Skip to content
CallSphere - AI voice and chat agents for businessCallSphere
Guides12 min read0 views

FCA Calling Compliance for UK Financial Services

Navigate FCA calling rules for UK financial firms — from SYSC recording obligations to cold calling restrictions, TCPA equivalents, and enforcement trends.

FCA Communication Rules Every Financial Firm Must Know

The Financial Conduct Authority (FCA) regulates approximately 42,000 financial services firms in the United Kingdom, and its rules on telephone communications are among the most prescriptive of any global regulator. Whether your firm provides investment advice, arranges deals, manages portfolios, or offers consumer credit, the way you use the telephone is subject to detailed regulatory expectations.

Post-Brexit, the UK's regulatory framework has diverged from MiFID II in several important areas. While many MiFID II principles remain embedded in UK law, the FCA has introduced its own requirements — most notably the Consumer Duty (effective July 2023) — that add new dimensions to calling compliance.

This guide covers the complete landscape of FCA calling compliance: recording obligations, cold calling rules, financial promotion standards, Consumer Duty implications, and the enforcement actions that illustrate where firms most commonly fall short.

Recording Obligations Under SYSC 10A

Scope of the Recording Requirement

The FCA's recording requirements are set out in SYSC 10A of the FCA Handbook. The rules apply to:

  • MiFID investment firms: Must record all telephone conversations and electronic communications relating to activities covered by their Part 4A permission
  • UCITS management companies and AIFMs: Similar recording obligations for relevant conversations
  • Certain insurance intermediaries: When arranging or advising on insurance-based investment products

The recording obligation covers conversations that:

  • Relate to the reception, transmission, or execution of client orders
  • Relate to dealing on own account
  • Relate to the provision of investment advice
  • Are intended to result in any of the above, even if they do not

Retention Requirements

SYSC 10A.1.6R requires firms to retain recordings for a minimum of 6 months. However, the FCA can request that a firm retain recordings for up to 5 years, and in practice, most firms retain for at least 3 years because:

  • Client complaints can be raised up to 6 years after the event under the FCA's complaints rules
  • The Financial Ombudsman Service (FOS) investigates complaints going back several years
  • Regulatory investigations often look back 3-5 years
  • Litigation time limits extend to 6 years for most contractual claims

Technical Standards

The FCA expects recordings to be:

  1. Complete: The entire conversation must be captured, including hold music and silences
  2. Retrievable: Firms must produce recordings promptly when requested by the FCA, FOS, or clients
  3. Audible: Sufficient quality to understand the conversation
  4. Attributable: Linked to the individuals involved, the date, time, and relevant client or transaction
  5. Secure: Protected from unauthorized access, modification, or deletion

Mobile Phone and Remote Working

The shift to remote and hybrid working has created significant compliance challenges. The FCA's expectations are clear:

  • If an agent uses a mobile phone or personal device for business calls, those calls must be recorded
  • "I did not know the agent was using a personal phone" is not an acceptable defense
  • Firms must implement technical controls (not just policies) to prevent unrecorded business communications

Solutions include:

  • Mobile recording applications that route calls through a compliant recording gateway
  • Issuing company mobile phones with embedded recording
  • Requiring all calls to be made through the firm's VoIP platform (browser or app-based)
  • Network-level recording solutions through mobile carriers

CallSphere's browser-based dialer addresses this directly — agents make all calls through the platform regardless of their location, ensuring 100% recording coverage without separate mobile recording infrastructure.

Cold Calling Rules

The General Prohibition

The FCA takes a restrictive approach to unsolicited calls (cold calling) in financial services. The rules vary by product type:

Prohibited cold calling:

  • Pension transfers and pension liberation products (since January 2019)
  • Claims management services
  • Cryptoasset promotions (under the new cryptoasset financial promotions regime)

Restricted cold calling (allowed only with specific conditions):

See AI Voice Agents Handle Real Calls

Book a free demo or calculate how much you can save with AI voice automation.

