Written by Rhodri Kettle and Jonathan Bowdler on Tuesday June 16, 2020
In this article we will look to define non-financial misconduct and highlight why it is of increasing importance to firms and other organisations across most industry sectors and jurisdictions. We need to understand the risks associated with misconduct behaviours and we will demonstrate these risks through real-world examples that have been reported on in the public domain recently.
We need to identify what solutions can be deployed to manage non-financial misconduct risks. And consider if these solutions must be bespoke and exclusive to specific scenarios, or whether we can apply existing misconduct control typologies to an evolving landscape?
As the ICA is an educational and professional body, we will also ask you to reflect upon your own experiences. We will task you to take away some simple next steps that should enable you to better understand and manage the risks associated with this emerging risk area in your own organisation.
Let’s start with a quote from a ‘dear CEO’ letter issued by the UK’s Financial Conduct Authority (FCA) to wholesale general insurance firms in January 2020:
“Following recent, publicized incidents of non-financial misconduct in the wholesale general insurance sector, I am writing to set out clear expectations that you should be proactive in tackling such issues. We expect you to identify what drives this behaviour and, where appropriate, modify those drivers to shape proper conduct.”
According to the FCA, the number of recorded incidents regarding harassment, bullying and homophobia have significantly increased during the last two years. Non-financial misconduct is closely linked with the more general concept of organisational conduct, and that suggests that it is another example where poor workplace practice and behaviours are giving the regulator cause for concern.
Consequently, other key stakeholders, such as investors and consumers, will no doubt place greater emphasis upon the systems and controls put in place to achieve the appropriate standards of conduct by firms when assessing with whom to do business. So non-financial misconduct certainly has the potential to cause financial risk.
We can define non-financial misconduct as unacceptable or improper behaviours, including (but not limited to):
These are some of the accepted definitions: the challenge comes in agreeing what they mean in practice. To help understand what these definitions mean in practice, there are recent examples we can look at as evidence:
Legal action may be taken by victims of harassment, bullying or discrimination. Aside from the financial costs of litigation, investigations and consequent remedial actions will be a demand upon resources and will consequently impact on the efficiency and focus of those involved.
Of course, the direct financial consequences are probably not the main concern for firms. Consumers and other stakeholders could call into question both the firm’s business model and strategic objectives if the only way it believes it can meet them allows such poor culture and behaviour to exist. This is particularly true where damage to reputation follows on from a highly public example of non-financial misconduct.
Add into this equation the increasing potential for personal consequences for senior managers, such as under the FCA and PRA Senior Managers and Certification Regime, and it becomes even more clear that non-financial misconduct should be high on the risk agenda for most organisations.
It is possible to argue that changing culture in firms, and even whole industry sectors, is the ideal solution. But, that is not an easy task. Culture tends to be generational, and therefore to bring about change in the short-term would be very difficult, and yet taking a long-term approach is unlikely to satisfy the demands of key stakeholders (including regulators).
However, just because something is difficult to do is not a good excuse for not doing it! Senior management is accountable for embedding a healthy culture in their organisations, and they must do this by first of all identifying the key drivers of culture within the firm, and then (where needed) working to bring about the desirable changes in these key driver areas. They include:
In this situation, quality governance therefore incorporates the leadership, management, reward and remuneration, Code of Ethics and speaking up structures already discussed, supported by robust MI evidence that they are performing as designed. And they have to be flexible enough to consider emerging risks (for example, the misconduct risks associated with remote working during social distancing situations following the Covid-19 pandemic) which have yet to manifest themselves as issues to be managed.
We are seeing an increased focus on non-financial misconduct and are acutely aware of the risks associated with inappropriate behaviour. Solutions require leadership and governance, and flexibility in identifying, assessing and managing the current and emerging risks, and applying them in visible and direct actions.
We did mention in our introduction that we would be tasking you with some actions to that should enable you to better understand and manage the risks associated with this non-financial mis-conduct risk in your own organisation, so consider the following, and try to be honest with yourself. “I didn’t think that kind of thing went on here” is not a good defence!
This article was originally published by Compliance Monitor.
 FCA Dear CEO letter, 6 January 2020, Jonathan Davidson: https://www.fca.org.uk/publication/correspondence/dear-ceo-letter-non-financial-misconduct-wholesale-general-insurance-firms.pdf
 Paras Shah / Citigroup: https://www.standard.co.uk/news/uk/citigroup-bank-canteen-canary-wharf-paras-shah-a4352711.html
 Jes Staley / Barclays: https://www.theguardian.com/business/2018/may/11/barclays-jes-staley-fined-whistleblower-fca
You may also like to read:
Thank you. Your comment is awaiting moderation and should appear on the site shortly.
Required fields are not completed, please ensure all required fields (*) have been filled in properly.
You can leave the name empty should you wish to remain Anonymous.