COCON 1 Application and purpose
COCON 1.1 Application
COCON 1 Annex 2 (What COCON covers) contains flow diagrams explaining how COCON 1.1 works.
To whom does it apply?
COCON applies to the persons set out in the table in COCON 1.1.2R.
Table: To whom does COCON apply?
| Persons to whom COCON applies | Comments |
|---|---|
| (1) An SMF manager. | |
(2) An employee (“P”) of an SMCR firm who: (a) performs the function of an SMF manager; (b) is not an approved person to perform the function in question; and (c) is required to be an approved person at the time P performs that function. | |
| (3) An employee of an SMCR firm who would be performing an FCA-designated senior management function but for SUP 10C.3A.6R (The 12-week rule). | |
| (4) A certification employee of an SMCR firm. | This applies even if the certification employee has not been notified that COCON applies to them or notified of the rules that apply to them. |
| (5) An employee of an SMCR firm who would be performing an FCA certification function but for SYSC 27.5.1R (Emergency appointments) or SYSC 27.5.3R (Temporary UK role). | |
| (6) Any employee of an SMCR firm not coming within another row of this table, except one listed in column (2) of this row (6) of this table. | (A) This row (6) does not apply to an employee of an SMCR firm who only performs functions falling within the scope of the following roles: (a) receptionists; (b) switchboard operators; (c) post room staff; (d) reprographics/print room staff; (e) property/facilities management; (f) events management; (g) security guards; (h) invoice processing; (i) audio visual technicians; (j) vending machine staff; (k) medical staff; (l) archive records management; (m) drivers; (n) corporate social responsibility staff; (o) taking part in following activities of the firm: (i) the firm’s activities as a data controller; or (ii) the firm’s activities of data processing; as defined in the data protection legislation, but subject to Note (1) of this table;data protection legislation; (p) cleaners; (q) catering staff; (r) personal assistant or secretary; (s) information technology support (ie, helpdesk); and (t) human resources administrators /processors. (C) This row (6) also does not apply to an employee of an SMCR firm that is an FCA-authorised person until 31 March 2021. |
| (7) [deleted] | |
| (8) A board director of: a UK SMCR firm. | |
| (9) An employee of an SMCR firm who would be performing a PRA-designated senior management function but for the rules of the PRA Rulebook that are listed in the ‘Comments’ column of this row. | The PRA rules referred to in the ‘Persons to whom COCON applies’ column of this row (9) are: (a) Rule 2.3 of the Senior Management Functions Part (General); (b) Rule 2.4 of the Insurance – Senior Management Functions Part (General); (c) Rule 2.4 of the Large Non-Solvency II Firms – Senior Management Functions Part (General); and |
| Note (1): A function is only within paragraph (o) of column (2) (Comments) of row (6) of this table if the function does not require the employee concerned to exercise a significant amount of discretion or judgment. | |
For Swiss general insurers, references in this sourcebook to parts of the PRA Rulebook for ‘Solvency II firms’ are to be read as references to the corresponding parts of the PRA Rulebook applying to large non-directive insurers.
Rules 1 to 6 in COCON 2.1 apply to all conduct rules staff.
(1)
Rules SC1 to SC4 in COCON 2.2 apply to all senior conduct rules staff members (subject to (2)).
(2)
SC1 to SC3 in COCON 2.2 do not apply to a senior conduct rules staff member within paragraph (d) of the definition of senior conduct rules staff member (P) unless:
- (a) P also falls into one of the other paragraphs of that definition; or
- (b) P would fall within row (3) or (9) of the table in COCON 1.1.2R (Table: To whom does COCON apply?) if P were an employee.
- (1)
The guidance in COCON 2.3 applies to SMCR firms.
- (2)
[deleted]
- (3)
SYSC 27.6.3R provides that a function performed by a non-executive director of a firm acting as such is not an FCA certification function for that firm.
The conduct of a member of the conduct rules staff of a firm is not within the scope of Rule 6 in COCON 2.1 (You must act to deliver good outcomes for retail customers):
(1)
unless the corresponding COCON firm activities of the firm are within the scope of PRIN 3.1 (Who?) so far as it applies to the Consumer Duty; and
(2)
except to the extent that the Consumer Duty applies to that firm under PRIN 3.1.
To what conduct does it apply? (Relationship between the exclusions)
(1) The restrictions of the scope of COCON in COCON 1.1.7AR to COCON 1.1.7FR (when they apply) are in addition to those in COCON 1.1.6R to COCON 1.1.7R.
- (2) The restrictions of the scope of COCON in COCON 1.1.7AR to COCON 1.1.7FR (when they apply) are cumulative.
To what conduct does it apply? (Relationship between the exclusions)
- The effect of COCON 1.1.5BR is shown in section 3 of COCON 1 Annex 2 (What conduct COCON applies to).
To what conduct does it apply? (Limitations in the Act)
For a person (P) who is an approved person, COCON applies to the conduct of P in relation to the performance by P of functions relating to the carrying on of activities (whether or not regulated activities) by the firm (Firm A) on whose application approval was given to P.
