TL;DR: Protection suitability reports take 71.9% of UK firms between one and seven hours per document. Under FCA Consumer Duty, reports must evidence personalised gap analyses and clear client outcomes, not generic templates. For straightforward single-policy cases, a Reasons Why letter serves as the client-facing summary, provided full suitability evidence remains in the file. Complex, multi-policy, or business protection cases require a full COBS 9 report with quantified gap analysis, documented alternatives, and exclusion disclosure. TFP Financial Planning Ltd scaled suitability report output from one to six per day using Emma, with a 10% editing rate on generated reports, shifting paraplanners from author to editor.

Writing protection suitability reports has never been quick, and Consumer Duty raised the documentation standard materially without adding hours to your working day. Research cited in the AdvisoryAI whitepaper shows suitability letter preparation takes an average of 4 hours 45 minutes manually across UK advice firms, which compounds across a full review calendar. In firms with paraplanning support, that bottleneck means paraplanners wait before they can begin processing. Across all firm structures, it slows client onboarding and reduces the time available for client-facing work.

A compliant protection file follows a repeatable structure. Master that structure, catch the common failure patterns early, and you can produce defensible documentation without starting from a blank page each time.

What Makes a Protection Suitability Report Compliant?

A protection suitability report demonstrates why a specific life, income protection, or critical illness policy meets a client's individual demands, needs, and personal circumstances. Beyond regulatory compliance, it is the primary document that protects both the client and the adviser from future liability when a claim is disputed or an FCA review is conducted.

FCA Expectations Under Consumer Duty

The FCA's Consumer Duty requirements mean protection reports must demonstrate clear client outcomes: how the recommended product prevents foreseeable harm, delivers fair value relative to the client's means, and is explained in terms the client genuinely understands. Boilerplate text fails this standard because generic paragraphs that do not reference the client's specific liabilities, dependants, or vulnerability context cannot evidence the outcomes the FCA expects at audit.

COBS and ICOBS Requirements for Protection Advice

COBS 9.4 of the FCA Handbook sets out the suitability report requirements for personal recommendations on life policies. Under these rules, you must explain why you concluded the transaction is suitable based on the client's information, include a personalised recommendation explaining why the specific policy best meets their demands and needs, and provide the report in a durable medium immediately after the contract concludes where cover is granted immediately. Standalone pure protection contracts such as income protection and critical illness policies may fall under ICOBS, particularly ICOBS 5, rather than COBS 9, depending on how the contract is classified. Confirm the applicable Handbook chapter with your compliance officer for each contract type before relying on this framing.

Protection-Specific Suitability Structure

A compliant protection suitability report follows five core components. Emma preserves your established document formats by generating reports from your firm's own templates, not a standardised vendor format, so your compliance-checked formatting and document style remain intact. Emma is AdvisoryAI's suitability report capability within the Atlas platform.

Client Demands and Needs

You must make this section highly personalised. Document the client's specific financial objectives, named dependants and their ages, outstanding liabilities (mortgage balance, business debts, income commitments), and any vulnerability indicators captured during the fact-find. Generic statements like "the client has a need for protection" do not meet the Consumer Duty standard. Evie eliminates manual fact-find re-entry by recording meetings via Microsoft Teams, Zoom, or Google Meet, generating structured notes post-meeting from the recording, and pushing fact-find data directly into your back office. Evie is AdvisoryAI's meeting notes capability within the Atlas platform.

Gap Analysis

Your gap analysis forms the core of a defensible protection file. Compare the client's existing cover against their actual liabilities and express the specific shortfall in monetary terms. For example: "The client holds existing decreasing term life cover against a current mortgage balance, leaving an uninsured shortfall that must be quantified." Failing to quantify the shortfall in this way is one of the most common reasons protection files fail compliance review.

Alternatives Considered

Document the specific alternatives you evaluated and the reasons you rejected them. If you recommended level term over family income benefit, record why. If you selected single-life over joint-life, explain the rationale based on the client's circumstances. Omitting alternatives documentation suggests biased advice rather than reasoned recommendation.

Recommendation Rationale

Link each specific product feature directly to a documented client need. You are not describing the product. You are explaining why this product, from this provider, at this premium level, addresses the shortfall identified in your gap analysis and meets the Consumer Duty outcome of preventing foreseeable harm. Watch Emma generating protection suitability letters to see how this capability structures the rationale from meeting notes, fact-finds, LOA pack summaries, ceding information, cashflow modelling outputs, and risk profile assessments.

