The Conduct Rules set minimum standards of individual behaviour in financial services. See how they apply to your firm.
Individual Conduct rules
- You must act with integrity.
- You must act with due skill, care and diligence.
- You must be open and cooperative with the FCA, the PRA and other regulators.
- You must pay due regard to the interests of customers and treat them fairly.
- You must observe proper standards of market conduct.
- You must act to deliver good outcomes for retail customers.
Senior management functions (SMFs) have 4 additional conduct rules.
Read the Code of Conduct (COCON) sourcebook for more, including what activities the Conduct Rules apply to and indicative examples of the type of behaviour that could breach each rule.
Consumer Duty – sixth conduct rule
Since July 2023, the Consumer Duty has set higher and clearer standards of consumer protection in financial services, requiring firms to put their customers’ needs first.
The sixth individual Conduct Rule requires all Conduct Rules staff to 'act to deliver good outcomes for retail customers' where their firm's activities are covered by the Duty.
More on the Consumer Duty.
Training
It is important that Conduct Rules staff receive training that is relevant to their role to understand what the Conduct Rules mean for them. The following examples set out our expectations of firms.
| Conduct Rules | |
|---|---|
| Positive indicators | Negative indicators |
| Relevant SMF can demonstrate appropriate involvement in/oversight of training. | Relevant SMF has limited knowledge of training approach and/or has delegated with limited oversight. |
| Training is interactive and uses realistic scenarios. | Simple computer-based training only – with little attempt to tailor to role. |
| Examples/scenarios draw out nuances of how the rules apply to each type of role. | Training only gives obvious examples of breaches – for example, fraud or not attending mandatory training - which do not draw out nuances. |
| Line managers are involved in training delivery, not just HR or a project team. | Training is delivered by a HR, compliance or the a project team with no line management involvement. |
| Training is reinforced regularly and built into on-boarding. | Training is a one-off exercise and/or not built into on-boarding. |
| Effectiveness of Conduct Rules training is assessed. | No measures of the effectiveness of Conduct Rules training. |
| Training is put in the context of the overall regime. | Training is not put in context of the overall regime. |
| Regime/Conduct Rules are presented as a step change in regulatory expectations. | Regime/Conduct Rules are presented as nothing new, simply ‘what we do already’. |
| Conduct is linked to F&P and performance assessments. | Conduct not linked to F&P or performance assessments. |
For more information, read section 11 of the SM&CR Guide for solo-regulated firms (PDF).
Reporting of breaches
Firms must report Conduct Rule breaches by non-SMF staff that result in disciplinary action.
This should be done on an annual basis using the REP008 form in RegData.
A nil return must be submitted if there are no breaches.
For SMFs, we require firms to notify us within 7 business days of concluding disciplinary action for a Conduct Rule breach. They should do using a Form D (or Form C if the SMF will be leaving the firm) on Connect.
Disciplinary action means any of the following:
- the issuing of a formal written warning
- suspension or dismissal
- the reduction or recovery of remuneration
A breach of the Conduct Rules that is not significant enough to warrant one of these outcomes should not be reported.
If a firm takes disciplinary action for a Conduct Rule breach but the employee appeals, or plans to appeal, this should still be reported to us and the notification should include the appeal. The firm should update us on the outcome of an appeal in the next REP008 submission or using Form D (for an SMF).
Dual-regulated firms should also be aware of the PRA’s Conduct Rule breaches requirements and when to report them.