[Note: sections 64A(4) and (5)(a) of the Act (Rules of conduct)]
For a person (P) who is a board director of a firm (Firm A) but is not an approved person of Firm A, COCON applies to the conduct of P in relation to the performance by P of functions relating to the carrying on of activities (whether or not regulated activities) by Firm A.
[Note: sections 64A(4) and (5)(ab) of the Act (Rules of conduct)]
- (1)
For a person (P) subject to COCON who is not an approved person, COCON applies to the conduct of P in relation to the performance by P of functions relating to the carrying on of activities (whether or not regulated activities) by P’s employer (Firm A).
- (2)
This rule does not apply where COCON 1.1.6A applies.
[Note: sections 64A(4) and (5)(b) of the Act (Rules of conduct)]
- (1)
The term “COCON firm activities” means (in relation to conduct of P in relation to Firm A) the corresponding activities of Firm A as referred to in COCON 1.1.6R to COCON 1.1.7R (To what conduct does it apply?).
- (2)
A person is a member of the conduct rules staff of Firm A if they meet the description of P in relation to that firm in COCON 1.1.6R to COCON 1.1.7R.
- (3)
The terms “P” and “Firm A” have the same meaning as they do in COCON 1.1.6R to COCON 1.1.7R.
To what conduct does it apply? (Other limitations: Non-banks)
(1)
Where Firm A in COCON 1.1.6R to COCON 1.1.7R is an SMCR firm other than an SMCR banking firm, the application of COCON is further restricted by this rule, subject to COCON 1.1.7FR.
(2)
COCON only applies to conduct that forms part of, or is for the purpose of, any of the following:
(a)
the SMCR financial activities of Firm A; or
(b)
any activities of Firm A that have, or might reasonably be regarded as likely to have, a negative effect on:
(i)
the integrity of the UK financial system; or
(ii)
the ability of Firm A to meet the “fit and proper” test in threshold condition 2E and 3D (Suitability); or
(iii)
the ability of Firm A to meet the applicable requirements and standards under the regulatory system relating to Firm A’s financial resources.
(3)
This rule does not apply where COCON 1.1.7BR applies.
(4)
This rule does not apply to Rule 6 in COCON 2.1 (You must act to deliver good outcomes for retail customers).
To what conduct does it apply? (Other limitations: Benchmark firms)
(1)
Where a member (M) of the conduct rules staff of Firm A as described in COCON 1.1.6R to COCON 1.1.7R meets the condition in (c) and Firm A meets the conditions in (a) and (b), the application of COCON to the conduct of M in relation to Firm A is further restricted by this rule (subject to COCON 1.1.7FR):
(a)
the firm is a pure benchmark SMCR firm;
(b)
the firm is an Annex II benchmark administrator (whether or not it also administers other benchmarks); and
(c)
M does not perform any functions described in COCON 1.1.6R to COCON 1.1.7R in relation to Firm A with respect to any benchmark that the firm administers except a benchmark that is subject to Annex II to the benchmarks regulation.
- (2)
(a)
The only conduct to which the following rules apply is the conduct described in (2)(b):
(b)
The rules in (2)(a) apply only to any of the following:
(i)
the performance of a function by M in relation to the carrying on of a regulated activity by Firm A;
(ii)
(if M is an SMF manager) the performance by M of a controlled function in relation to Firm A (whether or not approval has been sought and granted).
(3)
Rules SC1 to SC3 in COCON 2.2 (Senior manager conduct rules) apply only to conduct:
(a)
that comes within (2)(b); or
(b)
that comes within COCON 1.1.7AR, but this paragraph (3)(b) only applies in a prudential context.
To what conduct does it apply? (Other limitations: Rule 6 in COCON 2.1)
The conduct of a member of the conduct rules staff of a firm is not within the scope of Rule 6 in COCON 2.1 (You must act to deliver good outcomes for retail customers) unless the corresponding COCON firm activities of the firm are within the scope of PRIN 3.2 (What?) so far as it applies to Principle 12.
The effect of COCON 1.1.7C is that a person’s conduct is not within the scope of Rule 6 in COCON 2.1 if the related activities of the firm fall outside the scope of Principle 12. If Principle 12 applies, Rule 6 in COCON 2.1 only applies if the conduct is also within the scope of the other relevant COCON application rules (although one of the COCON application rules (COCON 1.1.7AR) does not apply to Rule 6).
To what conduct does it apply? (Other limitations: Non-banks: Harassment)
- (1) This rule applies to an SMCR firm other than an SMCR banking firm.
- (2) Its purpose is to extend the scope of COCON beyond the scope set out in COCON 1.1.7AR and COCON 1.1.7BR.
