Spotlight on culture in UK’s finance sector ahead of new duty and rules

In this programme, as we start our Spotlight series, we shine the light on the financial services sector and the impact of new rules and guidance on non-financial misconduct and, in particular, sexual harassment. It’s a big issue that’s about to get bigger.

Employers in the UK’s financial services sector will be aware of the shocking prevalence of sexual harassment in financial services, highlighted recently by the Treasury Committee’s Sexism in the City inquiry. As from 26 October 2024 the stakes will be raised higher still as a new proactive legal duty comes into force requiring firms to take reasonable steps to prevent sexual harassment of their employees. On top of that, the sector faces a number of new regulatory changes that will impact both firms and senior individuals in cases of serious non-financial misconduct. What does this mean for FS firms and what should they be doing now to prepare for this? We’ll consider that.

Sexual harassment in the FS sector, and the treatment of women in particular, is an acute and ongoing problem. As the Chair of the Treasury committee, Harriett Baldwin, put it:

“The UK’s financial services sector is the crown jewel of this country’s economy, admired by the international community and always takes pride in being ahead of the curve. This well-paid sector will only be able to maintain its competitive advantage if it is able to draw on the widest possible pool of talent. That’s why it’s so frustrating that efforts to tackle sexism in the city are moving at a snail’s pace. Firms must take responsibility for improving their culture. There have been several high-profile cases which show the existential risk to firms who don’t tackle sexual misconduct. We also know that more diverse organisations perform better, so inaction is not only immoral but bad for growth and business.”

From 26 October a new duty set out in the Worker Protection (Amendment of Equality Act 2010) Act 2023 will create a positive legal obligation on all employers, including those in financial services, to take reasonable steps to stop sexual harassment from happening. It marks a shift away from reacting to incidents when they happen to preventing them from happening in the first place. Breaches will have consequences. The Equality and Human Rights Commission will have the power to take enforcement action against the employer and, if a claim is brought, employment tribunals will have the power to increase compensation for sexual harassment by up to 25%. There is also the risk of reputational damage as a result of being shown to have a culture where harassment exists, and/or is not addressed.

It is also a regulatory issue. Since 2018, the FCA and PRA have made it clear that non-financial misconduct, including sexual harassment, will be treated as such. In the FCA’s view:

“A corporate culture that tolerates sexual harassment or other non-financial misconduct is unlikely to be one in which people feel able to speak up and challenge decisions, or one in which they will have faith that concerns will be independently and fairly assessed. Such a culture also raises questions about a firm’s decision making and risk management.”

Last year, 2023, saw the FCA and the PRA launch twin consultations focused on integrating non-financial misconduct within the Conduct Rules and the ‘fit and proper’ assessment as well as introducing, mainly for larger firms, requirements in relation to D&I strategies and D&I targets. Those consultations closed in December 2023 and we await a policy statement containing final regulatory requirements which is due to be published later this year. The revised rules and guidance will come into force a year after publication to give firms time to prepare.

Given the importance the FCA and PRA are placing on this issue, and with a new proactive duty to prevent sexual harassment just weeks away, what can and should firms in the sector be doing? Earlier I caught up with Anne Sammon wo is advising a number of clients in this area. First question – given the regulators’ new rules have a long lead in time why do firms need to act now? What's the rush?”

Anne Sammon: “I think the challenge for firms is going to be that those rules if they're implemented in the form that we're expecting, which means that they're consistent with what was published in the consultation document, will be quite wide ranging and quite challenging for firms to implement and to ensure that managers, in particular, understand the scope of the rules. So the piece that I think is quite scary for some of our clients is this idea that if there were to be an act of discrimination, or harassment, or bullying within a team the manager themselves could actually be found as having breached one of the conduct rules and, even worse than that, the suggestion in the consultation document was that that might be a breach of Rule 1 which is you must act with integrity and we know that Rule 1 breaches are taken particularly seriously and, potentially, can be career ending. So the reason for firms getting their houses in order now is to ensure that, first of all, they've got all the right policies in place but, second, all of their employees are properly aware of the consequences of these things going wrong. Also, because once the rules come into place, what's going to be tested is the environments and the cultures within particular teams and we know that changing culture within a team takes time.”

Joe Glavina: “We’re expecting guidance soon on the link between the firm's suitability to practice and non-financial misconduct. I think that's going to be done through a change to the conduct rules. Is that a new thing, and is it significant?”

Anne Sammon: “It's definitely a new thing in terms of non-financial misconduct. It's potentially significant depending on the way in which the FCA goes about enforcing this. So it seems unlikely that a single event of bullying or harassment would result in the FCA deciding that a firm didn't meet the threshold criteria and therefore wasn't able to continue to be a regulated entity. That seems particularly unlikely where we've got large financial organisations and there's significant customer detriment if the regulator were to withdraw permissions but I think the concern is that if firms were to have multiple incidents of discrimination, harassment, bullying-type issues that potentially, based on what the FCA has said, could result in their permissions being revoked and from a financial perspective that that would probably be an existential threat to that firm.”

Joe Glavina: “Just moving on to data collection. Separately, the FCA has written to firms in the insurance sector asking for certain information to be provided and that they're going to move on to the banking sector next. Why are they asking for?”

Anne Sammon: “Originally there were two parts to the consultation that came out. There was the non-financial misconduct piece and there was the diversity and inclusion piece and, interestingly, the FCA decided to separate those when they published the final rules in part because they said it was important that they tackle the non-financial misconduct issues quickly. So the D&I part of the consultation hasn't yet been implemented but in the meantime what the FCA has done is gone out and asked for certain information. What they're interested in is looking at the way in which firms handle issues relating to diversity and inclusion, whether they have data to start off with about the diversity of their employee populations, and we know that that's a challenge for a lot of organisations because, particularly if you operate on a global basis, then data collection can raise all sorts of difficult issues from a data protection angle.

