What Firms Need to Know
The Financial Conduct Authority (FCA) has clarified how non-financial misconduct (NFM) should be assessed within fitness and propriety determinations.
While much of the focus has been on workplace behaviour, firms continue to seek clarity on how conduct outside the workplace, including online behaviour, may be relevant within FCA regulated assessments.
With implementation due from 1 September 2026, the direction of travel is already clear.
A broader risk view
The FCA has clarified that misconduct does not need to be of a clearly financial nature to be relevant. Non-financial misconduct may include behaviour such as:
- Harassment
- Bullying
- Threatening behaviour
These examples are explicitly referenced in the FCA’s final guidance, including Policy Statement PS25/23.
Where such behaviour is serious, it may impact whether an individual is considered fit and proper, even where it occurs outside a traditional workplace setting. The focus is on conduct that raises concerns around honesty, integrity, or suitability.
Where Social Media Checks become relevant
Social Media Checks may become relevant where online activity points to material risk, particularly around:
- A lack of honesty or integrity
- Behaviour that could breach the Individual Conduct Rules
- A potential risk to regulatory standards or firm culture
The FCA has confirmed that fitness and propriety assessments may take account of relevant misconduct wherever it occurs, including aspects of private life, provided it is relevant to the role.
The emphasis is not on monitoring personal activity indiscriminately, but on identifying material risk.
The material risk test
Proportionality sits at the centre of the FCA’s expectations. Only behaviour that creates a material risk should be taken into account.
In practice, this typically means conduct that is:
- Serious rather than trivial
- Repeated rather than isolated
- Relevant to professional conduct or regulatory expectations
The FCA deliberately avoids prescribing a fixed definition of seriousness. Firms are expected to exercise judgement on a case by case basis.
Even activity outside of work may be considered where there is a sufficient connection to an individual’s role, and where it suggests:
- A risk to honesty or integrity
- A likelihood of workplace misconduct or regulatory breach
This is where Social Media Checks can add value, helping to identify patterns or signals rather than isolated posts taken out of context.
Avoiding overreach
The FCA is clear on what firms should avoid. Firms are not expected to:
- Monitor employees’ private lives or personal social media accounts
- Investigate trivial, implausible, or irrelevant behaviour
- Act in a way that breaches privacy, data protection, or employment law
The expectation is balanced, defensible decision making that is targeted, proportionate, and evidence-based.
Where Social Media Checks fit
Social Media Checks are not a regulatory requirement. The FCA does not prescribe specific tools or methods, but expects firms to exercise reasonable judgement.
Used appropriately, Social Media Checks can support firms as:
- A risk indicator
- A supporting evidential input
- A way to strengthen consistency within fitness and propriety assessments
Any use of Social Media Checks should align with existing employment, data protection, and governance frameworks, and be applied consistently and proportionately.
Bottom line
The FCA has not introduced surveillance requirements. It has clarified that:
- Behaviour matters
- Context matters
- Judgement matters
Social Media Checks can support this framework as a proportionate, risk-based tool, helping firms make fair, consistent, and defensible decisions aligned with FCA expectations.
Contact Us
Get in touch with us to learn more about our expert Social Media Checks in a proportionate, defensible way within FCA regulated screening.
Telephone: +44 333 210 1688
Email: info@sp-index.com
Join us on LinkedIn here to stay updated with the latest insights, trends, and exclusive content.
