Tackling Non-Financial Misconduct – CP25/18

July 8, 2025

Tackling Non-Financial Misconduct – CP25/18

The FCA’s Consultation Paper CP25/18, “Tackling non-financial misconduct in financial services,” addresses critical cultural issues within regulated firms, such as bullying, harassment, and discrimination. The initiative marks a significant shift in the FCA’s view, recognising that unchecked toxic behaviours are a regulatory concern that can undermine both trust and performance in firms. CP25/18 applies to all FSMA-authorised firms, including insurance brokers and insurers, and their staff subject to the Conduct Rules, reinforcing the need to address non-financial misconduct (NFM) as part of regulatory obligations.

The FCA is expanding its Code of Conduct (COCON) scope, previously stricter for banks, across all sectors, meaning insurers will now share the same responsibilities as banks in managing NFM. Serious misconduct, such as bullying, harassment, or violence among staff, is now explicitly recognised as a potential breach of FCA rules and cannot be treated as a mere HR issue. CP25/18 also clarifies boundaries around personal and work-related behaviour, defines how fitness and propriety assessments should address misconduct, and provides practical guidance on managing these issues. Ultimately, the FCA’s goal is to ensure firms tackle NFM robustly, preventing further harm and reinforcing healthy firm cultures.

Key Highlights:

COCON Scope Extension: The FCA is extending its Conduct Rules to cover serious NFM in all financial firms, including insurers and brokers, aligning with the standards previously applied to banks. Bullying, harassment, and other toxic behaviour will now be within the scope of regulatory action.

Clarity on Misconduct Boundaries: The new Handbook guidance will help firms assess when an individual’s behaviour crosses into a regulatory breach, clarifying when off-premises or off-hours conduct might still be considered work-related.

Fit & Proper Assessments: The FCA proposes that fitness and propriety (FIT) assessments now include all forms of misconduct, not just work-related infractions. Misconduct in personal life, or even on social media, can impact an individual’s fitness for their role and affect their honesty, integrity, reputation, competence, and capability.

Management Accountability: In line with the Senior Managers & Certification Regime (SMCR), the FCA’s guidance will set out “reasonable steps” that managers should take to prevent and respond to NFM. Managers who fail to act on reports of harassment or overlook toxic sub-cultures may be subject to regulatory scrutiny for inadequate oversight.

Regulatory References and “Bad Apples”: The FCA highlights the importance of regulatory references to prevent individuals with a history of misconduct from moving between firms undetected. Firms must ensure their HR and compliance teams rigorously document serious NFM cases and reflect them in regulatory references.

Next Steps for the FCA:

Consultation Period: The FCA’s consultation on the draft guidance is open for feedback until 10 September 2025.
Policy Finalisation: After the consultation closes, the FCA aims to review all responses and finalise the rules by late 2025.
Rule Implementation Date: The new Conduct Rule expansion will come into effect on 1 September 2026, aligning with firms’ annual conduct rule reporting cycles, providing ample time for internal policy updates.
Guidance Timeline: The FCA plans to issue the final Handbook guidance by end of 2025, allowing firms time to digest the information and incorporate it into training and compliance frameworks before the 2026 rule effective date.

Next Steps for Firms:

Review & Respond: Insurance firms should review CP25/18 carefully and consider responding to the FCA consultation by 10 September 2025.
Map Affected Areas: Firms should map out internal policies, systems, and controls that will need updating in light of the changes. Key areas for review include the firm’s Code of Conduct, employee handbooks, HR policies, disciplinary procedures, whistleblowing channels, and Senior Manager responsibility maps.
Prepare for Policy and Training Updates: Firms should begin drafting updates to policies, systems, and training programs, preparing for quick implementation once the final rules are confirmed.
Engage Leadership and HR: Senior management and HR teams should be briefed about the new regulatory expectations. It’s essential that boards and executives understand that NFM is now firmly on the regulatory radar and must be treated as a compliance priority, not just an employment issue.
Plan for Regulatory References: Strengthen procedures for issuing and seeking regulatory references. Ensure that all substantiated NFM findings are documented in personnel records and that this information is disclosed to future employers according to FCA requirements.

How Padda Consulting Can Help:

We specialise in helping FCA-regulated insurance firms navigate regulatory change. We can assist your firm in preparing for the CP25/18 reforms in several key ways:

Impact Assessments: We can evaluate how the new NFM rules and guidance will affect your business across governance, HR, and compliance functions, identifying any gaps and detailing necessary changes.

Consultation Response Support: We can draft and refine your tailored response to CP25/18, ensuring your views are represented.

Policy & Process Updates: We’ll help update internal policies and procedures to ensure compliance with the new non-financial misconduct rules.

Training & Culture Programs: Our workshops are designed to embed the FCA’s Conduct Rules into your firm’s culture, helping leadership take the necessary “reasonable steps” to prevent misconduct.

Implementation Planning: From now until the 2026 rule effective date, we can chart a detailed implementation roadmap for your firm. This will include sequencing of actions such as policy updates, IT system tweaks, and staff training rollouts, as well as assigning responsibility and tracking milestones.

Contact us to arrange a tailored briefing on CP25/18 or a compliance readiness review. Let us guide your firm through this important regulatory change and help you strengthen your conduct risk management.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Tackling Non-Financial Misconduct – CP25/18

The FCA’s new consultation paper addresses bullying, harassment, and discrimination within regulated firms, making non-financial misconduct a key regulatory concern. This blog explores how firms must update policies and culture to meet these evolving requirements.