Exclusions and Limitations

You must state all material policy exclusions clearly and in plain English. If the client has a pre-existing condition resulting in an exclusion or premium loading, document it explicitly and confirm the client acknowledged and understood it. Failure to disclose exclusions is a persistent source of complaints and regulatory exposure.

The 'Reasons Why' Letter Convention

What Is a Reasons Why Letter?

A Reasons Why letter is commonly used in UK protection advice as a shorter client-facing summary of the advice rationale, used in protection cases where a comprehensive suitability report would be disproportionate to the complexity of the recommendation. The underlying suitability evidence must still be present in the client file even when you provide the client with a shorter letter.

When to Use This Format

Key Components and Structure

A Reasons Why letter typically includes five key elements:

1. Policy identification: The insurer, product name, and type of cover recommended.

2. Client circumstances summary: A plain-language summary of the financial position and need driving the recommendation.

3. Needs addressed: Which specific client needs the recommended policy meets.

4. Gap explanation: If the policy does not fully meet the identified need, a plain-language explanation of the difference and why the client accepted partial cover.

5. Next steps: What the client should expect to happen next, including any conditions or underwriting decisions.

Example Wording for Common Scenarios

For income protection: "Based on your current monthly outgoings of £X and an employer sick pay period of Y weeks, we have recommended an income protection policy paying £Z per month after an appropriate deferred period, ensuring your household income is maintained during a period of extended illness or injury."

For critical illness cover: "Given your family circumstances and the outstanding mortgage balance, we have recommended critical illness cover of £X, which would allow you to repay the mortgage and maintain your household's financial position if you are diagnosed with a listed condition."

A 10-Step Compliant Protection File Checklist

The following 10-step framework covers the documentation requirements for an audit-ready protection file under Consumer Duty and COBS 9. AdvisoryAI's capabilities within Atlas map to the relevant steps below to show how they support your compliance workflow.

1. Fact-find completeness: Every client file must start with a complete fact-find covering liabilities, dependants, income, and vulnerability flags. Evie records meetings, generates structured notes post-meeting from the recording, and pushes fact-find data directly into back-office systems (Intelliflo, Plannr, Curo, Xplan), eliminating manual re-entry. See the Intelliflo integration walkthrough for how this works in practice.

2. Demands and needs documented: Record the client's explicit protection objectives with reference to specific financial commitments, income dependencies, and foreseeable life changes.

3. Gap analysis evidenced: Name the shortfall in monetary terms. A vague summary does not satisfy Consumer Duty or COBS 9.4. Atlas surfaces existing cover details and prior client commitments from previous transcripts and uploaded documents before you quantify the gap. Adaptive Thinking, available from May 2026, makes Atlas's reasoning visible at each step and auditable across sessions, so the basis for every answer can be reviewed and produced if required.

4. Product research recorded: Store the provider comparison and research basis in the client file, including quotes sourced from multiple providers.

5. Alternatives considered and rejected: Record every alternative you evaluated, with a brief rationale for rejection based on the client's specific circumstances.

6. Recommendation rationale clear: The link between your research findings and the chosen product must be explicit and client-specific. Emma generates this section from your meeting notes, fact-find, LOA pack summaries, ceding information, cashflow modelling outputs, and risk profile assessments, cutting a task that AdvisoryAI research shows ranges from one to seven hours manually across UK firms to under an hour for firms that have moved to template-based generation. Watch AdvisoryAI generate reports in five minutes to see the full workflow.

7. Exclusions and limitations stated: Highlight all material exclusions and premium loadings in plain language, and document the client's acknowledgement.

8. Client understanding confirmed: Record that the client understood the advice, the costs, the policy limitations, and any recommendations they declined. This is a specific Consumer Duty requirement.

9. Ongoing service expectations set: Document what happens after the policy is placed, including review frequency and what triggers a review.

10. Audit trail complete: Colin catches compliance gaps before files leave your desk by running automated checks across COBS 9.4 requirements and Consumer Duty outcomes, mapping each section against the client file and producing a compliance report with specific remediation guidance for any gaps. Colin is AdvisoryAI's compliance checking capability within the Atlas platform. From May 2026, Atlas also makes its reasoning visible and auditable across the file.

For the regulatory basis underpinning these requirements, the FCA's Consumer Duty guidance sets out the outcome standards against which protection files are assessed.

