Book a demo
Consumer Duty Cross-Cutting Rules: What They Mean and How to Evidence Them

Consumer Duty Cross-Cutting Rules: What They Mean and How to Evidence Them

  • 9 min read

The Consumer Duty framework is built on two layers. The four outcomes tell firms what they need to deliver: appropriate products and services, fair pricing, clear communications, and responsive support. The cross-cutting rules tell firms the standard to which every one of those outcomes must be delivered.

The three cross-cutting rules are not a separate compliance obligation that sits alongside the four outcomes. They run through all of them. Acting in good faith, avoiding foreseeable harm, and enabling customers to pursue their financial objectives are the FCA’s way of setting a behavioural standard, not a process checklist. The regulator uses them to assess the intent and culture behind a firm’s conduct, not just whether individual rules were technically followed.

Firms that have a solid grasp of the four outcomes but treat the cross-cutting rules as secondary are missing the foundation the whole framework rests on. This guide explains what each rule requires, what the FCA expects to see as evidence, and where firms most commonly fall short. For a full overview of the Consumer Duty evidence framework, see Aveni’s Consumer Duty Compliance Guide.

For a full overview of how Consumer Duty evidence fits together, see our Guide to Evidencing Consumer Duty at Scale →

What are the Consumer Duty cross-cutting rules?

The Consumer Duty cross-cutting rules are three behavioural standards that firms must follow when dealing with retail customers. They require firms to:

  1. Act in good faith toward retail customers
  2. Avoid causing foreseeable harm to retail customers
  3. Enable and support retail customers to pursue their financial objectives

These rules apply across all products, services, and customer touchpoints. They sit under the overarching Consumer Duty standard in Principle 12, which requires firms to deliver good outcomes for retail customers.

Unlike the four outcomes, the cross-cutting rules are not designed as a checklist. They describe how firms should behave when designing products, communicating with customers, delivering services, and responding when problems arise.

The FCA assesses these rules by examining what firms actually do in practice. Policies and documentation matter, but the regulator focuses on evidence of real behaviour across governance decisions, customer interactions, and operational processes.

Rule 1: Act in good faith

What it means

Acting in good faith means firms must deal with customers honestly, fairly, and transparently.

This principle applies across the entire customer lifecycle. It includes how products are designed, how pricing decisions are made, how information is presented, and how firms respond when something goes wrong.

The FCA has been clear that good faith is not satisfied by technical compliance alone. A firm may meet the letter of a rule while designing communications, processes, or pricing structures that work against customers’ interests. That approach does not meet the good faith standard.

In practice, the regulator expects firms to consider whether their actions genuinely support customer interests, rather than simply meeting minimum regulatory requirements.

What the FCA expects to see

Evidence of good faith is not limited to transactions. The FCA also looks at culture and governance.

This includes:

  • Board and management behaviour showing that customer outcomes are actively considered in decision making
  • Incentive structures that do not encourage practices that disadvantage customers
  • Complaint handling processes that go beyond resolving individual cases and examine underlying causes
  • Governance records showing that senior leadership has challenged whether firm conduct serves customers

The regulator often treats board reporting as a window into firm culture. If governance discussions consistently focus on compliance with rules but do not address whether customers are treated fairly in practice, that raises questions about how the Duty is applied.

Where firms commonly fall short

Shortcomings in this area are often evidential rather than intentional.

Many firms can demonstrate that individual regulatory requirements were followed. They may also show that product approvals took place and policies were reviewed.

The gap appears when firms try to demonstrate that good faith shaped those decisions.

Typical evidence gaps include:

  • Board reports that record product approvals but contain no evidence of challenge
  • Incentive structures that were reviewed but where the review produced no changes
  • Complaints data that is tracked but not analysed for systemic conduct issues

In these situations, the firm may believe it has acted appropriately. The difficulty lies in demonstrating that good faith actively informed decision making.

What good evidence looks like

Strong evidence of good faith usually includes:

  • Governance records showing substantive challenge, not just sign-off
  • Documented changes made following good faith assessments
  • Evidence that incentive structures were evaluated against customer outcomes
  • Complaint root cause analysis linking individual cases to wider conduct risks

The key distinction is whether the firm can show how customer interests influenced decisions, not simply that decisions were made.

Rule 2: Avoid causing foreseeable harm

What it means

The second cross-cutting rule requires firms to identify and act on risks to customers before harm occurs.

Foreseeable harm includes any outcome that a prudent firm, applying reasonable care and expertise, should be able to anticipate. It is not limited to harm that has already occurred.

This requirement shifts the focus from reactive problem solving to proactive risk management.

