FCA Non-Financial Misconduct Compliance Checklist
From 1 September 2026, the FCA’s Code of Conduct will extend to cover Non-Financial Misconduct (NFM). This means all FCA-regulated firms must treat serious bullying, harassment, sexual misconduct and other poor behaviour as regulatory misconduct. Download our action plan to:
Understand what the new FCA Non-Financial Misconduct rules mean for your firm
Identify the immediate actions required ahead of September 2026
Reduce regulatory, reputational and conduct risk
Prepare your board, HR and compliance teams for the changes
Non-Financial Misconduct in numbers
Research indicates that many organisations may be underestimating the prevalence of workplace misconduct - behaviours that could carry serious consequences under the FCA’s Non-Financial Misconduct rules. Understanding the true scale is critical for compliance, risk management, and protecting both people and reputation.
70%
Increased NFM reports
FCA survey data releaved a 70% increase in reports of non-financial misconduct like bullying, sexual harassment, and racism.
77%
The silent majority
77% of workers in the sector that experienced sexual harassment or bullying did not formally report it.
70%
Psychological safety
70% of FCA whistleblowers faced victimisation, dismissal or felt forced to resign.
More about our FCA Non-Financial Misconduct Compliance Checklist
Big changes are coming for all firms regulated by the FCA. From 1 September 2026, the FCA’s Code of Conduct (COCON) will formally expand to include Non-Financial Misconduct (NFM), meaning behaviours such as bullying, harassment, discrimination and sexual misconduct will be treated as regulatory misconduct across all FCA-regulated firms. This represents a fundamental shift in how conduct is defined and enforced, and brings workplace behaviour firmly into the scope of regulatory accountability. It also aligns with wider legislative developments, including the Worker Protection Act and Employment Rights Act, reinforcing the expectation that culture is now a core compliance and governance priority.
This is not a future-facing consideration to defer. The FCA has made clear that firms will not be assessed on whether they have policies in place alone, but on whether they can demonstrate meaningful cultural change, effective oversight, and consistent enforcement in practice. That includes evidence of how misconduct is identified, escalated, acted upon, and used to inform wider organisational risk management. Firms that delay preparation risk not only regulatory exposure, but also reputational damage and reduced trust from employees and stakeholders.
To help firms move early and with clarity, our free FCA Non-Financial Misconduct Compliance Checklist sets out the priority actions required ahead of the deadline. It translates regulatory expectations into a practical, structured action plan that can be implemented across the organisation.
Download your copy
FAQs
Questions? We've got answers.
The FCA’s Non-Financial Misconduct (NFM) rules extend the definition of misconduct under the FCA Code of Conduct (COCON) to include serious workplace behaviours such as bullying, harassment, discrimination, and sexual misconduct. From September 2026, these behaviours will be treated as regulatory misconduct within FCA-regulated firms, not just HR or internal policy breaches.
The changes come into force on 1 September 2026, when the FCA will formally extend its Code of Conduct to include Non-Financial Misconduct for regulated firms.
The FCA is introducing these rules to strengthen culture and conduct standards across financial services. The aim is to address underreporting of harmful behaviour, improve accountability at senior levels, and ensure firms are actively preventing and responding to misconduct that impacts workplace culture, decision-making, and consumer trust.
Non-Financial Misconduct includes serious workplace behaviours such as bullying, harassment, sexual harassment, victimisation, discrimination, and other forms of abusive or inappropriate conduct that fall below expected professional standards.
No. The FCA has signalled that policies alone are not sufficient. Firms will need to demonstrate evidence of cultural change, effective speak-up mechanisms, consistent enforcement, leadership accountability, and active monitoring of workplace behaviour.
Firms will be expected to go beyond reactive HR processes and instead take a proactive approach to culture. This includes identifying conduct risks early, improving reporting confidence, acting on patterns of behaviour, and ensuring senior leaders are accountable for workplace culture outcomes.
Firms that fail to prepare risk regulatory action, reputational damage, increased FCA scrutiny, and potential findings of weak governance or poor culture. There is also a risk of increased employee attrition and underreporting of misconduct if speak-up confidence is not addressed.
The checklist provides a structured action plan to help firms understand what needs to change before September 2026. It breaks down key steps for Boards, Risk & Compliance teams, and HR functions, helping organisations identify gaps, strengthen reporting mechanisms, and evidence cultural readiness for regulatory expectations.
Still have questions?
The ever-changing regulatory landscape can be tricky to navigate - we're here to guide you through what your organisation needs to do to stay compliant and protect your people.
Your partner in preventing workplace misconduct
Misconduct rarely starts as a headline issue - it starts with something small that goes unaddressed. Culture Shift helps organisations surface concerns early, respond consistently, and embed long-term cultural change through our Report + Support™ platform, trauma-informed training programmes, and community-led best practice.
