Acting in Good Faith, Avoiding Foreseeable Harm and Enabling Customer Objectives
Principle 12 and the three cross-cutting rules are the conduct backbone of the FCA’s Consumer Duty regime. Where the four outcomes describe what firms must achieve, the cross-cutting rules describe how firms must conduct themselves — at all times, in all customer-affecting activity, regardless of which specific outcome is engaged. The three rules are: act in good faith toward retail customers; avoid causing foreseeable harm to retail customers; and enable retail customers to pursue their financial objectives. Together with Principle 12, they establish a substantive standard of customer-facing conduct that applies universally across the regulated population.
This guide explains how Principle 12 and the cross-cutting rules work in practice — what each rule requires, how they relate to the four outcomes, what the FCA’s expectations are on evidence and governance, and the operational and cultural implications for regulated firms. It also covers the recruitment dimension — what senior compliance leaders need to do to embed the rules effectively, and what FD Capital sees in candidates with hands-on Consumer Duty implementation experience.
What’s missing from most online explanations of the cross-cutting rules is the practical interpretation. The rules are short; their substantive application is broad. This guide describes what good operational delivery looks like — and the recurring pitfalls that surface during FCA supervisory dialogue.
The Architecture: Principle 12 + Cross-Cutting Rules + Four Outcomes
Consumer Duty operates through a three-layer framework set out in PRIN 2A of the FCA Handbook:
- Principle 12 — the overarching duty: “A firm must act to deliver good outcomes for retail customers”
- Three cross-cutting rules (PRIN 2A.2) — specifying how firms must conduct themselves to deliver the duty
- Four outcomes (PRIN 2A.3 to 2A.6) — Products & Services, Price & Value, Consumer Understanding, Consumer Support. See our Four Consumer Duty Outcomes Guide
The cross-cutting rules apply to all firm activity affecting retail customers. The four outcomes describe specific results the firm must deliver. The two layers operate together — and the FCA can take action under either or both depending on the specific concern.
For the broader Consumer Duty framework, see our Consumer Duty Guide.
Principle 12 — The Overarching Duty
Principle 12 is the highest-level statement of Consumer Duty: “A firm must act to deliver good outcomes for retail customers.”
The Principle is substantively new in UK financial services regulation. Earlier conduct principles (Principle 6 — treating customers fairly, Principle 7 — communications) imposed obligations on conduct, but Principle 12 imposes an obligation on outcomes. The shift is from “treat customers fairly” to “deliver good outcomes for customers” — and the FCA has been explicit that the substantive standard is meaningfully higher.
The Principle 12 standard is also broader than earlier principles in its application. It applies to:
- All retail customers (broadly defined)
- All firm activity that could affect those customers
- Both manufacturers and distributors in product distribution chains
- Both new business and existing customer relationships (including, since July 2024, closed product books)
For the underlying conduct framework that supports Principle 12, see our FCA Conduct Rules Guide.
Cross-Cutting Rule 1: Act in Good Faith
The first cross-cutting rule (PRIN 2A.2.1R) requires firms to act in good faith toward retail customers. Good faith is defined in the FCA’s Handbook guidance as a standard of conduct characterised by honesty, fair and open dealing, and acting consistently with the reasonable expectations of retail customers.
What good faith means in practice
- Honesty — not misleading customers, including by omission, ambiguity, or technical compliance with disclosure rules in ways that obscure key information
- Fair dealing — not exploiting customer information asymmetries, behavioural biases, or vulnerabilities
- Reasonable expectations — meeting what customers would reasonably expect from a regulated firm acting in good faith
- Consistency over time — not behaving differently when customers are paying attention versus not
Common breach scenarios
- Communications that meet regulatory disclosure requirements but obscure key information
- Pricing structures that exploit customer inertia or lack of attention
- Renewal processes designed around customer disengagement rather than informed renewal decisions
- Customer support practices that vary materially based on whether the customer is exercising rights (cancelling, complaining) versus continuing
- Marketing claims that are technically true but materially misleading in context
Cross-Cutting Rule 2: Avoid Causing Foreseeable Harm
The second cross-cutting rule (PRIN 2A.2.2R) requires firms to avoid causing foreseeable harm to retail customers. The standard is what a reasonable firm could foresee — not what the specific firm actually anticipated.
