How can firms prepare for the FCA and PRA’s proposed D&I regime?

How are the regulators driving change?

The regulators have developed expectations for firms since publishing the joint FCA, PRA and Bank of England discussion paper[1]in 2021. This work sought to engage firms and explore how data collection, regular reporting and disclosure could help monitor and drive meaningful progress.

In 2022, the FCA conducted a multi-firm review[2] to understand how firms designed and embedded D&I strategies. The FCA observed that, whilst all 12 firms had started to make serious efforts in their D&I approaches, the firms were not fully capitalising on the data they collected to identify or track the most effective remedies. Following the review, FCA Executive Director, Sheldon Mills, made a speech[3] at the Association of British Insurers D&I Conference emphasising the importance of data, the development of holistic D&I strategies, and fostering inclusive cultures.

In September 2023, the FCA and PRA consulted on proposals[4] to introduce a new regulatory framework on D&I in the financial sector. A Policy Statement is expected to follow in H2 2024 with rules coming into force 12 months later. The proposed framework covers:

The PRA also referenced monitoring D&I and individual accountability as key topics in its consultation paper[5].

What should firms have in place now?

The FCA and PRA currently require firms to:

• Engage a broad set of qualities and competencies when recruiting and assessing members of the Board, recognising the importance of diversity[6]. The PRA highlighted that board succession plans should also consider these factors.
• Promote diversity at the board level, with a policy that includes reference to education and professional background, gender, age and geographical provenance, where relevant[7]. Certain PRA-regulated firms must explain on their website how they comply[8].
• Implement a diversity policy for staff that includes career planning, targets for increasing under-representation and clear timeframes[9].
• Have gender-neutral remuneration policies and practices in place[10].

What can firms do to improve D&I?

There are steps that firms can take now to prepare for the upcoming D&I Policy Statement. Management should:  

• Develop and implement a proactive and accessible D&I strategy.
• Build trust with staff around participation in data collection by explaining the benefits and purpose of increasing D&I.
• Review existing Senior Managers & Certification Regime (SM&CR) policies and frameworks, and revise or update the approach as necessary:
  • The FCA proposes to expand the coverage of non-financial misconduct in FIT[11], COCON[12] and COND[13] to include serious instances of bullying, harassment, and offences relating to a person or group’s demographic characteristics (such as sexually or racially motivated offences).
  • The PRA proposes that at least one Senior Management Function (SMF) should have responsibility for implementation of the D&I strategy reflected in their Statement of Responsibility (SoR). They would need to be able to demonstrate that ‘reasonable steps’ are being taken.
• Prepare systems to provide enhanced D&I data reporting and familiarise themselves with the proposed regulatory return. Note that larger firms would need to report on specific characteristics such as age, gender, and ethnicity. They may voluntarily report additional data on socio-economic background, gender identity, parental and carer responsibilities.
• Monitor D&I data for the purpose of taking appropriate action for improvement where necessary.
• Review current targets around under-representation to create targets that are stretching yet realistic, anticipating the likelihood that these targets, and progress towards them, will likely be publicly disclosed. Firms can consider available data on the diversity profiles of the UK population and the geographical areas in which they operate.
• Consider current risk and governance structures, and how these may need to be amended should a lack of D&I be treated as a non-financial risk. Diversity audits may be undertaken to identify and assess potential risks stemming from a lack of D&I and strategic improvement areas.
• Implement (or update) an annual engagement survey, aligned to the FCA’s proposals, to gather data on employee wellbeing, psychological safety and the cultivation of an inclusive environment. The survey can be supplemented by qualitative feedback obtained from focus groups, employee/network groups and exit interviews.
• Allocate an executive sponsor to each employee/network group to provide additional influence and senior-level accountability.
• Provide D&I training and support. For example, through inclusion workshops for senior leadership teams and people managers, to help colleagues to feel safe to speak up when they see bias. This is something the FCA has done to improve its own D&I approach.

What’s next?

Firms should be ready to quickly get to grips with the D&I Policy Statement when it is published later this year. Once it is released, firms should take action to implement the new rules within the 12-months/transition period allowed.

Get in touch

If you would like to speak with a member of our Financial Services team, please contact us using the button below.

Get in touch