On 20 April 2022, the FCA published PS22/3, setting out its policy statement and final rules on diversity and inclusion on company boards and executive management (Policy Statement) building on the proposals in Consultation Paper 21/24 (CP21/24). The Policy Statement introduces new Listing Rules (Listing Rules) and amendments to the Disclosure Guidance and Transparency Rules (DTRs). The new rules are effective for accounting periods starting on or after 1 April 2022, but the FCA encourages early adoption by those whose financial years began before then.
The purpose of the changes is to enhance market integrity by encouraging increased transparency and providing better data for companies and investors to assess companies’ progress in appointing a diverse board.
The substance of CP21/24 was analysed in a previous Law Now.
To whom do the rules apply?
The new Listing Rules apply to UK and overseas issuers with equity shares, or certificates representing equity shares, admitted to the premium or standard segment of the FCA’s Official List, excluding open-ended investment companies and ‘shell companies’ but including:
- closed-ended investment funds (subject to some specific relaxations to take account of features particular to investment companies); and
- sovereign controlled companies.
The new Listing Rules do not apply to issuers of listed debt and debt-like securities, securitised derivatives or miscellaneous securities.
The amended DTRs apply to certain UK issuers with securities admitted to UK regulated markets (including, for example, the Specialist Fund Segment as well as the Premium and Standard segments of the main market) and, through the Listing Rules, to certain overseas listed companies, subject to existing exemptions for small and medium companies.
The new Listing Rules require inscope companies to include in their annual financial reports:
- a “comply or explain” statement on whether they have met the following diversity targets:
- at least 40% of the board are women;
- at least one of the senior board positions (Chair, CEO, SID or CFO) is held by a woman; and
- at least one member of the board is from a minority ethnic background (as categorised by the Office of National Statistics)1; and
- a numerical disclosure on the ethnic background and sex or gender identity of their board, senior board positions (Chair, CEO, SID and CFO) and executive management team in a standardised table format as set out in LR9 Annex 22.
- an explanation of the listed company’s approach to collecting the data used for the purposes of making the disclosures in LR 9.8.6(9) and (10)3.
Where relevant individuals are situated overseas, and data protection laws in that jurisdiction prevent the collection or publication of some or all of the personal data required to be disclosed under that provision, then a listed company may instead explain the extent to which it is unable to make the relevant disclosures.4
Closed-ended investment companies need not report against the targets for the four senior positions if these are not applicable and need not report against fields in the numerical disclosure tables that are not applicable. In each case, the investment company must explain why the reporting is not applicable5. This is to take account of the fact that investment companies will typically not have a CEO or CFO. See section titled Investment companies below for further commentary.
“Minority ethnic background” is based on the Office for National Statistics definitions and includes individuals from one of the following categories of ethnic background, excluding the category “White British or other White (including minority-white groups)”:
(1) Asian/Asian British;
(2) Black/African/Caribbean/Black British;
(3) Mixed/Multiple Ethnic Groups; and
(4) Other ethnic group, including Arab.
See section titled "Minority ethnic background" below for further commentary.
In CP21/24, the FCA proposed to mandate the collection and reporting of information on the basis of self-identified gender (gender identity), rather than sex, and further that the numerical reporting should include a column for those with non-binary identities. Following strong disagreement with this approach in the consultation responses (see section titled Sex or gender identity below for further commentary), the FCA stepped back from this position and the new rules do not mandate the inclusion of self-identified women, instead giving companies the option to collecting and report data on the basis of either sex or gender identity. In view of the resulting range of possible approaches to data collection, new guidance6 permits a listed company to add to the categories included in the first column of the disclosure table in LR9 Annex 2 in order to reflect the basis on which it has collected data.
New guidance7 also states that, in determining the basis for collecting data on sex or gender identity, a listed company’s approach to data collection must be:
(a) consistent for the purposes of reporting under both LR 9.8.6R(9) and (10), and
(b) consistent across all individuals in relation to whom data is being reported.
This guidance also states that in-scope companies must explain their approach to data collection to include the method of collection and / or source of the data, and where data collection is done on the basis of self-reporting by the individuals concerned, a description of the questions asked.
Further new guidance8 states that an in-scope company may also include in its annual financial report:
(a) a brief summary of any key policies, procedures and processes, and any wider context, that it considers contribute to improving the diversity of its board and executive management;
(b) any mitigating factors or circumstances which make achieving diversity on its board more challenging (for example, the size of the board or the country where its main operations are located); and
(c) any risks it foresees in being able to meet or continue to meet the board diversity targets in the next accounting period, or any plans to improve the diversity of its board.
