Global menu

Our global pages


Diversity and inclusion in financial services: the regulators outline their plans

  • United Kingdom
  • Financial services disputes and investigations
  • Financial services


Is diversity and inclusion a regulatory issue?  The UK financial services regulators, the FCA, the PRA and the Bank of England, certainly think so, but until recently, there has been little by way of specific guidance as to how that philosophy translates into regulatory reality.  On 7 July 2021, the regulators started to put some flesh on the bones of that philosophy, by publishing a joint discussion paper (DP21/2) outlining their plans to improve diversity and inclusion in the financial services sector.  There is a lot in the paper, and much of it will have far-reaching consequences for regulated firms’ policies, approach and use of metrics.

The paper sets out a wide range of policy options including the use of targets to improve representation, measures to make senior leaders directly accountable for diversity and inclusion in their firms, linking remuneration to diversity and inclusion metrics, and reviewing the regulators’ approach to considering diversity and inclusion in relation to non-financial misconduct.  The paper also discusses the use of data and disclosure to enable firms, regulators and other stakeholders to monitor progress.

The deadline for submitting comments on the paper is 30 September 2021.  The regulators will use the feedback and data received to develop more detailed proposals, which they intend to consult on in Q1 2022, with a formal policy statement expected in Q3 2022.  However, the regulators have set out a clear direction of travel, which firms would be well advised to get on board with now, rather than waiting until the policy statement.

The context

Research shows evidence of correlations between diversity and inclusion and positive outcomes in risk management, good conduct, healthy working cultures, and innovation.  These outcomes directly contribute to the stability, fairness and effectiveness of the firms, markets and infrastructure that together make up the financial sector.  Financial services firms and regulators therefore have a strong shared interest in moving towards a more diverse and inclusive industry.

Source: DP21/2

Diversity and inclusion is a critical component of the UK financial services regulators’ work on culture and governance.  As highlighted in the latest FCA Business Plan, it is one of the cross-market priorities for the FCA in the coming year and is part of the FCA’s existing work on the treatment of customers, including vulnerability and the proposed Consumer Duty (FCA CP21/13).  The FCA has also launched a consultation on proposals to improve transparency for investors on the diversity of Boards and executive management teams.  For the Bank of England and the PRA, a key consideration is the connection between insufficient diversity and inclusion and groupthink, which in their view can present a serious risk to firms’ safety and soundness. 

The regulators also recognise that they have a responsibility to lead by example and have not shied away from acknowledging their own shortcomings.  The FCA recently published its Annual Diversity Report, while the Bank of England Court has published its Review of Ethnic Diversity and Inclusion at the Bank.  These actions further underline the strategic importance of diversity and inclusion to the regulators.

The discussion paper notes that despite a great deal of discussion and research on diversity and inclusion over the years, progress has been limited.  And while much attention has been paid to diversity – particularly gender diversity –  there has been less focus on inclusion.  Inclusivity is, however, crucial to delivering the benefits of diversity and key to this is psychological safety, which has for some time been a core aspect of the FCA’s work on culture and governance.  Psychological safety refers to an environment where people feel free to share ideas and speak up and, as the discussion paper notes, is “an essential first step to creating an inclusive culture”.

The regulators’ goal is to see increased diversity and inclusion in financial services translate into safer and sounder firms with better governance and risk management, a more innovative industry, and financial products and services that meet the diverse needs of consumers.  This last point was alluded to in a speech earlier this year by FCA Chief Executive Nikhil Rathi, who commented that the lack of diversity at the top of financial services firms “raises questions about firms’ ability to understand the different communities they serve, and their different needs”. 

A broad definition of diversity

When considering diversity, the regulators’ focus is on ‘diversity of thought’ (also referred to as ‘cognitive diversity’).  This is defined broadly, as “bringing together a wide range of different styles of thinking among members of a group.  Factors that could lead to diverse thinking could include, but [are] not limited, to different perspectives, abilities, knowledge, attitudes, information styles, and demographic characteristics, or any combination of these”. 

Characteristics that may, in the regulators’ view, influence diversity of thought include the nine protected characteristics defined in the Equality Act 2010 (age, disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion or belief, sex, and sexual orientation), as well as other factors such as socio-economic background, gender (including where it does not coincide with sex), and cultural background.  The regulators also recognise that individuals can have a combination of different diversity factors, and that the interconnected nature of those factors can create overlapping and independent systems of discrimination or disadvantage, often referred to as ‘intersectionality’. 

Points to consider

While useful and flexible, the proposed definition of diversity of thought presents challenges.  For example, how might different perspectives, knowledge, attitudes or information styles be measured or demonstrated?  It is, however, difficult to see how the regulators could narrow the definition without undermining their policy objectives in this area.

