In recent years, diversity and inclusion (D&I) in the financial services sector has become a focus for regulators around the world. Individual regulators, however, have taken different approaches to D&I to reflect the local socio-economic environment. Below, we provide a high-level summary of the position across a number of key jurisdictions.

JurisdictionSummary of regulatory regime relating to D&I in financial servicesNorton Rose Fulbright regulatory contact
ChinaChina does not have an overarching legislation or regulatory framework governing D&I. Under various Peoples Republic of China (PRC) laws and regulations on employment, several characteristics of individuals are protected from discrimination in employment, such as nationality, race, gender, religious belief and disability (Protected Characteristics). According to a guiding case published by the Supreme People’s Court of China, any characteristic that is not directly related to the requirements of work shall not be the reason for the individuals having such characteristic to be treated differently in employment. This essentially means that unless any characteristic will affect a candidate’s or employee’s ability to fulfil their work duties, an individual having such characteristic shall not be treated differently in employment, e.g. not being hired for that characteristic. Although China is not a common law jurisdiction, the judgments published by the Supreme People’s Court from time to time do provide referenceable guidance to juridical practice in China. Therefore, by applying the same principles in the aforesaid guiding case, certain other characteristics, such as sexual orientation and household registration may o be regarded as falling within the scope of Protected Characteristics.  

China has also issued laws and regulations to protect individuals with certain specific characteristics (e.g. physical disability) in the workplace. Under the relevant law, at least 1.5% of a firm’s total number of employees must be disabled persons. If a firm fails to meet this requirement, it shall make contributions to the disabled employment security fund  (which is used to support the employment and livelihood of disabled persons).  

PRC laws and regulations also expressly prohibit certain discriminatory behaviours. Amongst other things, employers are not allowed to include pregnancy testing in the employee’s onboarding medical examination, and are also prohibited from placing any restriction on marriage or childbirth or the candidate’s marriage or childbirth status as a pre-condition for hiring female employees.
Sun Hong, Partner
Hong KongThere is no overarching regulatory framework targeting D&I in the financial services sector, although a number of specific regulatory developments indicate that financial services regulatory and supervisory bodies in Hong Kong are focussing on D&I.  

For example, on 6 October 2017, the Hong Kong Monetary Authority (HKMA), published a revised version of its Supervisory Policy Manual module CG-1 “Corporate Governance of Locally Incorporated Authorized Institutions” (SPM CG-1). This sets out the minimum standards which the HKMA expects locally incorporated authorized institutions to adopt in respect of their internal corporate governance procedures. Paragraph 2.10.2 of SPM CG-1, specifically, stipulates that an authorized institution must publicly disclose, whenever relevant but at least annually, the approach for recruitment and selection of members of the board (in so far as the sensitivity of the information will not be disadvantageous to the authorized institution) and ensure appropriate diversity of skills, backgrounds and viewpoints. Additionally, pursuant to paragraph 4.2.1 of SPM CG-1, the board of authorized institutions should be composed of board members who possess a range of knowledge and experience in relevant areas and varied backgrounds to promote a diversity of views.  

The Hong Kong Stock Exchange (HKEX) has imposed D&I requirements on its members. Since 2016, listed companies have been required to disclose details regarding the composition of their workforce, such as gender, age and employment type, under the environmental, social and governance reporting framework. On 1 January 2022, the HKEX amended its Listing Rules, including the Corporate Governance Code, with the aim of increasing diversity on its issuers’ boards. The HKEX stated that issuers’ boards that are only composed by members of one gender will be in contravention of its Listing Rules. Issuers will have a three-year transition period in which to comply, meaning that issuers must appoint a director of a different gender (to the majority of the board) by no later than 31 December 2024. Additionally, issuers are required to disclose and explain their board diversity policies (as well as any progress made in respect of these), including sharing a number of metrics such as how and when gender diversity will be achieved, the numerical targets and timelines proposed, and measures the company has adopted to develop a pipeline of potential successors to the board. The HKEX also has introduced various initiatives to help issuers adapt to these changes, including providing an online director training programme covering board diversity, and issuing detailed guidance for boards and directors. The HKEX also hosts an annual boardroom insight event to promote board diversity.  

Also of note, financial services institutions must comply with employment legislation and regulations which may impose obligations in respect of D&I in the workplace.  