The standard applies to several areas of firm activity, including:

  • Product design
  • Distribution strategies
  • Customer communications
  • Service delivery and support

The FCA expects firms to look ahead and consider where customer harm could arise across the customer journey.

What the FCA expects to see

To meet this standard, firms need structured processes for identifying potential risks to customers.

Examples include:

  • Product governance processes that examine where harm could occur
  • Distribution reviews assessing whether products reach the intended audience
  • Monitoring systems that identify emerging conduct risks
  • Oversight of customer interactions to detect vulnerability, suitability concerns, or affordability issues

The regulator expects firms to map potential harm across the customer lifecycle, assess the likelihood and severity of those risks, and take steps to prevent them.

In regulated advice environments, this often involves monitoring live interactions between advisers and customers.

Where firms commonly fall short

Many firms rely on processes that are retrospective by design.

Traditional quality assurance programmes typically review a small percentage of customer interactions. Complaints data and periodic reviews then act as the main signals of emerging problems.

By the time those processes identify a pattern, the harm has already affected multiple customers.

This creates a direct conflict between standard QA practice and the foreseeable harm requirement. Sampling provides limited visibility into what actually happens across customer interactions.

For a detailed discussion of the limitations of QA sampling under Consumer Duty, see Is 2% Sampling Still Acceptable Under Consumer Duty? →

What good evidence looks like

Evidence of avoiding foreseeable harm tends to include:

  • Monitoring of customer interactions at scale rather than small samples
  • Risk registers that are updated based on monitoring data
  • Documentation showing potential harm was identified early and addressed
  • Evidence that vulnerability indicators are detected and acted upon quickly
  • Audit trails linking identified risks to remedial actions

The FCA expects firms to show that risks were identified before widespread harm occurred, and that action followed promptly.

Rule 3: Enable customers to pursue their financial objectives

What it means

The third cross-cutting rule focuses on whether customers are able to achieve what they set out to achieve when engaging with a financial firm.

Customers should be able to access products, obtain support, understand their options, and take actions such as switching, cancelling, or making a claim without unnecessary barriers.

This rule emphasises the practical usability of financial services.

Processes that technically exist but are difficult to access in practice may prevent customers from pursuing their objectives.

Examples include:

  • Customers who struggle to understand product information
  • Switching or cancellation processes that involve multiple steps
  • Complaints procedures that are difficult to access
  • Support channels that fail to respond when customers need help

The rule also requires firms to consider customers whose circumstances make it harder to pursue their objectives, including those with characteristics of vulnerability.

What the FCA expects to see

The FCA expects firms to demonstrate that products and services are designed around customer needs rather than operational convenience.

This typically involves:

  • Testing customer journeys from the user perspective
  • Monitoring whether customers successfully complete key actions
  • Identifying barriers that prevent customers from accessing support
  • Providing additional assistance for customers who need it

Evidence should show that the firm understands how customers interact with its services and whether those interactions lead to successful outcomes.

Where firms commonly fall short

A common gap arises between what processes allow in theory and what happens in practice.

Firms often maintain documentation describing how customers can interact with products and services. However, they hold limited data showing whether those processes work effectively.

Examples include:

  • Complaints processes that exist on paper but take weeks to resolve
  • Switching journeys that require several complex steps
  • Digital services designed for efficiency rather than accessibility

In these situations, the firm may believe it supports customers appropriately, but lacks evidence demonstrating that customers can actually achieve their objectives.

What good evidence looks like

Evidence of this rule typically includes:

  • Outcome data showing customers successfully completing key actions
  • Monitoring of drop-off points in digital journeys
  • Interaction monitoring showing advisers adapt their approach when customers need additional support
    Documentation showing barriers were identified and removed

Strong evidence connects operational changes to observed customer behaviour.

How the Consumer Duty cross-cutting rules and the four outcomes connect

The cross-cutting rules and the four outcomes are closely linked.

The four outcomes describe the areas where firms must demonstrate good results for customers. The cross-cutting rules define the standard of conduct that must guide how those outcomes are delivered.

For example:

  • Acting in good faith influences how products are designed, how prices are set, how communications are written, and how support is delivered
  • Avoiding foreseeable harm applies across product design, distribution, communications, and ongoing service
  • Enabling customers to pursue their objectives underpins the entire customer journey

A firm that demonstrates evidence for the four outcomes but cannot show that the cross-cutting rules shaped its decisions has an incomplete evidence base.

From a governance perspective, the FCA uses the cross-cutting rules to assess culture. A firm may pass individual product or communication reviews but still fall short if the broader conduct standard is not visible across decision making.

