FCA Compliance for Mortgage and Protection Advisors

OVERVIEW

This document explains how SalesRook supports FCA-regulated mortgage advisors and protection advisors in maintaining compliance when using our AI-powered WhatsApp automation platform.

SalesRook is designed to work within the FCA regulatory framework, not to replace regulated advice or activities. This page addresses common compliance questions from mortgage brokers and protection advisors.

KEY COMPLIANCE QUESTIONS

Does SalesRook require FCA authorisation?

No. SalesRook does not require FCA authorisation because our platform:

• Does not provide mortgage advice or recommendations
• Does not arrange regulated mortgage contracts
• Does not enter into contracts on behalf of lenders or borrowers
• Does not vary contract terms
• Does not provide insurance advice or recommendations

SalesRook operates as a lead qualification and introduction service, which falls outside the scope of regulated activities under the Financial Services and Markets Act 2000 (Regulated Activities) Order 2001.

REGULATORY ANALYSIS

1. Mortgage Brokers (FCA Regulated Activities)

Relevant FCA Handbook References:

• PERG 4.5 - Arranging Regulated Mortgage Contracts
• Article 25A - Regulated Activities Order
• Article 33A - Introducing to Authorised Persons

What SalesRook Does:

• ✅ Qualifies leads by collecting factual information (budget, timeline, employment status)
• ✅ Books appointments with FCA-authorised mortgage advisors
• ✅ Introduces prospects to authorised persons for regulated advice
• ✅ Provides factual responses to common queries about the mortgage process

What SalesRook Does NOT Do:

• ❌ Provide mortgage advice or recommendations
• ❌ Arrange regulated mortgage contracts
• ❌ Enter into contracts on behalf of borrowers or lenders
• ❌ Influence or vary contract terms
• ❌ Make regulated lending decisions

Legal Position:

Under Article 33A of the Regulated Activities Order (Introducing to Authorised Persons), introducing a borrower to an authorised person is excluded from regulated activities under Article 25A(2), provided the introduction does not of itself bring about a regulated mortgage contract.

SalesRook's AI personas collect preliminary information and introduce qualified leads to FCA-authorised mortgage advisors. The advisors then conduct regulated advice activities in accordance with their FCA permissions.

2. Protection Advisors (FCA Regulated Activities)

Relevant FCA Handbook References:

• PERG 5 - Guidance on Insurance Mediation Activities
• Article 21 - Arranging Deals in Investments
• ICOBS - Insurance Conduct of Business Sourcebook

What SalesRook Does:

• ✅ Qualifies leads for life insurance, critical illness cover, income protection
• ✅ Books appointments with FCA-authorised protection advisors
• ✅ Introduces prospects to authorised persons for regulated advice
• ✅ Collects factual information relevant to protection needs (age, dependents, employment)

What SalesRook Does NOT Do:

• ❌ Provide insurance advice or recommendations
• ❌ Arrange insurance contracts
• ❌ Compare insurance products or providers
• ❌ Make recommendations about level or type of cover
• ❌ Conduct demands and needs analysis

Legal Position:

Similar to mortgage activities, introducing potential customers to FCA-authorised protection advisors for the purpose of regulated advice falls outside the scope of regulated activities, provided SalesRook does not:

• Advise on the merits of buying or selling insurance
• Arrange or bring about insurance contracts
• Assist in the administration or performance of insurance contracts

All regulated protection advice activities remain with the FCA-authorised advisor.

FCA COMPLIANCE PRINCIPLES

SalesRook supports FCA-regulated firms in maintaining compliance with the following FCA Principles for Businesses:

Principle 3: Management and Control

How SalesRook Helps:

• Automated audit trails of all customer communications
• Consistent application of qualification criteria
• Reduced risk of human error in data recording
• Clear handoff procedures from AI to human advisor

Principle 6: Customers' Interests

How SalesRook Helps:

• 24/7 availability improving customer service
• Faster response times to customer enquiries
• Ensures no potential customer is left without response
• Pre-qualification reduces wasted time for customers

Principle 7: Communications with Clients

How SalesRook Helps:

• Clear, fair, and not misleading communications
• Consistent messaging across all customer interactions
• Transparent disclosure that initial contact is AI-powered
• Easy escalation to human advisors when needed

Principle 8: Conflicts of Interest

How SalesRook Helps:

