| Internet-Draft | OMP FCA Consumer Duty Profile | April 2026 |
| Adebayo, et al. | Expires 7 October 2026 | [Page] |
This document defines a domain profile of the Operating Model Protocol (OMP) for AI systems deployed in UK retail financial services contexts subject to the Financial Conduct Authority (FCA) Consumer Duty (PS22/9, effective July 31, 2023), the Senior Managers and Certification Regime (SM&CR), and the FCA's emerging AI accountability framework as informed by the Mills Review (2026) and the FCA's research on algorithmic decision-making.¶
The profile -- designated DutyMark -- specifies how OMP's deterministic routing invariant, Watchtower enforcement framework, and three-layer cryptographic integrity architecture satisfy the evidence requirements for Consumer Duty outcome testing, SM&CR named accountability, and FCA supervisory examination of AI-assisted retail financial services decisions. The profile covers the four Consumer Duty outcome areas and FCA agent distribution oversight.¶
The OMP core specification is defined in the Operating Model Protocol Internet-Draft (draft-veridom-omp).¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 7 October 2026.¶
Copyright (c) 2026 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document.¶
The FCA's Consumer Duty (PS22/9) established a new standard of conduct for retail financial services firms, requiring that firms act to deliver good outcomes for retail customers across four outcome areas: products and services, price and value, consumer understanding, and consumer support. The Duty requires firms to take positive action to deliver good outcomes -- a substantive shift from the previous Treating Customers Fairly (TCF) standard.¶
As AI systems take increasing roles in retail financial services decisions, the Consumer Duty creates a specific evidence problem. The FCA requires firms to monitor and evidence consumer outcomes. Where AI systems contribute to those outcomes, firms must demonstrate that the AI system's contribution was consistent with the Duty: that it supported good outcomes, treated vulnerable customers appropriately, and did not introduce systematic unfairness.¶
Simultaneously, the SM&CR requires that firms identify named Senior Managers responsible for each material area of firm activity. Where AI systems make or materially contribute to decisions, firms must demonstrate that a named, accountable Senior Manager bears responsibility and exercises genuine oversight of individual decisions at scale.¶
The Mills Review (2026) identified the inability to demonstrate AI decision accountability at the interaction level as a material gap in current firm compliance architectures. The FCA has signalled that its supervisory expectations for AI governance evidence will increase as AI deployment in retail financial services accelerates.¶
This document defines the DutyMark profile: the domain-specific instantiation of OMP [I-D.veridom-omp] for FCA-regulated AI deployments in UK retail financial services. DutyMark denotes that each AI decision is cryptographically marked against the firm's Consumer Duty obligations, producing a tamper-evident record demonstrating positive action to deliver good outcomes at the individual interaction level.¶
Related OMP domain profiles include the AI Liability Insurance profile [I-D.veridom-omp-aiins] and the EU AI Act Article 12 profile [I-D.veridom-omp-euaia]. The OMP specification is also archived at [ZENODO-OMP].¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119] [RFC8174].¶
This document uses the terminology defined in [I-D.veridom-omp]. In addition:¶
The Consumer Duty [FCA-PS22-9] has three elements: Consumer Principle (PRIN 12) requiring firms to act to deliver good outcomes; cross-cutting rules requiring firms to act in good faith, avoid foreseeable harm, and enable customers to pursue their financial objectives; and outcome rules across the four outcome areas. Firms must monitor, regularly review, and be able to demonstrate to the FCA how their activities deliver good outcomes. Where AI systems contribute to outcomes, firms must demonstrate consistency with the Duty at the interaction level.¶
The SM&CR requires named Senior Managers responsible for each material area of firm activity. For AI systems, firms must demonstrate that a named Senior Manager has been allocated AI governance responsibility, exercises genuine oversight of AI decisions (not merely formal responsibility), and that this oversight is evidenced at the interaction level. The OMP Named Accountable Officer mechanism maps directly onto this structure: for every ASSISTED or ESCALATED interaction, the Accountable Executive is identified and their review decision sealed in the DutyMark Audit Trace.¶
The Mills Review (2026) identified four material gaps: firms can describe AI governance processes but cannot demonstrate at the interaction level that those processes were followed; AI recommendations are not consistently recorded alongside human decisions; vulnerable customer identification and treatment by AI systems is not evidenced at the interaction level; and the accountability chain from individual AI decisions to named SM&CR Senior Managers is absent in most firms. These are precisely the gaps the DutyMark profile closes.¶
Under FSMA Section 39, principal firms bear regulatory responsibility for appointed representatives' conduct. For Consumer Duty purposes, principal firms are responsible for ensuring AI-assisted decisions made by appointed representatives deliver good outcomes -- even where the AI system is deployed by the representative, not the principal. Section 6 specifies how OMP's chain integrity architecture addresses this challenge.¶