The FCA has amended DTR 7.2.8AR. Previously, this rule required in-scope companies’ corporate governance statements to contain a description of any diversity policy applied to its administrative, management and supervisory bodies in respect of certain characteristics such as age, gender or educational and professional backgrounds. To the extent an issuer did not apply a diversity policy, it was required to explain why9.
This rule has now been amended to provide that an issuer’s disclosure should also include the diversity policy applied to its remuneration, audit and nominations board committees. The range of characteristics that a policy could cover has been expanded to include ethnicity, sexual orientation, disability and socioeconomic background.
In-scope companies may, but are not required to, include numerical data on the diversity of the members of the bodies and committees referred to in DTR 7.2.8AR(1)(a)10.
Companies subject to the new reporting requirements, or who are considering reporting equivalent data on a voluntary basis, must ensure they have considered their obligations under applicable data protection laws. This was raised as a concern by several respondents to CP21/24, particularly in view of the small numbers of individuals covered by aspects of the reporting and the fact that the proposed reporting categories include characteristics that are regarded as special category data under UK data protection laws (gender identity, racial or ethnic origin and sexual orientation).
Listed company boards range in size from three or four members (at the low end, but relatively common for VCTs and investment companies) to about fifteen at the higher end, with ten being a reasonable figure for a modal average, excluding investment companies and VCTs. Board committees are even smaller. Added to this, many listed company directors sit on more than one board and so will be the subject of multiple disclosures in different companies’ annual reports. The risk of identification of individuals with particular characteristics will be immediately apparent. Outside the UK, data protection laws may be even stricter and in some cases prohibit companies from asking for certain types of information.
In response to these concerns, the FCA said:11
- The ability to report by sex or gender identity mitigates some of these privacy concerns. (This is because “sex” is not considered sensitive data for the purposes of UK data protection law whereas “gender identity” is. In addition, since the Companies Act requires most companies in scope of the new Listing Rules to collect information on board composition by sex, making additional disclosures in respect of gender identity could highlight situations where someone considers their gender identity to be different from their sex.)
- There is a ‘prefer not to say’ option for all the numerical disclosures. (Although we suggest that it would be a failure of the rules if a significant proportion of the disclosures were ‘prefer not to say’.)
- Collection and publication of personal data on sex has been workable in the context of UK data protection law to date and the final rules enable issuers to use the same data for the purposes of reporting under the new rules.
- The new rules provide a caveat to the numerical disclosure requirements for companies with board members or executive management situated overseas, where local data protection law prevents collection or disclosure of relevant data.
Notwithstanding these mitigations, companies should carefully consider the privacy and data protection laws in the relevant jurisdiction and the implications of the mandatory and voluntary reporting under the new Listing Rules and DTRs; including whether there is any potential impact to their separate mandatory or voluntary ESG reporting (noting the FCA’s ESG strategy as part of its operational objectives of protecting and enhancing the integrity of the UK financial system and the consumer protection objective (see our previous Law Now)).
"Minority ethnic background"
Some respondents raised the concern that the proposed reporting on individuals from a minority ethnic background were too Anglo-centric. For some companies, focussing on individuals from a non-white background might give no indication of diversity. Respondents also queried the exclusion of “minority-white” ethnic backgrounds. In-scope companies who feel that the definition of “minority ethnic background” gives limited useful information about diversity in the context of their company, may wish to make additional contextual narrative disclosures.
Sex or gender identity
The aspect of the proposals in CP21/24 that attracted most feedback was the proposal to define “women” to include “self-identified women”. Of the 540 responses received to the consultation, 439 focussed on this proposal and only one of these was in favour12. Concerns raised included:
- including self-identified women would fail to recognise the under-representation of women based on sex, the structural discrimination they may face and their particular perspectives or experience;
- aggregating data on self-identified women and biological women would prevent clear analysis of data on either group; and
- collecting data on self-identified gender could impact data privacy.
As a result, the FCA has given in-scope companies the choice to report on either sex or gender identity. Companies must explain the approach they have adopted, which must be consistent across all disclosures covered by the new rules and across all individuals subject to the disclosures. It would therefore be prudent for in-scope companies to consider whether any amendments are required to their current diversity and inclusion policies in order to meet the new targets, any succession planning, the creation of defined roles which undertake the responsibility to adhere to the new rules as well as considering any other steps which can be taken to ensure compliance with the new rules.