Book a Demo ROI Calculator
  • General insurance and pure protection products: Permitted but must comply with financial promotion rules
  • Consumer credit: Permitted but subject to CONC (Consumer Credit sourcebook) rules
  • Investment products: Generally permitted only if the firm has an existing relationship or the prospect has requested contact

Key restrictions on permitted cold calls:

  • Calls must not be made to individuals who have registered with the Telephone Preference Service (TPS) or Corporate Telephone Preference Service (CTPS), unless the individual has given explicit consent
  • Calls must be made at reasonable times (industry practice: 8 AM - 9 PM on weekdays, 9 AM - 6 PM on weekends)
  • The caller must identify themselves and the firm at the beginning of the call
  • The purpose of the call must be stated clearly

Financial Promotion Rules

Any telephone call that constitutes a financial promotion must comply with the FCA's financial promotion rules (COBS 4):

  • Fair, clear, and not misleading: The overarching principle that applies to all communications
  • Balanced presentation of risk and reward: You cannot emphasize potential returns without giving equal prominence to the risk of loss
  • Past performance warnings: If referencing past performance, the prescribed warning must be given
  • Regulatory status disclosure: The firm's FCA registration and regulatory status must be communicated

For CFD and forex brokers specifically, the FCA requires:

  • A clear risk warning that a specific percentage of retail investor accounts lose money when trading CFDs with the provider (the actual percentage must be calculated and updated quarterly)
  • Disclosure of the maximum leverage available
  • No inducements or bonuses for retail clients

Consumer Duty Implications

The FCA's Consumer Duty (PS22/9) introduced a new overarching standard that significantly affects how financial firms conduct telephone communications. The Duty requires firms to act to deliver good outcomes for retail customers across four areas:

Products and Services

  • Calling scripts and processes must be designed so that the products discussed are appropriate for the target market
  • Agents must not push products that are not suitable for the customer's needs and circumstances
  • Vulnerable customers must be identified and treated appropriately

Price and Value

  • Agents must not use high-pressure tactics to push premium products when standard products would deliver better value
  • Fee disclosures must be clear and complete during phone conversations
  • Hidden charges or complex fee structures must be explained in plain language

Consumer Understanding

  • Communications must be designed to support customer understanding
  • Technical jargon must be explained or avoided
  • Key information must be provided at the right time (not buried at the end of a long call)
  • Firms must test whether their communications are effective (e.g., through post-call surveys or mystery shopping)

Consumer Support

  • Customers must be able to reach the firm as easily to complain or cancel as they can to purchase
  • Hold times and callback processes must be reasonable
  • Customers must not face unreasonable barriers to switching or exiting products

Practical Impact on Call Centers

The Consumer Duty has changed call center operations in several concrete ways:

  1. Script redesign: Scripts now lead with suitability questions rather than product features
  2. Call monitoring expansion: QA teams now evaluate calls against Consumer Duty outcomes, not just compliance checkboxes
  3. Vulnerability identification: Agents are trained to identify and escalate vulnerable customers
  4. Outcome tracking: Firms track customer outcomes from phone interactions (did the customer understand? did they get the right product?)
  5. Management information: Boards receive regular reporting on Consumer Duty compliance in telephone communications

Recent FCA Enforcement Actions

The FCA has been increasingly active in enforcing communication standards:

Case 1: Recording failures at a wealth management firm (2024)

  • Fine: 890,000 GBP
  • Violation: Systematic failure to record client-facing calls over a 2-year period
  • Root cause: Agents used personal mobiles for client calls during COVID remote working without recording controls
  • Lesson: Technical controls, not just policies, are required

Case 2: Misleading cold calls by a consumer credit firm (2025)

  • Fine: 2.1 million GBP
  • Violation: Agents made misleading claims about interest rates and repayment terms during outbound calls
  • Root cause: Inadequate call monitoring and scripting controls
  • Lesson: Real-time and post-call monitoring must catch misleading statements

Case 3: Consumer Duty breach by an insurance intermediary (2025)

  • Fine: 1.5 million GBP plus s166 review
  • Violation: High-pressure sales tactics on vulnerable customers during telephone renewals
  • Root cause: Commission-driven incentive structures that prioritized sales over customer outcomes
  • Lesson: Incentive structures must align with Consumer Duty obligations

FCA Priorities for 2026

The FCA's 2025-2026 business plan signals continued focus on:

  • Technology-enabled compliance: Expecting firms to use speech analytics and AI to monitor calls at scale, not just sample 1-2%
  • Vulnerability identification: Increased scrutiny of how firms identify and respond to vulnerable customers during phone interactions
  • Remote working controls: Continued focus on ensuring that remote and hybrid working does not create compliance gaps
  • Consumer Duty embedding: Moving from implementation to evidencing genuine culture change

Building an FCA-Compliant Calling Operation

Technology Stack

An FCA-compliant calling operation requires:

