← Back to all briefings
Policy 7 min read Published Updated Credibility 40/100

Policy Briefing — July 31, 2025

The UK FCA expects Consumer Duty boards to sign off 31 July 2025 outcomes assessments with MI, fair value remediation, and vulnerable customer evidence ready for supervisor challenge.

Zeph Tech Research Lead

Research lead, Zeph Tech

Timeline plotting source publication cadence sized by credibility.
2 publication timestamps supporting this briefing. Source data (JSON)

Executive briefing: The Financial Conduct Authority (FCA) expects every board subject to the Consumer Duty to approve its second annual outcomes assessment by 31 July 2025. The assessment must evidence how retail products and services met the Duty’s cross-cutting rules and four outcomes during the 2024/25 cycle, with particular scrutiny on closed-book portfolios, vulnerable customer journeys, and the remediation actions that followed the July 2024 milestone. Supervisors are already requesting advance sight of board packs, and Senior Managers Function (SMF) holders must be ready to defend the governance, data quality, and cultural drivers that underpin the report.

Regulatory focus areas

The FCA’s 2024 Dear CEO letters, multi-firm reviews, and portfolio strategy documents highlight five inspection themes for 2025:

  • Quality of management information. Boards must challenge metrics covering product performance, price and value, consumer understanding, and consumer support. Evidence must show that MI is timely, segmented by customer cohorts, and reconciled against source systems.
  • Remediation delivery. Supervisors will test whether firms addressed root causes identified in the first board report, with tracked actions tied to accountable executives and resource budgets.
  • Closed products. Legacy books, back-book communications, and exit support must demonstrate measurable outcome improvements, particularly for vulnerable or financially constrained customers.
  • Culture and incentives. Boards should document how remuneration policies, training programmes, and conduct metrics reinforce Duty behaviours.
  • Third-party oversight. Outsourced distributors, claims handlers, and technology partners remain within scope; the FCA expects documented oversight and remediation leverage.

Firms that cannot produce structured evidence risk section 166 skilled person reviews, consumer redress programmes, or supervisory interventions restricting product launches.

Governance controls to document

Board ownership. Minutes from the 2024/25 cycle should show that the board or a dedicated Consumer Duty committee set the review scope, challenged management’s findings, and approved remediation funding. Capture attendance lists, conflicts of interest declarations, and the decision trail for each material judgement.

SMCR alignment. Map Duty responsibilities to SMF1, SMF16/17, and relevant SMF24 (Chief Operations) roles. Include evidence of annual Statements of Responsibilities updates and reasonable steps documentation, including attestations or assurance reports.

Policy framework. Update the Consumer Duty policy, product governance standards, pricing policies, and vulnerable customer framework. Evidence that each policy contains clear control objectives, escalation triggers, and links to the conduct risk appetite statement.

Second-line challenge. Compliance and risk functions should provide independent commentary on the outcomes assessment, including data validation results, gap analyses, and opinions on the sufficiency of remediation plans. Store formal challenge letters, management responses, and acceptance or override decisions.

Internal audit. Maintain internal audit reports covering Duty governance, MI reliability, and product lifecycle controls. Document the closure of high-rated findings and the board’s oversight of overdue actions.

Evidence pack structure

Organise the evidence pack in a controlled document repository with restricted access and full audit trails:

  • Board dossier. Final board paper, slide deck, appendices, and minutes. Include scenario analysis, outcome dashboards, and heat maps highlighting areas needing investment.
  • Data lineage folder. Data dictionaries, ETL process notes, data quality scorecards, and reconciliations showing the path from source systems to board MI.
  • Outcome assessments. Narrative write-ups for each of the four outcomes, including KPI trends, customer research insights, and evidence of customer testing or behavioural experiments.
  • Remediation tracker. A living register of issues, action owners, budgeted spend, delivery milestones, and impact assessments. Tag actions linked to closed-book improvements, complaints reduction, or product withdrawals.
  • Third-party oversight. Due diligence reports, contractual control clauses, service level performance metrics, and exit plans for critical partners.
  • Customer voice. Complaints root cause analysis, net promoter scores, vulnerability indicators, and qualitative feedback from panels or focus groups.

Apply naming conventions incorporating product line, customer segment, and reporting period so auditors can trace evidence quickly. Implement retention schedules aligned with DISP, SYSC, and data protection rules.

