Bullying, harassment, threats, retaliation, discriminatory comments, pressure to violate policy, and other non-financial misconduct often happen through the same tools employees use to work: chat, SMS, meeting messages, comments, and social DMs connected to company accounts. When an allegation is serious, contemporaneous message history can show what was said, who saw it, whether it was repeated, and whether context changes the interpretation.
This is especially important in regulated environments. The UK FCA's PS25/23 guidance comes into force on September 1, 2026 alongside COCON 1.1.7FR, and it is aimed at helping affected firms apply conduct rules to non-financial misconduct consistently. The operational lesson is broader than the UK: if a business may need to make a fair conduct finding, notify a regulator, discipline an employee, or answer a future reference request, it needs reliable work-channel evidence rather than memory alone.
Keep the boundary clear
Preserve company-channel records for legitimate investigations, but do not use that need as a reason to monitor personal social media, private messages, or off-duty life unless counsel confirms a specific lawful basis and the scope is tightly limited.