The Financial Conduct Authority (“FCA”) has confirmed that, before 1 September 2026, firms should review and, where necessary, update their approach to:

• Staff policies

• Conduct breach reporting

• Fit and proper assessments

• Regulatory references

Firms must also ensure that staff and managers understand how the new rules and guidance on non-financial misconduct (“NFM”) apply to them.

Drawing on our experience advising on conduct and internal investigations in financial services, we highlight five key governance questions for firms to consider as they prepare for the new regime.

1. How is NFM investigated?

Concerns about NFM may arise through various channels: grievances, whistleblowing, internal investigations, exit interviews, redundancy consultations, or regulatory inquiries. Ownership and oversight of investigations can vary accordingly. 

While a bespoke approach may be necessary in some cases, the new rules require firms to assess whether their investigations consistently address the factors relevant to potential Conduct Rules breaches and fitness and propriety assessments, as set out in the FCA’s new COCON and FIT guidance. 

Firms should ensure default arrangements are adaptable, particularly where usual decision-makers may be conflicted.

2. Who decides what, when, and how?

The FCA’s guidance clarifies that private life conduct is generally out of scope for COCON but may be relevant for fitness and propriety if there is a material risk of repetition at work or damage to public confidence. 

Early identification of the regulatory questions at issue is essential. Investigations should be designed to identify and capture evidence relevant to these and other regulatory distinctions from the outset, to avoid the need for supplementary inquiries and ensure decision-makers (such as Conduct Committees) are equipped to resolve regulatory questions efficiently and accurately. 

3. Managing the risk of inconsistent outcomes 

The new rules require firms to make difficult judgment calls, such as what constitutes “serious” misconduct or when NFM raises integrity concerns. 

The FCA expects firms to exercise reasonable judgment, but also to ensure consistency in approach. 

Inconsistent outcomes, particularly in determining thresholds for “seriousness” in harassment cases (COCON 4.3.7 G), may expose firms to regulatory or litigation risk. 

Consistency of investigative approach, oversight, and mechanisms for review are essential to mitigate the risk of actual or perceived inconsistency.

4. Managers and SMFs

Investigations may need to consider not only the alleged misconduct, but also whether managers took reasonable steps to prevent or address NFM. 

The FCA’s guidance sets clear expectations for managers, including intervening to stop inappropriate behaviour where they know or should reasonably have known of it (COCON 4.1.8-B G). 

Enhanced oversight of conduct investigations may be necessary to ensure compliance with these standards, particularly for Senior Management Functions (SMFs).

5. Records and audit trail

With conduct the subject of enhanced regulatory attention, firms should be prepared to demonstrate how concerns were investigated and the rationale for outcomes. 

Maintaining proper records is essential, but firms should also consider the risks of disclosure in litigation (e.g., employment tribunal claims), data subject access requests, and the application of legal professional privilege.

The FCA’s new NFM framework, along with increases in conduct reporting and whistleblowing, are a critical inflection point for firms to review and, where necessary, update their governance, investigation, and decision-making processes to ensure compliance and mitigate risk ahead of September 2026.

If you would like to discuss updating your policies or investigation frameworks in light of the new FCA NFM Guidance, please get in touch.