(3) COCON applies to the conduct of a member of the conduct rules staff of a firm (Firm A) of a kind described in (4) in relation in to any of the following individuals:
- (a) an employee of Firm A or of a member of its group;
- (b) an individual who performs a function of Firm A or of a member of its group;
- (c) an individual who provides services to Firm A or to a member of its group;
- (d) an employee of a person who provides services to Firm A or to a member of Firm A's group;
- (e) an individual who performs a function of a person who provides services to Firm A or to a member of Firm A's group; or
- (f) an individual when performing an activity that forms part of an activity of Firm A.
(4) The kind of conduct to which this rule applies as referred to in (3) is unwanted conduct of the following kinds in relation to an individual referred to in (3) ('B'):
(a)
conduct that has purpose or effect of:
(i)
violating B's dignity; or
(ii)
creating an intimidating, hostile, degrading, humiliating or offensive environment for B; or
- (b) conduct that is violent to B.
(5)
If Firm A carries on businesses some of which involveSMCR financial activities and the others of which do not, conduct is not within the scope of this rule if it only relates to a business of Firm A that does not involve SMCR financial activities.
COCON 4.3 (Specific guidance on harassment) gives guidance on the kind of conduct covered by COCON 1.1.7FR, including the point that COCON 1.1.7FR only covers conduct that is serious.
To what conduct does it apply? (Performing several roles)
- (1)
More than one of COCON 1.1.6R to COCON 1.1.7ER may apply to the same individual performing several roles.
- (2)
For example, say that an individual (A) is an approved person for firm X and is employed by firm Y in a role that does not involve a controlled function or being a director.
- (3)
COCON 1.1.6R applies to A’s role with firm X and COCON 1.1.7R applies to A’s role with firm Y.
To what conduct does it apply? (Appointed representatives)
- (1)
This rule applies to a person (P):
- (a)
who is an approved person approved to perform a controlled function under SUP 10A (FCA Approved Persons in Appointed Representatives);
- (b)
for whom P’s authorised approved person employer is an SMCR firm (F); and
- (c)
to whom COCON also applies in P’s capacity as a member of F’s conduct rules staff.
- (a)
- (2)
COCON does not apply to conduct of P to the extent that:
- (a)
that conduct relates to the performance by P of functions:
- (i)
in (1)(a); or
- (ii)
in relation to the carrying on of a regulated activity by the appointed representative concerned; and
- (i)
- (b)
APER applies to that conduct.
- (a)
Where does it apply?
The restrictions of the scope of COCON in COCON 1.1.9R to COCON 1.1.10R on the one hand and COCON 1.1.11C on the other are cumulative.
The effect of COCON 1.1.8BR is shown in section 4 of COCON 1 Annex 2 (Territorial scope).
- (1)
COCON applies to the conduct of conduct rules staff set out in (2) wherever it is performed.
- (2)
This rule applies to:
- (a)
- (b)
a certification employee performing FCA certification function (6) (material risk takers) in the table in SYSC 27.7.3R for a UK SMCR firm.
- (1)
This paragraph deals with how COCON 1.1.9R applies to a certification employee (P) who performs the material risk taker FCA certification function and another FCA certification function for the same UK SMCR firm.
- (2)
If P’s conduct relates to both FCA certification functions (because for example those two functions cover the same activities) COCON applies without territorial limitation to P’s conduct.
- (3)
If part of P’s conduct relates to the material risk taker FCA certification function and the rest of P’s conduct relates to the other FCA certification function, COCON only applies without territorial limitation to P’s conduct in relation to the material risk taker FCA certification function.
- (1)
This rule applies to members of a firm’s conduct rules staff apart from conduct rules staff in COCON 1.1.9R.
- (2)
Subject to (3), COCON only applies to the conduct of persons to whom this rule applies (as set out in (1)) if that conduct:
- (a)
is performed from an establishment maintained in the United Kingdom by the SMCR firm; or
- (b)
involves dealing with a client of the firm in the United Kingdom from an establishment overseas.
- (a)
- (3)
Paragraph (2)(b) only applies to a UK SMCR firm.
The FCA interprets the phrase ‘dealing with’ in COCON 1.1.10R as including having contact with customers and extending beyond ‘dealing’ as used in the phrase ‘dealing in investments’. ‘Dealing in’ is used in Schedule 2 to the Act to describe, in general terms, the regulated activities which are specified in Part II of the Regulated Activities Order.
The FCA interprets the phrase ‘a client of the firm in the United Kingdom’ in COCON 1.1.10R as referring to:
- (1)
for a client which is a body corporate, its office or branch in the United Kingdom; or
- (2)
for a client who is an individual, a client who is in the United Kingdom at the time of the dealing.
- (1)
The Regulated Activities Order has an effect on the territorial scope of COCON.
- (2)
This is because whether or not conduct involves regulated activities may affect how and whether COCON applies. Therefore where overseas activities are excluded from being regulated activities by the Regulated Activities Order, that will have an effect on COCON.
- (3)
An example of (1) is the territorial restriction relating to regulated claims management activities.
- (4)
As explained in PERG 2.4A (Link between regulated claims management activities and Great Britain), a claims management activity specified in the Regulated Activities Order is only a regulated activity if it is carried on by way of business in Great Britain.
