How do we evidence fair outcomes for vulnerable customers under Consumer Duty?

You can evidence fair outcomes for vulnerable customers under Consumer Duty by being able to consistently show, case by case, how vulnerability is identified. This can include what support or adjustments are applied, how outcomes are reviewed, and what changes are made when harm or repeat issues are found. Evidence needs to show the process worked in practice, not just that a policy exists.

What MI should leaders track for vulnerability in complaint handling?

At a minimum, leaders should track vulnerability flags, themes by product or root cause, time to resolution, uphold and overturn rates, repeat contact, escalations and FOS referrals. Most importantly, they should track whether vulnerability is being identified consistently and whether it affects outcomes or treatment.

How can complaint leaders embed vulnerability consistently across case handlers?

Complaint leaders can embed vulnerability across case handlers by designing the process so the right prompts, flags, fields, guidance and QA checks appear during the case journey. Consistency comes from system design: workflows that prompt vulnerability checks, visible notes, fields to record adjustments, embedded guidance, QA checks and MI that highlights gaps. If the process relies on memory and good intentions, it will fail under pressure.

How can a complaint management system help complaint teams embed vulnerability consistently?

A complaint management system helps complaint teams embed vulnerability by guiding handlers through consistent workflows, prompting vulnerability checks, and making adjustment options clear. It keeps vulnerability information visible across channels, creates an audit trail of decisions, and helps teams spot patterns, forecast risk, and evidence fair treatment. It also reduces cognitive load and makes complaints easier to track and manage.

What reasonable adjustments should leaders build into complaint handling for vulnerable customers?

Practical adjustments include different communication channels, accessible formats, plain language, written summaries, support from a trusted third party where appropriate and review points for changing needs. The aim is to make support easy to apply, record, and review, not to create a separate process for every case. Teams also need the training and confidence to use these adjustments consistently, otherwise vulnerable customers are more at risk of harm.

Friday, March 27, 2026

Helping leaders embed vulnerability into regulated complaint handling

Ruby Knight

Vulnerable Customer SupportVulnerable Customer Support

Consumer Duty and ComplaintsConsumer Duty and Complaints

A street sign reading 'Vulnerability' and underneath text reading 'The sharpest test of your systems and culture'

In this article, we're going to discuss:

This guide is written for complaint handling leaders responsible for oversight, MI, and system-level controls.

How can leaders embed vulnerability into regulated complaint handling?

Leaders can embed vulnerability into regulated complaint handling by making sure support needs are recognised, recorded, acted on, reviewed and evidenced through the complaint process. This means using clear workflows, consistent data capture, visible vulnerability flags, communication adjustments, management information and quality assurance checks that show whether fair outcomes are being achieved in practice.

Consumer vulnerability is a leadership responsibility and firmly on the FCA’s radar.

On 10 October 2024, the FCA fined TSB Bank £10,910,500 for failing to treat customers in arrears fairly. TSB had already paid £99.9 million in redress to 232,849 mortgage, overdraft, credit card and loan customers. The issue wasn’t bad intent by TSB. It was weak systems and controls that produced poor outcomes for consumers in financial difficulty.

This is a reminder that regulators don’t only look at outcomes. They look at whether controls are strong enough to prevent predictable harm.

If you lead a regulated complaints function, the question is simple:

Can your operation detect vulnerability, adapt processes and evidence fair outcomes consistently?

What does vulnerable mean under FCA guidance?

The FCA Handbook defines a vulnerable customer as someone who is especially susceptible to harm because of personal circumstances.

In practice, firms need to categorise vulnerability as:

Permanent: for example, long-term health conditions
Sporadic: for example, fluctuating mental health or episodic illness
Temporary: for example, bereavement or job loss

Sporadic and temporary vulnerabilities can be undeclared, which often makes the complaint more complex.

Sporadic cases require regular reviews and a consistent approach
Temporary cases need time-limited adjustments with clear review or expiry dates

The FCA places the responsibility of identifying vulnerability squarely on the firm: they don’t expect the customer to declare it.

Should vulnerable customers be handled by specialist teams?

If frontline teams lack the skills and capability to recognise and respond to vulnerability, it’s obvious that the FCA requirements will be missed. Many firms have created specialist vulnerability teams, believing this solves the problem. It may feel like the right thing to do on paper, but I don't necessarily agree with this approach.

If teams are constantly shielded from these situations, they'll never develop the experience to recognise what isn’t being said, but really matters. The responsibility for supporting vulnerable customers shouldn’t stay within one team. Instead, it should be shared across the business, with clear frameworks, training, and support.

We all know detecting when customer needs additional support isn’t as simple as reading through a list of symptoms and ticking a box. Teams need to spot the nuance, understand what may not be said directly and know how to respond without turning the process into a script.

If you’re looking for practical guidance on applying vulnerability frameworks for your team, read: A practical guide for complaint case handlers: dealing with vulnerable customers.