Common Failure Patterns in Protection Files

The FCA's Retirement Income Thematic Review TR24/1 identified recurring documentation and suitability shortcomings across advice files, including material information gaps in fact-finding, risk profiling not evidenced, capacity for loss not assessed, and insufficient record-keeping. While TR24/1 focused on retirement income, the documentation and suitability standards it examined reflect the same FCA expectations that apply to protection advice under Consumer Duty and COBS 9. These are the five patterns Colin catches most frequently before a file leaves the adviser's desk.

Missing or Incomplete Gap Analysis

If you fail to quantify the shortfall in monetary terms, you create the single most common reason protection files fail compliance review. A statement that "the client has insufficient cover" without specifying the amount gives a complainant or the FCA no basis to assess whether your recommendation was appropriate.

Weak Rationale for Product Selection

Generic reasons for choosing a specific provider, such as "competitive premium" without reference to the client's health profile, occupation class, or specific policy terms, do not meet the Consumer Duty standard. Your rationale must connect provider-specific features to the client's documented needs.

No Evidence of Alternatives Considered

If you omit alternatives documentation, you create the impression of biased advice. The FCA expects you to demonstrate that you actively considered and rejected other product types, benefit structures, and providers for documented reasons tied to the client's circumstances.

Exclusions Not Clearly Documented

If you do not clearly record pre-existing condition exclusions or premium loadings in the file, and confirm the client understood them, you create a persistent compliance failure that is especially high-risk when the client later makes a claim falling within an excluded condition.

Generic Advice Not Tailored to the Client

Boilerplate text that could apply to any client fails the Consumer Duty personalisation standard. Colin flags these gaps by cross-referencing each section of your report against the specific client data in your fact-find, as explained in the introduction to Colin.

You do not need more hours to produce protection file documentation that meets Consumer Duty. You need a consistent structure that captures the right information at each stage, catches gaps before you submit the file, and maintains an auditable record of your advice rationale. TFP Financial Planning Ltd scaled suitability report output from one to six per day using Emma, with a 10% editing rate on generated reports, a capacity increase that compounds materially across a full review calendar.

Start a 14-day free trial of Emma to generate compliant protection suitability reports from your own templates. No credit card required. Contracts are monthly rolling with no lock-in, all paid plans include a 30-day money-back guarantee, and annual plans are available at a 10% discount. Alternatively, request a demo to see how Colin and Emma connect with your back office (Intelliflo, Plannr, Curo, Xplan) to automate your compliance checks across existing report workflows.

FAQs

How long should a protection suitability report be?

A protection suitability report should be as concise as possible while fully documenting the client's demands, needs, and recommendation rationale. Under Consumer Duty, clear client communication is prioritised over lengthy boilerplate, so every section should be purposeful rather than padded.

Can I combine multiple protection policies into a single suitability report?

Yes, multiple policies such as life cover and income protection can commonly be combined into one report, provided the demands, needs, and recommendation rationale for each policy are clearly and distinctly documented. Combining policies in this way reduces administrative duplication and often makes the advice easier for the client to follow.

What if the client declines recommended cover?

Document the recommendation in the client file and consider sending a revised suitability letter confirming that the recommendation was made and declined. This audit trail protects your firm from future liability if the client suffers a loss that the declined policy would have covered.

How do I document non-advised protection sales?

For non-advised sales, you do not need a full suitability report, but you must provide clear product information and document that no personal recommendation was made. The client file should typically contain a signed declaration confirming the client selected the product on a non-advised basis.

Does Colin check protection files created in other systems?

Yes. Colin is system-agnostic. It checks any suitability report, fact-find, or file note against COBS 9.4 and Consumer Duty requirements, regardless of whether it was created in AdvisoryAI.

How long do I need to retain protection suitability records?

FCA regulations require that records relating to life policies are retained for an appropriate period in a retrievable format. Industry practice typically involves retaining records for a minimum of five years from the date of the recommendation.

Key Terms Glossary

Suitability report: A formal written document that explains why a specific financial product recommendation is suitable for a client based on their demands, needs, and personal circumstances.

Reasons Why letter: A client-facing summary letter that outlines the key reasons why a specific protection policy has been recommended to meet the client's objectives.

Gap analysis: The process of comparing a client's existing financial protection cover against their actual liabilities to identify specific shortfalls, expressed in monetary terms.

Consumer Duty: The FCA regulatory framework set out in PS22/9 (2022) and in force from 31 July 2023 that requires UK financial services firms to deliver good outcomes for retail customers across products, price, understanding, and support.

COBS 9: The section of the FCA Handbook that details the rules for assessing suitability and documenting personal recommendations, including life policies.