What foreseeable harm means in practice
The “foreseeable” element is significant. The rule does not require firms to prevent all customer harm — only harm that a reasonable firm could foresee. But the FCA has been clear that the foreseeability standard is broad: firms must consider:
- Direct harm from product failure, mis-selling, or service breakdown
- Harm from product features that interact poorly with customer characteristics
- Harm from communication that fails to enable informed decisions
- Harm from sludge practices that obstruct customer interests
- Harm from customer support that disadvantages particular customer groups
- Harm to vulnerable customers from standard processes that don’t account for vulnerability
The “foreseeable” test in operation
The test is what a reasonable firm in the circumstances could foresee — not what the specific firm actually thought about. This means:
- Firms must conduct proactive harm assessment, not reactive harm mitigation
- Industry-wide patterns of harm are foreseeable to all firms, not just those that have explicitly identified them
- Customer feedback, complaint patterns, and industry research all contribute to what is foreseeable
- Specific product features that have caused harm in similar firms are foreseeable
Common breach scenarios
- Product features that cause harm patterns evident in complaint data but not addressed
- Communication failures evident in customer support call patterns but not addressed
- Vulnerable customer harm where standard processes are applied without adjustment despite known vulnerability indicators
- Harm from sludge practices in cancellation, switching, or claim processes
- Harm from inappropriate product distribution outside the target market
The foreseeable harm standard is one of the most consequential substantive shifts that Consumer Duty introduced. It moves the regulatory test from “did the firm act reasonably given what it knew” to “what could a reasonable firm in this position have foreseen”. Industry-wide patterns of customer harm — documented in FCA market studies, industry research, complaint data — become foreseeable to all firms operating in similar areas. Firms that haven’t proactively assessed their activities against known harm patterns can find themselves in difficulty even where they personally were unaware of specific issues.
Cross-Cutting Rule 3: Enable Customers to Pursue Financial Objectives
The third cross-cutting rule (PRIN 2A.2.3R) requires firms to enable retail customers to pursue their financial objectives. The rule is positively framed — firms must support customers, not just avoid harming them.
What enabling means in practice
- Supporting informed decisions — providing information and access to advice appropriate to the customer’s circumstances
- Removing unnecessary friction — in the customer journey for products, ongoing service, claims, complaints, and exit
- Supporting product use — ensuring customers can realise the benefits of the products they hold
- Supporting customer rights — including ability to cancel, switch, complain, or claim without unreasonable barriers
- Supporting vulnerable customers — with adapted processes, alternative channels, and trained support
The connection to outcomes
The third cross-cutting rule particularly engages with the Consumer Understanding and Consumer Support outcomes (see our Four Outcomes Guide). Where customers cannot understand their products or cannot get appropriate support, the third cross-cutting rule is engaged alongside the relevant outcome rules.
Common breach scenarios
- Communications that meet disclosure requirements but don’t actually enable understanding
- Customer journeys with friction that exploits behavioural biases
- Cancellation processes materially harder than acquisition
- Complaint processes that wear down rather than resolve
- Inadequate support for vulnerable customers (see our Vulnerable Customers Guide)
- Loss of access to products or services that customers need to achieve financial objectives
The Relationship Between the Three Rules
The three cross-cutting rules are connected but distinct. They overlap in some areas and diverge in others:
| Rule | Conduct emphasis | Test |
|---|---|---|
| Good faith | How the firm behaves | Honesty, fair dealing, meeting reasonable expectations |
| Avoiding foreseeable harm | What the firm prevents | Whether harm could have been foreseen |
| Enabling customer objectives | What the firm supports | Whether customers can pursue their objectives |
A single course of conduct might engage one, two, or all three rules. For example: a complex renewal process that exploits customer inertia could engage good faith (whether the firm is being honest about renewal options), foreseeable harm (whether the friction causes harm), and enabling (whether the customer can effectively decide whether to renew). Strong Consumer Duty implementation considers each of the three rules separately when assessing customer-affecting activities.
Implementing the Cross-Cutting Rules — Operational Approach
Effective implementation of the cross-cutting rules typically involves:
Activity-level assessment
Each customer-affecting activity is assessed against the three rules — not just at product or programme level. Marketing campaigns, product changes, communication updates, customer journey design, support process changes — all require cross-cutting rule consideration.
Forward-looking harm assessment
Rather than waiting for harm to emerge through complaints, firms proactively assess what harm could foreseeably occur — through pre-launch testing, customer research, industry pattern analysis, and stakeholder consultation.
Behavioural insights integration
Behavioural science increasingly features in Consumer Duty implementation — recognising that customer outcomes depend on how products and processes interact with cognitive biases, attention limits, and decision-making patterns.
Customer testing
Customer comprehension testing, journey friction analysis, and outcome testing all contribute to evidence that the cross-cutting rules are being met operationally.
Outcomes MI
Management information focused on actual customer outcomes — value realisation, comprehension, journey completion, vulnerability outcomes — rather than input metrics.
Board engagement
The cross-cutting rules require strategic engagement at board level, with the annual Consumer Duty Board Report addressing the rules substantively.
FCA Enforcement and Supervisory Focus
FCA enforcement under Consumer Duty has been measured but increasing through 2024 and 2025. Key supervisory themes include:
Cash savings rates. The FCA’s specific work on cash savings rate fairness has been a leading example of cross-cutting rule application — particularly the foreseeable harm rule (where firms knew their savings rates were below market and material to customer outcomes) and the good faith rule (where firms benefited from customer inertia).
Sludge practices. The FCA has been increasingly explicit about friction in cancellation, switching, and complaint processes. Materially asymmetric processes — easier to acquire than to exit — engage all three cross-cutting rules.
Closed product books. Following the July 2024 closed product extension, firms have needed to apply all three rules retrospectively to historic books, frequently uncovering issues hidden by exit barriers.