  1. VoIP platform with integrated recording: Server-side recording that captures all calls automatically, with no agent ability to disable recording
  2. Speech analytics: Automated monitoring of calls for compliance triggers (missing risk warnings, misleading statements, vulnerability indicators)
  3. CRM with compliance fields: Track consent status, TPS/CTPS screening, complaint history, and vulnerability flags
  4. Quality assurance platform: Structured call scoring against both compliance and Consumer Duty criteria
  5. Audit trail: Complete logging of who called whom, when, and what was discussed

Process Controls

Layer these process controls over your technology:

  • Pre-call screening: Automated TPS/CTPS check before any outbound call
  • Script enforcement: Dynamic scripts that adapt based on product type and customer segment
  • Real-time compliance alerts: Flag calls in progress that trigger compliance concerns
  • Post-call review: QA sampling with escalation workflows for identified issues
  • Complaint integration: Link complaints back to specific call recordings for root cause analysis

Frequently Asked Questions

Do I need to record all calls if I am only FCA-regulated for consumer credit?

The SYSC 10A recording requirements specifically apply to MiFID investment firms and certain insurance intermediaries. Consumer credit firms are not subject to the same prescriptive recording rules. However, the FCA expects all regulated firms to be able to evidence their compliance with applicable rules, and call recording is the most robust way to do this. Many consumer credit firms record calls voluntarily for quality assurance, training, and dispute resolution — and the Consumer Duty's evidence requirements make recording practically essential even where not technically mandated.

How does TPS screening work for financial services firms?

The Telephone Preference Service (TPS) is a register of individuals who have opted out of unsolicited sales calls. Under the Privacy and Electronic Communications Regulations (PECR), firms must screen their calling lists against the TPS register at least every 28 days. However, you can call TPS-registered numbers if the individual has given specific, informed consent to receive calls from your firm. This consent must be documented and cannot be bundled into general terms and conditions. Your CRM should integrate with TPS screening services and automatically flag or block numbers on the register.

What are the penalties for FCA calling compliance failures?

The FCA has unlimited fining power and has demonstrated willingness to impose significant penalties. Fines for communication-related breaches have ranged from hundreds of thousands to tens of millions of pounds. Beyond fines, the FCA can impose requirements (forcing firms to undertake s166 skilled person reviews at their own expense), public censure, restrictions on permissions, and in severe cases, cancellation of authorization. Individual senior managers can also be held personally accountable under the Senior Managers and Certification Regime (SMCR) if compliance failures occurred on their watch.

Can AI agents make calls on behalf of FCA-regulated firms?

The FCA has not prohibited AI-driven calling, but all existing rules apply equally to AI-generated communications. The call must be recorded, the AI must deliver required disclosures and risk warnings, and the firm must be able to demonstrate that the AI interaction delivered a good customer outcome under the Consumer Duty. The FCA expects firms deploying AI in customer-facing roles to conduct thorough testing, maintain human oversight, and be able to explain how the AI reaches its outputs. Expect specific FCA guidance on AI in customer communications during 2026.

How should we handle calls with vulnerable customers?

The FCA defines vulnerability broadly — it includes health conditions, life events (bereavement, job loss), low financial resilience, and limited capability (language barriers, cognitive difficulties). Train agents to recognize vulnerability indicators during calls: confusion about basic concepts, emotional distress, mentions of health problems or life difficulties, and repeated requests for clarification. When vulnerability is identified, agents should slow the pace, simplify language, offer to continue the conversation at a different time, and consider whether the interaction should be referred to a specialist team. Document all vulnerability identifications in the CRM and follow up to ensure the customer achieved a good outcome.

Share this article
C

CallSphere Team

Expert insights on AI voice agents and customer communication automation.

Try CallSphere AI Voice Agents

See how AI voice agents work for your industry. Live demo available -- no signup required.

Book a DemoTry Live Demo

Related Articles

Guides

BDR/SDR Calling Tech Stack for 2026: Complete Guide

Build the optimal BDR and SDR calling tech stack for 2026 with AI dialers, conversation intelligence, CRM integrations, and workflow automation for peak productivity.

Guides

TCPA Compliance for Outbound Calling: 2026 Guide

Avoid costly TCPA violations with this 2026 compliance guide covering prior express consent, DNC rules, ATDS definitions, and enforcement trends.

Guides

GDPR Call Recording: Data Processing Compliance Guide

Achieve GDPR-compliant call recording with this guide to lawful bases, DPIAs, data subject rights, and retention for European business communications.