The FCA’s new non‑financial misconduct rules

What these new rules mean and how firms should prepare 

The FCA has finalised its long‑awaited framework on Non‑Financial Misconduct (NFM), marking one of the most significant shifts in conduct regulation in recent years. Behaviour such as bullying, harassment, discrimination and violence will soon be treated not just as HR issues, but as potential breaches of regulatory standards. With the rules becoming enforceable from 1 September 2026, firms have a clear timeline and substantial preparation ahead of them. 

A clearer definition of misconduct 

At the centre of the framework is a more consistent definition of what the FCA considers “serious” non‑financial misconduct. Behaviours including harassment, degrading or intimidating treatment of colleagues and other forms of abusive conduct may now breach both Conduct Rule 1 (integrity) and Conduct Rule 2 (due skill, care and diligence). This approach now applies across the sector, aligning non‑bank firms with the standards already applied to banks. 

The FCA has also widened the scope. For non‑bank firms, relevant conduct is no longer confined to regulated activities. Behaviour at conferences, work‑related events or any environment connected to employment may fall under scrutiny. However, not all poor behaviour will qualify as NFM. Misconduct must be serious, sustained, harmful or clearly inappropriate, with factors such as duration, seniority, impact and any links to criminal activity shaping the assessment. 

Importantly, the FCA draws a clear line around personal life. Private conduct should generally remain private unless it presents a genuine and material risk to regulatory standards. Firms are not expected to pursue rumours or minor, implausible allegations — a welcome guard against over‑reach. 

What this means for managers 

Managerial accountability has been one of the most debated areas of the new framework. The FCA has clarified that managers must take reasonable steps to prevent and address misconduct, but they will not be held responsible for behaviour they could not reasonably know about or do not have the authority to act on. Training will be essential to ensure managers understand these boundaries and apply them proportionately. 

What firms must do now 

The FCA is clear: firms carry the primary responsibility. Preparation should begin now. 

1. Update policies and codes of conduct 

Internal frameworks must be refreshed to reflect the new expectations, including: 

• Bullying and harassment policies 

• Conduct Rules training 

• Grievance and disciplinary procedures 

• Whistleblowing and speak‑up processes 

Policies should clearly align to the FCA’s seriousness test. 

2. Review Fitness & Propriety (FIT)processes

FIT procedures should now incorporate: 

• NFM as a potential breach 

• Assessment of severity, patterns, seniority and aggravating factors 

• Consideration of whether personal conduct poses a material regulatory risk 

Regulatory references must reflect these changes. 

3. Document every judgement 

Firms must be able to demonstrate how decisions were reached, especially on: 

• Seriousness 

• Whether conduct is work‑related 

• Whether allegations merit investigation 

Good documentation strengthens defensibility. 

4. Train staff —especially managers 

Training should enable managers to: 

• Identify and escalate potential NFM 

• Take reasonable steps to address behaviour 

• Understand their accountability limits 

5. Strengthen reporting and investigation processes 

This includes: 

• Clear, trusted reporting channels 

• A consistent and structured investigation process 

• Avoiding unnecessary investigation of trivial allegations 

• Escalating serious issues to the FCA when required

Building culture and governance 

Beyond updating documents, firms must embed NFM expectations into their culture and governance. This includes integrating NFM into accountability maps, annual FIT assessments and board‑level oversight. Boards will need to evidence understanding of their risks, and action where issues arise. 

Equally important is ensuring staff confidence in reporting lines and clarity for managers on when to escalate concerns. While firms must be prepared to act decisively on serious issues, the FCA also expects proportionate responses and not every minor allegation requires formal investigation. 

A roadmap to September 2026 

Preparing for the new rules will require a phased approach. Many firms are starting with a gap analysis to identify necessary updates across policies, training and governance. From there, implementation plans, communications and cross‑functional alignment will be key. Early preparation will make compliance smoother and far more defensible. 

In summary 

The FCA’s NFM framework turns serious misconduct into a matter of regulatory compliance, not just workplace behaviour. To meet the new expectations, firms should update policies, strengthen FIT assessments, train teams and managers, reinforce investigation processes and embed NFM into culture and SMCR oversight. With the 1 September 2026 deadline approaching, now is the time to act.