Why the FCA doesn’t always get vulnerable customer communication right

Despite issuing detailed guidance on support for vulnerable customers, the FCA doesn’t always get the communication right.

Some FCA consumer updates are still written in language that many customers may struggle to understand, especially where they have low literacy, cognitive difficulties, anxiety, financial stress or limited confidence dealing with regulated firms.

The motor finance redress scheme is a good example. The FCA has published consumer information using language that can be above the reading age often recommended for customer communications.

This has an impact because clarity isn’t just a writing preference. If customers can’t easily understand what’s happening, what they need to do, or whether they need to act at all, the process becomes harder for the very people the communication is meant to help.

For complaint leaders, the lesson is practical: don’t assume a communication is clear because it’s technically accurate. Vulnerable customers may need plain language, shorter explanations, accessible formats, written summaries, or extra support to understand what happens next.

Why can vulnerable customer support break down in complaint handling?

If complaint teams are constantly firefighting their way through a backlog of cases, the chances of missing a vulnerability marker are higher, because they simply don’t have the time to look, or listen out for them.

Operational risk increases when a vulnerable customer needs support and the complaint process doesn’t provide it. Needs often weren’t met earlier on in their journey, and missing a second chance will compound the problem.

This is more common than many firms think, and common pitfalls include:

In-depth training isn’t provided, or is too infrequent
Missed markers because information logged in one channel isn’t visible in another
Inconsistent policy interpretation
Unrealiable reporting and weak root cause analysis
Weak evidence that won’t withstand FCA or FOS scrutiny

Regulators act when system weaknesses harm vulnerable customers, which is why it’s important to embed vulnerability frameworks into the workflow.

For example, in May 2022, Ofgem required Western Power Distribution to pay £14.9 million into the Redress Fund, after failing to provide essential services and information to Priority Services Register customers.

A different sector with a different regulator, but the message is the same: system and process gaps cost both customers and regulated firms.

If decisions aren’t consistent across case handlers, the 5 Cs of complaint handling framework, can help add structure to the approach.

What does FCA vulnerability guidance mean for complaint handling?

FCA vulnerability guidance is particularly relevant to complaint handling because something has already gone wrong for the customer. If the customer is showing signs of vulnerability and the firm doesn’t act with appropriate care, the complaint process can increase the risk of further financial or emotional harm.

Complaint teams need to identify support needs quickly, respond proportionately, record what was considered and evidence how the customer was treated throughout the complaint. The FCA has also recognised that consistent treatment of vulnerable customers remains a challenge for firms.

This is where good reporting becomes important. Leaders need to see whether vulnerability is being identified consistently, whether adjustments are being applied, whether outcomes are fair and whether certain customer groups are experiencing longer delays, higher uphold rates or repeat issues.

The FCA’s expectations set out the standard it holds firms to when they handle complaints from vulnerable customers. For complaint leaders, the challenge is making sure this standard is visible in the workflow, the case file, the MI and the decisions being made across the team.

How can leaders embed vulnerability frameworks into complaint workflows?

Leaders can embed vulnerability frameworks into complaint workflows by turning them into practical prompts, fields, actions and review points inside the complaint process. The aim isn't to make handlers follow a script. It's to make sure the right questions, checks and support options are available when the customer’s circumstances suggest they may need additional support.

Frameworks only work when they are part of day-to-day complaint handling. If TEXAS, BRUCE or IDEA are buried in a policy manual or training slide, they are too easy to forget when the team is busy, the customer is upset and deadlines are approaching.

Used well, these frameworks can support different parts of the complaint journey:

TEXAS can help handlers manage disclosure, explain why information is being recorded, obtain explicit consent where needed, ask appropriate questions and signpost support
BRUCE can help handlers think about behaviour, remembering, understanding, communication and evaluation where capacity or resilience may be a concern
IDEA can help leaders build a wider approach by identifying customer needs, designing support, evaluating whether it works and adjusting the process where needed

FG21/1 sets the FCA’s expectation and the Money Advice Trust gives firms some of the practical tools. The challenge for complaint leaders is making sure these don’t just stay in a policy folder gathering dust.

Frameworks such as TEXAS, BRUCE and IDEA need to show up in the workflow, not just in training. This means system prompts, templated questions, signposting libraries, review points and case fields that help handlers apply the guidance in real time and leave a clear audit trail behind them.

This is where vulnerability support becomes more reliable. One handler may record detailed notes, another may only add a vague comment, and another may miss the marker completely because the case is moving quickly. Building the frameworks into the workflow reduces the chance that support depends on memory, confidence or who happens to pick up the case.

Money Advice Trust resources, including the Handy vulnerability cards, can also be useful practical tools for handlers. They worked well for my team because they gave people something simple to refer to in the moment, rather than expecting them to remember every possible vulnerability scenario from training.