- (5)
The result is that a claims management activity specified in the Regulated Activities Order carried on outside Great Britain is an unregulated activity for the purposes of COCON.
- (6)
This restriction:
- (a)
applies to conduct rules staff coming within COCON 1.1.9R as well as to other conduct rules staff; and
- (b)
applies in addition to the restriction in COCON 1.1.10R.
- (a)
The conduct of a member of the conduct rules staff of a firm is not within the scope of Rule 6 in COCON 2.1 (You must act to deliver good outcomes for retail customers) unless the corresponding COCON firm activities of the firm are within the scope of PRIN 3.3 (Where?) so far as it applies to the Consumer Duty.
The effect of COCON 1.1.8BR and COCON 1.1.11CR is that conduct of a member of a firm’s conduct rules staff is only within the territorial scope of Rule 6 in COCON 2.1 if it is within the scope of COCON 1.1.9R to COCON 1.1.10R and the corresponding activity of their firm is within the territorial scope of the Consumer Duty as set out in PRIN 3.3.
A person will not be subject to COCON to the extent that this would be contrary to the requirements of an EU measure passed or made before IP completion day, to the extent that those requirements continue to have effect after IP completion day under the EUWA.
Purpose
The purpose of this chapter is to set out rules for conduct rules staff and to provide guidance about those rules to firms whose staff are subject to them.
COCON 1 Annex 1 has guidance on the role and responsibilities of non-executive directors to whom COCON applies.
COCON 1.2 Investments
COCON refers in a number of places to ‘investments’. The Glossary meaning of investment is wide and is not just limited to the ordinary dictionary meaning.
Therefore, for example, an approved person performing controlled functions in a Solvency II firm or a small non-directive insurer should note that that term includes rights under a contract of insurance, meaning they should also take into account those parts of COCON which provide guidance on individual conduct rules that refer to ‘investments’.
Where guidance refers to risks associated with investments, that will include risks applicable to rights under a contract of insurance including for example the risk of inadequate cover.
COCON 1.3 Scope of COCON
Introduction
This section deals with the restrictions on the scope of COCON based on:
- (1) the activities of the firm in COCON 1.1.6R to COCON 1.1.7R (To what conduct does it apply? (Limitations in the Act)) (COCON 1.3.2G to COCON 1.3.9G deal with this);
- (2) the SMCR financial activities of a firm in COCON 1.1.7AR (To what conduct does it apply? (Other limitations: Non-banks)) (COCON 1.3.10G to COCON 1.3.16G deal with this); and
- (3) COCON 1.1.7BR (To what conduct does it apply? (Other limitations: Benchmark firms)) (COCON 1.3.17G deals with this).
COCON does not cover private or personal life
COCON 1.1.6R to COCON 1.1.7R limit the application of COCON to conduct that relates to a function carried out by a member of the conduct rules staff where in turn that function relates to the carrying on of an activity by the firm. The firm's activity may be a regulated activity or an unregulated activity. This limitation on the scope of COCON applies in relation to all firms.
- (1) The effect of COCON 1.1.6R to COCON 1.1.7R is that conduct relating to the conduct rules staff member’s private or personal life is outside the scope of COCON.
- (2) However, this does not mean that a senior conduct rules staff member is not required to disclose information about their private or personal life under COCON 2.2.4R (SC4). A senior conduct rules staff member should disclose such matters if they are material to an assessment of fitness and propriety under FIT. COCON 4.2.33G (SC4: You must disclose appropriately any information of which the FCA or PRA would reasonably expect notice) gives examples of matters that should be disclosed.
Factors that point towards conduct being within the scope of COCON 1.1.6R to COCON 1.1.7R include:
- (1) the conduct occurred when the conduct rules staff member was present on the firm's premises;
- (2) the conduct occurred when the conduct rules staff member was working on the firm's business;
- (3) the conduct involved a client, a professional acquaintance, another member of the firm's staff or someone the conduct rules staff member had dealt with on behalf of their firm;
- (4) the conduct was carried out using equipment supplied by or made available by the firm or by involving the firm's staff;
- (5) the conduct arose in a business context, including an official or an informal event organised or supported by the firm or in which the firm participates, whether it is held at the firm's premises or at another location;
- (6) the position of the conduct rules staff member as a conduct rules staff member of the firm helped them to carry out the conduct; or
- (7) the purpose (misguided or not) of the conduct was to benefit the firm.
- (1) Whether conduct is within the scope of COCON depends on the specific facts of each case. It is therefore not possible to set out scenarios in the Handbook and say whether in all cases the conduct in question will be within the scope of COCON.
- (2) Paragraph (1) means that:
- (a) the list of factors in COCON 1.3.4G is not exhaustive; and
- (b) the presence or absence of one of the factors in COCON 1.3.4G is not by itself conclusive.
