA”) have released a joint consultation on new regulatory framework on diversity and inclusion (“D&I”). This article focuses on the FCA’s Consultation Paper CP23/20.
CP 23/20 sets out a number of proposals intended to develop diversity and inclusion strategies backed up by data and targets and subject to regulatory reporting requirements. These are framed within proportional and flexible principles that will mean that obligations will largely attach to larger firms depending on their number of employees, status under the Senior Managers and Certification Regime (“SMCR”) and whether they are regulated by both the FCA and PRA. The large firm threshold is being set at 250 employees based on an average number over a rolling three-year period as at a specified annual reference date, and calculated on a solo entity basis capturing activities carried out from an establishment in the UK.
Proposals
- Better integration of non-financial misconduct (“NFM”) into staff fitness and propriety assessments, conduct of business rules and suitability criteria for firms
The proposals here will apply to all regulated firms with a ‘Part 4A permission’ i.e. authorised firms with the exception of credit rating agencies, payment services and e-money firms and will include NFM within conduct rules, fit and proper assessments for employees and senior personnel and suitability guidance on threshold conditions. The requirements are all framed behind the guiding principle that NFM is misconduct and not a principle in and of itself and will make it clear that misconduct within the workplace, and similarly serious behaviour in a person’s private life can also be relevant. Proposed expansions to the scope of conduct rules will make it clear that serious instances of NFM may amount to breaches of those rules. Also proposed is consideration of material NFM and its impact on a firm’s ability to satisfy the threshold conditions for doing business when applying for authorisation.
- Data reporting
All firms will need to report their average number of employees annually, with the exception of Limited Scope SMCR firms (as financial services are typically ancillary to their main business). Firms with 251 or more employees have additional reporting obligations, again excluding all Limited Scope SMCR firms.
- D&I strategies and targets
These will be required of all dual regulated firms (FCA and PRA) and all firms with 251 or more employees excluding all Limited Scope SMCR firms. Larger firms will be expected to develop and embed a flexible, evidence-based D&I strategy with a plan for measuring and meeting objectives and goals, anticipating obstacles and ensuring the adequate dissemination of awareness amongst staff. Maintenance and oversight of the D&I strategy will be a board responsibility and firms will need to be satisfied that the strategy is and remains fit for purpose and take it into account when setting targets. Those targets are expected to address underrepresentation at board and senior leadership level and across the employee population as a whole, but the FCA is not proposing to mandate the demographic characteristics targets should cover.
- Data disclosure and risk and governance
These measures will be required of all firms with 251 or more employees excluding all Limited Scope SMCR firms. Firms will be required to annually collect and report on data across a range of demographic characteristics, inclusion metrics and targets through a regulatory return, with a reporting window of three months from the reference date. The FCA is also proposing to produce their own regular aggregated report and to identify areas that need further supervisory input.
On risk and governance, the FCA is proposing new guidance for large firms on treating D&I as a non-financial risk, including groupthink and poor decision-making.
Next Steps
Responses to the consultation are due by 18 December 2023, and rules will come into force 12 months from the publication of a Policy Statement in 2024.