management
Last updated •
Best AI Tools for Vulnerable Customer Detection in Financial Advice
Written by
Ben Glass
Product Marketing Manager
TL;DR: Evie detects and flags vulnerability indicators during the meeting by capturing not just what clients say but how they respond, including tone, reactions, and patterns that advisers would otherwise miss. Colin then checks the resulting meeting notes for gaps against the FCA's four drivers of vulnerability before the notes are filed, and checks the suitability report again against FCA Consumer Duty and COBS standards before it leaves the adviser's desk. Atlas queries patterns across your entire client database to surface clients with prior vulnerability flags, retrieve exact vulnerability details for pre-meeting preparation, and identify clients who may need re-engagement based on earlier flagged circumstances. Aveni and Saturn are credible alternatives, but neither publishes pricing. Colin is listed at £99 per user per month, with a 14-day free trial and no credit card required.
Operations Directors face a structural detection failure: the FCA requires consistent vulnerability screening across all client files, but manual workflows rely on the adviser noticing, recording, and evidencing vulnerability indicators in the moment, and this is where detection breaks down across a multi-adviser team. The weakest adviser's detection capability sets the firm's compliance floor, and that floor becomes a documentation consistency problem as the firm grows, making the underlying detection failure harder to solve.
This guide compares the platforms UK advice firms use to consistently identify, document, and evidence client vulnerability across every file before those files reach the compliance team. We examine how platforms map to the FCA's four drivers of vulnerability, how they connect to back-office systems including Intelliflo, Plannr, Curo, and Iress Xplan, and what they actually cost to deploy across a multi-adviser firm.
What Is Vulnerable Customer Detection and Why Does It Matter?
Vulnerable customer detection is the process of identifying, documenting, and responding to client characteristics that increase their susceptibility to harm. For FCA-regulated advice firms, this is not an optional practice. It is a core Consumer Duty obligation that applies to every client interaction and every advice file.
FCA Consumer Duty: Vulnerability Scope
The FCA defines a vulnerable customer as someone who, due to their personal circumstances, is particularly susceptible to harm, especially when a firm is not acting with appropriate care. The FCA's four drivers of vulnerability are:
Poor health: Physical, mental, or cognitive impairment affecting a client's ability to engage with or understand financial advice.
Life events: Bereavement, divorce, redundancy, or new caring responsibilities that create acute stress or decision-making pressure.
Low resilience: A limited capacity to absorb financial or emotional shocks, often related to low savings buffers or unstable income.
Low capability: Poor financial literacy, numeracy, or digital skills that limit a client's ability to make informed decisions independently.
Under Consumer Duty, firms must not only identify which driver applies but also evidence how that identification shaped the advice given and the documentation produced.
Regulatory Penalties: Missed Vulnerability
The consequences of inconsistent vulnerability documentation are significant. In October 2024, TSB Bank plc was fined £10.9 million for failing to treat over 232,000 customers in financial difficulty fairly, with the FCA finding that team members could not understand or respond to individual customers' circumstances. HSBC UK Bank plc, HSBC Bank plc, and Marks and Spencer Financial Services plc received a combined £6.28 million fine in May 2024 over their treatment of 1.5 million customers in financial difficulty. In 2024, the FCA issued multiple fines for the unfair treatment of customers in financial difficulty and has signalled continued monitoring in this area. For a multi-adviser firm, each inconsistently documented client file carries a portion of that exposure.
AI's Role in Accurate Vulnerability Screening
Vulnerability identification starts at the meeting itself, where Evie records not just what the client says but how they respond, including tone, emotional reactions, and behavioural patterns that map to the FCA's four drivers. Manual documentation relies on the adviser correctly identifying, recording, and evidencing vulnerability indicators during and after the client meeting. Across a team of ten or twenty advisers, that produces ten or twenty different standards, and the compliance team discovers gaps at audit rather than at the desk. AI changes the sequence. Evie flags indicators at the point of capture, then Colin reads the completed file, including the fact-find, KIDs (Key Information Documents), and suitability report, and checks each section against FCA Consumer Duty requirements and COBS standards before the document leaves the adviser's desk.
Colin generates the compliance verdict, flags the specific gaps with citations, and the adviser reviews and responds. Professional judgement stays with the adviser. The inconsistency in detection does not.
Key Features for FCA Vulnerability AI
Before comparing specific platforms, the four criteria below determine whether a platform genuinely reduces compliance risk or simply adds another step to an already burdened documentation workflow.