- (3) Another result of (1) is that:
- (a) when the table in COCON 1.3.7G says that conduct is generally within the scope of COCON, that means that the facts of the scenario are ones that point towards the conduct coming within the scope of COCON; and
- (b) when the table in COCON 1.3.7G says that conduct is generally outside the scope of COCON, that means that the facts of the scenario are ones that point against the conduct coming within the scope of COCON,
- but that in an individual case all the other features of the case are also relevant.
- (1) The table in COCON 1.3.7G sets out examples of when a person's conduct is outside the scope of COCON because it is part of their private or personal life and when it is not excluded for that reason (subject to COCON 1.3.5G).
- (2) As explained in Note (2) to the table, conduct to which ‘Yes’ applies is not necessarily within the scope of COCON as it may be excluded by one of the other scope rules in COCON 1.1 (Application). For example, it may be excluded by the exclusion in COCON 1.1.7AR (To what conduct does it apply? (Other limitations: Non-banks)).
- (3) Another example of the point in (2) is that if M (as referred to in the notes to the table) is based in an overseas office of the firm and carries out the conduct from there (or from their home in the country where the overseas office is located), the conduct will be outside the scope of COCON under COCON 1.1.10R (Where does it apply?) unless M comes within COCON 1.1.9R (which deals with senior conduct rules staff members and material risk takers) or within COCON 1.1.10R(2)(b) (which deals with clients in the United Kingdom).
Table: Private or personal life and COCON
Description of conduct | Whether generally within the scope of COCON 1.1.6R to COCON 1.1.7R |
Misconduct by M in relation to a fellow member of the workforce while both are on their firm's premises. | Yes |
Misconduct by M in relation to a fellow member of the workforce while M is working remotely for their firm. | Yes |
Misconduct by M in relation to a family member while M is working remotely for their firm. | No |
Misconduct by M in relation to a member of the public while M is commuting to or from their firm's place of business for work. | No |
Misconduct by M in relation to a fellow member of the workforce when both are travelling to a meeting in which they will represent their firm. | Yes |
Misconduct by M in relation to a client at a business meeting in which M is representing their firm. | Yes |
Misconduct by M in relation to a fellow member of the workforce at a social occasion organised by their firm. | Yes |
Misconduct by M in relation to a fellow member of the workforce at a social occasion organised by M or another member of the workforce in their personal capacity. | No However: (1) An occasion organised by a manager may be within the scope of COCON, taking into account that the manager’s direct reports may feel obliged to attend. (2) If the event takes place after a firm event but at a separate location or venue, it may be within the scope of COCON if it is a continuation of the first event or if the conduct started at the first event and continued in the new venue. Otherwise, COCON is likely to cease to apply because the connection between the event and the activities of the firm has been lost. |
Misconduct by M at a social occasion, a meeting, a round table, an awards ceremony, a training course or a workshop, in each case organised by a client of their firm, another firm, an industry body, a training organisation or a regulator, in which they will represent their firm or where the main reason for the invitation is their working for their firm. | Yes |
M is a member of a profession (such as an accountant, actuary or lawyer) and practises that profession in their job with their firm. M carries out misconduct at an event organised by a third party to meet the professional requirements of that profession or by the regulator of that profession. | Yes |
M publishes material on a personal social media account (including sending it on a messaging app) held by M. As this table only covers whether conduct takes place in M’s private life (and hence is outside the scope of COCON under COCON 1.1.6R to COCON 1.1.7R), this example assumes that the publication would otherwise breach COCON. | This is an example of how it is not possible to give a definitive answer to a scenario based on a single element. Factors to take into account include:
The fact that M uploads the posts during working hours or while on the firm's premises is not a strong factor pointing towards the application of COCON. If the conduct takes place over the firm's systems (for instance through the firm's e-mail system) it is likely to be within the scope of COCON. |
Notes | |
(1) ‘M’ refers to the member of a firm's conduct rules staff carrying out the conduct in question. | |
(2) ‘Yes’ means that, in accordance with COCON 1.3.5G(3)(a), the scenario is based on a factor that points towards the conduct being within COCON 1.1.6R to COCON 1.1.7R and thus within the scope of COCON unless excluded by COCON 1.1.1AR to COCON 1.1.5AR (To whom does it apply?), COCON 1.1.7AR to COCON 1.1.7FR or by COCON 1.1.8BR to COCON 1.1.11CR (Where does it apply?). | |
(3) ‘No’ means that, in accordance with COCON 1.3.5G(3)(b), the scenario is based on a factor that points towards the conduct being outside COCON 1.1.6R to COCON 1.1.7R and thus outside the scope of COCON. | |
However, conduct excluded from COCON as described in the table in COCON 1.3.7G can still be relevant to fitness and propriety, as described in FIT 1.3 (Assessing fitness and propriety).
The scope of COCON is not limited to conduct that is authorised by the firm or carried out with a view (misguided or not) that it is for the firm's benefit. Conduct is not excluded from the scope of COCON just because the firm forbids it (for instance, in a staff handbook) or it is calculated to harm the firm. Thus, for example, the following conduct is within the scope of COCON 1.1.6R to COCON 1.1.7R:
- (1) misappropriating a client’s or the firm's assets;
- (2) providing false or inaccurate details about the member of the conduct rules staff's training, qualifications, past employment record or experience;
- (3) misusing the assets or confidential information of a client or the firm to make a personal profit;
- (4) misconduct against a client;
- (5) harassment of a fellow member of the workforce; and
- (6) maliciously sabotaging a firm's information technology systems or altering or erasing its data.
