Why PS25/19 marks a turning point for complaint MI and what firms need to do next

Author’s note

This article was originally published on 22 December 2025 and updated on 7 May 2026 to reflect the FCA’s PS25/19 policy statement and its impact on complaint MI, vulnerability reporting and legal entity-level reporting.

Introduction

The FCA has finalised significant reforms to the complaint reporting process under PS25/19, bringing firms into a new era of transparency, consistency and regulatory scrutiny. The changes include a single six-monthly return for each legal entity, a modernised taxonomy that removes outdated categories, and clearer expectations for how firms identify and record customer vulnerability.

These updates might look procedural on the surface, but they’re not. In the FCA’s PS25/19 policy statement, the FCA says complaints data plays a vital role in understanding market trends, spotting current or emerging consumer harm, and improving its understanding of consumer outcomes after complaints. This tells us something important about the direction of travel.

For firms, complaint data is no longer just a regulatory obligation. Used well, it becomes a protective moat around the firm, helping leaders evidence what customers are experiencing, where harm may be emerging, and whether the firm is acting quickly enough to improve outcomes.

1. What practical impact do PS25/19 changes have?

A single six-monthly return at legal entity level

Firms must now submit one complaint return every six months, with each legal entity reporting separately. Group-level reporting is no longer permitted, which means inconsistencies and gaps that were previously hidden inside consolidated returns may become much more visible.

This change matters because the FCA expects greater accountability at individual firm level. If one entity has weaker data quality, different vulnerability capture, inconsistent categorisation or unexplained complaint patterns, this will be harder to hide behind the group view.

A refreshed complaints taxonomy

The FCA has updated the complaints taxonomy so complaints are categorised in a way that better reflects modern financial products and services. The aim is to reduce reliance on broad categories such as “Other”, which can dilute insight and make it harder to understand what customers are really complaining about.

This is a practical issue, not just a reporting one. If too many complaints end up in broad or unclear categories, leaders may struggle to spot repeat themes, root causes and emerging harm quickly enough.

Firms that want to improve the quality and visibility of their complaint MI can explore how Complyr supports data and analytics for regulated teams.

Mandatory reporting on vulnerability and harm

Firms must now report whether complainants are in vulnerable circumstances, regardless of whether this was identified through customer disclosure or another means. They must also report complaints where the complaint relates to, or was caused by, the firm’s failure to consider or respond to a customer’s characteristics of vulnerability.

This directly connects complaint reporting with Consumer Duty because the data should help show whether firms are recognising vulnerability, responding appropriately, and learning where customers may have suffered harm.

2. Why these changes make a difference for complaint MI and regulatory oversight

The FCA is raising the bar on MI quality

Under PS25/19, complaint MI and the evidence behind it will matter more. The FCA isn’t just asking firms to submit a different return. It’s asking for complaints data that is more consistent, more comparable and more useful for identifying harm, trends and poor outcomes.

This means firms need to trust how the data is captured, categorised and reported.

If a firm cannot show why a complaint was categorised in a certain way, how vulnerability was identified, what informed the decision at each step, or how the customer was supported, the MI becomes harder to rely on.

This is where manual workarounds create problems. Spreadsheets, manual notes and inconsistent categorisation can make it harder to explain the story behind the data. We’ve covered this in more detail in our blog on spreadsheet reporting blind spots in complaint handling.

The point for this article is simple: if the data behind the report is weak, the report itself becomes weak.

Vulnerability indicators are often not declared

Customers rarely say 'I am vulnerable'. More often, vulnerability shows up through behaviour, context, communication, life events, health, resilience or capability.

This is why complaint teams need more than a checkbox. They need time, training, clear workflows and enough visibility to spot when a customer may need additional support.

For leaders, the bigger challenge is making vulnerability recognition consistent across the complaint journey, not leaving it to individual judgement. We’ve covered this in more detail in helping leaders embed vulnerability into regulated complaint handling.

If firms don’t have these foundations in place, vulnerability is likely to be under-reported, recorded inconsistently, or missed completely. Under PS25/19, this becomes much more visible because firms must report both vulnerability and whether the complaint arose because vulnerability was not recognised or considered.

Atypical vulnerability ratios will raise questions

If the proportion of vulnerable customers within complaint data appears unusually high or low, the FCA will want to understand why.

Low ratios may indicate that vulnerability isn’t being properly identified or recorded.

High ratios may suggest unmet needs, process failure, poor customer support or ongoing harm.

Neither number tells the full story on its own, but both should prompt firms to look more closely at what is happening behind the data.

