FCA Publishes PS25/24: What Non-Financial Misconduct Means for Financial Services Firms

The Financial Conduct Authority (FCA) has published Policy Statement PS25/23 – Tackling Non-Financial Misconduct in Financial Services, setting out final guidance on how non-financial misconduct (NFM) interacts with the Code of Conduct (COCON) and Fitness and Propriety (FIT) requirements under the Senior Managers & Certification Regime (SM&CR).

The policy confirms serious workplace misconduct such as bullying, harassment and sexual misconduct is no longer viewed as a purely HR issue, but as a matter that can engage regulatory accountability where it reflects integrity, culture, and governance failings.

The guidance comes into force on 1 September 2026 and applies to all FCA-authorised firms, including insurers, brokers, MGAs, investment firms and payments businesses.

Below, we break down the FCA’s key messages and what they mean in practice for firms, senior managers and compliance functions.

Bringing Non-Financial Misconduct into Regulatory Scope

Historically, firms have often struggled to determine when workplace misconduct crosses the line into regulatory territory. PS25/23 removes much of that uncertainty.

For non-bank firms, the FCA has expanded the scope of COCON so that serious non-financial misconduct between colleagues will be within scope where:

• the conduct is work-related, and

• either the perpetrator or the subject works in the financial services part of the business.

This change aligns non-banks more closely with banks and ensures greater consistency across the sector. Importantly, the FCA confirms that private or purely personal life remains outside the scope of COCON, though conduct connected to work events, conferences, training, or firm-related social settings may still be captured.

What the FCA Means by "Serious" Misconduct

The FCA has deliberately avoided prescribing a rigid definition of seriousness. Instead, misconduct will be assessed by reference to whether it has the purpose or effect of:

• violating a person’s dignity, or

• creating an intimidating, hostile, degrading, humiliating or offensive environment.

Minor workplace disputes, poor communication, or one-off lapses in professionalism will not normally meet this threshold. The FCA repeatedly emphasises that reasonable firm judgement will be respected, provided it is proportionate and well-evidenced.

Managers' Responsibilities and Reasonable Steps

A central theme of PS25/23 is the role of managers in shaping culture and preventing misconduct.

Managers are expected to take reasonable steps to protect staff from serious NFM where:

• they knew or ought reasonably to have known about the issue, and

• they had the authority to intervene.

The FCA clarifies that managers will not be held accountable for misconduct they could not reasonably have been aware of, nor where they lacked the power to act. This clarification addresses industry concerns about disproportionate personal liability under SM&CR.

Fitness and Propriety: Where the Real Impact Lies

While the COCON changes are important, the most far-reaching implications sit within FIT.

Under FIT, firms must consider all relevant conduct, whether inside or outside the workplace, when assessing an individual’s honesty, integrity and reputation. This includes:

• serious workplace misconduct,

• conduct in private life,

• social media behaviour, and

• conduct outside the UK.

The FCA is clear that not everything is relevant. Private life conduct should only be considered where it presents a material (non-speculative) risk to regulatory standards or public confidence. Firms are not expected to investigate rumours, trivial allegations, or matters better left to law enforcement.

Social Media and Private Life Conduct

PS25/23 provides helpful reassurance in an area that has caused uncertainty for many firms.

The FCA confirms that firms:

• are not required to proactively monitor employees’ social media, and

• should not assume that lawful expression of views automatically affects fitness and propriety.

That said, social media activity may still be relevant where it indicates a real risk of bullying, harassment, violence, or serious misconduct being repeated in the workplace. Firms remain free to take disciplinary action under their own internal policies where appropriate.

Reporting, Allegations and Proportionality

Following strong industry feedback, the FCA has softened its position on unproven allegations.

Firms are not expected to report unsubstantiated allegations to the FCA simply because they exist. Existing notification requirements for SMFs remain, but the guidance now makes clear that firms should act proportionately and with fairness to individuals.

The FCA also confirms that the new COCON rule is not retrospective. Firms are not required to revisit historic cases or re-assess past conduct decisions.

Compliance Angle's View

PS25/23 confirms what many firms have already sensed from supervisory engagement: culture and conduct are now firmly embedded as regulatory risks, not peripheral HR concerns.

From our perspective:

• This guidance is less about creating new liabilities and more about forcing clarity and consistency in how firms assess behaviour.

• The greatest pressure point will be fitness and propriety assessments, particularly for SMFs, certified staff and senior hires.

• Firms that rely on informal judgement without documentation will struggle to evidence proportionality if challenged.

The FCA has been explicit that it will respect reasonable judgement, but only where that judgement is documented, structured and defensible.

What Firms Should Do Now

Although the guidance does not take effect until September 2026, firms should begin preparing now by:

• Reviewing Conduct Rules, disciplinary and FIT policies to ensure NFM is clearly addressed.

• Clarifying escalation routes between HR, compliance and senior management.

• Training managers on how to assess seriousness and materiality, not just on policy wording.

• Ensuring fitness and propriety decisions are supported by clear rationale and audit trails.

• Briefing Boards and senior committees on how NFM risk fits into governance and culture oversight.

Contact Us

If you would like support reviewing your Conduct Rules framework, FIT assessments or SM&CR governance arrangements in light of PS25/23, contact Compliance Angle at info@complianceangle.co.uk or call +44 7427 792594 to arrange an initial discussion.