Companies and boards will need to give thought to the decision on whether to report on the basis of sex or gender identity taking into account matters such as:
- data processing systems – as far as possible, companies will want to use existing data reporting systems, rather than adding new processes.
- data protection – as noted above, sex and gender identity are treated differently under UK data protection law.
- other public reporting – gender pay gap reporting and reporting under section 414C(8) of the Companies Act 2006 are based on sex.
- Equality Act considerations - for the purposes of discrimination law, the Equality Act sets out nine protected characteristics on the basis of which it is (generally) unlawful to discriminate against individuals. These include “sex” and “gender reassignment”; gender identity is not defined in law. Companies’ diversity policies and practices are likely to be designed around the nine protected characteristics under the Equality Act.
- the Gender Recognition Act – the effect of this is that a person with a gender recognition certificate (GRC) may be treated for the purposes of reporting under the new rules as being their “acquired” sex. Thus, a company choosing to report women on the basis of sex may include in this category a trans woman holding a GRC. However, there are strict rules regarding privacy with a GRC and a company should not ask whether an employee has a GRC.
- reputation – What has been the company’s approach to reporting data and more widely, to sex and gender identity, in its diversity and inclusion policies? Will the approach here be the same or different? Careful thought should be given to the justification for adopting an approach or changing the approach, especially as the ongoing national discussion about sex and gender identity is highly charged. Therefore, in-scope companies may wish to engage with their relevant employee networks to explain the approach being taken to reporting and the reasons for it. Where relevant, reassurance can be offered that the company’s response to specific rules is not indicative of a change of overall approach to diversity and inclusion policies.
- for listed companies, a further consideration will be ensuring that their approach to data collection and reporting is sufficiently set out in the annual report.
As noted above, investment companies need not report in relation to categories that are not applicable to them. This is mostly taken to mean the roles of CEO and CFO and the category of “executive management”, though in-scope companies should identify what roles would constitute “executive management” as per the FCA definition.
Unlike commercial companies, investment companies do not have a pool of employees to which diversity policies can be applied to build up an internal, diverse pipeline of potential board candidates; all recruitment is external. In addition, investment company boards are smaller than average, comprising, usually, three to five members. Boards of this size would need to include two women and one member from a minority ethnic background in order to comply with the targets. There is no doubt that significant work is needed to improve diversity on investment company boards, but the practical challenges of this should not be dismissed or taken as necessarily indicative of unwillingness to change. On the other hand, investment company boards cannot simply wash their hands of these targets and may wish to consider measures such as participation in Board Apprentice schemes to help meet targets in the longer term.
Proxy voting agencies
Many listed companies have already experienced proxy voting agencies using their voting recommendations to act as a catalyst for improvement in boardroom diversity. While proxy voting agencies have a powerful voice, which should not be ignored, it is a company’s responsibility to undertake data collection and reporting in accordance with applicable legal requirements. The range of legal objections raised to the FCA’s proposals in CP21/24 is a powerful indicator of how easy it is to allow good intentions to obscure the complexity of complying with several overlapping, technical legal considerations.
The FCA is committed to increasing diversity and inclusion across regulated firms and stated in the Policy Statement that it is considering the responses to its July 2021 joint discussion paper (DP21/2) with the PRA on diversity and inclusion in the financial sector alongside responses to its recent diversity and inclusion pilot data survey and cost benefit analysis survey. DP21/2 and the aforementioned surveys were sent to all FCA and PRA dual-regulated firms and also to a sample of FCA solo-regulated firms. It is understood that any framework would have to be proportionate by taking into account what is appropriate for: larger firms, smaller firms (e.g. credit unions, small intermediaries, small payments firms, small insurance firms and other small firms), dual-regulated firms, solo-regulated firms, and the type of regulated firm in order to be effective. The FCA expects to publish a consultation paper in 2022 setting out proposals to apply broadly across the financial sector which are likely to be relevant for financial services firms authorised by the FCA which are also listed.
The introduction of targets is a material change and most companies (other than parts of the FTSE100) will find it difficult to meet them, especially in the first few years. According to latest published figures the percentage of women on boards in FTSE 350 companies sits at 34.3%. The ability to increase representation of women in the short term will also depend on when appointment terms come to an end and board vacancies become available. It took 5 years for the percentage of women on boards to move by 12.4%.
Accordingly, non-compliance seems inevitable for many companies for at least an initial period, and companies should focus on coherent narrative reporting of the reasons for this and putting in place measures to enable compliance at the earliest opportunity.
11 Policy Statement, paras 2.42 and 2.43
12 Policy Statement, para 1.18