The Named Accountable Officer under this profile is the Accountable Executive: the Senior Manager with SM&CR responsibility for the AI system's governance. Required fields in the Accountable Executive record:¶
accountable_executive_id: FCA Individual Reference Number (IRN) or stable internal identifier;¶
accountable_executive_smcr_function: SM&CR Senior Manager Function designation (e.g., SMF3, SMF4, SMF16);¶
review_timestamp: ISO 8601 UTC of the review action;¶
outcome_assessment: one of GOOD_OUTCOME, REMEDIATION_REQUIRED, ESCALATION_TO_COMPLAINTS;¶
vulnerability_response: REQUIRED where WT-FCA-03 was triggered.¶
C_p (policy compliance) reflects the AI system's evaluation against the firm's Consumer Duty policies. A value of 0.0 MUST force ESCALATED routing. C_d (data completeness) reflects the completeness of customer data; where data is incomplete in ways that may affect outcome quality, C_d MUST be reduced to trigger ASSISTED routing. C_m reflects the AI system's own confidence in its recommendation.¶
Trigger: AI recommendation would foreseeably cause harm based on the firm's Consumer Duty harm assessment framework.¶
Action: HARD_BLOCK for immediate harm; FORCE_ESCALATED for foreseeable harm requiring Accountable Executive assessment.¶
Rationale: The Consumer Duty cross-cutting rule requires firms to avoid causing foreseeable harm. This Watchtower enforces the avoidance obligation structurally: AI recommendations that foreseeably harm retail customers cannot proceed without Accountable Executive review, and cannot proceed at all where immediate harm is detected.¶
Trigger: AI pricing or value determination falls outside the firm's Consumer Duty price and value framework.¶
Action: FORCE_ESCALATED. Accountable Executive reviews and either approves with documented justification or modifies the outcome.¶
Rationale: PS22/9 [FCA-PS22-9] requires firms to ensure price represents fair value. AI-assisted pricing must be evidenced at the interaction level as consistent with this requirement. Watchtower configuration MUST be reviewable by the FCA upon supervisory request.¶
Trigger: Any indicator of characteristics of vulnerability as defined in FCA Guidance FG21/1 [FCA-FG21-1]: disclosed financial difficulty, health condition, recent life event, low financial capability score, or pattern consistent with vulnerability indicators.¶
Action: FORCE_ASSISTED for a single vulnerability indicator; FORCE_ESCALATED for multiple indicators or confirmed vulnerability disclosure.¶
Rationale: FG21/1 requires firms to identify and respond appropriately to vulnerable customers. AI systems applying standard processing to customers displaying vulnerability indicators fail this obligation. This Watchtower ensures vulnerability indicators generate a mandatory review record and Accountable Executive response.¶
Trigger: AI-generated customer communication does not meet the firm's Consumer Duty consumer understanding standards.¶
Action: FORCE_ESCALATED. Accountable Executive reviews and approves or requires revision before delivery.¶
Rationale: PS22/9 [FCA-PS22-9] requires firms to ensure retail customers receive communications they can understand. AI-generated communications failing the firm's understanding standards cannot be sent without Accountable Executive approval.¶
Trigger: For AI-assisted investment, pension, or protection recommendations: recommendation does not meet suitability or appropriateness standards under COBS or ICOBS.¶
Action: HARD_BLOCK for unsuitable recommendations; FORCE_ESCALATED for appropriateness questions.¶
Rationale: Suitability and appropriateness requirements under COBS and ICOBS are not discharged by AI recommendations without human oversight. AI-assisted suitability determinations failing the applicable standard are blocked before reaching the customer.¶
Trigger: For principal firms: any distribution chain AI interaction where the appointed representative's system has not generated a conformant DutyMark Audit Trace.¶
Action: FORCE_ESCALATED. Principal firm's Accountable Executive is notified of the distribution chain evidence gap.¶
Rationale: Principal firms bear Consumer Duty responsibility for their distribution chain under FSMA Section 39. This Watchtower enables principal firms to identify distribution chain evidence gaps before they become FCA supervisory issues.¶
The following fields are REQUIRED under the DutyMark profile, in addition to core fields in [I-D.veridom-omp] Section 7:¶
consumer_duty_outcome_area: string, REQUIRED.
One of: "products_and_services", "price_and_value",
"consumer_understanding", "consumer_support".¶
consumer_outcome_assessment: string, REQUIRED.
One of: "good_outcome", "outcome_uncertain", "remediation_required".¶
vulnerability_indicators: array of strings, REQUIRED if
WT-FCA-03 triggered; empty array otherwise. Values from FCA FG21/1
taxonomy.¶
accountable_executive_id: string, REQUIRED for ASSISTED
and ESCALATED; NULL for AUTONOMOUS below significance threshold.
SHOULD be the FCA IRN.¶
accountable_executive_smcr_function: string, REQUIRED
where accountable_executive_id is non-null.¶
outcome_assessment: string, REQUIRED for ASSISTED and
ESCALATED. One of: GOOD_OUTCOME, REMEDIATION_REQUIRED,
ESCALATION_TO_COMPLAINTS.¶
distribution_chain_flag: boolean, REQUIRED. True if
interaction was generated by or on behalf of an appointed
representative.¶
principal_firm_id: string, REQUIRED if
distribution_chain_flag is true. FCA Firm Reference Number (FRN)
of the principal firm.¶
consumer_duty_board_report_period: string, OPTIONAL.
