FS firms tighten oversight and training after FCA misconduct update

The Financial Conduct Authority has confirmed further changes to its approach to non-financial misconduct, with updates to the conduct rules and supporting guidance due to take effect from 1 September 2026. The focus remains on bullying and harassment, but the FCA’s emphasis is now firmly on what firms and senior managers are expected to do in practice, particularly around taking reasonable steps.

For HR teams, this raises three immediate issues. First, what reasonable steps actually look like in different organisations. Second, where responsibility really sits when things go wrong. And third, what role training needs to play beyond simple compliance. We’ll speak to employment lawyer Anne Sammon who is helping a number of FS firms prepare for the changes.

The FCA has been clear that taking reasonable steps is not a one-size-fits-all exercise. What is reasonable will depend on a firm’s size, structure, culture, and risk profile, and may differ across teams within the same organisation. That creates an immediate challenge for HR. How do you move beyond standard policies and templates, and show that your approach is genuinely risk-based and proportionate?

There is also a clear warning on accountability. Non-financial misconduct is not something that can simply be handed to HR. Senior managers are expected to remain actively involved and able to demonstrate oversight, even where responsibilities are delegated.

And then there’s training, and on this issue the FCA has been clear. Training is not about definitions or box-ticking; it is about equipping senior managers to demonstrate reasonable steps in practice, including how they retain oversight of delegated responsibilities.

So let’s hear more on this. Anne Sammon is currently talking to a number of her FS clients on this issue and earlier she joined me by video-link to discuss it. So first question – what does ‘taking reasonable steps’ look like in practice under this guidance?:

Anne Sammon: “The challenge is that what taking reasonable steps looks like depends on the size of the firm, it depends on the risk profile. So in order to work out how you take reasonable steps you first need to assess what your risks are, and some of that will, for example, in relation to bullying and harassment, involve thinking about your culture and whether, for example, you're a particularly hierarchical firm where there is possibly a greater potential for those things. So much like when we were doing risk assessments for the duty to take reasonable steps to prevent sexual harassment, in order to think about how you take reasonable steps, you first need to work out what your risk profile looks like so that you can then work out how you mitigate those particular issues. The other thing to note is that reasonable steps will vary from senior manager to senior manager within the business, because each team probably has a slightly different culture, has a different setup, has different live issues around disciplinary-type performance-related issues. So, so it's not a one size fits all. It's not even a within a firm; every single senior manager’s reasonable steps will be the same.”

Joe Glavina: “In your experience, Anne, where do firms most often leave themselves exposed when handling misconduct issues?” 

Anne Sammon: “So I think quite often the biggest area of risk is almost assuming that HR will deal with all of this. The FCA has been quite clear that this is not just an HR issue, this is a business issue, and senior managers will be held to account, particularly with these rule changes, for things that go wrong within their teams on a non-financial misconduct and discrimination, bullying, harassment, all of those things are things that senior managers need to be taking very seriously and not just delegating to HR and assuming that the HR team will fix every problem there is in their team.”

Joe Glavina: “Is training something HR should be arranging in this area and if so to what end?”

Anne Sammon: “So I think HR teams want to be thinking about training from a kind of holistic perspective. So there are obviously the changes that come in through non-financial misconduct, where we're looking at things like bullying, harassment, how teams - and managers in particular - create the right environment to prevent that behaviour from happening in the first place, but where it happens that it's flagged and action is taken. So you've got that, and that's particularly important in light of the changes in the Employment Rights Act. If I were an HR professional, I'd want to be looking at the changes that are coming in, both from a regulatory perspective and the Employment Rights Act at the same time so that the training program can incorporate both elements and ensure that you're covering off all of those things. I think also, HR teams in conjunction with their compliance colleagues, might want to be thinking about reasonable steps more generally. So we've obviously got how you discharge the reasonable steps in relation to these new rules on non-financial misconduct, but senior managers have an obligation to take reasonable steps to discharge those regulatory responsibilities more widely and our experience is that it's always helpful for there to be at least some thought, some discussion, with the senior managers to understand what it is that they are currently doing to make sure that they're taking reasonable steps from a regulatory perspective. In some cases, that also involves then creating what we call a ‘reasonable steps document’ that sets that out so in the event that something goes wrong, you've got a document to refer to that you can share with the regulator, as necessary, but the most important piece is that discussion and making sure that senior managers are doing what they should be doing. Very often, what we'll find is that they will make assumptions. For example, delegation is an area that very often comes up, where senior managers will think because they've delegated responsibility to somebody else within the firm, that they have therefore discharged their responsibility and the regulator is really clear that that is not enough, that the senior manager needs to be showing oversight, and demonstrating that oversight. So when we're talking to senior managers about reasonable steps, quite often we're asking them how they would demonstrate that they've retained oversight of the things that they've delegated, and that often prompts them to start thinking about things in a slightly different way.”

If your business is affected by these changes and you would like help to ensure you apply the FCA’s guidance correctly, then please do contact Anne – her details are on the screen. Alternatively, of course, you can contact your usual Pinsent Masons adviser.

- Link to FCA policy statement: Tackling non-financial misconduct in financial services