SMCR financial activities
COCON 1.3.11G to COCON 1.3.16G deal with a conduct rules staff member for whom the scope of COCON is limited to conduct in relation to their firm's SMCR financial activities by COCON 1.1.7AR.
When COCON is restricted to SMCR financial activities, it covers more than conduct involving direct dealings with counterparties and customers (and potential ones) or their assets at the point of sale or at the time of the transaction or service. It can also cover matters such as the following:
- (1) conduct arising out of such direct dealings, such as record-keeping, valuations and reporting;
- (2) after-sale or post-transaction activities such as settlement, queries, dealing with the exercise of rights by the firm or the customer, complaints, cancellations, renewals and generally dealing with the customer or counterparty through the lifecycle of the product or relationship;
- (3) designing and operating policies and procedures relating to the conduct of the firm's relationship with counterparties and customers, such as:
- (a) product or services design;
- (b) policies and procedures about what services and products to sell or buy;
- (c) policies and procedures about product distribution;
- (d) policies and procedures for the conduct of the relationship between the firm and a customer in relation to products and services already sold or delivered; and
- (e) policies and procedures for the monitoring of customer outcomes for products and services already sold or delivered; and
- (4) management and monitoring of these activities.
COCON is not restricted to the activities in COCON 1.3.11G. For example, it covers:
- (1) participation in meetings of the firm's governing body and its committees and other management forums;
- (2) conduct in relation to internal systems, controls and operations supporting the activities in COCON 1.3.11G;
- (3) conduct in relation to acquisition and management of resources used to support the activities in COCON 1.3.11G; and
- (4) conduct in relation to systems and controls to monitor and control risks such as liquidity, operational, solvency, market and trading risks.
- (1) Conduct of an individual is not within the scope of COCON just because it is carried on in relation to an activity of their firm that is connected to an SMCR financial activity that is carried on by the firm but that is not itself an SMCR financial activity.
- (2) For example, the misconduct of the employee in the following examples is not within the scope of COCON:
- (a) A firm's main business is to sell physical goods. It sells some of them on credit and so has permission for consumer credit. An employee steals some of the firm's stock.
- (b) A firm's main business is to sell cars. It also sells connected insurance and so has permission for insurance distribution activities. An employee commits a serious driving offence while moving one of the cars the firm sells.
- (3) However, conduct in (2) is relevant to the fitness and propriety under FIT of the employee, if the employee is subject to FIT.
- (1) COCON 1.1.7FR says that the restriction of the scope of COCON to conduct in relation to a firm's SMCR financial activities under COCON 1.1.7AR does not apply to harassment or similar conduct in relation to a fellow member of the workforce. Instead, COCON 1.1.7FR(5) excludes such conduct if it clearly only relates to a part of the firm's business that does not carry on regulated activities or other SMCR financial activities, as illustrated further in the table in COCON 1.3.15G.
- (2) COCON 1.3.15G gives examples of how the exclusion in COCON 1.1.7FR(5) applies to conduct of a conduct rules staff member in relation to a fellow member of the workforce when a firm has both a financial services business and a non-financial services business.
- (3) The example relates to internal audit. The example corresponds to the example in SYSC 25.3.4G (Management responsibilities maps: Exclusion of non-financial services activities for some firms).