So, they've gone out and they've asked firms, partly, I think, to understand what is the art of the possible - they don't want to ask firms to provide data in the future that they just don't have access to - but also to understand how they might go about implementing their proposals on diversity and inclusion data collection.”

Joe Glavina: “Now looking ahead to the 26th of October and the new duty comes in to take reasonable steps to prevent harassment. As we’ve discussed before, this has a lot do with changing the culture within firms. Who in the firm will ultimately bear responsibility for that?”
 
Anne Sammon: “So from a regulatory perspective this is quite interesting because each area of the business will have a senior manager who is responsible for that area of the business and, arguably, culture sits as a responsibility with each of those individuals for their own business area. So I think there's that part of the answer. I think the second part is that the CEO, from a regulatory perspective, is the person with ultimate responsibility for a regulated entity and therefore they have the responsibility for holding their senior managers to account in terms of ensuring that the culture is right, and also that data is being collected that supports the arguments that they do have the right culture. One of the challenges we often see, particularly around the culture issue, is how you measure the culture of a firm and how you ensure that the culture is appropriate.”

Joe Glavina: “Can I ask you about preventing harassment by third parties. Does the Worker Protection Act create a legal duty to prevent harassment by third parties? I ask the question because there are conflicting views on whether the new duty to prevent harassment covers harassment by third parties.” 

Anne Sammon: “So, based on the wording that we have for the for the duty, the way it's worded means that you have to prevent harassment, or take reasonable steps to prevent harassment of your employees, your staff. It doesn't say by other staff members, and so it's certainly wide enough to encompass harassment by third parties and the Equality and Human Rights Commission has published supports that idea. I think for firms the challenge is how you go about doing that. There are particular situations, particularly within the financial services space, where there are opportunities for things to go wrong. So, typically, we see issues around client entertaining, particularly where there's alcohol involved at those client events. So, I think firms need to have proactively thought about the steps that they could take to manage some of those risks, and some of them are relatively straightforward. From conversations that we've had with clients already, some of those things might be about thinking about who attends events, whether people should attend events by themselves or whether you should always send two or more people to those events so that you've got somebody to intervene. Part of it, equally, is around the active bystander training, so equipping people that see sexual harassment, or any other type of inappropriate behaviour occurring at those events, to be able to actually intervene and stop whatever is happening.”

Joe Glavina: “What work are we currently doing with clients in this area, Anne? Is it a case of assessing where you are now and then looking at what needs to change going forward?”

Anne Sammon: “I think it's absolutely that. It's about looking at what you do at the moment and seeing whether or not there are things that should change going forwards. I think the biggest challenge for firms is often around this idea of risk assessing potential areas of vulnerability and we know that a lot of firms are struggling with that idea in part because that does require you to understand all the different things that your business does. So to give an example, one of our clients was looking at what sometimes happens when you're signing documents and found that they had had occasions where they would send out the most junior member of a team to a client's address in the early hours of the morning in a taxi by themselves to go and get a signature on a document. As a result of the duty to take reasonable steps to prevent sexual harassment, that they are re-looking at that kind of process so that they ensure that they are sending two people in a taxi to go and get those signatures so that if anything happens you've got somebody who can intervene, or someone who can act as a witness in worst case scenario.”

Joe Glavina: “We have our D&I consultancy Brook Graham to help clients with this work and, of course, our legal team will often be involved. How does the service work in practice in terms of working with the client’s HR team?”

Anne Sammon: “So I think that there are lots of aspects to making these types of changes. You've got first of all; does it comply with the law and that’s where the lawyers tend to step in. You've got understanding how you actually implement change which is where our Brook Graham team can help and support, and you've also got the kind of uniqueness of the culture of the firm which is where the HR team is absolutely crucial because there are lots of steps that you could put in place to deal with these things - alcohol is a really good example - but whether what you propose will work within the particular setting will depend on the culture of the firm and how employees are going to react to that and that’s why the role of HR in these types of processes is so key.”

Joe Glavina: “Finally Anne what about the wider impact, the potential for reputational damage if firms don’t get this right?”

Anne Sammon: “So, I think when we're looking at these issues it's really important to look at them holistically. It's not just about the legal risks - those often can be managed - but the reputational risks of getting this wrong can be very, very significant. So, we've seen examples of firms ending up in the press because they've, for example, given somebody a final written warning after an incident of sexual harassment and the press feeling that that is too lenient a punishment. So, I think it's about being aware that these things could be scrutinized, both internally and also externally. I think the internal messaging is really important here because, particularly for regulated firms, we know that the regulator is very keen on a speak-up culture, and if you have incidents that the employees within your firm feel haven't been properly looked at, or the sanction that has been applied is too lenient because potentially somebody senior is involved, that will have an impact on that speak-up culture because people will see no point in coming forward. So, it's really important to think very carefully about the messaging around all of these things to ensure both that internally people have confidence in your processes, but also if there's external scrutiny you've got an answer to the difficult questions.”

As Anne says, it is vital that your processes are robust and bear scrutiny both internally and externally. Whilst we don’t yet have the new rules – so it’s not possible to say precisely when and how non-financial misconduct might impact the Conduct Rules or fitness and proprietary – nonetheless we do know what the regulator expects from firms, namely to have in place the systems and controls to be able to identify potential breaches regardless of which side of the line they fall. Arguably, that risk is even greater than the underlying misconduct itself and it can, and should, be addressed now as a number of our clients are doing, with our help.  

If you would like help in this area please do get in touch with Anne – her details are on the screen for you – or contact your usual Pinsent Masons adviser.