UK regulators may have stepped back from prescriptive diversity rules, but the supervisory demand to tackle groupthink has never been higher. As non-financial misconduct becomes a prudential red flag, we analyse how firms can engineer a culture of genuine challenge.

In the lexicon of financial regulation, “culture” was once seen as a soft topic – intangible, hard to measure, and secondary to capital ratios and liquidity buffers. That era is over. A clear consensus has emerged among global regulators: poor culture is not just a conduct issue, it is a primary source of prudential risk. From the collapse of Silicon Valley Bank (SVB) to the mis-selling scandals of the past decade, the common thread has rarely been a lack of technical skill, but rather a catastrophic failure of challenge. A phenomenon known as groupthink.

Poor culture is not just a conduct issue, it is a primary source of prudential risk.

For UK financial services firms, the regulatory landscape is shifting. While the Prudential Regulation Authority (PRA) and Financial Conduct Authority (FCA) recently confirmed they would not proceed with prescriptive new rules on diversity and inclusion (D&I), this should not be misread as a relaxation of standards. On the contrary, the regulators have pivoted to a sharper, more outcome-focused approach: assessing “psychological safety” and rooting out non-financial misconduct (NFM).

The ability to challenge consensus is now a critical regulatory metric, and offers a strategic framework for boards to immunize themselves against the contagion of groupthink.

Anatomy of yes culture

Groupthink describes a psychological drive for consensus that overrides the realistic appraisal of alternatives. In a boardroom, it manifests as a seductive illusion of unanimity. Silence is interpreted as agreement, difficult questions are withheld to preserve harmony, and the group collectively rationalizes away any warnings.

The cost of this dynamic is quantifiable and severe. The 2016 Wells Fargo scandal, where employees opened millions of unauthorized accounts, was driven by a pressure-cooker sales culture that ruthlessly suppressed dissent. Employees who raised concerns were labelled as “not being team players”, creating a feedback loop where bad news never travelled upwards. Similarly, the Federal Reserve’s review of the 2023 SVB collapse highlighted a board that prioritized short-term profits over effective risk management, failing to challenge management’s assumptions as interest rates rose.

In both cases, the “hard” governance structures – committees, policies, three lines of defence – were in place. What failed was the “soft” wiring of human interaction and opportunity to challenge. The governance machinery existed, but nobody felt safe enough to pull the emergency brake.

UK regulatory pivot

The UK’s regulatory approach to this problem has evolved significantly. Initially, the FCA and PRA proposed tackling groupthink through mandated diversity reporting, working on the evidence-based premise that diverse teams make better decisions. However, following industry feedback about the regulatory burden, these specific proposals were dropped in March 2025.

Crucially, the objective remains unchanged, and regulators have simply swapped a quantitative tool (D&I targets) for a qualitative one (supervising psychological safety and NFM).

The FCA’s logic is that non-financial misconduct – bullying, harassment, and discrimination – is a leading indicator of a culture where challenge is impossible. If an employee does not feel safe from personal harassment, they effectively cannot feel safe to challenge a business strategy. As Emily Shepperd, the FCA’s Chief Operating Officer, recently noted, a culture that tolerates such misconduct “is unlikely to be one in which people feel able to speak up and challenge decisions.”

In a volatile financial world, the most dangerous phrase in a boardroom is “we all agree”.

This creates a new supervisory reality. Findings from the FCA’s 2024 survey on NFM, which revealed rising reports of bullying and discrimination in wholesale firms, are now being viewed through a prudential lens. A high incidence of NFM is no longer just an HR headache; it is a signal to the regulator that the firm’s risk management governance may be compromised by a climate of fear.

Consequently, firms are expected to foster “psychological safety” – defined as the belief that one will not be punished or humiliated for speaking up with ideas, questions, concerns, or mistakes. The regulator is moving beyond the concept of “speak up” mechanisms (which place the burden on the employee) to “listen up” cultures (which place the burden on leadership to demonstrate they are listening).

Enforcing challenge: A global consensus

While the UK focuses on accountability and behavior, a comparative look at other jurisdictions confirms that enforcing “challenge” is a global regulatory priority.

The European Union: Codifying challenge

The EU has taken a structural, rules-based approach. The European Banking Authority (EBA) Guidelines on Internal Governance explicitly require the management body to have a “supervisory function” that challenges management decision-making. The guidelines mandate diversity specifically to “overcome the risk of groupthink,” making cognitive diversity a compliance requirement rather than just a strategic “nice-to-have.”

