- Source: fca.org and edu.bankofengland.co.uk
New diversity and equal opportunity regulation in the UK is welcome, however it is likely to impose a significant new regulatory reporting requirement on UK-regulated banks by 2025.
In September 2023, both the PRA and FCA have published consultation papers that detail likely new Diversity and Inclusion (D&I) regulation. These papers propose a mixture of requirements for financial institutions (especially large institutions), and also affirm the status of poor D&I progress as a non-financial risk in regulatory terms.
These papers follow on from discussion papers published in 2021, and with the great majority of respondents supporting the regulator’s proposals, it is likely that Policy Statements will be finalized in 2024, and that by the end of 2025 new regulations will be in force.
While not identical, the PRA and FCA proposals are closely aligned. Both involve new data gathering and disclosure requirements for regulated entities, and both also introduce requirements for D&I strategy and targets to be stated and disclosed. The key elements, across both proposals, are:
- Firmwide D&I strategy: both regulators will require eligible firms to create and maintain a strategy for improving D&I.
- D&I targets: both regulators allow firms to define their own targets, but require an ongoing review and stated timescales. The PRA notes that it expects targets to be ‘stretching’.
- Governance and accountability: the proposals impose various compliance changes, such as potentially increasing the accountability of individuals under the Senior Managers Regime.
- Data collection and reporting: the regulators propose a set of data that eligible firms will be required to collect and report, distinguishing mandatory from voluntary metrics. The PRA notes that most firms do not currently collect all the proposed data.
- Disclosure: data to be disclosed includes both D&I statistics, and information about targets, policies, progress and justifications.
While greater focus on D&I offers considerable benefits to the financial system as a whole, the practical implications for larger financial firms regulated by the FCA and/or PRA are significant.
- Data requirements: D&I data will form a new body of regulatory reporting data which will need to be collected, cleaned, attested and disclosed.
- Data governance: The need for ongoing monitoring of metrics, and attention to data quality, is called out in the discussion papers, as is the need to maintain compliance with privacy regulation and to track D&I data over time.
- Misconduct, regulatory risk, and accountability: Firms will need to incorporate new definitions of misconduct, risk and propriety into their policies and compliance procedures.