• No product bias or commercial incentives in AI responses
• Neutral qualification process
• All recommendations remain with FCA-authorised advisors
• Clear separation between qualification and advice

GDPR AND FCA COMPLIANCE

SalesRook's data protection practices support FCA-regulated firms in meeting their obligations under:

• GDPR and UK Data Protection Act 2018
• FCA Handbook requirements for data security
• SYSC 13 (Systems and Controls - Information Security)

Key Features:

• ✅ Data Processing Agreement compliant with FCA expectations
• ✅ Encryption of all personal data (TLS 1.3, AES-256)
• ✅ Access controls and audit logging
• ✅ Data retention schedules aligned with regulatory requirements
• ✅ ICO registration (ZC045388) and DPO appointment

See our Data Processing Agreement and Privacy Policy for full details.

RECORD KEEPING REQUIREMENTS

FCA-regulated firms must maintain appropriate records of customer communications and transactions. SalesRook supports these requirements through:

Automated Record Keeping

• All WhatsApp conversations automatically logged
• Timestamped communication records
• CRM integration ensuring compliant data storage
• Audit trail of qualification questions and responses

CRM Integration

SalesRook integrates with leading CRM systems used by FCA-regulated firms:

• Reapit
• Alto
• LeadPro
• AcquaintCRM

All customer interactions are automatically synced to your CRM, ensuring compliance with FCA record-keeping requirements under SYSC 9 (Record Keeping).

CLIENT IDENTIFICATION AND VERIFICATION

Know Your Customer (KYC)

While SalesRook collects preliminary information, all formal KYC procedures remain the responsibility of the FCA-authorised advisor.

SalesRook supports KYC processes by:

• Collecting basic contact information
• Verifying customer intent and suitability for appointment
• Flagging incomplete information for advisor follow-up

Important: SalesRook does not conduct identity verification or KYC checks. These must be performed by the FCA-authorised firm in accordance with FCA requirements.

TREATING CUSTOMERS FAIRLY (TCF)

SalesRook supports the FCA's Treating Customers Fairly initiative through:

TCF Outcome 1: Fair Treatment Culture

• Transparent AI usage with clear disclosure
• Consistent application of qualification criteria
• No discrimination or unfair practices in lead handling

TCF Outcome 2: Product Design

• Service designed to improve customer access to regulated advice
• No unnecessary barriers to accessing human advisors
• Clear escalation paths when customers need specialist help

TCF Outcome 4: Customer Service Standards

• 24/7 availability improving customer service
• Average response time under 30 seconds
• 92% engagement rate vs 23% with email

TCF Outcome 5: Customer Complaints

• Clear complaints procedure
• Easy access to human support
• All complaints handled in accordance with FCA requirements

CONSUMER DUTY COMPLIANCE

From 31 July 2023, FCA-regulated firms must comply with the Consumer Duty, which requires firms to deliver good outcomes for retail customers.

How SalesRook Supports Consumer Duty:

The Four Outcomes:

1. Products and Services - SalesRook improves access to regulated advice through better lead qualification and appointment booking
2. Price and Value - By improving efficiency, SalesRook enables advisors to serve more customers without increasing costs
3. Consumer Understanding - Clear, jargon-free communication ensures customers understand the next steps in the advice process
4. Consumer Support - 24/7 availability and instant responses provide better support than traditional business-hours-only approaches

The Cross-Cutting Rules:

• ✅ Act in good faith - Transparent AI usage and fair treatment of all enquiries
• ✅ Avoid foreseeable harm - No advice given, no contracts arranged, clear handoff to authorised advisors
• ✅ Enable pursuit of financial objectives - Efficient qualification ensures customers reach advisors faster

VULNERABLE CUSTOMERS

SalesRook supports FCA requirements for treating vulnerable customers fairly:

Identification of Vulnerability

• AI can be configured to flag potential vulnerability indicators
• Clear escalation procedures to human advisors
• Sensitive handling of complex circumstances

Appropriate Support

• Option to escalate to human advisor at any point
• No time pressure or aggressive sales tactics
• Flexibility in communication approach

Staff Training

We provide guidance to our customers on:

• Configuring AI responses for vulnerable customers
• When to escalate to human advisors
• Maintaining appropriate tone and empathy

FINANCIAL PROMOTIONS

FCA Requirements

Any financial promotions must comply with Section 21 of FSMA and the Financial Promotions Order.