Table: Application of COCON to a firm with mixed businesses
Description of business | Whether generally within the scope of COCON |
(1) F’s internal audit function covers its entire business without separating the parts that deal with its financial services business and its other business. The conduct rules staff member carrying out the misconduct and the subject of the misconduct work in the internal audit function. | The conduct is within scope. |
(2) Same as (1) except that the subject of the misconduct works outside the internal audit function. | The conduct is within scope even if the subject of the misconduct works for the non-financial services part of the business. |
(3) F separates the part of its internal audit function that deals with its financial services business from the part that deals with the other part of its business. Both the conduct rules staff member carrying out the misconduct and the subject of the misconduct work in the part of the internal audit function that does not deal with the financial services business. | The conduct is outside scope. It would be within scope if either the conduct rules staff member carrying out the conduct or the subject of the conduct work in the part of the internal audit function that deals with the financial services business. |
(4) F’s internal audit function covers its entire business as described in (1). Within the function, certain individuals deal with the financial services business, and other individuals deal with the non-financial services business. The conduct rules staff member carrying out the misconduct deals with the financial services part of F’s business and the subject of the misconduct deals with the non-financial services business or vice versa. | The conduct is within scope. |
(5) F’s internal audit function covers F’s and the rest of its group's entire business without separating the parts that deal with the group's financial services business and the group's other business. The conduct rules staff member carrying out the misconduct works in the internal audit function and the subject of the misconduct works in another company in F’s group. | The conduct is within scope. |
(6) F’s internal audit function covers the whole of its group's activities. F separates the part of the internal audit function that deals with the group's financial services business from the part that deals with the other part of the group's business. The conduct rules staff member carrying out the misconduct works in the part of the internal audit function that does not deal with the financial services business. The subject of the misconduct works in another company in the firm's group. | The conduct is outside scope. It is outside scope even if the subject of the misconduct’s job involves SMCR financial activities carried out by another company in F’s group. This is because, even if the conduct relates to SMCR financial activities, it does not relate to SMCR financial activities carried on by F. |
Notes | |
(1) When the table says that conduct is outside scope, that means that COCON 1.1.7FR does not apply and instead COCON 1.1.7AR or COCON 1.1.7BR applies. | |
(2) When the table says that conduct is within scope, that means that COCON 1.1.7FR applies and the conduct is within the scope of COCON unless excluded by COCON 1.1.1AR to COCON 1.1.5AR (To whom does it apply?) COCON 1.1.6R to COCON 1.1.7R (To what conduct does it apply? (Limitations in the Act)) or by COCON 1.1.8BR to COCON 1.1.11CR (Where does it apply?). | |
(3) See COCON 4.3.16G (Subject of the misconduct) for the meaning of the phrase ‘subject of the conduct’. | |
(4) ‘F’ refers to the firm for which the member of the conduct rules staff carrying out the conduct in question works. | |
The flow diagram in COCON 4 Annex 1 3.7G gives further guidance on how COCON 1.1.7FR works.
Benchmark firms
COCON 1.1.7FR also applies to a pure benchmark SMCR firm to which the restrictions in COCON 1.1.7BR apply. The flow diagram in COCON 4 Annex 1 3.7G gives further guidance on how COCON 1.1.7FR works for such a firm.
COCON 1 Annex 1 Guidance on the role and responsibilities of non-executive directors of SMCR firms
| COCON 1 | Introduction | |||
| COCON 1.1 | This annex applies to non-executive directors (NEDs) of an SMCR firm. | |||
| COCON 1.2 | This annex covers the role of a NED in performing the roles in (1) to (4), below: | |||
| (1) | the role of chair of the board of directors; | |||
| (2) | the role of chair of the nomination committee; | |||
| (3) | the role of chair of any other committee (irrespective of whether performing that role is itself a designated senior management function); | |||
| (4) | the general NED role. | |||
| COCON 1.3 | The FCA's view of the role of a NED is consistent with the duties of directors included in UK company law and the description of the role of a NED in the UK Corporate Governance Code. | |||
| COCON 2 | The general role of a NED | |||
| COCON 2.1 | The role of a NED performing the general NED role is to: | |||
| (1) | provide effective oversight and challenge; and | |||
| (2) | help develop proposals on strategy. | |||
| COCON 2.2 | To deliver this, their responsibilities include: | |||
| (1) | attending and contributing to board and committee meetings and discussions; | |||
| (2) | taking part in collective board and committee decisions, including voting and providing input and challenge; and | |||
| (3) | ensuring they are sufficiently and appropriately informed of the relevant matters prior to taking part in board or committee discussions and decisions. | |||
| COCON 2.3 | Other key roles of a NED include: | |||
| (1) | scrutinising the performance of management in meeting agreed goals and objectives; | |||
| (2) | monitoring the reporting of performance; | |||
| (3) | satisfying themselves on the integrity of financial information; | |||
| (4) | satisfying themselves that financial controls and systems of risk management are robust and defensible; | |||
| (5) | scrutinising the design and implementation of the remuneration policy; | |||
| (6) | providing objective views on resources, appointments and standards of conduct; and | |||
| (7) | being involved in succession planning. | |||
| COCON 3 | Role of a NED as chair of the board or a committee | |||
| COCON 3.1 | Subject to any specific governance arrangements, rules or requirements applicable to the board or particular committees, a NED’s responsibility as chair of the board or a committee includes: | |||
| (1) | ensuring that the board or committee meets with sufficient frequency; | |||
| (2) | fostering an open, inclusive discussion which challenges executives, where appropriate; | |||
| (3) | ensuring that the board or committee devotes sufficient time and attention to the matters within its remit; | |||
| (4) | helping to ensure that the board or committee and its members have the information necessary to its and their tasks; | |||
| (5) | reporting to the main board on the committee’s activities; | |||
| (6) | facilitating the running of the board or committee to assist it in providing independent oversight of executive decisions; and | |||
| (7) | in relation to the nomination committee, safeguarding the independence and overseeing the performance of the nomination committee. | |||
| COCON 3.2 | The chair of the nomination committee should take reasonable steps to ensure that the nomination committee complies with: | |||
| (1) | the requirements in SYSC 4.3A about the nomination committee (if that part of SYSC applies to the firm); and | |||
| (2) | any specific and relevant requirements relating to the committee or to the matters within the committee’s responsibilities. | |||
| COCON 3.3 | Paragraph 3.2 of this annex is still relevant to a firm: | |||
| (1) | that is not required by the FCA Handbook to have a nomination committee; or | |||
| (2) | for which being the chair of such a committee is not a controlled function; | |||
| if it has such a committee. | ||||
| COCON 4 | General approach to the role of a NED | |||
| COCON 4.1 | The FCA recognises that NEDs individually do not manage a firm's business in the same way as executive directors. Therefore, the responsibilities for which NEDs are accountable are likely to be more limited. | |||
| COCON 4.2 | A NED is neither required nor expected to assume executive responsibilities. | |||
| COCON 4.3 | Although NEDs who are subject to the senior management regime for SMF managers have individual duties under that regime, the FCA views the regime and its application as consistent with the principle of collective decision-making. | |||
| COCON 4.4 | The standard of care, skill and diligence that the FCA would expect from a NED is the care, skill and diligence that would be exercised by a reasonably diligent person with: | |||
| (1) | the general knowledge, skill and experience that may reasonably be expected of a person carrying out the functions carried out by the NED in relation to the firm, taking into account the standards in the Handbook (especially COCON and DEPP); and | |||
| (2) | the general knowledge, skill and experience that the NED has. | |||
COCON 1 Annex 2 How the application rules in COCON 1.1 (Application) work
Section 1: Purpose of this Annex and introduction
The purpose of this Annex is to describe how COCON 1.1 (Application) works in the form of flow diagrams.
