covid banner

CQC briefing – Updated guidance in respect of Regulation 5: Fit and Proper Persons: Directors

In January 2018 the CQC updated its guidance for providers and inspectors in respect of Regulation 5 Health and Social Care Act 2008 (Regulated Activities) Regulations 2014, namely the fit and proper persons requirement for directors or FPPR, which recognises that individuals who have authority in organisations which deliver care are responsible for the overall quality and safety of that care.

As providers will be aware, the CQC’s registration application form asks for information about directors, where relevant, for all new applicants. The CQC requires the Chair to declare all checks have been undertaken in order to reach a judgement that all directors are deemed fit and that none meet any of the unfit criteria as set out in Schedule 4 Part 1 of the 2014 Regulations. The Chair has to make a similar declaration in respect of newly appointed directors on the Statutory Notification in respect of ‘changes to a provider’ form submitted in accordance with Regulation 15 CQC (Registration) Regulations 2009.

Breach of the regulation

The regulation is breached if a provider has in place someone who does not satisfy the FPPR. Evidence of this could be:

  • A director is unfit on a ‘mandatory’ ground, such as a relevant undischarged conviction or bankruptcy. The provider will determine this.
  • A provider does not have a proper process in place to enable it to make the robust assessments required by FPPR.
  • On receipt of information about a director’s fitness, a decision in respect of the director’s fitness is reached that is not within a range of decisions that a reasonable person would make.
  • A director has been responsible for, been privy to, contributed to or facilitated any serious misconduct or mismanagement (whether unlawful or not) in the course of carrying on a regulated activity or providing a service elsewhere, which if provided in England, would be a regulated activity.

What the CQC expects to see

The provider is responsible for the appointment, management and dismissal of its directors. Providers must be able to evidence that there are appropriate systems and processes in place to ensure that all new and existing directors are, and continue to be fit and that no appointments meet any of the unfitness criteria set out in Schedule 4 of the Regulations.

The provider should be able to demonstrate appointments have been secured through robust and thorough processes. The CQC expects providers to demonstrate providers have made every reasonable effort to assure themselves about an individual and addressed issues in light of new information, recognising that there are circumstances in which for example individuals have provided incomplete or inaccurate information. There is of course a range of guidance relating to values-based recruitment, appraisal and disciplinary actions and the CQC expects providers to be aware of and have implemented procedures based on the same.

If a CQC inspector has concerns during an inspection they will need to establish whether their concerns relate to a director and the individual’s role in respect of the quality and safety of care. The assessment will be made as part of the ‘well-led’ key question. In the event the CQC receives specific or concerning information outside of registration and inspection processes, such as via their contact centre or website, the registration and inspection teams will be notified and safeguarding and or whistleblowing processes will be followed where appropriate.

Determining misconduct and mismanagement

These are potentially wide terms and the CQC has not determined what is and what is not misconduct or mismanagement. However the appendix to the guidance provides some examples of behaviour which may amount to misconduct or mismanagement and further, provides advice in relation when proven misconduct or mismanagement should be considered ‘serious’. In summary:


Means conduct that breaches a legal or contractual obligation imposed on the director, this could be acting in breach of an employment contract, breaching relevant regulatory requirements, breaching criminal law or engaging in activities which are morally reprehensible or likely to undermine public trust and confidence.


Means being involved in the management of an organisation or part of an organisation in such a way that the quality of decision making and actions of the managers falls below any reasonable standard of competent management. The following are cited as examples of behaviour which may amount to mismanagement:

  • Suppressing reports where the findings may be compromising for the organisation;
  • Failing to learn from incidents, complaints and when things go wrong; and
  • Failing to implement, quality, safety and/or process improvements in a timely way where there are recommendations or where the need is obvious.

Serious misconduct or mismanagement

Providers will have to reach their own decisions as to whether any facts alleged reach the threshold. The Oxford dictionary definition of ‘serious’ is set out in the guidance:

‘Important, grave, having (potentially) important especially undesired consequences, giving cause for concern of significant, degree, amount, worthy of consideration’

The CQC advises that a single incident of misconduct may be so serious that it amounts to serious misconduct, whether the provider determines that the incident is incompatible with employment or not. Any serious misconduct renders a director unfit within the FPPR. Whereas serious mismanagement is likely to consist of a course of conduct over time. Any assessment of its seriousness needs to consider the impact on quality and safety of care for people who use the service, the safety and well-being of staff and the effect on the viability of the provider.

A provider could consider isolated incidences of the following types to amount to mismanagement that does not meet the required threshold:

  • Intermittent poor attendance
  • Minor breaches of security
  • Minor misuse of an employer’s assets
  • Failure to follow agreed policies or processes when undertaking management functions where failures had limited repercussions or were for justifiable purpose

The following are examples of misconduct and mismanagement that providers may well be expected to assess as serious:

  • Fraud or theft
  • Any criminal offence other than minor motoring offences
  • Assault
  • Sexual harassment of staff
  • Bullying
  • Any conduct that can be characterised as dishonesty, including:
    • Deliberately transmitting information to a public authority or to any other person which is known to be false
    • Submitting or providing false reference or inaccurate or misleading information on a CV
  • Repeated or ongoing tolerance of poor practice, or failure to promote good practice, leading to departure from recognised standards, policies, or acceptable practices

As part of reaching an assessment as to whether any actions or omissions of the director amounted to serious misconduct or mismanagement, providers should consider whether any individual director played a central or peripheral role. The provider should also consider any mitigating factors that could be relied on to downgrade the conduct that would otherwise be assessed as serious, albeit there is no further detail in respect of what those factors might be.

The guidance confirms allegations regarding a directors conduct while engaged in any other type of business or non-business activity are not relevant for Regulation 5(3)(d), however it is likely to be relevant to the director’s ‘good character’ and/ or his or her competence, skills and experience.

When the CQC is considering whether Regulation 5 has been breached, it will make a judgement about the provider’s decision; whether or not the provider acted reasonably when it made the determination.


When a provider is unable to demonstrate that it has undertaken appropriate checks when appointing directors this may indicate breach, the CQC will use its enforcement policy and decision tree to decide if there has been a breach and will consider what regulatory action to take. Accordingly, in cases of aspirant registrants, the CQC may refuse the registration. The guidance notes that although individual directors may be fit, collectively the board may demonstrate a lack of fitness in which case this would be addressed as a governance issue or via special measures.

Our Health and Social Care Providers team advises on a broad range of regulatory matters. Should you require any advice in relation to the above or indeed any CQC matter please do not hesitate to get in touch:

Andrew Parsons
Partner, Head of Healthcare – Providers
T. 020 7227 7282

Holly Bridden

T. 020 7227 7455


This briefing is for guidance purposes only. RadcliffesLeBrasseur LLP accepts no responsibility or liability whatsoever for any action taken or not taken in relation to this note and recommends that appropriate legal advice be taken having regard to a client's own particular circumstances.

Briefing tags