This blog takes stock of the FCA’s approach to consumer vulnerability in the light of the FCA’s latest business plan.  In particular, it discusses the regulatory expectations firms now face in this area, and what actions they might consider to meet them.

How the FCA’s Approach to Vulnerability has evolved

The FCA’s Occasional Paper on Consumer Vulnerability was published in February 2015. This was the first time the FCA had published a paper discussing vulnerability and the paper was intended “to stimulate interest and debate around vulnerability…among academics, practitioners and policymakers.”

As an Occasional Paper it was not focused on making policy changes, and so did not see the FCA make changes to its handbook or articulate a new set of vulnerability rules for firms to follow. Instead, the paper signalled the FCA’s interest in this area and offered “to provide practical help and resources to firms in developing and implementing a vulnerability strategy.”

However, the FCA’s approach to vulnerability became formalised as part of its Mission document, which was published in 2017 following a consultation in October 2016. Here, the FCA articulated the importance of vulnerability to its decisions and judgements, and as a key operating principle informing its day-to-day supervisory and regulatory activities.  Specifically, it emphasised that “understanding vulnerability is central to how we [the FCA] make decisionsand that “recognising where some user may be vulnerable [is a]…key factor in the way we make regulatory judgements.”

The FCA subsequently moved to strengthen its approach to vulnerable consumers as part of its ‘Future Approach to Consumers’ document and consultation, published in November 2017 (see our previous blog for more detail). This document makes clear that the FCA expects firms “to exercise extra care where consumers may be vulnerable” and “to pay attention to possible indicators of vulnerability and have policies in place to deal with consumers who may be at greater risk of harm.” It goes on to say that it will take any deliberate exploitation of vulnerable or excluded consumers very seriously.” The FCA closed its consultation on the 5th February and is due to publish its finalised Approach to Consumers paper this summer.

The focus on vulnerability was further emphasised in the FCA’s recently published Approach to Supervision document. Here the FCA lists “not receiving appropriate support when they [consumers] are vulnerable or in financial difficulty” as a source of harm that will be a supervisory “priority and focus.” It also says that it will seek “to stop actual harm as quickly and proportionately as possible…especially if those customers [affected] are vulnerable.”

The latest business plan’s treatment of vulnerability

At first sight, vulnerability would seem to have less prominence in the FCA’s latest 2018/19 Business Plan. Notably, the previous business plan’s cross-sector priority on “Consumer vulnerability and access” is no longer listed as a cross-sector priority.

In our view, however, this shift does not signal any diminution of the priority the FCA attaches to vulnerability but instead represents the FCA taking a more “business-as-usual” approach, by embedding vulnerability across its wider programme of work and supervisory activities.

Consistent with the Mission and approach documents mentioned earlier, vulnerability is a thread that runs through numerous pieces of work detailed in the FCA’s latest business plan.  With respect to new financial technology, the FCA says that it expects firms to “develop plans to deal with those who are more vulnerable”, while high cost credit is highlighted as an area where the harms caused by its products “tend to disproportionately affect vulnerable consumers.” The FCA also mentions its Feedback Statement on its Call for Input on Access to Travel Insurance, as a particular piece of work focused on protecting vulnerable consumers.

Our expectation is that, as a routine part of their regular supervisory engagements or firm visits, the FCA will increasingly question and probe firms’ approach to vulnerability, reflecting their expectation that firms should have appropriate systems and processes, as well as policies and procedures, for helping to identify and support vulnerable consumers.

Considerations for firms

The FCA’s continued focus on consumer vulnerability means that firms will need to demonstrate what steps and measures they are taking at all levels to identify vulnerable customers within their overall customer base and ensure that they are fairly treated and receive appropriate support. A further regulatory expectation is that consumers should have confidence that disclosing any vulnerability will not disadvantage them but rather lead to extra appropriate support.

In many cases developing an appropriate strategy on vulnerability will present significant challenges: the FCA’s definition of vulnerability is wide ranging and can be related to age, financial circumstances, specific medical conditions or disabilities, as well as other factors. Options firms may wish to consider include the following:

  • Undertaking a “vulnerability mapping” exercise in order to determine which aspects of vulnerability are most pertinent to their existing and any newly targeted customers. Firms should also consider the distinction between vulnerabilities which may be short term (e.g. bereavement) medium term (e.g. an illness) and longer term mental or health issues which mean they may need to interact with a customer in different ways.
  • Identifying vulnerable consumers within their customer population. Technology may have a key role to play here: for example, Deloitte’s Behavioural and Emotional Analytics Tool (BEAT)can be used to monitor voice interactions with customers, and detect potential signs of vulnerability through analysis of their speech, behavioural and emotional patterns.
  • Introducing specific policies and procedures to help consumers identified as vulnerable. A number of firms have started working with charities to develop their own approaches to consumer vulnerability, including on staff training programmes. In some cases this has involved creating specialist teams dedicated to helping vulnerable consumers and with certain discretions to waive or defer charges or allow repayment holidays in order to help those in difficult circumstances.
  • Introducing systems that can track consumers’ vulnerabilities and monitor them for any change. Consumers who have disclosed certain conditions or circumstances to firms are often frustrated by having to repeat this in subsequent interactions with the firm or to other parts of the same organisation. Ensuring that there is a joined up, cross organisational approach to vulnerability is important to consumers. However, any solution will need to carefully consider how details of a customer’s vulnerability are stored and shared, in order to stay compliant with data protection requirements.
  • Reviewing business models and approach to product design through the vulnerability lens. The FCA’s Mission highlights the particular concern it has about potentially vulnerable consumers cross subsidising consumers without such vulnerabilities, for example through unarranged overdrafts.


1BEAT is Deloitte’s unique outcome based voice analytics platform. Using advanced cognitive technology and machine learning models, BEAT offers a fully integrated voice and interaction surveillance solution that monitors customer interactions, manages alerts through risk scoring and provides a view on key risk indicators resulting from customer interaction.


Andrew Bulley

Andrew Bulley - Partner, Centre for Regulatory Strategy, Deloitte

Andrew Bulley joined Deloitte in October 2016 from the Bank of England, where he was, most recently, the Director of Life Insurance Supervision.  Between 2014 and 2016 he was a UK voting member of the Board of Supervisors of the European Insurance and Occupational Pensions Authority (“EIOPA”).  In a career with the Bank of England and Financial Services Authority stretching over 27 years, Andrew has held senior roles in the supervision of life and general insurers, the London wholesale insurance underwriting and broking markets, retail and investment banks, asset managers, and IFAs.

Email | LinkedIn


Orla Hurst - Senior Manager, Centre for Regulatory Strategy

Orla is a Senior Manager in Deloitte’s Centre for Regulatory Strategy where she focuses on Conduct Regulation. She has extensive experience of working with financial services firms to help them understand the strategic and operational implications of changes to conduct regulation. She joined Deloitte in June 2017.

Email | LinkedIn


Felix Bungay - Manager, Centre for Regulatory Strategy

Felix is a Manager within the EMEA Centre for Regulatory Strategy in Deloitte’s London office, where he focuses on conduct regulation across a range of financial services sectors. Prior to joining Deloitte, Felix worked at the FCA where he helped produce a wide range of the organisation's House and Sector Views, including those on Retail Banking and Lending, Retail Investments and Wholesale Capital Markets.

Email | LinkedIn


Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.


Post a comment

Comments are moderated, and will not appear until the author has approved them.