Inclusive language

One area of focus for the regulators is to remove non-inclusive language from their rules and guidance.  The PRA has already removed certain terms (for example, ‘chairman’ and other gendered terms), while the FCA has identified some language in its Handbook that it considered non-inclusive (for example, ‘Chinese walls’).  The regulators plan to carry out more work in this area, with the aim of making regulatory provisions more inclusive.  As the replacement of non-inclusive language is not intended to alter existing requirements, the regulators envisage that this exercise should not have cost implications for the industry.

A data-driven approach

The discussion paper notes the poor data on many aspects of diversity in the financial services sector.  In particular, most of the data collected through academic and other research focuses on gender, with some on ethnicity, and very little on other protected or diversity characteristics.  In view of this, the regulators want to explore how data collection, regulatory reporting and disclosure could help monitor and drive progress. 

To provide a solid basis for developing policy, and with a view to considering future reporting requirements, a one-off survey is planned for later in the year to provide a benchmark against which to monitor future progress.  The survey will cover a sample of solo-regulated firms, all dual-regulated firms, and selected financial market infrastructure entities (FMIs).  It will aim to capture data on both diversity and inclusion, by asking questions relating to:

  • the availability of data on firms’ workforces (including senior management) relating to the protected characteristics and socio-economic background;
  • data to understand the make-up of firm’s workforces, including senior management, in relation to specific characteristics such as gender, ethnicity sexual orientation, disability, and socio-economic background;
  • how firms monitor diversity, e.g. by reference to targets, performance objectives and pay gaps; and
  • how firms measure inclusion, e.g. by reference to recruitment, employee surveys, work allocation, decision-making, and product design.

Future proposals for regular data collection are likely to involve firms asking staff to complete a questionnaire.  Such an approach will require individuals to self-certify, and the regulators recognise that some may be reticent.  Firms and individuals may also have legitimate concerns about the potential lawful bases for processing staff data.  To address these points, the regulators expect firms to create a culture in which staff can see the benefits of self-certifying and the purpose of the data collection. 

Points to consider

Given that completion of a diversity questionnaire will be voluntary, and in view of the personal nature of the data requested, it is inevitable that not all staff will respond.  This means that firms may have only a partial picture of the diversity characteristics of their workforce, and this limitation may affect the quality of diversity data provided to the regulators under any future reporting requirements.  Nonetheless, while recognising that the proposed approach to data collection and reporting will create an additional burden for firms, it is a rational approach for improving the quality of data available and informing policy development in this area.

Legal, data protection and systems issues will present hurdles to effective and accurate data collection and to this end, communication with employees and trust are key.  Gathering data about personal characteristics such as ethnicity will require processing of ‘special category’ data in accordance with strict requirements under the UK General Data Protection Regulation (UK GDPR).  If the data is collected for the purpose of complying with a legal requirement then this is likely to be a lawful ground for processing.  However, employers need to exercise caution to ensure that processing is indeed a lawful ground within the UK GDPR.  It will also be necessary to have privacy notices and retention policies in place and ensure adequate safeguards for processing and storing data.

Policy options

The discussion paper sets out a range of potential policy options aimed at increasing diversity and inclusion in financial services.  Recognising the need for proportionality, the regulators do not intend to take a ‘one size fits all’ approach.  They aim to avoid imposing rules that would not be effective or appropriate for smaller firms and, accordingly, some of the options discussed would apply only to larger firms. 

Tone from the top

In the regulators’ view, delivering meaningful improvements in diversity and inclusion requires “deep cultural change” in many firms.  Strong leadership, particularly by Boards and senior management, is key to this.  The regulators consider that a firm’s Board is the appropriate body for setting the diversity and inclusion strategy and policy and overseeing its progress.

Specific policy options under consideration by the regulators include the following:

  • Board representation: the regulators believe that setting targets for representation at Board level can be “a powerful way of driving change”.  Noting that significant banks, investment firms and some FMIs are already required to set a target for the underrepresented gender at Board level, the regulators are seeking feedback on whether there is a case for applying such a requirement to (i) a wider range of firms, and (ii) underrepresentation in relation to other characteristics.   
  • Board succession planning: the regulators suggest that when looking at succession planning, firms should think further ahead and consider upcoming Board appointments in the context of diverse representation. 
  • Individual accountability: the regulators consider that making senior leaders directly accountable for diversity and inclusion would be a way to “drive strategic thinking and relevant discussions among the key decision-makers”. 
    • Dual-regulated firms: for firms which have Prescribed Responsibilities for culture, the regulators propose to clarify that this encompasses responsibility for the implementation and execution of the firm’s diversity and inclusion strategy.  For firms that do not have Prescribed Responsibilities for culture, this responsibility could be covered in the appropriate Senior Manager’s Statement of Responsibilities.
    • Solo-regulated firms: the FCA expects all Senior Managers to take responsibility for developing and embedding healthy cultures in their areas of responsibility.  The FCA wants to ensure that there is clear senior management accountability for specific diversity and inclusion requirements and expects that in most cases, this responsibility would fall to the holder of an existing Senior Management Function (SMF).  The FCA also intends to explore express allocation of responsibility for elements of firms’ diversity and inclusion policies to Senior Managers, rather than including these in Senior Managers’ general wider responsibilities. 
  • Remuneration: the regulators are considering developing guidance on the use of metrics linked to advancing diversity and inclusion as part of non-financial criteria when setting variable remuneration awards, with poor performance potentially providing grounds for adjustment.  Any such guidance will likely provide insight on good practice rather than taking a prescriptive approach. 

Points to consider

In respect of Board representation targets, it is difficult to see a strong case for limiting such targets to gender representation only, as such an approach would not achieve the breadth of diversity necessary to meet the regulators’ policy objectives.

Guidance on diversity and inclusion metrics should be welcomed as it will assist firms in developing and applying properly considered approaches, based on identified good practice, to setting and adjusting variable remuneration awards.

Firmwide policies and practices

The discussion paper set out a number of options relating to firms’ policies and practices.

  • Diversity and inclusion policies: the regulators are considering a requirement for all firms to have a diversity and inclusion policy and to publish it on their website.  While they do not intend to be prescriptive about the content of policies, areas that they would like to see included include clear objectives, realistic goals, a plan for meeting those goals, and ways to measure progress.  As a minimum, policies should promote diversity on the Board. 
  • Progressing diverse representation: the discussion paper indicates that future regulatory initiatives should have a focus on the diversity of senior management and the progress firms are making.  To support benchmarking between peers, a consistent definition of ‘senior management’ across all regulated firms is proposed (this definition would be for the purposes of new policy related to diversity only).  For large firms, the regulators consider that the definition should include the Board and the two leadership layers below the Board.  Smaller firms would be encouraged to use the same definition, although it is recognised that there would be difficulties in applying the definition to many smaller firms as it would include people who would not normally be classed as senior management.
  • Developing diverse talent for the future: the regulators believe that to achieve diverse representation at senior management and Board levels, firms should think more about the progression of their employees.  To facilitate this, firms should improve diversity at all levels of management and reflect on their approach to diversity and inclusion in their broader recruitment practices.
  • Setting targets: in addition to considering representation targets at Board level, the regulators are seeking views on the merits of setting requirements or expectations for firms to set targets for underrepresented groups for entry into the senior management population.  The regulators are also considering targets for customer-facing roles (especially certified staff) and the firm as a whole.  Feedback is also sought on whether such targets should be set by firms or whether there is any role for the regulators in overseeing target setting.
  • Training: the regulators are seeking views on the types of training that would be effective in (i) promoting diverse workforces and inclusive cultures, and (ii) helping understanding of the diverse needs of customers.
  • Products and services that meet customer needs: the discussion paper notes that the FCA already has requirements and guidance in place on the fair treatment of customers (including vulnerable customers) and product governance.  In addition, the FCA’s proposed Consumer Duty includes additional requirements for firms to focus on the needs and outcomes of customers in their target market when designing products and services, and in their customer service and communications.  Building on this, the regulators are seeking views on the merits of developing regulatory expectations on product governance that specifically take into account consumers’ protected characteristics or other diversity characteristics. 
  • Disclosure: the regulators are considering requirements for firms to publicly disclose a selection of aggregated diversity data on the firm’s senior management population and the employee population as a whole, as well as their diversity and inclusion policies, to enable other firms and stakeholders to benchmark progress.  The scope of such disclosure is also being considered and could include data on pay gaps (going beyond gender to include other characteristics), senior management and workforce diversity, and measures of inclusion taken from internal survey data.  The discussion paper also seeks views on the merits of aggregated disclosure reports by the regulators, to provide stakeholders with further insight into diversity and inclusion across the financial services sector and enable them to monitor progress.
  • Diversity and inclusion audits: the regulators note that diversity audits can “play a key role in starting to improve diversity and inclusion at work” and can “help in maintaining inclusive workplaces by assessing whether the actions are in line with the organisation’s values, ethics, risk appetite and diversity and inclusion policies”.  The regulators regard a lack of diversity as an organisational risk “as relevant as any other risk that is worth being recognised by an internal audit” and believe that diversity audits should be considered “as for any strategic piece of work that an organisation will undertake”.  The link to organisational risk and strategy gives a clear indication of the importance of diversity and inclusion in the regulators’ eyes.  Accordingly, the discussion paper seeks views on how the regulators should achieve effective auditing of diversity and inclusion and how internal audit can best assist firms to measure and monitor diversity and inclusion.