Platforms built on the FCA's fair treatment guidance embed the four drivers directly into their checking logic, which means flagged gaps reference a specific regulatory criterion rather than a generic best-practice standard. The best platforms address accuracy concerns by generating a pass/fail verdict alongside a specific explanation of what triggered the flag, allowing the adviser to confirm or dismiss the finding with a documented rationale. This is not a decision the AI makes autonomously. It is a prompt that ensures the adviser considers the criterion explicitly rather than skipping over it.
Back-office integration is equally critical. Vulnerability data identified in a client meeting has no compliance value if it sits in a standalone tool rather than flowing into the client file. Advisers using Intelliflo with AdvisoryAI's Evie can push structured meeting outputs directly into the client record without manual re-entry, removing the gap between detection and documentation where most compliance failures originate.
Template flexibility and customisation depth matter just as much: existing suitability report formats represent years of compliance refinement and are already approved against the firm's PI insurance terms, so platforms that work from the firm's own templates rather than forcing a vendor format protect that investment. AdvisoryAI's customisation depth goes further than template compatibility. Advice style and tonality are captured per firm, formatting preferences (bullets, paragraphs, tables) are configured to match the firm's established approach, and even the off-the-shelf best-practice templates are fully customisable, a level of configuration no competing platform currently offers.
Detection at Point of Capture
Vulnerability detection in a manual workflow depends entirely on the adviser noticing and recording indicators during the meeting, which is an unreliable single point of failure across a multi-adviser team. Evie records the meeting and analyses the transcript in real time for indicators that map to each of the FCA's four drivers, including health cues such as repeated requests for clarification or confusion about terminology, life event disclosures mentioned in passing rather than formally declared, low resilience signals such as expressed anxiety about financial buffers, and low capability indicators such as difficulty following product explanations. These observations are surfaced as flagged notes in the structured output produced shortly after the meeting, before the notes enter the compliance workflow, which means detection happens at the point of capture rather than retrospective audit. Everything that follows, Colin's check of the notes, Colin's check of the report, and Atlas's cross-database querying, depends on Evie having captured and flagged the indicators at source. This is the structural difference between AI-assisted detection and AI-assisted documentation checking.
AI for FCA Vulnerability Screening
AdvisoryAI: FCA Vulnerability Screening and Compliance
Evie records client meetings via Microsoft Teams, Zoom, and Google Meet and captures not just what clients say but how they respond, including tone, reactions, and patterns that advisers would otherwise miss. This is where vulnerability detection begins, at the point of meeting capture rather than retrospective audit. The following example illustrates Evie's detection capability mapped to the FCA's poor health driver. At One FS, adviser Wayne experienced a connectivity issue mid-meeting and the client repeatedly asked him to repeat himself. Evie flagged the pattern and surfaced a potential hard of hearing indicator that Wayne had not recorded in his notes, a detail that would have been absent from the file entirely under a manual documentation workflow. Client consent to recording is required before the meeting begins, and some firms using AdvisoryAI have started reflecting the efficiency gain in their fee structure, charging clients less for recorded meetings or applying a higher rate for unrecorded sessions where manual note-taking is required. Evie produces structured notes shortly after the meeting ending, formatted as bullets, paragraphs, or tables to match the firm's established approach.
Colin then reads the structured notes produced by Evie and checks whether each of the FCA's four drivers of vulnerability has been identified and evidenced, flagging specific gaps with citations before the notes are filed into the client record. This is the second detection layer, ensuring that vulnerability indicators captured by Evie are not lost when the notes move into the compliance workflow.
Emma generates the complete suitability report draft from the firm's existing templates and the meeting data captured by Evie, including objectives, circumstances, recommendations, and next steps, with the adviser reviewing and approving rather than writing from scratch. Colin then performs a second compliance check on the completed report, reading the fact-find, KIDs (Key Information Documents), and the suitability report itself, then mapping each statement to FCA Consumer Duty requirements and COBS standards and delivering a pass/fail verdict with citations back to the source documents. Critically, Colin is system-agnostic, checking any suitability report regardless of how it was produced, so firms can deploy it across their existing documentation workflow without changing how advisers produce reports. Customer outcomes across comparable UK advice firms show report preparation time reduced by 50-80%.
Once vulnerability data from meetings, notes, and reports is established in the platform, Atlas enables querying in natural language across the entire client database to surface clients with prior vulnerability flags, retrieve exact vulnerability details for pre-meeting preparation, and identify clients who may need re-engagement based on earlier flagged circumstances without manual file review. Atlas also supports investment opportunity identification across the book. No competing platform offers this cross-document querying capability.
