New FCA Rules on Non-Financial Misconduct – Is Your Firm Ready?

The FCA has turned up the heat on non-financial misconduct.

In its latest consultation (CP25/18), the UK regulator has proposed major new rules that will extend the Conduct Rules (COCON) to a much wider group of firms - not just banks and insurers but MGAs, fintechs, payment providers, asset managers, and advisors.

That’s roughly 37,000 firms who’ll need to get ready for a new era of accountability around behaviour, culture, and personal conduct.

What’s Changing, and When

From 1 September 2026, substantiated cases of serious non-financial misconduct (things like bullying, harassment, racism, violence, sexual harassment, or illegal drug use) will:

• Count as a breach of the FCA Conduct Rules, and
• Need to be reported to the FCA and included in regulatory references for individuals.

The consultation closed on 10 September 2025, with final guidance expected by the end of this year.

One area firms are watching closely is how the FCA will treat private behaviour, particularly conduct outside the workplace or on social media. The regulator has hinted that serious misconduct, even in a personal context, could still impact an individual’s fitness and propriety.

What Firms Should Be Doing Now

If you’re an FCA regulated firm, this isn’t something to park until 2026. You’ll need time to review, plan and implement changes across HR, compliance and culture, in tandem with your compliance and employment law advisors.

Here are five practical questions to start with:

1. Do you have a robust Speaking Up policy?
   Staff need to know how (and where) to raise concerns safely.
2. Is there a clear process for investigating non-financial misconduct?
   It’s not enough to log reports, you’ll need to demonstrate fair and consistent investigation procedures.
3. Are your reporting processes ready?
   Incidents that meet the new thresholds will have to be escalated and captured for FCA returns.
4. Have you trained your people?
   Everyone should understand what counts as non-financial misconduct and what’s expected under the Conduct Rules.
5. Do your SMCR and HR processes align?
   You may need to update regulatory references, employment contracts, fit and proper assessments, and other employment policies to reflect the new requirements.

These aren’t small tweaks; they’ll likely touch everything from onboarding and appraisals to whistleblowing and disciplinary procedures.

Why This Matters

For many firms, this marks the first time the FCA has explicitly extended Conduct Rule accountability into areas traditionally handled by HR. It’s a clear signal that culture and behaviour are now regulatory priorities, not just internal ethics issues.

In practice, that means compliance and HR teams will need to work much more closely together, aligning systems, policies and reporting processes to ensure nothing slips through the cracks.

The Bottom Line

The FCA’s new rules on non-financial misconduct represent one of the most significant changes to the Senior Managers & Certification Regime since it launched.

If your firm hasn’t already started preparing, now’s the time to act. Review your culture frameworks, policies and training, and make sure your governance structure can support the new expectations before they go live in 2026.

Need a hand? Regnition supports FCA regulated firms with Speaking Up frameworks, SMCR reviews, and culture health checks.

Visit www.regnition.com or email info@regnition.com to arrange a confidential, complimentary preliminary consultation.