For a detailed explanation of the four outcomes themselves, see The Four Consumer Duty Outcomes: What the FCA Expects Firms to Evidence →

What evidencing the Consumer Duty cross-cutting rules requires in practice

Monitoring that covers conduct, not just process

The cross-cutting rules cannot be evidenced through documentation alone.

They require monitoring of real behaviour. This includes how advisers conduct conversations, how risks are identified, and whether customers receive the support they need.

That level of visibility typically requires interaction-level monitoring across multiple channels rather than relying on small samples.

Board and governance records that show challenge

Board reporting plays a central role in demonstrating compliance with the Consumer Duty cross-cutting rules.

Reports that consistently show no issues and no challenge do not provide strong evidence that the rules are being applied with intent.

Strong governance records show:

  • Questions raised by senior leadership
  • Issues escalated and investigated
  • Evidence that customer outcomes were considered during decisions

This type of documentation helps demonstrate that the firm actively tests its conduct against the Duty.

Connecting monitoring to action

The final part of the evidence chain is linking monitoring to decisions.

A firm may identify risks or conduct issues through monitoring systems. If it cannot show what happened next, the evidence remains incomplete.

Strong evidence connects:

  1. Identification of risk or harm
  2. Investigation and analysis
  3. Remedial action
  4. Governance oversight
  5. Confirmation that the issue was resolved

For a broader framework explaining how Consumer Duty evidence fits together, see the Consumer Duty compliance guide →

Frequently asked questions about the Consumer Duty cross-cutting rules

Do the Consumer Duty cross-cutting rules apply to closed products?

Yes. The Consumer Duty applies to closed products as well as open ones. Firms must still consider whether customers holding closed products receive fair treatment, are protected from foreseeable harm, and are supported in pursuing their financial objectives.

How does the FCA assess whether a firm has acted in good faith?

The FCA examines evidence across governance decisions, product design processes, customer communications, pricing structures, and complaint handling. The regulator looks for evidence that customer interests influenced decisions rather than being considered after the fact.

What is the difference between the Consumer Duty cross-cutting rules and the Consumer Duty outcomes?

The Consumer Duty cross-cutting rules describe how firms should behave when dealing with customers. The four outcomes describe the areas where firms must demonstrate good results. Together they form the operational framework of the Consumer Duty.

Can a firm meet the four outcomes without satisfying the Consumer Duty cross-cutting rules?

In practice, no. The Consumer Duty cross-cutting rules define the standard to which the outcomes must be delivered. A firm that cannot demonstrate these behavioural standards will struggle to show that the outcomes have been achieved in a meaningful way.

Where to start

The Consumer Duty cross-cutting rules can be difficult to evidence because they focus on behaviour and culture rather than process documentation.

For many firms, the starting point is assessing whether current monitoring provides visibility into how the firm performs against each rule in practice.

Once that visibility exists, the gap between what the firm can currently demonstrate and what the FCA expects becomes much clearer.

For a full framework on evidencing Consumer Duty compliance across governance, monitoring, and outcomes, see the Consumer Duty compliance guide →

To see how Aveni Detect and Aveni Assist deliver Consumer Duty evidence at scale, schedule a demo with our team →

Share with your community!

In this article

Related Articles

How Aveni Doc Gen Handles What Other Tools Cannot: Multi-Touch Advice Journeys

ai safety in finance

TIME called out weak AI safety. FinLLM shows how it can be done properly.

introducing FinLLM

Introducing FinLLM: The First GenAI Model Built for UK Financial Services

The Essential Consumer Duty Compliance Checklist: 5 Steps to Stronger FCA Evidence

Consumer Duty Compliance Guide for UK Financial Services Firms

What Counts as ‘Good Evidence’ Under Consumer Duty (and What Fails FCA Reviews)

Why Protection Insurance Is Where Consumer Duty Failures Appear First

consumer duty sampling

Is 2% Sampling Still Acceptable Under Consumer Duty? The 98% You’re Missing

Consumer Duty Compliance Guide for UK Financial Services Firms

Consumer Duty Compliance: A Practical Guide for Financial Firms

Aveni proves real-time Agent Assurance in FCA’s inaugural Supercharged Sandbox as firms race to deploy AI agents 

contextual ai governance framework

Building a Contextual AI Governance Framework for Financial Institutions

Machine Line of Defence

What Is the Machine Line of Defence™? A Simple Analogy for a Complex Shift

agentic ai foundation

Why Your AI Stack Is Actually Five Products Pretending to Work Together

For firms that want 
AI-powered efficiency without the complexity. Get started quickly with Aveni Assist & Detect.

Aveni AI Logo
Book a demo