The Equal Opportunities Commission (EOC), established in 1996, is a statutory body responsible for implementing ordnances regulating workplace discrimination and harassment. These ordnances include: the Sex Discrimination Ordinance (enshrining the prohibition of discrimination on the grounds of sex as well as pregnancy and marital statuses), the Disability Discrimination Ordinance, the Family Status Discrimination Ordinance and the Race Discrimination Ordinance (which also prohibits discrimination on the basis of colour, descent and national or ethnic origin). Effective from June 2021, Discrimination Legislation (Miscellaneous Amendments) Ordinance 2020 also categorises breastfeeding as a protected characteristic.  

While there is no express requirement in any of the anti-discrimination ordinances for employers to implement  D&I measures in the workplace. However, each of the anti-discrimination ordinances is supported by an underlying code of practice – guidance issued by the EOC on the practical steps employers should take to comply with their legal duties. Each code of practice recommends that employers implement a clear and comprehensive equal opportunities policy that contains certain key details (e.g., that employees know where to make complaints of discrimination or harassment), and that they conduct equal opportunities training on their respective grounds. While the codes of practice are technically non-binding as a matter of law, the EOC or a court will consider the extent to which an employer, including employers in the financial services sector, has complied with them for the purposes of determining liability.  

Other schemes launched by the EOC include the Racial Diversity and Inclusion Charter for Employers, which offers a checklist of D&I policies and practices for business to facilitate the pursuit of D&I objectives. Additionally, the EOC has introduced the Equal Opportunity Employer Recognition Scheme to promote the values of equal opportunities,  D&I in the workplace, and recognise the achievements of employers that demonstrate a commitment to implementing policies and practices on these values.  
Etelka Bogardi, Partner
SingaporeWhile the D&I regulatory landscape in Singapore has been gradually evolving, there are still disparities in both stringency and regulatory reach.  

While there remains no overarching legislation or regulatory framework in Singapore targeting D&I issues, one notable set of D&I stipulations are the requirements for all companies listed on the Singapore Exchange (SGX), commencing on 1 January 2022, to:  

• maintain a board diversity policy that addresses gender, skills and experience, and any other relevant aspects of diversity; and
• describe in its annual report its board diversity policy, including the following:
o the company’s targets to achieve diversity on its board;
o the company’s accompanying plans and timelines for achieving the targets;
o the company’s progress towards achieving the targets within the timelines; and
o a description of how the combination of skills, talents, experience and diversity of its directors serves the needs and plans of the company.

– maintain a board diversity policy that addresses gender, skills and experience, and any other relevant aspects of diversity; and
– describe in its annual report its board diversity policy, including the following:
– i) the company’s targets to achieve diversity on its board;
– ii) the company’s accompanying plans and timelines for achieving the targets;
– iii) the company’s progress towards achieving the targets within the timelines; and
– iv) a description of how the combination of skills, talents, experience and diversity of its directors serves the needs and plans of the company.  

These mandatory requirements are part of the Singapore Exchange Regulation’s (SGX Reg Co) listing rules on public disclosure through annual reports and are supplemented by guiding principles in the Code of Corporate Governance (Singapore Code) and Practice Guidance issued by the Monetary Authority of Singapore (MAS). Since August 2018, the Singapore Code has provided, on a comply-or-explain basis, that the board of directors of listed companies should (among other things): (i) have diversity of thought and background in its composition to enable it to make decisions in the best interests of the company; and (ii) comprise directors who as a group provide the appropriate balance and mix of skills, knowledge, experience, and other aspects of diversity such as gender and age, so as to avoid groupthink and foster constructive debate. Listed companies may incorporate other aspects of diversity as are relevant for the company.  

To take into account the unique characteristics of banking and insurance business, the MAS has released Guidelines on Corporate Governance (Singapore Guidelines) for designated financial holding companies, banks, direct insurers, reinsurers and captive insurers which are incorporated in Singapore (collectively, Singaporean Financial Institutions). The Singapore Guidelines incorporate the Singapore Code (including the D&I requirements of the Singapore Code mentioned above), as well as additional guidelines issued by the MAS to address the diverse and complex risks undertaken by Financial Institutions and their responsibilities to depositors, policyholders and other customers. Among other things, the MAS expects and/or encourages Financial Institutions (both listed and non-listed) to observe the Singapore Guidelines and disclose (in the Financial Institution’s annual report or on its website) its board diversity policy and the progress made towards implementing it.  

As mentioned above there is urrently no law or regulation requiring companies in Singapore to either: implement D&I strategies/policies; or monitor, report, and/or disclose any D&I data to the regulators or the public. Companies in Singapore that wish to voluntarily collect and monitor D&I statistics of their employees (and prospective employees) should take the necessary precautions to avoid breaching other laws, particularly in relation to workplace discrimination and personal data protection.  

