Compliance officers at payment institutions and e-money firms operating under the Consumer Duty are increasingly using AI to validate retail-customer scope analyses, update foreseeable-harm monitoring against transaction patterns, draft summaries of FCA Feedback Statements such as FS25/2, and reconcile Dear CEO letter retirements against existing supervisory expectation registers. The work product feeds directly into the firm's compliance monitoring plan and the supervisor's annual relationship correspondence.
Two frontier AI models tested by the RLB Specialist Panel produced 5 substantive failures on this regulation under audit conditions. The failure classes recorded are: Inference Drift on the Foreseeable-Harm Safe Harbour, Confused Guidance with Rule on Consumer Testing, Hedge in Place of Verified FS25/2 Figure, Invented Dual-Event Timeline for a Single FS25/2 Withdrawal, Refusal to Confirm FS25/2 Withdrawal Count. Questions were prepared by the RLB Specialist Panel based on real practical AI usage in the workflows the respective audience uses AI for, and each finding is bound to verbatim regulator-issued source text held as primary substrate.
The Consumer Duty (PS22/9 introducing Principle 12 and PRIN 2A, in force for open products from 31 July 2023 and for closed products from 31 July 2024) is the central retail-conduct regime the FCA now uses to grade firm behaviour, and the failure modes seen here all land inside the day-to-day work product that payment-institutions compliance teams sign off on.
For payment-institutions compliance, the operational consequence is direct. The compliance monitoring plan, the annual board report on Consumer Duty, and the supervisor's annual relationship correspondence all rest on accurate framing of the rule and of recent FCA Feedback Statements. A defect imported from AI work product surfaces on supervisory follow-up, and the function carries the regulatory exposure.
Citation IDs for the findings in this brief: RLB-H-GB-FCA-CONSUMER-DUTY-PS22-9-Q003-Opus47, RLB-H-GB-FCA-CONSUMER-DUTY-PS22-9-Q007-Sonnet46, RLB-H-GB-FCA-CONSUMER-DUTY-PS22-9-Q013-Opus47, RLB-H-GB-FCA-CONSUMER-DUTY-PS22-9-Q020-Opus47, RLB-H-GB-FCA-CONSUMER-DUTY-PS22-9-Q020-Sonnet46. Each citation links to the per-finding record, the AI subject answer, and the regulator-issued substrate excerpt the answer was tested against. The RLB Specialist Panel maintains an audit-traceable record of which model produced which answer, against which substrate passage, and the binding is what makes the finding referenceable in firm work product and in supervisory correspondence.
The findings below are the ones that payment-institutions compliance teams working under the Consumer Duty are most likely to encounter in the AI tools they already use, and the briefing sections that follow read each finding against the regulator-issued text.
This is the consolidated view of findings. Click the Citation IDs or 'see details →' on any item for the full details for each finding.
Payment Institutions compliance teams operate the foreseeable-harm provision across payment-product onboarding and fraud-risk warnings. The model's multi-factor safe harbour reconstruction, if imported into the compliance manual, would set the firm up to apply a defensive standard the rule does not require.
Payment Institutions compliance teams running consumer-understanding monitoring under PRIN 2A.5 need to distinguish the rule from FG22/5 guidance. The model's specific citation of PRIN 2A.5.10R as binding for consumer testing is a sourcing error that, if relied on, builds a methodology the FCA has not mandated.
Payment Institutions compliance teams tracking FCA Dear CEO letter withdrawals need an accurate account of FS25/2. The model's fabricated April/August 2025 timeline, if carried into a compliance brief, would mis-state the live supervisory record.
Payment Institutions compliance teams reviewing the FCA's supervisory record need accurate accounts; the model's repeated fabricated timeline across multiple questions confirms the failure is structural.
Payment Institutions compliance teams should treat the model's combined evasion-plus-fabricated-citation pattern as the highest-risk failure mode for AI-assisted regulatory research, and require URL verification before any AI-assisted brief is finalised.
Every finding on this page compares an AI subject's account of the rule against the regulator's verbatim text from the regulator's own portal. Both are linked. Each delta, its root causes, and impact analysis are documented and published with immutable Citation IDs.