Firms’ Non-Financial Misconduct Under FCA Spotlight Thanks to SM&CR
Sexual harassment and other forms of “non-financial misconduct” are now on equal footing with types of financial misconduct, such as market abuse, with the UK Financial Conduct Authority (FCA). Firms and employees are at risk of regulatory sanctions – including for individuals, the possibility of not being found to be “fit and proper” – for failure to fulfill the FCA’s evolving diversity and inclusion (D&I) expectations.
Under the Senior Managers & Certification Regime (SM&CR), which comes into force for investment firms in December of this year, both firms and individuals will be held accountable for non-financial misconduct, including sexual harassment, homophobia, racism and sexism. This supervisory approach is already enforced within the banks’ SM&CR regime – there are already cases where individuals have not been allowed to take a role or have been asked to leave an existing role.
In tandem, whistleblowing is also on the rise. In 2017, the FCA whistleblowing team received 20 reports of non-financial misconduct. In 2018 they received 64. The expectation is that 2019 will be higher still.
Understanding Non-Financial Misconduct
The FCA is bringing D&I into the core of its work on culture, and “the culture and governance of firms is a priority,” said Andrew Bailey, FCA Chief Executive in a February conference speech on diversity. “We define culture quite simply as the typical behaviours that characterise a firm. We care about it because it is a key cause of major conduct failings. And we believe a healthy culture is good for business – both for consumers and for markets as a whole.”
The FCA is being very public about its intention to pursue non-financial misconduct through the new SM&CR powers. “From our perspective, misconduct is misconduct, whether it is financial or non-financial,” said Megan Butler, Director of Investment, Wholesale and Specialist Supervision at the FCA, to the UK Parliament’s committee hearings on sexual harassment in the workplace in May 2018. “The key tool we deploy in this area is what we call the SM&CR.”
The logic the FCA is following in this new area of SM&CR enforcement is that it’s not possible to compartmentalise when it comes to conduct. An organization that tolerates sexual harassment and other forms of “behavioural misconduct” is likely to not be a place that “encourages a ‘safe to speak up’ environment, an environment where the best business decisions get taken and where the best risk decisions get taken,” said Butler.
As a result, the FCA now considers D&I issues to have an impact on the fitness and propriety of individual senior managers, as well as on the regulator’s overall view of a firm’s health. “The SMCR is key in this,” said Christopher Woolard, Executive Director of Strategy and Competition at the FCA, in a December 2018 speech. “It ensures that senior executives are directly accountable for functions which fall under their responsibility and are ‘fit and proper’…In our judgement, the way a senior manager approaches issues around diversity may be relevant to our assessment of their competence and character. And the way firms handle non-financial misconduct, including allegations of sexual misconduct, is potentially relevant to our assessment of that firm in the same way that their handling of insider dealing, market manipulation or any other misconduct is.”
Enhancing D&I in Financial Services
The FCA is arguing that D&I leads to better risk management and compliance outcomes. “Firms which foster an inclusive and diverse culture open themselves up to a wide range of perspectives,” said Woolard. “That means less fettered, more productive internal debate. Where a culture is open, risks are flagged, experiences are shared and decision-making is enhanced. But in a culture where colleagues are afraid to speak up, unethical behaviour can gain a foothold.” Bailey suggests diversity helps mitigate the risk of groupthink and can provide long-term competitive advantages for firms.
Statistically speaking, most firms are still struggling with diversity. According to FCA figures, only 15% of directors and 6.5% of chief executive officers (CEOs) across their regulated population are women. And the percentage of women in senior management, below the board, has gone from 14% in 2008 to only 15.5% in 2018 – a 1.5% rise. Even within senior risk and compliance roles, where there has been a 30% increase in roles held by women in the past decade, only 15% of roles are held by women today.
Meeting the FCA’s Expectations
The FCA leave little doubt that the failure to handle non-financial misconduct correctly, or having a culture that permits non-financial misconduct, will have serious consequences. Individuals can have permanent black marks on their regulatory record. This includes senior managers, who are subject to the Duty of Responsibility provisions of the SM&CR – if a firm breaches an FCA requirement, the senior manager responsible under SM&CR could be held personally accountable if they failed to take reasonable steps to either prevent the breach or to stop it from continuing. As well, of course, firms could be reprimanded and fined – causing both financial and reputational damage.
Complying with the SM&CR’s diversity and inclusion elements is not just an exercise in updating a few policies and procedures. Firms are expected to take a holistic approach to the way the firm is governed, the way employees are treated, and what happens to them if they engage in non-financial misconduct. Firms should begin immediately to address non-financial misconduct risks and related compliance challenges within their organizations. Key steps include:
- Enabling non-financial conduct leadership – The regulator is expecting senior managers to take leadership responsibility for the firm’s culture. So, for example, how does leadership measure the quality of its culture and the conduct of employees?
- Updating HR and compliance policies – The right policies and procedures should be in line with regulatory expectations, set the right tone in the organization, and ensure any cases of non-financial misconduct are handled correctly.
- Refining SM&CR statements – SM&CR statements outlining individual responsibilities should include language about non-financial misconduct and diversity. This should encompass the management of risks and compliance processes associated with these issues.
- Training of employees – The FCA expects firms to lay out for employees exactly what the right behaviours are within the firm’s culture when it comes to D&I and non-financial misconduct. Training is essential.
- Obtaining objective expertise – Firms should have in place external, objective resources that could be brought in to help them manage difficult situations when non-financial misconduct has happened. Firms may want to also consider a communications strategy in such a situation.
- Reviewing remuneration – The FCA is also focusing on how remuneration impacts culture. Firms should review, for example, potential gender-based pay gaps.
About the Author
Martin Lovick is a Senior Principal Consultant with ACA Compliance Group, supporting a broad range of clients (including hedge fund and PE managers, brokers and market makers) in their FCA and EU compliance programmes. He has taken a lead role in developing ACA’s client resources to address new legislation, including MAR, MiFID II and SM&CR.
His career in financial markets spans nearly four decades. Before joining ACA, Martin ran his own market making firm for eighteen years, focussing on single stock options on LIFFE. During his earlier career, Martin progressed through roles in portfolio management and proprietary trading, becoming Director of Strategy Trading at UBS Philips and Drew.
Martin’s first degree was in Modern History at Oxford University. He also holds an MBA from Manchester Business School, the MSCI Diploma in Investment Compliance and the CFA Investment Management Certificate.