In regard to workplace discrimination, the Singapore Government is planning to implement new Workplace Fairness Legislation (WFL) in 2024. The upcoming WFL will apply to all companies with 25 employees or more and prohibit them from making any adverse employment decision in respect of the following five sets of characteristics (the Protected Characteristics): (i) age, (ii) nationality, (iii) sex, marital status, pregnancy status, caregiving responsibilities, (iv) race, religion, language, and (v) disability and mental health conditions, in all stages of employment (i.e., pre-employment (recruitment), in-employment (e.g., promotion, performance appraisal, training selection) and end-employment (e.g., dismissal) stages). Workplace discrimination based on characteristics other than the Protected Characteristics  will remain covered by the existing Tripartite Guidelines on Fair Employment Practices, which are a set of non-legally binding recommendations that lay down the overarching principles of fair employment based on merit (such as skills, experience or ability to perform the job). Care should therefore be taken to ensure that information (especially those falling within the scope of Protected Characteristics) collected by the company for D&I purposes is not misused – or perceived to be misused – as a basis for workplace discrimination.  

From a data protection perspective, companies should avoid any unnecessary collection of personal data of employees (and prospective employees) solely for D&I purposes, as obligations under the Singapore Personal Data Protection Act 2012 relating to the collection, usage, transfer and protection of personal data would apply to any such personal data obtained.  
Wilson Ang, Partner

Clare Chia Ming Lee, Associate Director Ascendant Legal  
JapanAlthough D&I issues appear on the regulatory agenda, Japan has yet to pass any legal measures specifically targeting the financial sector.
Regardless of sector, all companies listed on the Tokyo Stock Exchange (TSE) are subject to the Corporate Governance Code, revised as of 11 June 2022 (the Code). The Code provides that:
• company boards should be constituted so as to achieve diversity, including gender, international experience, work experience and age;

• companies should promote diversity of personnel, including active participation of women;

• companies should voluntarily set and disclose measurable goals for ensuring diversity in core human resources, such as the promotion of women, foreign nationals, and mid-career hires, and disclose the status of implementation; and

• companies should also disclose their policies regarding human resource development to ensure diversity, as well as the status of implementation.
It should be noted that compliance with the Code is not compulsory, although companies must explain their non-compliance.
Companies in the financial sector must also comply with their D&I obligations under generally applicable law, such as:
• the Labour Standards Act, which prohibits discrimination on the basis of nationality, creed, and social status, and unequal pay between men and women;

• the Equal Employment Opportunity Act:

o non-discrimination on the basis of sex in all matters related to work, including recruitment, training, promotion, benefits, etc.;
o prohibition of indirect discrimination, sexual harassment, and disadvantageous treatment of women due to marriage, pregnancy or childbirth; and
o provision of time off during pregnancy and after childbirth;

• the Act on Promotion of Women’s Participation and Advancement in the Workplace:

o employers with more than 300 full-time employees are required to disclose the wage differential between men and women; and
o employers with more than 100 full-time employees are required to formulate an action plan on women’s participation and advancement;

• the Act on Advancement of Measures to Support Raising the Next Generation of Children, which requires employers with more than 100 full-time employees to formulate an action plan to achieve work-family balance;

• the Act on Stabilization of Employment of Elderly Persons, which requires employers to ensure employment up to the age of 65, and to also make efforts to ensure employment and social contribution opportunities up to the age of 70; and

• the Act for Promotion of Employment of Persons with Disabilities, which requires employers to employ a number of persons with physical or intellectual disabilities at a specified rate (currently 2.3% for private companies).
D&I has also been on the agenda for the Financial Services Agency, which in July 2022 published a report on diversity, equity and inclusion in the start-up ecosystem. The report did not, however, recommend ‘hard’ measures such as quotas. The bulk of recommendations focused instead on creating a supportive ecosystem for female entrepreneurs, such as accessing funds and mentorship.
Useful links:
Japan’s Corporate Governance Code
Japan Financial Services Agency – Open Policy Lab Initiative
Akihiko Takamatsu

Saori Takahashi
BelgiumSee “EU” section below – at this stage there do not appear to be any Belgium-specific D&I projects executed or envisaged by the Belgian FSMA or the National Bank of Belgium.  Anna Carrier, Director
EUNOTE: the below is relevant to all EU Member States, in addition to any D&I initiatives by local financial services regulators.  

