The FCA Compliance Audit Trail: What Mortgage Advisers Must Document in 2025

Consumer Duty came into force in July 2023, but its practical implications for mortgage advisers are still working through the industry. The FCA's supervisory focus has shifted from whether firms have policies to whether those policies are evidenced in individual client files. The question is no longer "do you have a suitability framework?" but "show me the file for this client and walk me through how you applied it."

This is a materially higher bar. And for most mortgage firms, the gap between the documentation they have and the documentation the FCA expects is larger than they realise.

What Consumer Duty Requires, Specifically

The Duty's four outcomes — products and services, price and value, consumer understanding, and consumer support — each generate documentation requirements.

For mortgage advisers, the most operationally demanding of these is consumer understanding: you must be able to demonstrate that the client understood the advice given to them, understood the key risks, and had the opportunity to ask questions. This is not satisfied by a signed terms of business or a completed fact-find alone. The FCA expects evidence of the communication itself.

That means, at minimum:

• A record of the suitability conversation (not just a completed form, but evidence that the conversation happened)
• Documentation of the client's stated objectives in their own words, or close paraphrase
• A record of any alternatives you considered and why they were not recommended
• Evidence that the client was given sufficient time to consider the recommendation before proceeding

For higher-risk cases — portfolio landlords, adverse credit, complex income structures — the documentation standard is higher still.

The Seven Things Your Case File Must Show

1. Client Circumstances at the Point of Advice

This is the baseline. The FCA expects a contemporaneous record of the client's financial circumstances, stated objectives, and relevant personal situation at the time advice was given. "Contemporaneous" matters: a note written after the complaint is not contemporaneous.

The file should include: employment status and income (with evidence), existing liabilities, credit position (and any adverse credit discussed), stated purpose of the mortgage, property details, and the client's expressed preferences on rate, term, and repayment structure.

2. The Suitability Analysis

This is where most compliance gaps are found. The suitability analysis must show that you matched the recommendation to the client's specific circumstances, not that you followed a generic process.

For a buy-to-let case, for example, the analysis should reference the specific rental yield calculations, the lender's rental coverage requirements, the client's portfolio context (if applicable), and why the recommended lender and product best suited those circumstances.

A generic statement that "the product is suitable for the client's needs" is not suitability documentation. It is a conclusion without a basis.

3. The Alternatives Considered

You are not required to present every product on the market. You are required to show that your recommendation was made from an appropriate consideration of options. If you recommended a two-year fix over a five-year fix, the file should show why — rate differential, the client's stated circumstances, flexibility requirements.

This is especially important in a rising rate environment where the choice of product term carries material risk for the client.

4. Disclosures Made and When

Disclosure records have become significantly more important under Consumer Duty. The file should show:

• When the client was given your initial disclosure document
• When fee arrangements were explained and agreed
• When the Mortgage Illustration was presented
• When and how the client gave consent to proceed

Timing matters. A disclosure presented at offer stage rather than at initial enquiry is a compliance gap.

5. Client Communication Log

The FCA expects a record of key client communications — not every email, but the material interactions. This includes: the initial needs assessment, any follow-up conversations where circumstances changed, communications around document requests, and the advice delivery itself.

For digital communications, this means being able to retrieve emails, messages, and call notes linked to a specific case file.

6. Document Evidence

Every document used in the advice process should be retained and linked to the case: identity documents, income evidence, bank statements, credit reports (where obtained), property valuations, and the client's signed consent to submit their application.

The FCA has specific retention requirements: six years for investment business records, and at least the duration of the mortgage term for core mortgage advice records. In practice, most firms retain all records for at least eight years.

7. Post-Advice Record

If the client's circumstances changed between advice and completion — a change in income, a change in property, a material change in market conditions — you need a record of how that change was handled and whether the advice was reaffirmed.

The Three Gaps Most Firms Have

Gap 1: The advice conversation is documented but not the alternatives analysis. Most suitability notes record what was recommended and why. Far fewer record what was not recommended and why. The FCA's examiners look for this specifically.

Gap 2: The timeline is reconstructed rather than contemporaneous. When advisers update case notes at the end of the day (or the end of the week), the timestamps no longer reflect when the events actually occurred. Systems that capture notes in real time are more defensible than those that rely on retrospective entry.

Gap 3: Documents are held outside the case file. Email attachments, documents in a shared drive, files sent via WhatsApp — these create a fragmented record that cannot be produced as a coherent case file on request. The FCA expects to see a single, complete, navigable record for each client case.

Building a Compliant Process

The practical implication is that compliance cannot be treated as a documentation exercise that happens after the advice. The contemporaneous record is created during the advice process, not after it.

This means your case management system needs to capture:

• Notes at the time they are created, linked to the specific case
• Document uploads with timestamps and source metadata
• A status history showing when the case moved through each stage
• Client communications linked to the case
• A complete, exportable case file for FCA review

Firms that have separated their advice process from their compliance documentation typically have the most significant gaps. Firms that have integrated record-keeping into their workflow — so that the act of advising generates the compliance record — are in the strongest position.

The FCA's stated approach under Consumer Duty is to focus on outcomes rather than process. But to assess outcomes, they examine the process. The audit trail is how you demonstrate that the process was appropriate.

Getting this right is not primarily a compliance exercise. It is the record of your professional judgement. Treat it accordingly.