Does data protection law stop firms supporting vulnerable customers?

Data protection law does not stop firms supporting vulnerable customers. The FCA and ICO’s joint March 2026 statement makes clear that UK data protection law does not prevent firms from delivering good consumer outcomes under the Consumer Duty, provided firms still comply with data protection requirements.

This is useful clarification because firms can sometimes treat data protection as a reason to avoid recording or sharing vulnerability-related information. In practice, the risk can run the other way. If support needs aren’t recorded properly, the customer may have to repeat sensitive information, handlers may miss agreed adjustments, and leaders may struggle to evidence whether vulnerable customers are receiving fair and consistent outcomes.

The FCA and ICO statement focuses on three practical areas: supporting consumers in vulnerable circumstances, sharing information appropriately across distribution chains, and monitoring whether customer outcomes are effective.

For complaint leaders, this strengthens the case for clear systems and controls. Firms need a lawful, proportionate and consistent way to recognise vulnerability, support disclosure, record relevant information, tailor communications, share information responsibly where needed, and monitor outcomes over time.

This doesn’t mean recording everything “just in case”. It means recording the information needed to support the customer properly, controlling access, and keeping enough evidence to show how the firm acted with appropriate care.

How can complaint teams build communication adjustments into workflows?

Complaint teams can build communication adjustments into workflows by turning common support options into visible prompts, fields, templates and review points. This helps handlers offer the right adjustment at the right time, record what was agreed and evidence how the customer was supported during the complaint.

It’s not enough to expect case handlers to remember every possible vulnerability adjustment in the moment, especially if they aren’t frequently exposed to these types of complaints.

Leaders can help by making sure practical support options are built into the process itself. This includes communication channel choices, accessible formats, plain language prompts, written summaries after key calls, and clear ways to record when a trusted third party is involved.

The workflow should also make it easy to record whether an adjustment was offered, accepted, declined or needs to be reviewed later. This is especially useful where a customer’s circumstances are temporary, intermittent or likely to change during the complaint.

When these adjustments are built into workflows, templates, QA checks and management reviews, firms are less likely to rely on individual judgement alone. This improves consistency, strengthens the audit trail and makes it easier to evidence fair treatment later.

How can firms measure and evidence fair outcomes for vulnerable customers?

Firms can measure and evidence fair outcomes for vulnerable customers by comparing how complaints involving vulnerability are identified, supported, progressed and resolved against the wider complaint population. This means looking at whether support needs are being recorded consistently, whether adjustments are being applied, whether outcomes are fair and whether customers in vulnerable circumstances are experiencing longer delays, higher escalation rates or different outcomes.

Under the Consumer Duty, firms need to be able to evidence that outcomes are fair and consistent for all customers, including those in vulnerable circumstances.

This means capturing measurable and comparable data.

At a minimum, track:

Average complaint resolution time for each vulnerability type, including the impact of adjustments
Outcome parity between vulnerable and non-vulnerable cohorts
Escalation and uphold rates at the Financial Ombudsman Service (FOS)
Quality of reasoning in case notes and resolution letters

A firm can have comprehensive policies and good intentions, but leaders still need MI that shows how vulnerable customers are being treated in practice.

The FCA expects firms to provide evidence that they are actively monitoring, analysing, learning, and developing (MALD) to address vulnerability markers.

This expectation is now reinforced by the FCA and ICO’s March 2026 statement.

If you’re currently strengthening reporting and governance, or would like to know more, it’s also worth reading what PS25/19 means for complaint MI. The FCA’s expectations are going beyond reporting volume towards insight and oversight.

How can technology improve consistency in complaint handling for vulnerable customers?

Technology can improve consistency in complaint handling for vulnerable customers by making vulnerability checks, support needs, communication adjustments, review points and evidence capture part of the complaint workflow. It helps teams apply the same standards more reliably, even when handlers are busy, cases are complex and customers need different types of support.

Setting good objectives and relying solely on employees to deliver fairness and consistency aren’t bulletproof controls. You can have a great team, but when the pressure’s on, it’s easy for people to forget something important or miss a vulnerability marker.

The more reliable way to support vulnerable customers is to build the right prompts and controls into the complaint handling workflow. This could include:

system flags and notes that are always visible
guided steps in real time that prompt TEXAS or BRUCE actions when risk indicators appear
a single source of truth, so vulnerability markers travel across all channels
automatic audit trails that record decisions and reasoning
good quality reports to spot patterns, forecast risk and show improvement over time

Specialist complaint management systems can help guide case handlers step by step through the workflow and help teams capture decisions clearly for audit. Used well, they make consistent, evidenced complaint handling far easier to achieve.

Vulnerability isn't an edge case. It's one of the clearest tests of whether your systems, culture and leadership actually work.

Frequently asked questions: embedding vulnerability in complaint handling for vulnerable customers

Back to Complaint Management