Pricing is listed at £99 per user per month for Colin, £99 per user per month for Evie, and £299 per user per month for Emma, with a 14-day free trial, no credit card required, a 30-day money-back guarantee, and monthly rolling agreements. An annual commitment reduces the per-user cost by 10%.
The platform's AI models were trained on thousands of sample reports by ex-financial advisers and paraplanners, ensuring the checking logic reflects how UK advice firms actually document suitability and vulnerability. Development is led by CTO Roshan Tamil Selvan, who holds a Masters in AI/ML from MIT, and Rupert Curtis of Curtis Banks Group serves as an adviser and investor.
Aveni: FCA Vulnerability Screening
Aveni Detect is purpose-built for vulnerability monitoring at scale, analysing 100% of customer interactions and systematically flagging potential vulnerabilities across every call. Aveni offers FinLLM as a financial-services-specific language model, and its Detect product is marketed as FCA-aligned for the fair treatment of vulnerable customers. Aveni stores evidence for quality assurance, remediation, and regulator requests. Aveni Assist handles post-meeting tasks including back-office updates.
The distinction between Aveni and AdvisoryAI is most visible in two areas. Aveni does not publish pricing, which complicates business case construction for operations leaders who need numbers before requesting internal approval. Aveni ranked 4th in the FT Adviser AI-only category for H1 2025. AdvisoryAI ranked #1 in the Professional Adviser AI-only category for H1 2025 and was also ranked #1 most-viewed tech tool by AdviserSoftware.com for H1 2025. Aveni Assist is not publicly confirmed as offering bespoke suitability report generation, which has led some firms to evaluate AdvisoryAI for that specific capability.
Saturn: FCA Vulnerability Screening
Saturn's Guardian Compliance Suite automates compliance file checks and meeting observations. Following its acquisition of Ateb Suitability, Saturn provides suitability report templates updated to meet current FCA requirements. All AI-generated documentation remains subject to mandatory adviser review before distribution, and Saturn's compliance framework is UK-specific rather than a generic tool adapted for the UK market. Saturn does not publish pricing. Saturn does not publicly list specific back-office integration partners, so firms on Intelliflo or Xplan should confirm compatibility directly before committing.
PlannerPal: Reducing Documentation Burden
PlannerPal automates meeting notes, document generation, and back-office updates for financial advisers. PlannerPal integrates with Intelliflo and Xplan, with firms using other back-office systems advised to confirm compatibility directly. Its Pre-Meeting Prep Pack, launched in January 2026, brings together client data before a meeting. Firms seeking an explicit Consumer Duty pass/fail verdict for vulnerability criteria should evaluate whether PlannerPal's approach meets their compliance requirements.
Comparison: Accuracy and FCA Compliance
FCA Vulnerability Indicators Mapped
Platform | FCA Mapping Method | Atlas Capabilities | Back-Office Integrations | Public Pricing |
|---|---|---|---|---|
AdvisoryAI (Colin) | Consumer Duty and COBS standards. Pass/fail verdict. | Pre-meeting vulnerability context from prior transcripts and reports. Cross-database querying to identify clients needing re-engagement based on prior vulnerability flags. No competitor equivalent. | Intelliflo, Xplan, Plannr, Curo | Yes. Colin at £99/user/month |
Aveni Detect | FCA-aligned for vulnerable customer treatment. Vulnerability flags across calls and documents. | Not available | Not disclosed | Not disclosed |
Saturn | Compliance framework via Ateb Suitability, aligned to FCA requirements. | Not available | Confirmed integrations, specific platforms not publicly listed | Not disclosed |
PlannerPal | Compliance support via accuracy framework. No dedicated vulnerability module. | Not available | Intelliflo, Xplan. Other systems unconfirmed. | Not disclosed |
Real-Time AI for FCA Compliance
Evie records client meetings via Microsoft Teams, Zoom, and Google Meet, then produces structured notes shortly after the meeting ending. Client consent to recording is required before the meeting begins, and some firms using AdvisoryAI have started reflecting the efficiency gain in their fee structure, charging clients less for recorded meetings or applying a higher rate for unrecorded sessions where manual note-taking is required.
Evie's observation capability maps directly to the FCA's four drivers of vulnerability. For poor health, Evie surfaces cognitive or hearing impairment indicators such as repetition patterns, repeated requests for clarification, or confusion about terminology. For life events, Evie flags disclosures made in passing during general conversation rather than in the formal fact-find, such as mentions of bereavement, divorce, or redundancy. For low resilience, Evie identifies expressed concern about income stability or savings buffers that the adviser may not record as a vulnerability indicator. For low capability, Evie detects difficulty engaging with product terminology or questions that suggest limited financial literacy.