Vulnerable customer outcomes. Whether vulnerable customers actually receive good outcomes is a recurring focus, with the third cross-cutting rule particularly engaged.
Communications testing. Whether firms have conducted substantive customer comprehension testing — not just legal review — engages the good faith and enabling rules.
Common Pitfalls in Cross-Cutting Rule Implementation
Treating the rules as legal compliance. Firms that approached the cross-cutting rules through legal review without operational change typically have weaker frameworks than those that embedded the rules into product design, journey mapping, and outcome MI.
Reactive rather than proactive harm assessment. The foreseeable harm standard requires proactive assessment. Firms that wait for complaints to identify harm typically fail the foreseeability test.
Inadequate consideration of behavioural factors. Customer outcomes depend on behavioural realities — cognitive biases, attention, decision pressures. Implementations that ignore behavioural factors miss the substance of what the cross-cutting rules require.
Communications meeting disclosure but not comprehension. Communications that comply with disclosure rules but don’t enable customer understanding fail both the good faith and enabling rules.
Asymmetric customer journeys. Acquisition journeys that are easy and exit journeys that are hard are a recurring concern across all three cross-cutting rules.
Inadequate vulnerable customer adaptation. Standard processes applied to vulnerable customers without adjustment frequently fail all three rules.
Closed book neglect. Existing customer relationships with poor product fit, unfair pricing, or weak support, where the customer’s inertia masks the issue.
Cross-Cutting Rules and Senior Compliance Recruitment
The cross-cutting rules require senior compliance leadership that combines regulatory understanding with substantive operational engagement. The SMF16 (Compliance Oversight) role typically owns Consumer Duty programme leadership — see our SMF16 Guide.
Strong candidates for senior Consumer Duty roles typically have:
- Hands-on programme implementation experience through the live date and into operational delivery
- Direct experience producing annual Consumer Duty Board Reports that withstood substantive board challenge
- Experience leading FCA dialogue on Consumer Duty matters
- Operational engagement with product, customer journey, and customer support disciplines
- Behavioural science familiarity and outcome MI design experience
- Vulnerable customer framework leadership
The candidate pool with the full combination is small. Firms recruiting in 2026 should expect competitive markets and benchmark compensation accordingly.
A Note from Our Founder — Adrian Lawrence FCA
The cross-cutting rules are the part of Consumer Duty where the substantive shift from earlier UK conduct regulation is most visible. The good faith rule, the foreseeable harm rule, and the enabling rule are not just elaborations of TCF — they impose meaningfully higher standards of substantive customer-facing conduct, and the FCA has been clear that the bar is genuinely higher.
The conversation I have most often with firms recruiting senior Consumer Duty leadership is about the difference between legal compliance and operational delivery. Firms that approached the implementation through legal review and policy documentation typically have frameworks that look adequate on paper but fail the operational test the FCA increasingly applies. The candidates who have led genuine operational delivery — designing product reviews around outcomes, building MI on actual customer experience, conducting substantive customer comprehension testing, and engaging board substantively — are the candidates worth recruiting.
The recruitment timeline reality has not changed since 2023. Strong candidates with full Consumer Duty implementation experience are in tight supply, the FCA approval process for SMF16 candidates adds 12-16 weeks at the back end, and the competitive market for these candidates means firms need to benchmark compensation realistically. Boards that approach the recruitment with realistic expectations on timeline and compensation typically find candidates available; boards that don’t typically struggle.
At FD Capital we work on senior compliance and Consumer Duty mandates regularly across UK regulated firms. If you are recruiting an SMF16, Head of Consumer Duty, or specialist programme leadership, I’m happy to have a direct conversation.
Speak to Adrian about a Consumer Duty appointment →
Adrian Lawrence FCA | Founder, FD Capital | ICAEW Verified Fellow | ICAEW-Registered Practice | Companies House no. 13329383
Hire Senior Compliance and Consumer Duty Leaders
The cross-cutting rules require senior compliance leadership with substantive operational delivery experience. FD Capital places SMF16 holders, Heads of Consumer Duty, and senior conduct specialists across UK regulated firms.
020 3287 9501
Chief Compliance Officer Recruitment › | Compliance Recruitment | Contact Us
Further Reading and Authoritative Sources
For the FCA’s authoritative guidance on Consumer Duty, see the FCA’s Consumer Duty pages. The cross-cutting rules are at PRIN 2A.2, with non-Handbook guidance in FG22/5.
Related Guides: Consumer Duty and Conduct
Part of FD Capital’s series of practical guides for FCA-regulated firms: Consumer Duty — Pillar Guide | The Four Consumer Duty Outcomes | Vulnerable Customers Under Consumer Duty | TCF and Consumer Duty | FCA Conduct Rules — Pillar | Individual Conduct Rules (Tier 1) | Senior Manager Conduct Rules (Tier 2) | SMF16 — Compliance Oversight Function
Accredited Member of GBC 
Accredited Member of LWF 
Carbon Offset via TreeNation