EU financial regulations have continued to impose requirements aimed at increasing D&I in the financial sector. There are various issues to consider in this context:  

– The Capital Requirement Directive IV (CRD IV) requires banks to consider the diversity of their management bodies when recruiting new members and to implement a diversity policy. In addition, significant institutions (in terms of their size, internal organisation and the nature, scope and complexity of their activities) are required under the CRD IV to set a target for the representation of the underrepresented gender in the management body and to take measures to increase their numbers. The European Banking Authority (EBA) and Member State competent authorities are also required to benchmark diversity practices in institutions’ management bodies and collect information on the gender pay gap of members of the management body. The review of CRD IV which is part of the EU Banking package includes new provisions on the integration of environmental, social and governance risks in, in-scope institutions’ governance structures. Under the new rules, which are likely to become applicable in the second half of 2025, in-scope institutions should have, as part of their robust governance arrangements and processes, an improved risk management framework, robust strategies, policies, processes and systems for identifiying, measuring, managing and monitoring environmental, social and governance risks over the short, medium and long term. In-scope institutions will be required to test their resilience against scenarios that reflect the impact of social changes and associated public policies on the long-term business environment.
– The launch of the Equality, Diversity and Inclusion Charter by the European System of Central Banks (ESCB) and the Single Supervisory Mechanism (SSM). Developed in collaboration with Member State central banks and Member State competent authorities, this is a voluntary set of shared principles, which will guide the signatories when they harness the diversity of their teams and increase the inclusiveness of their working culture and further a common vision for, and commitment to, equality, diversity and inclusion.
– Similar to those rules for banks, the Investment Firms Regulation (IFR) requires investment firms to disclose certain aspects of their remuneration policy and practice, including aspects related to gender neutrality and the gender pay gap.
– The EU has included obligations to provide diversity reporting as part of the corporate disclosures that large companies need to make under the Accounting Directive. The Corporate Sustainability Reporting Directive (CSRD) amended the Accounting Directive to introduce requirements for in-scope companies to report against the EU sustainability reporting standards (ESRS). With regard to social disclosures, the CSRD will require in-scope firms to disclose, among other things, the following social and human rights factors: equal treatment and opportunities for all, including gender equality and equal pay for work of equal value, training and skills development, the employment and inclusion of people with disabilities, measures against violence and harassment in the workplace, and diversity. The detailed disclosure requirements, which were adopted by the European Commission in July 2023 and endorsed by the co-legislators in October 2023, are due to be published in the EU Official Journal. The first reporting requirements will become applicable for large undertakings that are also public interest entities, that exceed an average of 500 employees during the financial year and public interest entities that are parent undertakings of a large group that exceed an average of 500 employees during the financial year, on the condition that they are already subject to the Non-Financial Reporting Directive. They will need to report against the ESRS in 2025 for the 2024 financial year.
– The Sustainable Finance Disclosure Regulation (SFDR) requires the disclosure of information about D&I policies for asset managers and investors. It aims among others to promote transparency in D&I within the financial sector and its main provisions have applied in Member States since 10 March 2021.
– The EBA and the European Securities and Markets Authority (ESMA) have issued joint guidelines on the assessment of the suitability of members of the management body and key function holders (the Joint ESMA and EBA Guidelines). The Joint ESMA and EBA Guidelines provide guidance on how diversity should be taken into account in the process of selecting board members.  

Useful links:  
– EBA/ESMA Guidelines on the assessment of the suitability of members of the management body and key function holders can be accessed via this link.  
Anna Carrier, Director
FranceIn relation to D&I French financial regulatory bodies have placed increasingly stringent obligations on French financial institutions.  

The French Financial Markets Authority (AMF) has issued specific guidelines for listed companies, encouraging D&I in governing and supervisory bodies. For example, in June 2023, the AMF published their summary findings of a study reviewing compliance with non-financial contractual commitments by asset management companies on Environmental, Societal and Governmental/Socially Responsible Investment (ESG/SRI) funds. The AMF has also been keen to understand the practical application of these obligations and examples of best practice.  

The French Prudential Supervisory and Resolution Authority equally plays a key role in overseeing D&I practices in the French financial sector. It may request information and reports from companies to ensure compliance with legal requirements.  

Trade regulatory bodies have also stipulated the introduction of D&I initiatives. The Corporate Governance Code of Listed Corporations states that one of the tasks of the board of directors of any member entity is to ensure that the executive officers implement a policy of non-discrimination and diversity, to include targets for balanced representation of men and women in governing bodies.  

D&I directives are also mandated legislatively. For example, according to Article L225-18-1 of the French Commercial Code: “The proportion of directors of each gender may not be less than 40% at the end of the next General Meeting called to vote on appointments, in companies which, for the third consecutive financial year, employ an average of at least two hundred and fifty permanent employees and have net sales or total assets of at least 50 million euros. In these same companies, where the Board of Directors has no more than eight members, the difference between the number of directors of each sex may not exceed two. Any appointment made in breach of the first paragraph that does not remedy the irregularity in the composition of the Board is null and void.” Banking and other financial institutions should also note the application of other statutory corporate governance requirements as well as other relevant corporate and employment laws and regulations in respect of this.  

