Non-Financial Misconduct – Frequently Asked Questions

Non-Financial Misconduct is becoming a significant area of focus for regulators, firms, and employees across the financial services sector. As regulatory expectations around culture, conduct and personal accountability continue to evolve, firms are increasingly expected to identify, prevent and respond to behaviours that may pose risks to clients, staff and market integrity.

During our training sessions and recent webinars, we received recurring questions from compliance leaders and practitioners seeking clarity on the topic. To support that need, Peter Haines, Director of GRC Training, has compiled this FAQ, bringing together the most common queries to help you deepen your understanding of Non-Financial Misconduct (NFM).

• Is there a regulatory expectation to monitor COCON (Code of Conduct) staff work communications for NFM purposes, and if yes, is this being implemented across regulated firms?

Employee communications monitoring has become standard in firms. It can cover a number of compliance risks, such as market abuse, conflicts of interest and conduct issues.

The increase in working from home has meant that firms are expected to be able to record business communications made through various media. It is implicit that firms should be able to monitor those communications.

The FCA has, however, made it clear that it does not expect firms to be monitoring their employees’ private social media activities, although it appears that some firms do.

• If NFM occurred before September 2026, but is only discovered by the firm after that date, would it fall under the new regime?

If the conduct occurred prior to September 2026, it will not be covered by the new conduct rule.

That said, if the conduct can be classified as NFM, the existing conduct rules and fitness & propriety rules might well come into play.

• Is it sufficient to have self-declarations by staff with regard to NFM?

I have changed my mind on self-declarations over the years. I used to think that they were worthless, as somebody who had committed misconduct (which had not been spotted) would be highly unlikely to admit to it simply because they were required to complete a written declaration.

My view now is that such a declaration is useful only in that it forms part of the firm’s defence to the regulator. If the firm can demonstrate that it had the right policies and procedures, training, monitoring and culture to prevent such misconduct from occurring AND the employee had nevertheless committed the act of misconduct, then the firm is protected and the regulator can take action against the employee only.  

If an employee acts wilfully against the spirit of the conduct rules, my view as a compliance professional has always been to protect the firm and its senior management from regulatory action.

• When the FCA talk about the onus on a manager to prevent NFM, are they talking about the SMF or the line manager?

They are potentially referring to both, especially if the line manager is either a certified employee or an SMF. The FCA has stated that undue tolerance of fitness and propriety can lead them to question an individual’s fitness and propriety.

This could be either a line manager, a senior manager or both. Although most often quoted in the context of the Consumer Duty, the FCA has stated on several occasions that, the more senior an individual, the higher the FCA’s expectations would be with regard to that individual.

• Would this lead to a culture where individuals may refrain from engaging with individuals or colleagues due to misinterpretations that may crop up and lead to further issues?

It already has. This occurs not just in financial services, but more generally. Societal expectations are that there should be more respect towards individuals and less tolerance of unacceptable conduct.

We have seen this in the entertainment industry and many others. Consequently, people are expected to approach colleagues in a different and more respectful way than has often happened in the past. Of course, this can mean that employees might prefer not to engage with colleagues in a certain way because of the risk of offending them.

This would be unfortunate, as one would hope that mistakes in communication made in good faith would be understood and forgiven.

• Hasn't sexual misconduct always been applicable to non-Banks under CR 1?

It could be argued that sexual misconduct has always been a breach of Conduct Rule 1 (Integrity), but it could also be a breach of the fitness & propriety conditions for a certified person or SMF. Importantly, it could be a breach of the law.

This depends on the type of misconduct.

The FCA has been clear that firms should prioritise the prevention and management of non-financial misconduct, highlighting the need for robust systems, clear expectations and well-informed staff.

If you are looking for deeper guidance and would like support in strengthening your firm’s approach, our comprehensive NFM training programmes are available for the whole firm, with courses for Compliance staff, HR and L&D teams, Senior Management and the Board, and the front and back office.

Peter has over 35 years’ experience in the field of regulation and compliance. A chartered accountant, Peter spent 6 years working with the UK’s SFA (now the FCA) and has headed up regional and global compliance functions at Paribas, UBS Investment Bank and Bank of America.

Since 2006, Peter has specialised in training, focusing on boards, senior management and assisting the next generation of compliance officers. His coverage includes most areas of compliance and financial crime, corporate governance and risk management. His style is inclusive, interactive and based on practicalities, not just rules.

As Director of GRC Training, he works closely with our clients to ensure that our programmes are tailored to their exact needs and meet, or surpass, their expectations.