Reporting workflow

Design the 2025 board report workflow with defined control gates and attestation points:

  1. Scoping (January–February). Board sets priorities, approves methodology updates, and confirms internal audit coverage. Document risk appetite adjustments and links to strategic planning.
  2. Data build (March–April). Product teams deliver refreshed dashboards, validated by data governance. Record data quality issues, remediation timelines, and responsible data stewards.
  3. First-line assessments (April–May). Business units write outcome narratives, referencing MI, customer research, and remediation outcomes. Capture review notes from line management and challenge sessions with compliance.
  4. Second-line challenge (May–June). Compliance and risk functions test completeness, run thematic reviews, and issue challenge memos. Evidence any recalculated metrics, sample testing outcomes, or requests for additional data.
  5. Executive review (June). Executive Consumer Duty forum consolidates the assessment, agrees ratings, and signs off on the action plan. Minutes must show debate over contentious conclusions.
  6. Board sign-off (July). Provide the board pack at least two weeks before the meeting. Record the approval resolution, any dissenting opinions, and commitments to follow-up reporting.
  7. Regulator engagement (post-approval). Maintain a ready-to-send supervisory response pack with the final report, MI annex, and remediation tracker. Log all FCA interactions, requests for information, and deadlines.

Data and MI discipline

Boards will expect a single version of the truth across customer, complaints, and financial data sets. Build a Consumer Duty data mart that integrates core banking, policy administration, claims, servicing, and digital journey analytics. Implement data quality controls such as reconciliation dashboards, anomaly detection, and vulnerability segment tagging. Document sign-off by data owners and maintain evidence of data access reviews.

Enhance consumer understanding metrics by capturing open rates, comprehension testing, chatbot transcripts, and call centre analytics. For the consumer support outcome, track response times, first contact resolution, and quality assurance sampling. Fair value assessments should show cost-to-serve analysis, margin breakdown, and competitor benchmarking.

Culture and training evidence

Provide training completion statistics segmented by role, with particular attention to frontline staff, product designers, and senior managers. Include training materials, evaluation scores, and evidence that the curriculum covers vulnerable customer handling, product exit strategies, and the Duty’s cross-cutting rules.

Document cultural indicators: conduct risk surveys, whistleblowing themes, staff turnover in key roles, and incentive scheme adjustments linked to customer outcomes. Boards should review how performance scorecards tie to Duty metrics, including malus and clawback triggers where relevant.

Remediation and investment planning

The 2025 assessment should translate findings into a costed, prioritised remediation roadmap. Include business cases for technology enhancements, journey redesign, or product withdrawals. Each action should specify:

  • Target customer segments and expected outcome uplift.
  • Dependencies on data remediation, third-party changes, or regulatory approvals.
  • Budget allocation and capital expenditure approvals.
  • Benefits realisation metrics and review dates.

Boards must ensure funding decisions align with strategic plans and capital forecasting. Tie remediation back to the enterprise risk appetite, including risk limits for conduct breaches, complaints volumes, and financial promotions.

Assurance and monitoring

Plan assurance cycles that extend beyond the July board meeting. Internal audit should review the control effectiveness of the remediation plan, data governance, and MI reporting later in 2025. Compliance monitoring should incorporate targeted reviews of high-risk products, vulnerable customer journeys, and third-party governance.

Establish key risk indicators (KRIs) and key performance indicators (KPIs) with defined thresholds, early warning triggers, and escalation paths. Automate dashboards to provide monthly updates to executive committees and quarterly summaries to the board.

External reporting alignment

Align Consumer Duty outputs with wider disclosures, including ESG reports, financial statements, and senior manager attestations. Document how Consumer Duty findings inform ICAAP, ORSA, or recovery and resolution planning where relevant. Coordinate messaging for investor relations, ensuring public statements on customer outcomes are substantiated by the evidence pack.

Pre-July 2025 action checklist

  • Complete a dry-run board session by May to test MI packs, narratives, and director challenge.
  • Update the enterprise conduct risk appetite and control library to reflect 2024/25 lessons.
  • Refresh outsourcing registers and oversight testing for Consumer Duty obligations.
  • Conclude data remediation projects affecting vulnerable customer identification and fair value calculations.
  • Prepare a supervisory submission pack, including summary letters, within a 5-day turnaround commitment.
  • Agree post-board tracking arrangements, with quarterly updates on remediation progress and MI enhancements.

Zeph Tech equips boards with Consumer Duty control frameworks, MI validation routines, and supervisory engagement scripts so the July 2025 outcomes assessment demonstrates credible, customer-first governance.

Timeline plotting source publication cadence sized by credibility.
2 publication timestamps supporting this briefing. Source data (JSON)
Horizontal bar chart of credibility scores per cited source.
Credibility scores for every source cited in this briefing. Source data (JSON)

Related briefings

Curated signals from the same pillar or overlapping topics.

Continue in the Policy pillar

Return to the hub for curated research and deep-dive guides.

Visit pillar hub

Latest guides

  • FCA Consumer Duty
  • Retail conduct supervision
  • Board attestations
Back to curated briefings