This becomes even more important with legal entity-level reporting. Once each entity reports separately, differences in vulnerability capture, complaint outcomes and customer support will be harder to hide inside a group-level view.

3. How do these fit into the FCA’s 2025 to 2030 strategy?

The direction of the FCA’s 2025 to 2030 strategy is pretty clear. The regulator wants to make better use of data, identify harm earlier, and focus more closely on whether firms are delivering good consumer outcomes.

PS25/19 supports this direction by creating clearer and more consistent complaints categories, improving visibility of vulnerability across sectors, removing group-level reporting that previously obscured trends, and allowing the FCA to compare firms more accurately.

This is why complaint reporting can no longer be treated as a backward-looking exercise. Used properly, complaint MI should act as an early warning system, helping firms understand where customers are experiencing friction, where harm may be emerging, and where action is needed before problems become harder to control.

This isn’t just a shift from manual processes to automated software. It’s a shift from reporting what happened to understanding what the data is trying to warn you about.

4. What firms need to do now

Review how complaint data is captured

Firms should start by looking at how complaint data is captured at case level. If categorisation is inconsistent, vulnerability is recorded differently across teams, or root cause is added after the event, those weaknesses carry through into the MI leaders rely on later.

This is where firms need clear workflows, consistent definitions and enough guidance for handlers to capture the right information at the right time.

Test whether MI can explain what is changing

Complaint MI shouldn’t just show movement in the numbers. It should help leaders understand what has changed, why it has changed, and whether the firm is doing enough in response.

Firms should review current MI patterns, including vulnerability ratios, complaint themes, uphold rates, repeat issues and entity-level differences. If one entity, product, journey or customer group looks different from the rest, leaders need to understand whether this reflects genuine risk, poor capture, inconsistent categorisation or something else.

Prepare for legal entity oversight

Each entity now needs to stand on its own. Firms with multiple entities should assess whether processes, categories, vulnerability capture, evidence trails and reporting quality are consistent enough to withstand individual scrutiny.

This is important because legal entity reporting may expose differences that were previously hidden in a group-level return. If one entity has weaker data, poorer evidence or different complaint outcomes, leaders will need to explain why.

Reduce reliance on manual reporting where it weakens evidence

Manual reporting is not automatically a problem, but it becomes risky when it creates delay, inconsistency or uncertainty around the numbers.

Firms should review whether complaint MI still depends on spreadsheets, shared drives, manual notes or one person knowing how the report is built. If it does, this may weaken the firm’s ability to evidence consistent categorisation, vulnerability capture, root cause analysis and legal entity reporting.

This is where complaint management systems can help structure processes, because the evidence is captured as the complaint moves through the workflow rather than being rebuilt afterwards.

5. What this practically means for complaint teams and consumers

The FCA wants customers in vulnerable circumstances to receive fair treatment and outcomes as good as those of other consumers. For complaint teams, this means there is even more pressure on how vulnerability is recognised, recorded, supported and evidenced throughout the complaint journey.

This is where PS25/19 moves beyond reporting. If a customer needs additional support, the firm needs to show how this was identified, what support was considered, what action was taken, and whether the outcome was fair.

For complaint teams, this means clearer visibility of the decisions they make and better evidence around the support provided. For consumers, it should mean fewer missed indicators, fewer avoidable barriers, and a better chance that the complaint process reflects their circumstances rather than forcing them through a standard route.

Handled well, firms will have earlier insight into issues, stronger evidence for decisions, and a clearer understanding of customer needs.

Handled poorly, vulnerability may still be missed, complaint data may be unreliable, and leaders may struggle to show whether customers are receiving fair and consistent outcomes.

6. How Complyr helps firms strengthen complaint MI and meet PS25/19 expectations

Complaint teams using Complyr can build vulnerability guidance into workflows, flag important customer information so it stays visible throughout the case, and capture root cause analysis consistently as the complaint moves forward.

This has a positive impact because PS25/19 puts more weight on the quality of complaint data, not just the final report. Firms need to show how complaints were categorised, how vulnerability was identified, what support was considered, and what the data says about customer outcomes.

Complyr helps by keeping case handling, evidence, actions, vulnerability indicators, root cause and reporting connected in one complaint management system. This makes evidence easier to produce, helps leaders trust the MI, and gives teams a clearer way to manage complaints in line with the expectations set out in PS25/19.

You can explore the product overview to see how Complyr supports regulated firms with structured complaint handling, clearer reporting and better oversight.