On 25 September 2023, the FCA published Consultation Paper (CP23/20), entitled Diversity and Inclusion in the Financial Sector. The Consultation Paper, which is underpinned by the idea that increased Diversity and Inclusion ('D&I') will lead to better outcomes for firms and consumers, sets out proposals for the introduction of a new regulatory framework on D&I in the financial sector.
Whilst the Consultation Paper sets out several proposals for how firms can achieve the necessary D&I objectives, in our view there are 3 key strands that firms ought to pay particular attention to:
- Non-financial misconduct
- D&I strategies, targets, and publications
- Data collection and disclosure requirements in relation to D&I
Non-financial misconduct
Non-financial misconduct includes behaviours such as bullying, sexual harassment and discrimination. Whilst many of the firms that provided feedback to the FCA's July 2021 D&I Discussion Paper already viewed non-financial misconduct as a breach of the FCA's Conduct Rules, recent high-profile cases of non-financial misconduct has led the FCA to make it explicit that such misconduct can be regarded as a regulatory breach.
The FCA proposes to now include non-financial misconduct within:
- The Conduct Rules
- Fit and Proper assessments
- Suitability guidance on the Threshold Conditions
These proposals will apply to authorised firms irrespective of their size.
Under the proposals instances such as bullying, harassment and similar behaviour towards fellow employees and contractors could amount to a breach of the Conduct Rules. Not all instances of such conduct will be regarded as a breach of the Rules and the FCA will only take enforcement action when the misconduct in question is serious. The seriousness of the misconduct will be determined with reference to the duration of the conduct, its impact upon the subject of the conduct and whether the conduct has been repeated. It will also be the case that multiple instances of misconduct which are not on their own serious can, when taken together, amount to serious misconduct that invites enforcement action.
It is proposed that non-financial misconduct will also be relevant to a determination about whether an individual satisfies the Fit and Proper test for Employees and Senior Personnel (FIT). Similarly serious behaviour (e.g. sexually or racially motivated offences) that takes place in an individual's private life will also be relevant to whether the individual satisfies the FIT test.
The FCA is also proposing to extend the guidance on the Suitability Threshold Condition to include findings by a court or tribunal that a firm or an individual connected to a firm (e.g. a director) has engaged in discriminatory practices or instances where offences have been committed in relation to a person or group's demographic characteristics (e.g. racially motivated offences). In practice, this means that firms could potentially fail to receive authorisation to conduct regulated business or face supervisory requirements or some other regulatory action where such misconduct is found to have occurred.
D&I strategies, targets and publications
The FCA is also proposing that large firms - those with 251 or more employees - be required to develop evidence-based D&I strategies which the firm's board would be responsible for maintaining and overseeing. Under the proposals a D&I strategy would have to contain, as a minimum:
- The firm's D&I objectives and goals
- A plan for how those objectives will be met and how progress will be measured
- A summary of the plans that are put in place to identify and manage any barriers to achieving the objectives and goals
- Means of ensuring that employees have an adequate knowledge of the diversity and inclusion strategy
Firms would be required to ensure that their strategy was easily accessible and free to obtain with the FCA indicating that publishing the strategy on the firm's website is likely to suffice.
Under the proposals, firms would also be required to set targets to address underrepresentation within their firms. Whilst many D&I initiatives tended to focus on underrepresentation in senior leadership positions, the FCA's analysis of firm's data found that the steepest decline in gender and ethnic diversity occurred between junior and mid-level roles.
To help address this, firms would be required to publicly disclose their targets and their progress against these targets on an annual basis, the rationale being that this will create transparency and allow firms and stakeholders to benchmark their performance.
Data collection and disclosure requirements in relation to D&I
The FCA has also proposed that large firms will be required to annually collect and report to the regulators in numerical figures, data across a range of demographic characteristics via a regulatory return. The FCA would then periodically produce aggregate disclosure reports that would allow authorised firms to measure their progress in these areas against that of their peers. The FCA and the PRA propose to introduce a joint regulatory return that require firms to provide data on the following demographic characteristics:
- Age
- Ethnicity
- Sex or gender
- Religion
- Sexual orientation
- Disability
Firms would also have the option to voluntarily disclose demographic information about the following characteristics:
- Gender identity
- Socio-economic background
- Parental responsibilities
- Carer responsibilities
Comment
Authorised firms will not be surprised by some of the proposals being considered by the FCA, particularly as it relates to non-financial misconduct, a topic which has garnered increased focus by the regulators in recent years. What is also apparent is that the FCA views the issue of D&I as having a direct link to the governance of firms, their risk management and the outcomes that they provide for consumers. Authorised firms can expect that the proposals outlined in the Consultation Paper will yield several new formalised requirements – and likely related enforcement action if necessary requirements aren’t met. Firms should consider carefully whether they have the appropriate frameworks to ensure that they are compliant.