Useful links:  
– The study published by the AMF on compliance with non-financial contractual commitments by asset management companies on ESG/SRI funds can be accessed via this link.  
– The corporate governance code of listed corporations can be accessed via this link.  
Sebastien Praicheux, Partner

Roberto Cristofolini, Partner
GermanyThe D&I regulatory landscape in Germany consists of both general requirements regarding diversity and inclusion imposed by federal legislation, as well as obligations imposed by regulatory bodies such as the Federal Financial Supervisory Authority (Bundesanstalt für Finanzdienstleistungsaufsicht or BaFin). In addition, as a Member State, Germany is subject to EU D&I rules and regulation.  

Two important pieces of federal legislation governing D&I are the General Equal Treatment Act (Allgemeines Gleichbehandlungsgesetz or AGG) and the Second Act on the Promotion of Management Positions (Zweites Führungspositionen-Gesetz or FüPoG II). Both contain specific provisions to enforce D&I, for instance, a key provision of FüPoG II is that if a board of a listed company consists of three or more members, at least one member must be a woman.  

Supervised institutions are also subject to sector-specific D&I rules. The German Banking Act (KWG) contains statutory provisions regarding gender-neutral remuneration and a prohibition on gender inequality in pay – as per Sec. 25d (5) Sentences 2 and 3 of the KWG. In addition, the KWG, per section 25d para. 11 No. 2, obliges supervised entities to set targets to promote the under-represented gender and to develop corresponding strategies.  

In accordance with its administrative practice set out in related guidance notices (Merkblatt zu den Geschäftsleitern gemäß KWG, ZAG und KAGB and Merkblatt zu den Mitgliedern von Verwaltungs- oder Aufsichtsorganen gemäß KWG und KAGB), BaFin expects supervised institutions to formulate and implement diversity guidelines for their management board and their administrative and supervisory bodies. To set an example, BaFin has signed the ESCB & SSM Equality, Diversity and Inclusion Charter. By signing the Charter, the European System of Central Banks (ESCB) and many supervisory authorities that are part of the Single Supervisory Mechanism (SSM) for banks in the eurozone have shown their commitment to diversity, equal opportunities, and inclusion.  
Michael Born, Counsel
ItalyD&I has become an increasingly important concern to Italian businesses engaged in financial services, insurance and banking activities. In addition to initiatives that have been independently undertaken by entities, there have also been a number of sector specific regulatory and legislative developments, which are addressed below.  

The Institute for the Supervision of Insurance (IVASS) has not yet implemented any specific D&I initiatives and research into D&I initiatives has been limited. However, the IVASS notebook number 22 contains a survey conducted to measure the proportion of women on the board of directors of Italian insurance companies (of the 109 businesses surveyed, the average percentage of women on each board was 17%).  

The Bank of Italy has also pursued a regulatory agenda to promote D&I. In particular, it hasissued Circular No. 285/2013 (Italy Circular) to implement European Union (EU) prudential supervisory reforms. Of note to D&I, the Italy Circular provides that as a minimum, 33% of members of the management and control bodies of a bank must be women.  

The Italian Companies and Exchange Commission (CONSOB) has imposed D&I obligations on entities within its regulatory remit including companies listed on the Italian stock market. These obligations include D&I policies contained in the corporate governance code adopted by Italian listed companies.  

D&I requirements have also been enacted via legislation. The most notable development is represented by the Golfo-Mosca Law (Law 120/2011) which is aimed at ensuring a more balanced representation of genders within the governance bodies of Italian companies with shares listed on regulated markets, in Italy or other EU countries, as well as of unlisted companies controlled by public administrations. Law 120/2011 provides that at least 40% of the members of the board of directors must belong to the least represented gender. To note, according to Consob, in 2022, women represented 43% of the directors in Italian listed companies.  

Consideration should also be given to an additional statutory requirement. Pursuant to Italian labour law, employers are prohibited from making any inquiries, including through third parties, into their employees’ political, religious or trade union views, as well as investigating any details not relevant to the assessment of an employee’s professional aptitude. Therefore, any data-gathering initiative by supervisory authorities in the diversity and inclusion field should take into account these and other limitations, such as any statutory or regulatory data protection obligations.  