Points to consider

While the suggested options may appear laudable, firms should exercise caution.  Lawful positive action to promote diversity is limited under the Equality Act 2010 and the line between lawful and unlawful positive action can be hard to draw.  For example, encouraging underrepresented groups to apply is likely to be lawful but limiting vacancies to minority candidates is not.  Equally, offering training to improve accessibility may be permissible but if this training is limited to just one group with a protected characteristic under the Equality Act 2010, it may be discriminatory.  ‘Tie breaker’ positive action allows employers to prefer a candidate from an underrepresented group where two or more candidates are of equal merit, but this is only permissible where it is a proportionate way of addressing the underrepresentation.  Practically, it is hard to show that two candidates are of equal merit and relying on this ground can prove to be a minefield.

Regulatory measures

The discussion paper also sets out proposed regulatory measures that could be taken to improve diversity and inclusion in the sector. 

  • Fitness and propriety: the regulators are exploring whether adverse findings in relation to an individual’s conduct with respect to diversity and inclusion issues could affect their assessment of that individual’s fitness and propriety.  The regulators are also considering developing guidance as to what constitutes ‘non-financial misconduct’, which may include evidence of sexual harassment, bullying and discrimination on the basis of a person’s protected (or other characteristics) as factors to take into account.  Guidance could also set out how such behaviour, or failure to take reasonable steps to address such behaviour, could result in a breach of the Conduct Rules. 
  • SMF approval: to increase scrutiny of firms’ diversity at senior management level, the discussion paper proposes collecting diversity data about individuals applying for SMF roles.  The regulators are seeking to understand more explicitly how firms have considered proposed appointments, and how appointments will contribute to diversity in a way that supports the collective suitability of the Board and senior management.  Where they have concerns that a proposed appointment would worsen or not address risks arising from groupthink and a lack of diversity, the regulators may consider whether this could provide grounds for withholding approval. 
  • Threshold Conditions: the regulators are considering developing guidance on how a firm’s record on diversity and inclusion may be taken into account when assessing whether the firm meets the Threshold Conditions (the minimum requirements a firm must meet to carry on regulated activities).  The regulators consider that this measure could “help prevent bad actors from entering the market and act as an added incentive for firms to address significant failings”. 
  • Embedding diversity and inclusion into supervisory practices: the regulators are seeking to embed diversity and inclusion as part of their supervision of management and governance.  Firms should, therefore, expect supervisors to ask more questions about how diversity is being embedded across their businesses and how a culture of inclusion is being created.  Firms should also expect diversity and inclusion to be a regular part of the regulators’ engagement with senior management and the Board.

Points to consider

While the FCA has previously taken enforcement action against individuals for non-financial misconduct, the facts of these cases have tended to be outliers and do not provide much assistance in understanding regulatory thinking in relation to more borderline conduct.  The introduction of guidance on non-financial misconduct will bring much-needed clarity and should be welcomed by firms and individuals. 

The suggestion that approvals for SMF appointments could potentially be withheld on diversity and inclusion grounds is intriguing and, if taken forward, it will be interesting to see how this plays out in practice.  Intervention of this nature may create legal risk for the regulators: they will need to have a robust case for withholding approval on these grounds if they are to avoid being accused of engaging in discriminatory practices themselves.

Regulatory guidance in respect of the Threshold Conditions should also be welcomed, as the commentary in the discussion paper raises the prospect of firms with particularly poor records on diversity and inclusion losing their regulatory authorisation.


Having talked previously about diversity and inclusion in relatively high-level terms, the FCA, PRA and Bank of England have now given firms a clearer indication of the types of requirements that may be introduced.  While detailed rules and guidance are still some way off, with a policy statement not expected until Q3 2022 at the earliest, the discussion paper is a helpful development that will assist firms’ understanding of regulatory thinking.  It also gives firms an opportunity to shape policy in an area that is an important part of regulators’ broader Environmental, Social and Governance (ESG) agenda, both in the UK and around the globe. 

Given the far-reaching nature of many of the policy options, it is in firms’ interests to provide feedback to the regulators and start considering the feasibility of complying with the types of requirements set out in the discussion paper.  While the dialogue on diversity and inclusion in financial services may still be in its infancy, there can be no doubt that following the implementation of rules and guidance, the regulators intend to use their powers to take action against firms that fail to meet minimum expectations, particularly where those failures have an impact on consumers and markets.