Evie's detection in action: at One FS, adviser Wayne experienced a connectivity issue mid-meeting and the client repeatedly asked him to repeat himself. Evie flagged the pattern and surfaced a potential hard of hearing indicator that Wayne had not recorded in his notes, a detail that would have been absent from the file entirely under a manual documentation workflow. This is an example of Evie mapping an in-meeting observation to the poor health driver, specifically cognitive or sensory impairment, before the notes were filed. Evie captures how clients are responding, including tone and reactions, not just their words, which is the primary reason firms choose AdvisoryAI's meeting note tool over generic alternatives. Evie captures minute details even seasoned advisers would otherwise miss, including soft facts that shape vulnerability assessments and suitability decisions, shifting detection from retrospective audit to the point of meeting capture.
FCA Compliance: AI Documentation Trails
Under Consumer Duty, the FCA examines the audit trail to determine whether vulnerability criteria were identified, considered, and evidenced at the point of advice. Colin's compliance check generates a record of each finding with citations back to the source document. For a s166 review or routine supervision visit, the firm can demonstrate that it identified and considered every relevant vulnerability criterion, not just those the adviser happened to record in their notes. The Timothy James and Partners case study shows how structured documentation output reduced post-meeting time substantially, with support teams accessing notes faster than under the previous manual workflow.
Operational Fit: Integrating Into Your Firm
Back Office and Ops Data Synchronisation
Vulnerability flags identified during a meeting or in a compliance check have limited value if they exist only in a standalone tool. AdvisoryAI connects directly with Intelliflo, Plannr, Curo, and Xplan, pushing structured meeting outputs, including vulnerability data, into the client file automatically. The Intelliflo integration cuts time on fact-find updates, which means the paraplanner working on the suitability report the next morning already has the vulnerability context in the client record.
Reducing Time on Adviser Vulnerability Checks
Post-meeting documentation consumes significant time after every client meeting across a multi-adviser team. With Evie handling the first draft of meeting notes, documentation becomes a review task rather than an authoring task. Colin then performs a compliance check on the finished report before it leaves the adviser's desk, so Consumer Duty obligations are met at the point of production rather than discovered at audit. Brooks Macdonald reported post-meeting note time dropping from 1.5 hours to 15 minutes per meeting, an 87.5% reduction in the annual review context. For firms running multiple meetings per week across a multi-adviser team, that recovery of adviser time compounds quickly into material capacity.
FCA Vulnerability Quality Checks
For Operations Directors, the value of Colin is not only in what it catches but in what it standardises. When every report passes through the same Consumer Duty checking logic before it leaves the adviser's desk, the compliance team reviews against a consistent baseline rather than discovering gaps at audit. The weakest file in the firm is no longer the unreviewed one. It is the one where the adviser reviewed Colin's verdict and documented their rationale. After Emma produces the draft, Colin applies Consumer Duty checking before the document leaves the adviser's desk.
Matching AI to Your Firm's Operational Model
Scaling AI for Multi-Practice Firms
Consolidators and networks need bespoke templates per firm, contract flexibility, and compliance checking that works across different adviser styles and document formats. Colin's system-agnostic approach, which checks any suitability report regardless of how it was produced, is operationally critical here. AdvisoryAI works with major UK consolidators and advice networks as a co-creation partner, configuring bespoke templates per firm, capturing advice style and tonality at the firm level, and building out customised document formats before go-live rather than applying a standardised vendor setup across a diverse adviser population. Atlas adds a further capability at this tier: the ability to query patterns across an entire client database, identifying clients who may need re-engagement based on prior vulnerability flags without manual file review.
Colin and Emma for Mid-Sized Teams
For firms with five to twenty advisers, the compliance consistency argument becomes the primary driver. When advisers produce documentation independently, vulnerability identification varies with individual attention to detail, workload pressure, and experience. Deploying Colin across all advisers creates a uniform checking standard that the compliance team can rely on before files reach the review queue.
Smaller Practices: Testing Before Committing
For smaller practices with fewer than ten advisers, Colin at £99 per user per month, with a 14-day free trial and no annual commitment, allows the firm to test the impact on a real workload before committing. Even for a sole adviser or small team, the individual productivity gain from Colin's structured pass/fail verdicts reduces the time spent second-guessing whether a file meets Consumer Duty requirements before submission. The monthly rolling agreement removes the commitment risk that makes smaller practices hesitant to adopt firm-wide tooling.
