COMPLIANCE

Consumer Duty for Mortgage Brokers: The File-Check Checklist

A practical, file-by-file checklist for evidencing Consumer Duty in a UK mortgage and protection firm — the four outcomes, fair value, vulnerable customers, and what a reviewer actually looks for.

11 min read · 1 Jun 2026

Consumer Duty isn't a one-off project you finished in 2023. It's an ongoing standard the FCA expects you to evidence on every case, every review, and across your firm as a whole. The hardest part for most mortgage and protection firms isn't understanding the principle — it's proving, file by file, that you delivered good outcomes. This checklist breaks down exactly what a file should contain.

The four outcomes, in plain terms

Consumer Duty rests on a consumer principle ("a firm must act to deliver good outcomes for retail customers") supported by four outcomes. On a mortgage or protection file you need to be able to show each one:

  • Products & services — the recommendation meets the customer's needs and objectives, and they're in the target market for it.
  • Price & fair value — the total cost (rate, fees, your own charges, and any protection premium) is reasonable relative to the benefit the customer receives.
  • Consumer understanding — the customer understood the recommendation, the risks, and the costs, in language suited to them.
  • Consumer support — the customer could act on the advice and raise questions without unreasonable barriers.

The file-check checklist

For each case, a good file evidences the following. Treat anything missing as a gap to close before the file is "advice complete".

Needs and objectives

  • A documented fact find capturing the customer's circumstances, priorities, and objectives — in their words, not boilerplate.
  • The "why" behind the objective (e.g. reducing monthly outgoings, raising capital, fixing for certainty) recorded clearly.
  • Any objective you advised against, with the reason.

Suitability

  • A suitability letter that names the recommendation and explains why it meets the stated objectives.
  • The customer's income, expenditure, and affordability assessment, with the basis of the affordability conclusion.
  • Adverse credit, complex income, or other features addressed explicitly — not glossed over.
  • For joint cases, each applicant's circumstances reflected, not just the primary's.

Fair value

  • Evidence that the product was sourced across the market, not just from a narrow panel.
  • Your own fees disclosed clearly, with the value they represent.
  • Where a protection product was recommended alongside, the premium framed against the benefit — not bundled in without justification.

Vulnerability

  • A vulnerability assessment on the file — even when the conclusion is "no indicators identified". A blank is not the same as a "no".
  • Where indicators are present (health, life events, resilience, capability), what you did differently and why.

Understanding and support

  • Confirmation the customer understood the rate, term, costs, and any early repayment charges.
  • A record of how you communicated — and that the channel suited the customer.
  • Clear next steps and how the customer can contact you.

What a file reviewer actually looks for

A compliance reviewer (internal, network, or the FCA) is testing one thing: can you demonstrate the outcome, not just the activity? "We discussed protection" is activity. "Client declined income protection; rationale recorded; affordability of the shortfall noted" is an outcome you can stand behind. The difference is whether the file would survive scrutiny if something went wrong two years later.

The other thing reviewers look for is consistency across the firm. One excellent file and nineteen thin ones is a firm-level problem. This is where firms most often come unstuck — not on the principle, but on doing it uniformly at volume.

Making it repeatable

The reason Consumer Duty feels heavy is that it adds evidence requirements to work advisers were already doing. The fix is to capture the evidence as a by-product of the workflow rather than as a separate admin task. A CRM built for UK advice can default a vulnerability assessment onto every fact find, timestamp each action into an audit trail, and pull the customer's real circumstances through into the suitability letter automatically — so the file is complete because the work was done, not because someone remembered to write it up.

Adviser IQ's compliance workflows are built around exactly this: the evidence accumulates while the adviser advises. The goal isn't more admin — it's a file that's already review-ready the moment the case completes.

FAQ

What does Consumer Duty require on a mortgage file?

A mortgage file should evidence all four Consumer Duty outcomes: that the product meets the customer's needs, that it represents fair value, that the customer understood it, and that they were supported to act. In practice that means a clear fact find, a suitability rationale, a fair-value and affordability assessment, and a vulnerability assessment — even where no vulnerability is identified.

Do I need a vulnerability assessment when the customer isn't vulnerable?

Yes. The expectation is that you considered vulnerability on every case and recorded the conclusion. A documented "no indicators identified" is evidence you assessed it; a blank field is not.

How often should we review Consumer Duty?

Consumer Duty is ongoing, not annual. Evidence it on every case at the point of advice, monitor outcomes across the firm continuously, and review your products, fees, and customer outcomes at least annually at board level.

Share this article

Ready when you are

Transform your firm

Book a demo to see the UK's most intelligent CRM for mortgage and protection advisers in action.