The European Central Bank (ECB) reinforces this by attending board meetings to silently observe the quality of debate, specifically looking for “constructive challenge” and noting whether the CEO dominates the room.

Australia: The behavioral scientists

The Australian Prudential Regulation Authority (APRA) has arguably gone further than any other regulator. Recognizing that traditional supervisors often lack the tools to assess culture, the APRA established a specialist team that includes organizational psychologists.

It developed the “Risk Culture 10 Dimensions” framework, which benchmarks firms on soft factors like “safety to speak up” and “willingness to admit mistakes.” The “deep dive” reviews triangulate data from interviews and surveys to diagnose cultural health, proving that culture can be assessed with the same rigor as credit risk.

The United States: Board accountability

In the US, the Federal Reserve has focused on board effectiveness, issuing guidance that explicitly expects boards to “hold senior management accountable” and to allow sufficient time for “candid discussion and debate.”

The Department of Justice has also tightened its focus on individual accountability, incentivizing firms to claw back compensation from wrongdoers to ensure that the consequences of poor culture are felt personally.

Engineering conflict: A strategic framework for boards

For UK boards, the message is clear: hoping for a good culture is not a strategy. Firms must actively engineer the conditions for challenge. We propose a four-part framework to move from passive oversight to active engagement.

1. Re-engineering the boardroom dynamic

The Chair’s role is pivotal. They must transition from a “gatekeeper” of the agenda to a “facilitator” of friction. A smooth board meeting where everyone agrees is often a sign of failure, not success.

• The devil’s advocate: Firms should formalize the role of the dissenter. Rotating the responsibility to argue against a proposal removes the social stigma of being the “negative” voice.
• The pre-mortem: Instead of asking “what could go wrong?”, boards should assume the project has already failed spectacularly and ask, “what caused this?” This retrospective framing often unlocks a more honest risk assessment than a standard forward-looking analysis
• Structural diversity: While quotas may be off the table in some cases, the need for cognitive diversity remains. Boards must recruit divergent thinking styles and professional backgrounds to prevent the “insulation” that breeds groupthink.

2. Mobilising SMCR

The Senior Managers and Certification Regime (SMCR) is the UK’s most potent tool for driving cultural change. Firms should explicitly link “challenge culture” to the Statement of Responsibilities for Senior Management Functions (SMFs).

• Incentives: Remuneration scorecards must evolve. If a desk head delivers record profits but has high attrition and poor engagement scores, their variable pay should suffer. This signals that how money is made is valued the same as how much money is made.
• Accountability: Managers must be held accountable for the “silence” of their teams. A zero-report rate on whistleblowing or NFM channels should be investigated as a potential red flag of suppression, not taken as proof that all is well.

3. Operationalizing psychological safety

Psychological safety must be measured, not just discussed.

• Data triangulation: Boards need a “Culture Dashboard” that combines lag indicators (NFM reports, exit interviews) with lead indicators (staff survey questions on safety to speak up).
• The “listen up” audit: Firms should audit their response to challenge. When an employee raises a concern, what happens? Is it investigated? Is the employee thanked, or are they managed out? The visible fate of the dissenter determines the future behavior of the majority.

4. Cultural assurance

Firms should consider establishing a cultural assurance function, distinct from HR, tasked with the objective to assess  behavioral norms. This function can mirror the APRA approach, using deep-dive assessments to bypass the “permafrost” of middle management and provide the board with an unfiltered view of ground-level reality.

Conclusion: The competitive edge of dissent

The regulatory withdrawal of D&I rules is a red herring for firms looking to relax their controls around culture. Supervisory intensity on culture is increasing, not decreasing. The FCA and PRA have simply identified that the true enemy is groupthink, and the true measure of defence is psychological safety.

Firms that treat this as a compliance exercise – drafting a “psychological safety policy” and filing it away – will remain vulnerable to the systemic shocks that destroyed SVB and others. However, those that embrace the discomfort of challenge will find they have built a formidable strategic asset.

A culture where risks are debated openly, where bad news is communicated, and where diversity of thought is actively harvested, is a culture that is resilient, agile, and ultimately, more profitable. In a volatile financial world, the most dangerous phrase in a boardroom is “we all agree.”