Useful links:  
– IVASS notebook no. 22: link  
– Bank of Italy circular no. 285/2013: link  
– CONSOB 2022 report on corporate governance: link  
– Golfo-Mosca Law (L. 120/2011): link  
Pietro Altomani, Counsel
LuxemburgThe Law of 5 April 1993 on the financial sector, as amended, (the LFS), which governs the activities of credit institutions and professionals of the financial sector in Luxembourg, stipulates, in Article 38-2(8), that credit institutions must account for a broad set of qualities and competences when recruiting members to the management body and, to that end, they must implement a policy promoting diversity within the management body of that institution.  

The Luxembourg Supervisory Authority of the Financial Sector (Commission de Surveillance du Secteur Financier, the CSSF) is the competent authority responsible for verifying that the above requirements are met. To understand the degree to which policies promoting diversity had been implemented, the CSSF conducted a survey in April 2023 reviewing diversity figures within the management bodies of 46 less significant credit institutions (LSIs). The CSSF has noted that market practice in respect of D&I has been slow to evolve. In the survey, the CSSF reported that:  

– 24% of LSIs reported that they had no diversity policy in place.
– Nearly 6% of LSIs with a diversity policy did not take into account the gender criteria, although it is mandatory pursuant to Article 38-2(8) of the LFS, read in conjunction with point 102 of the Joint ESMA and EBA Guidelines.
– 40% of LSIs did not implement career planning aspects and measures aiming to ensure equal treatment and opportunities for staff of different genders, as provided for in point 107 of Joint ESMA and EBA Guidelines.
– Of the 32 LSIs with a diversity policy promoting diversity in terms of gender, 26 had little or even no representation of the under-represented gender within their management bodies (between 0 and 23%).  

The CSSF has stated that market members must accelerate the implementation of D&I policies in order to comply with the regulations in force. The CSSF has also stressed that D&I policies must also take into account other diversity criteria (beyond gender) such as age, geographical and ethnic origin, and educational and professional background.  

The CSSF has made it clear that it will closely monitor progress in implementing D&I initiatives by regularly conducting surveys and checks and that, if following an injunction issued to the relevant LSI, the CSSF notes the absence of any D&I policy, it will take strict measures which include imposing sanctions (administrative or other) for breach of the legal and regulatory provisions governing D&I in Luxembourg.  

Useful links:  
– CSSF a survey in April 2023 reviewing diversity figures within the management bodies of 46 less significant credit institutions – link  
Claire Guilbert, Partner
NetherlandsThe AFM  

The Dutch Authority for the Financial Markets (Autoriteit Financiële Markten, the AFM), responsible for supervising inter alia investment firms, has explicitly stated on its website that investment firms need to ensure that their recruitment, training and diversity policies are in line with the Joint ESMA and EBA Guidelines.  

The AFM points out that in the past, a diversity policy typically included aspects such as age, gender, geographical distribution, education and experience. According to the Joint ESMA and EBA Guidelines, a diversity policy should now also include aspects such as origin, colour, ethnicity, religion, disability or sexual preference. In addition, it has been clarified that the firm’s policy should include measures to achieve this diversity, such as career planning, training, active reintegration of employees after leave and anti-discrimination measures. These measures should be extended beyond the management board.  

The AFM expects investment firms to implement diversity policies that address the appointment of new board members, training, the preparation of employees for management positions and board diversity and take into account the Joint ESMA and EBA Guidelines. However, the diversity policy may be implemented proportionately, with the AFM expecting an investment firm with, for example, 200 employees to have a more comprehensive diversity policy than one with only 5 employees.  

In addition, the AFM expects investment firms, when seeking regulatory approval for the appointment of new directors or supervisory board members, to demonstrate how the diversity policy has been taken into account in considering the appointment of the prospective director or supervisory board member and in relation to the board as a collective.  


In addition, the Dutch Central Bank (De Nederlandsche Bank, DNB), which is responsible for supervising inter alia credit institutions, has stated on its website that it believes it is important to ensure diversity in the financial sector. This is because differences in knowledge, experience, age, gender and background provide management and supervisory boards with a broad view and new perspectives. DNB emphasises that its suitability assessment process explicitly takes diversity into account to ensure that candidates who do not have an explicit financial background or experience in the financial sector can also successfully pass the suitability assessment.  

Useful links:  
– AFM, ‘AFM wijst op aanvullende eisen diversiteitsbeleid voor beleggingsonderneming’, 15 March 2023 –link.  
– DNB, ‘Initial assessment – diversity and collectivity’, 23 February 2017 –link.  
Floortje Nagelkerke, Partner

Nikolai de Koning, Counsel
South AfricaIn South Africa, the regulatory approach taken by legislative, regulatory and supervisory bodies towards D&I centres on the concept of financial inclusion.  