Identifier for the Consumer Duty annual board reporting period.¶
profile_version: string, REQUIRED. MUST be
"VERIDOM-DUTYMARK-v1.0".¶
For products and services: WT-FCA-05 MUST be active for all AI-assisted product recommendations where suitability or appropriateness requirements apply under COBS or ICOBS. consumer_duty_outcome_area MUST be set to "products_and_services".¶
For price and value: WT-FCA-02 MUST be active for all AI-assisted pricing interactions, with documented fairness parameters derived from the firm's Consumer Duty price and value assessment framework and reviewable by the FCA upon supervisory request.¶
For consumer understanding: WT-FCA-04 MUST be active for all AI-generated communications to retail customers, with documented readability and comprehension standards appropriate to the customer segments served.¶
For consumer support: WT-FCA-01 and WT-FCA-03 MUST be active for all AI-assisted customer support interactions. AI-assisted systems MUST immediately route to ESCALATED any customer who indicates they wish to speak to a human representative.¶
The DutyMark profile addresses principal firm distribution oversight through a two-level architecture. At the appointed representative level, the representative's AI system implements DutyMark and generates Audit Traces for each interaction, provided to the principal firm as part of the distribution oversight framework. At the principal firm level, WT-FCA-06 verifies that distribution chain interactions are generating conformant DutyMark Audit Traces. Where a chain interaction lacks a conformant Trace, WT-FCA-06 triggers ESCALATED at the principal firm level.¶
The OMP chain integrity architecture ensures that DutyMark Audit Traces from appointed representative systems are sealed in a way the principal firm and FCA can verify independently, without relying on the appointed representative's self-reporting. Principal firms MUST document their distribution chain oversight arrangements in their Consumer Duty monitoring framework.¶
Implementations of this profile MUST satisfy the following two-property invariant:¶
A firm satisfying the DutyMark Invariant can demonstrate to the FCA, for any interaction: the Consumer Duty outcome area; whether the AI system assessed a good, uncertain, or remediation-required outcome; whether vulnerability indicators were detected and how they were responded to; whether the Accountable Executive reviewed the interaction and their outcome determination; and that the record has not been altered since sealing.¶
The accountable_executive_id and accountable_executive_smcr_function fields create a sealed SM&CR Accountability Record for every ASSISTED and ESCALATED interaction: a tamper-evident record naming the Senior Manager who exercised oversight of the specific AI recommendation. Firms undergoing FCA supervisory examination of their SM&CR mapping for AI systems can present the DutyMark Audit Trace stream as contemporaneous evidence that SM&CR accountability is exercised in practice, not only in governance documentation.¶
For Consumer Duty annual board reporting, firms MAY use the DutyMark Audit Trace stream aggregated by consumer_duty_board_report_period as the primary evidence source for the board's Consumer Duty outcome monitoring.¶
Upon FCA supervisory request, a firm implementing DutyMark MUST produce a Supervisory Examination Package for any specified period containing: all sealed DutyMark Audit Traces organised by consumer_duty_outcome_area and routing_outcome; chain integrity proof (SHA-256 Merkle root and chain paths); Timestamp Authority (per [RFC3161]) verification from the OMP Reference Validator [OMP-OPEN-CORE]; outcome distribution summary by outcome area and interaction type; vulnerability response record summarising WT-FCA-03 activations; SM&CR accountability record listing Accountable Executives and their SM&CR functions; and for principal firms, a distribution chain summary of WT-FCA-06 activations.¶
The package MUST be producible within 30 seconds for any specified period. It is self-contained: the FCA, a skilled person reviewer, or an independent auditor can verify its integrity using only the OMP Reference Validator and the Timestamp Authority's public key material, without access to the firm's systems.¶
The security considerations of [I-D.veridom-omp] apply in full.¶
Accountable Executive identity: accountable_executive_id SHOULD be the FCA IRN. Where it is not, operators MUST maintain an audit-grade mapping between the internal identifier and the individual's IRN, available for FCA supervisory inspection.¶
Vulnerability data sensitivity: The vulnerability_indicators field may contain sensitive personal data. Operators MUST implement appropriate access controls consistent with UK GDPR and FCA consumer data protection expectations.¶
Distribution chain integrity: For principal firms, chain integrity of DutyMark Audit Traces from appointed representative systems MUST be verifiable by the principal firm. Appointed representative systems MUST implement the full three-layer integrity architecture, not merely local logging.¶
Retrospective documentation: DutyMark Audit Traces MUST be generated at the moment of the AI decision, not retrospectively. Any mechanism allowing retrospective creation or modification of Audit Traces is inconsistent with this profile.¶
This document has no IANA actions.¶