Justifying AI Investment: Costs and ROI
AI Vulnerability Platform Costs and ROI
AdvisoryAI publishes all individual product prices on its pricing page. Colin costs £99 per user per month, Evie costs £99 per user per month, and Emma costs £299 per user per month, with bundle pricing available for firms deploying more than one tool. All plans include the 14-day free trial with no credit card required, a 30-day money-back guarantee, and monthly rolling agreements. Annual plans reduce the per-user cost by 10%.
Compare that against the operational alternative. A qualified paraplanner costs between £30,000 and £40,000 per year in the UK according to industry data. That headcount does not eliminate the documentation bottleneck. It adds capacity to the bottleneck. Aveni, Saturn, and PlannerPal do not disclose pricing, which means the business case cannot be constructed without a full sales engagement.
Planning Your AI Platform Go-Live
AdvisoryAI's 14-day free trial covers the platform, so the evaluation runs on real workloads rather than a constrained demo environment. For consolidators and larger firms, the typical path is a scoped proof of concept before firm-wide rollout, with AdvisoryAI co-creating bespoke templates per firm before go-live.
User Training and Ongoing Support
The most important training shift for advisers adopting AI compliance platforms is moving from author to editor. Before AdvisoryAI, the adviser writes the meeting note and suitability report from scratch. After deployment, the adviser reviews a structured draft and confirms or amends Colin's vulnerability findings. That shift requires advisers to trust the draft as a starting point without over-writing it, and to engage with Colin's pass/fail verdicts as a genuine quality check rather than a box-ticking exercise. Read our case studies to see how comparable UK advice firms reduced documentation time by 50-80%.
Request a demo to see how Colin checks your firm's documents against FCA Consumer Duty requirements.
FAQs
How Accurate Is AI Vulnerability Detection Against FCA Criteria?
Colin maps each statement in the advice file to FCA Consumer Duty requirements and COBS standards, generating a pass/fail verdict with citations back to the source document for adviser review. No AI tool produces a definitive compliance verdict independent of adviser review, but Colin's structured evidence layer is more consistent across a multi-adviser team than manual checking alone.
What Happens When Colin Flags a Potential Vulnerability Gap?
Colin provides a specific citation identifying which criterion is unmet and where in the document the gap occurs, allowing the adviser to address the gap before submission or document a reasoned rationale for why the criterion does not apply. This creates a documented decision point in the audit trail rather than a silent omission.
Does AI Replace the Adviser's Professional Judgement on Vulnerability?
No. Colin checks whether vulnerability criteria have been considered and evidenced in the file, but the professional judgement on whether a client's circumstances constitute a driver of vulnerability and how that affects the advice given remains with the adviser. The AI flags what requires attention and the adviser determines how to respond.
How Long Does It Take to Deploy AI Vulnerability Screening Across a Multi-Adviser Firm?
Colin is system-agnostic, meaning it checks suitability reports without requiring firms to change their document templates, and the 14-day free trial covers the full platform with no credit card required. For consolidators requiring bespoke template configuration per firm, implementation timelines depend on the scoping process, which AdvisoryAI co-creates with the firm before go-live.
How Does AdvisoryAI Handle Client Data in a Vulnerable Customer Context?
Client data is stored on UK-based AWS servers and is not used to train AdvisoryAI's models. Anonymised data is used only for tone of voice and template training within the firm's own configuration, and changes made within the platform stay within the firm's configuration and do not feed into any shared or external model. This containment is particularly important when documenting vulnerable client circumstances, where the sensitivity of the data requires strict controls on how it is stored, processed, and used.
Key Terms Glossary
Consumer Duty: The FCA's regulatory framework requiring firms to deliver good outcomes for retail customers. Vulnerability identification and documentation is a core Consumer Duty obligation.
COBS: Conduct of Business Sourcebook. The FCA's rulebook governing how regulated firms conduct investment business with clients, including suitability assessment requirements that apply to vulnerability documentation.
Four drivers of vulnerability: The FCA's framework categorising circumstances that increase susceptibility to harm: poor health (including cognitive impairment), life events (bereavement, divorce, redundancy), low resilience (limited ability to absorb financial or emotional shocks), and low capability (limited financial literacy or numeracy).
Back office: The operational and administration systems used by advice firms to manage client records, fact-finds, and compliance documentation. Confirmed UK back-office platforms that connect directly with AdvisoryAI include Intelliflo, Plannr, Curo, and Xplan.