In 2011 a Policy Paper called, “A Safer Financial Sector to Serve South Africa Better” (Policy Paper), set out the South African Government’s approach to reforming financial sector regulation to better serve the country and its citizens. Financial inclusion is set out as a key policy priority. To give effect to the proposed reforms, the Financial Sector Regulation Act, 2017 (FSR Act) was introduced.  

One of objectives of the FSR Act, is the establishment of a regulatory and supervisory framework that promotes financial inclusion. To pursue this (and other objectives), the FSR Act has established a “twin peaks” regulatory model, to be carried out by the Financial Sector Conduct Authority (FSCA), and the Prudential Authority (PA). Both the FSCA and the PA are mandated to promote financial inclusion.  

As part of the implementation of the twin peaks model and addressing the financial inclusion objectives set out under priority three of the Policy Paper, the National Treasury developed a draft financial inclusion policy for South Africa, titled “An inclusive financial sector for all” (Draft Policy). The Draft Policy establishes the overarching policy for financial inclusion in South Africa and sketches the approach to its implementation.  In order to help guide the implementation of the Draft Policy, the National Treasury has proposed the following set of principles (the Principles):  

– Principle 1: Access for all, and responsible use of financial services according to the user’s need. Financial inclusion requires that unreasonable or unfair barriers to access are removed, so that a variety of financial services are available to all.
– Principle 2: Promote competition and market-based solutions, encouraging diversity in service providers.
– Principle 3: The drive for financial inclusion is balanced with and supported by the objectives of financial stability, integrity and market conduct.
– Principle 4: The informal sector is an important transformation and empowerment tool in facilitating the transition to formality. 
– Principle 5: Promote technological and institutional innovation in support of financial system access and usage, addressing infrastructure weakness.
– Principle 6: Promote proportionality in regulation and supervision – regulation and supervision should be proportionate to the risks posed by a financial institution.
– Principle 7: Encourage coordination across stakeholders with clear lines of responsibility and accountability.
– Principle 8: Improve data to make evidence-based policy and measure impact, applying a “test and learn” approach, recognising that implementation requires that appropriate and reliable data be available to support the policy’s design and supervision, and the measurement of its impact over time.  

The Principles have also been incorporated into the financial inclusion strategies of the FSCA.  

Useful links:  
– Financial Inclusion Strategy – link  
– Prudential Authority – Regulatory Strategy 2021 – 2024 – link  
– National Treasury – An Inclusive Financial Sector for All – link  
Desiree Reddy, Director
UAED&I is not currently a key focus for financial services regulators in the United Arab Emirates (UAE), although limited regulatory initiatives have been implemented in this area.  

In the Abu Dhabi Global Market, the Financial Services Regulatory Authority has not yet implemented any D&I initiatives, nor has it published any consultations relating to D&I. Similarly, the Dubai Financial Services Authority, the financial regulator in the Dubai International Financial Centre, has not introduced any D&I requirements or undertaken any consultations.  

By contrast, in certain circumstances, firms are required to make a number of D&I disclosures to the Dubai Virtual Asset Regulatory Authority (VARA). During VARA’s licensing process, it determines the environmental, social and governmental (ESG) disclosure requirements required of each virtual asset service provider (VASP), assigning it one of three disclosure levels. Where a firm is required to comply with a mandatory ESG disclosure level, the most stringent set of requirements, it must publish an annual ESG report.  This report must include information relating to how the firm identifies and assesses risks and opportunities relating to D&I. The report must also summarise how material opportunities relating to D&I are factored into its overall business strategies. Such firms must also make publicly available, via their website, up-to-date information related to the D&I initiatives undertaken the firm.  

Additionally, in 2021, the Emirates Securities and Commodities Authority (SCA) amended its Corporate Governance Guide to require listed companies to appoint at least one female board member. The SCA also requires listed companies to set policies on gender diversity and its objectives and actions to meet these objectives.  

Furthermore, although not implementing a regulatory regime, in 2021, the UAE Central Bank (CBUAE) entered into a Memorandum of Understanding with Aurora50. The partnership between the CBUAE and Aurora50 aims to enhance and accelerate gender diversity in boardrooms and increase female representation on boards of UAE companies.  
Matthew Shanahan, Partner

Hasanali Pirbhai, Associate
United KingdomD&I has been a concern for regulators over a number of years. Despite progress, research has shown that there is more to be done to improve diversity and inclusion in the financial sector.  