COCON does not apply unless all the following conditions are met:
- (1) the person whose conduct is in question is of a kind to whom COCON applies (section 2 of COCON 1 Annex 2 deals with this);
- (2) the conduct is of a kind to which COCON applies (section 3 of COCON 1 Annex 2 deals with this); and
- (3) the conduct is within the territorial scope of COCON (section 4 of COCON 1 Annex 2 deals with this).
In this Annex:
- (1) ‘P’ means the person whose conduct is in question;
- (2) ‘F’ means the firm P works for;
- (3) the ‘consumer duty rule’ means Rule 6 in COCON 2.1; and
- (4) the ‘harassment rule’ means COCON 1.1.7FR.
If a flow diagram in one section of this Annex says that COCON does not apply, there is no need to look any further in that flow diagram or in any later flow diagram or section of this Annex.
This Annex deals with the 3 sets of rules in COCON 1.1 (Who?, What? and Where?) in the same order as COCON 1.1. However, a person wanting to see whether conduct is within the scope of COCON can apply them in any order. For example, if conduct takes place outside the UK, a person may wish to apply the territorial scope rules first. If the answer is that the conduct is outside the territorial scope of COCON, COCON does not apply and there is no need to look at any other part of COCON 1.1.
COCON 4 Annex 1 contains more detailed flow diagrams dealing with conduct within the harassment rule.
Section 2: Who does COCON apply to?
This section deals with the types of people COCON applies to. It is guidance on COCON 1.1.1AR to COCON 1.1.5AR.
Flow diagram: Who COCON applies to

The flow diagram in COCON 1 Annex 2 2.2G does not cover COCON 1.1.4R(2).
COCON 1.1.4R(2) says that the only senior manager conduct rule in COCON 2.2 that applies to a director of a UK SMCR firm who is not an SMF manager and does not perform the functions of one is rule SC4. In particular, that means that the only senior manager conduct rule that applies to many non-executive directors is SC4.
Section 3: What conduct COCON applies to: Introduction
This section deals with the types of conduct COCON applies to. It is guidance on COCON 1.1.5BR to COCON 1.1.8AR. In particular, it explains COCON 1.1.5BR.
COCON 1 Annex 2 3.4G contains the first part of the flow diagram. If this part of the flow diagram says that COCON does not apply, that means that the conduct in question is not within the scope of COCON. There is no need to go further in the flow diagram.
After that, the flow diagram splits into 3 parts, depending on what kind of firm F is.
What conduct COCON applies to: Questions applicable to all firms
Flow diagram: What conduct COCON applies to: Questions applicable to all firms

COCON 1.3.2G to COCON 1.3.9G contain guidance on COCON 1.1.6R to COCON 1.1.7R as referred to in the flow diagram in COCON 1 Annex 2 3.4G.
What COCON applies to: SMCR banking firms
Flow diagram: SMCR banking firms

What COCON applies to: Firms other than SMCR banking firms and benchmark administrators
Flow diagram: Firms other than SMCR banking firms or benchmark administrators

What COCON applies to: Benchmark administrators
Flow diagram: Benchmark administrators

Section 4: Territorial scope
This section deals with the territorial scope of COCON. It is guidance on COCON 1.1.8BR to COCON 1.1.11DR.
Flow diagram: Territorial scope

Section 5: Topics not covered
This Annex does not cover the effect described in COCON 1.1.11BG (effect on the territorial scope of COCON of the Regulated Activities Order) or COCON 1.1.12R (requirements of an EU measure passed or made before IP completion day).