SalesRook's Position

SalesRook does not create or approve financial promotions. Any marketing content created by our customers must:

• Be approved by an FCA-authorised person (where required)
• Comply with the Financial Promotions Order
• Be clear, fair, and not misleading
• Include appropriate risk warnings

Customer Responsibility: FCA-regulated firms using SalesRook remain responsible for ensuring all their communications, including AI-generated content, comply with financial promotions rules.

We recommend having all AI persona messaging reviewed by your compliance officer before deployment.

OUTSOURCING TO SALESROOK

FCA Outsourcing Requirements

FCA-regulated firms outsourcing activities must comply with SYSC 8 (Outsourcing) and SYSC 13 (Information Security).

SalesRook's Outsourcing Framework

• ✅ Written Agreement - Comprehensive Terms of Service and DPA
• ✅ Due Diligence - Security documentation available upon request
• ✅ Risk Assessment - Clear identification of risks and controls
• ✅ Contingency Planning - Business continuity procedures in place
• ✅ Monitoring - Regular performance reporting and SLA tracking
• ✅ Data Protection - GDPR-compliant data processing
• ✅ Information Security - ISO 27001-aligned security framework

WHAT SALESROOK CUSTOMERS MUST DO

While SalesRook provides compliant technology, FCA-regulated firms using our platform must:

1. Maintain FCA Authorisation

• ✅ Ensure your firm has appropriate FCA permissions
• ✅ Maintain Professional Indemnity Insurance
• ✅ Stay current with FCA regulatory requirements
• ✅ Ensure advisors have appropriate qualifications (CeMAP, DipFA, etc.)

2. Review AI Content

• ✅ Review AI persona messaging for compliance before deployment
• ✅ Ensure no advice or recommendations are provided
• ✅ Maintain oversight of customer communications
• ✅ Update messaging as regulations change

3. Conduct Regulated Activities

• ✅ All mortgage advice provided by authorised advisors
• ✅ All protection advice provided by authorised advisors
• ✅ Proper fact-finding and suitability assessments
• ✅ Appropriate recommendations and disclosures

4. Maintain Records

• ✅ Ensure CRM integration is properly configured
• ✅ Maintain appropriate record retention procedures
• ✅ Comply with FCA record-keeping requirements
• ✅ Respond to regulatory enquiries promptly

5. Handle Complaints

• ✅ Maintain FCA-compliant complaints procedure
• ✅ Respond to complaints within required timeframes
• ✅ Report complaints to FCA as required
• ✅ Maintain complaints register

REGULATORY UPDATES

SalesRook monitors relevant FCA regulatory developments and will notify customers of any changes that may affect their use of our platform.

Recent Regulatory Developments:

• Consumer Duty (effective 31 July 2023)
• ESG disclosure requirements for financial advice
• Enhanced conduct rules under SM&CR (Senior Managers & Certification Regime)

We recommend subscribing to FCA regulatory updates at fca.org.uk

QUESTIONS FROM FCA OR COMPLIANCE OFFICERS

If your FCA supervisor or compliance officer has questions about SalesRook's platform, we're happy to discuss:

• Our regulatory analysis and legal position
• Technical implementation and data flows
• Security and data protection measures
• Record-keeping and audit trail capabilities
• Outsourcing due diligence documentation

Contact our Compliance Team:

📧 Email: [email protected]
📞 Phone: +44 808 175 1795

USEFUL FCA RESOURCES

FCA Handbook Sections:

• PERG - Perimeter Guidance - Guidance on regulated activities
• SYSC - Systems and Controls - Outsourcing and information security
• MCOB - Mortgages Conduct of Business - Mortgage-specific requirements
• ICOBS - Insurance Conduct of Business - Protection insurance requirements

FCA Contact:

Website: fca.org.uk
Helpline: 0800 111 6768
Supervision enquiries: via FCA Connect

DISCLAIMER

This document provides guidance on how SalesRook operates within the FCA regulatory framework. It is not legal advice.

FCA-regulated firms should:

• Consult their own compliance advisors regarding their specific regulatory obligations
• Conduct their own due diligence before using any outsourced service
• Ensure their use of SalesRook complies with their FCA permissions and requirements

SalesRook makes no representations or warranties regarding the regulatory status of any customer's business or their compliance with FCA requirements.