Firms are already subject to various requirements and guidance relating to D&I which derive from:  
– The Joint ESMA and EBA Guidelines.
– Rules and guidance set out in the Financial Conduct Authority (FCA) Handbook and Prudential Regulation Authority (PRA) Rulebook.
– Existing papers, speeches, statements, Business Plans etc.
– Requirements on listed companies.  

Through its D&I work, the FCA is looking to achieve the following four outcomes:  
– Healthier firm cultures.
– Reduced groupthink.
– New talent unlocked.
– Greater understanding of and provision for diverse consumer needs.  

On 25 September 2023, the FCA and PRA published consultation papers on their approach to D&I (CP23/20 and CP18/23). Responses are due by 18 December 2023.  

The FCA’s proposals in CP23/20  

In CP23/20, the FCA proposes a framework which would establish minimum standards and give firms a better understanding of what is expected of them in relation to D&I from a regulatory standpoint. The proposed framework is also intended to help ensure greater consistency and transparency across the sector on firms’ approaches to D&I, and to support the objectives of the FCA’s Consumer Duty as well as its D&I priorities.  

CP23/20 sets out proposals to better integrate non-financial misconduct considerations into staff fitness and propriety assessments, Conduct Rules and the suitability criteria for firms to operate in the financial sector. It also proposes to require certain firms to:  
– Collect and report data about D&I to the FCA on an annual basis.
– Collect, report and disclose certain D&I data to the public on an annual basis.
– Establish, implement and maintain a D&I strategy.
– Determine and set appropriate diversity targets.
– Recognise a lack of D&I as a non-financial risk.  

The proposals apply differently to firms depending on their number of employees, their categorisation under the Senior Managers and Certification Regime and whether they are dual-regulated. To reduce regulatory burden, smaller firms with fewer than 251 employees would be exempt from many of the requirements.  

The FCA will review the feedback and develop final regulatory requirements for publication in a Policy Statement in 2024. It proposes that the implementation date for changes would be 12 months after publication of the Policy Statement, in order to give firms time to prepare.  

The PRA’s proposals in CP18/23  

In CP18/23, the PRA proposes rules and expectations aimed at improving D&I in PRA-regulated firms, which can support better firm governance and decision-making and thereby advance the PRA’s objectives. The proposals, developed in parallel with the FCA, build on the ideas discussed in the regulators’ earlier joint discussion paper published in July 2021.  

The proposals in CP18/23 are informed by many of the suggestions made by the respondents to the joint discussion paper, with the PRA noting that as there is no single means of improving D&I, firms need to take a holistic approach. On that basis, the measures set out in CP18/23 are intended to recognise that developing and maintaining a diverse and inclusive culture requires organisation-wide commitment.  

CP18/23 includes chapters setting out proposed rules relating to:
– Firm-wide D&I strategies.
– The setting of diversity targets by the largest firms.
– Board governance.
– Individual accountability for D&I.
– Monitoring D&I.
– Regulatory reporting in relation to D&I data.
– Disclosure of information on targets for the largest firms.  

Useful links:  
– FCA CP23/20 – link  
– PRA CP18/23 – link  
– Norton Rose Fulbright – DE&I hub – link  
Hannah McAslan-Schaaf, Counsel  
  North America  
CanadaThe Canadian federal government announced plans, in its 2023 federal budget, to amend the Bank Act, the Insurance Companies Act, and the Trust and Loan Companies Actto adapt and apply the diversity disclosure requirements for federally regulated financial institutions set out in the Canada Business Corporations Act(CBCA).

The CBCA requires public federal corporations to disclose annually to their shareholders the number and proportion of (i) women, (ii) indigenous people, (iii) people with disabilities, and (iv) visible minorities (collectively, the Designated Groups) among its senior management and on that corporation’s board of directors. The corporation is also required to disclose whether it has adopted a written diversity policy in respect of board diversity and a short summary of, key policy objectives and provisions, measures to ensure it is implemented effectively, policy’s effectiveness and how board measures this, and the annual and cumulative progress in achieving the policy’s objectives. Corporations that have not adopted a written policy are required to provide a reason why they have not done so.

The CBCA also requires disclosure of whether the corporation adopted term limits for board members and senior management and whether the corporation has adopted policies relating to identification and nomination of directors and members of senior management from Designated Groups.  

While the CBCA diversity requirements only apply to public companies, it is unclear if the federal government will introduce these measures to all federally regulated financial institutions or those that are widely held.  

Useful links:  
– The 2023 federal budget – link  
– Norton Rose Fulbright briefing note ‘CBCA diversity disclosure guidance’ – link  
Andrew Grossman, Partner