With the Financial Conduct Authority’s (FCA’s) review on vulnerable clients soon drawing to a close, and with the regulator maintaining that financial vulnerability will be a key focus for 2025, I think this year we will finally start to see the regulator move from carrot to stick mentality.
As such, never before has it been more crucial for those working in the mortgage industry to ensure that they have adequate processes in place to identify and support their vulnerable clients.
With some of the early indications showing concerns around identification levels – specifically firms who may be identifying sub five or 10% of their customers as being vulnerable (the rate should be more in the region of 24%) – and with some firms struggling with their vulnerability reporting, it seems that some vital questions will need to be asked. And quickly!
Here are five key questions that mortgage professionals must ask themselves right now around their vulnerability processes in 2025.
Are you taking a tick box approach to client vulnerability?
In order to provide the support that all your mortgage clients deserve, we as finance professionals, must understand that vulnerability is incredibly nuanced and complex.
As such, to look for one of a rigid series of potential indicators of vulnerability or take a tick box approach has never, and will never, work.
What is required is a means to systematically identify all signs of vulnerability for each and every client on an ongoing basis.
This means combining clinical expertise with hard data though an online assessment and removing any bias and subjectivity.
This will help the professional steer clear of certain trigger-words that a tick-boxing approach might encourage.
Only with a specialist and systematic, clinical assessment focused on data, can professionals ensure that all vulnerability drivers are consistently in scope across an entire client base.
Can you evidence whether each of your clients are in a vulnerable circumstance, vulnerable or not vulnerable?
Many professionals in the mortgage industry have been struggling with their vulnerability identification process – specifically understanding the difference between clients who may be facing a vulnerable circumstance, versus those who are clinically vulnerable.
The reality is that vulnerability is a delicate threshold that shifts throughout our lives and this needs to be taken into consideration during every assessment.
Here’s an example. If we were to suffer an event such as a cancer diagnosis or a redundancy, but we managed it well, we might be in a vulnerable circumstance, but may not yet be vulnerable.
It’s when we don’t have the resilience or reserve to combat those difficulties that we take that next step and find ourselves at risk from vulnerability.
Mortgage professionals need to be aware that vulnerability rarely exists in isolation.
We don’t have mental health in one silo, physical health in another, our work-life in a third.
All it takes is for the balance to tip ever so slightly before one affects the others and we find ourselves in a situation that’s difficult to cope with.
Something like a physical illness may keep us from going to work, affecting our mental health, and causing everything to feel overwhelming.
It’s that recognition of the interplay between different factors, and of the boundary not being a neat separation between being vulnerable and not.
Can you produce detailed data and MI on what vulnerabilities are present in your client base?
As with many complex challenges like this, data is, and always will be, the answer.
A CII paper that was produced in late 2024 documented that 21% of firms still have a ‘data gap’ when it comes to understanding vulnerability and that 26% of firms are merely using data right now as a ‘stop gap’ – rather than it being fit for purpose long term.
These figures are worrying enough, but we would maintain that the figures are actually even higher than this CII data set reveals.
Quite clearly there is still a significant difference between understanding vulnerable customers and identifying vulnerable customers.
But firms really need to understand both – and the only way to do that is through detailed data analysis and a robust identification process.
A systematic process for screening all clients, with appropriate accommodations for the needs of those at risk, is essential.
Are you able to demonstrate how you have supported your vulnerable clients – and indeed those who are not?
For the vulnerability identification and assessment process to work, it must be done consistently across all clients.
This means that every client should be assessed in the same way, no matter whether the professional thinks they are likely (or unlikely) to be vulnerable.
This is undoubtedly a complex process – not least because of how nuanced vulnerabilities can be.
And as we know, if a vulnerability has been identified, the professional must ensure that they have supported that client in the right way to ensure the best outcome for that client.
Any vulnerabilities that are identified – as well as any actions or interventions that are taken to provide support – are comprehensively recorded in a way that can be recovered and acted upon later.
And remember, it’s not just about recording if someone is vulnerable. In fact, in order to compile the most comprehensive records, firms should also keep thorough records of clients
who they have recorded as not being vulnerable too. Only then can firms ensure they are providing the best possible outcomes for all their clients.
Are you able to demonstrate that you conduct your vulnerability assessments routinely?
Assessing a client for signs of vulnerability should never be treated as a one-off task. After all, vulnerabilities aren’t static. They come and go, changing guises regularly.
If a mortgage professional is supporting a client through one mortgage transaction, running a robust assessment at point of advice is normally sufficient.
That being said, good practice for mortgage professionals – specifically if they are dealing with a client on an ongoing basis – would be to carry out a vulnerability assessment yearly.
These five questions are fundamental in how you work with your clients this year – and to ensure your firm is protected should the regulator come knocking.
From larger fines to closer investigations, things are ratcheting up.
Identification. Action. Reporting – don’t delay.
Jonathan Barrett is CEO at Comentis
