XYZ Bank Consumer Duty Policy 1. Purpose This Policy sets out XYZ Bank’s (“the Bank”) framework for complying with the FCA Consumer Duty and delivering good outcomes for retail customers. The purpose of this Policy is to: embed customer-focused decision-making across the Bank; support compliance with applicable FCA requirements; ensure the Bank acts to deliver good customer outcomes; establish governance and accountability arrangements relating to customer outcomes; support the identification and mitigation of foreseeable customer harm; and ensure that customer interests are appropriately considered across the product and customer lifecycle. The Consumer Duty forms a core component of the Bank’s conduct and governance framework. 2. Scope This Policy applies to: all retail products and services; all retail customer interactions and communications; all customer journeys and servicing activities; all distribution channels; outsourced activities affecting retail customers; and all employees, contractors and business areas involved in the design, delivery, servicing or oversight of retail customer activities. This Policy applies throughout the customer lifecycle, including: product design; marketing and distribution; onboarding; servicing; complaints handling; collections and forbearance; product changes; and product closure or withdrawal. 3. Regulatory Context This Policy supports compliance with: Principle 12 of the FCA Principles for Businesses; the FCA Consumer Duty; PRIN requirements relating to retail customer outcomes; applicable PROD requirements; SMCR obligations; and broader conduct risk obligations. The Bank recognises that compliance with detailed rules alone may not be sufficient to demonstrate good customer outcomes. 4. Consumer Duty Principles The Bank will seek to: act in good faith towards retail customers; avoid causing foreseeable harm to retail customers; and enable and support retail customers to pursue their financial objectives. The Bank expects employees to consider customer outcomes as part of day-to-day decision-making and governance activities. The Bank will seek to: place appropriate focus on customer interests; consider the needs of vulnerable customers; communicate clearly and transparently; monitor customer outcomes on an ongoing basis; and identify and address issues where poor outcomes may arise. 5. Governance and Accountability 5.1 Board Oversight The Board retains overall responsibility for oversight of the Bank’s compliance with the Consumer Duty. The Board is responsible for: reviewing the effectiveness of the Bank’s Consumer Duty framework; reviewing management information relating to customer outcomes; overseeing material customer outcome risks; considering the annual Consumer Duty assessment; and ensuring that customer outcomes are appropriately considered within the Bank’s strategy and governance framework. 5.2 Consumer Duty Champion The Board has appointed a Consumer Duty Champion to support: Board oversight of Consumer Duty implementation; consideration of customer outcomes in Board discussions; and constructive challenge relating to customer impact and conduct matters. 5.3 Executive Management Executive Management is responsible for: embedding Consumer Duty requirements across business operations; ensuring appropriate governance and monitoring arrangements are maintained; allocating appropriate resources to support good customer outcomes; and escalating material concerns relating to customer harm or poor outcomes. 5.4 Business Areas Business areas are responsible for: considering customer outcomes in decision-making; identifying and mitigating foreseeable harm; monitoring customer outcomes; escalating material concerns; and maintaining appropriate records and evidence. 5.5 Risk and Compliance Functions Risk and Compliance functions are responsible for: providing independent review and challenge; supporting interpretation of regulatory requirements; reviewing customer outcome risks; supporting governance reporting; and escalating material concerns where appropriate. 6. Consumer Duty Outcomes 6.1 Products and Services Outcome The Bank will seek to ensure that products and services: are designed to meet the needs of identified target markets; are distributed appropriately; remain appropriate throughout their lifecycle; and support fair customer outcomes. The Bank’s Product Governance Policy sets out detailed requirements relating to product approval, review and governance. Products and services should be subject to periodic review to assess: customer outcomes; evidence of customer harm; customer understanding; complaints trends; operational performance; and ongoing suitability for the target market. 6.2 Price and Value Outcome The Bank will seek to ensure that customers receive fair value. Assessments of value should consider: the nature and quality of the product or service; customer benefits; fees and charges; limitations and exclusions; customer outcomes; comparable market offerings where appropriate; and foreseeable customer behaviours. The Bank will periodically review pricing structures and customer outcomes to assess whether products continue to provide fair value. Material concerns relating to pricing or customer value should be escalated appropriately. 6.3 Consumer Understanding Outcome The Bank will seek to communicate with customers in a manner that: is clear, fair and not misleading; supports informed decision-making; avoids unnecessary complexity; and takes account of customer characteristics and vulnerability considerations where appropriate. Customer communications may include: financial promotions; digital journeys; product disclosures; servicing communications; collections and arrears communications; and complaints-related communications. The Bank may use: customer testing; complaints analysis; behavioural analysis; customer feedback; and monitoring of customer behaviour to assess whether communications support customer understanding effectively. 6.4 Consumer Support Outcome The Bank will seek to provide customer support that enables customers to: use products and services as reasonably anticipated; pursue their financial objectives; and act in their own interests. The Bank will seek to avoid unreasonable barriers in relation to: accessing support; making complaints; switching products; closing accounts; accessing information; or exercising customer rights. Customer support arrangements should consider: accessibility; vulnerability; channel effectiveness; customer wait times; complaint trends; and operational resilience. 7. Vulnerable Customers The Bank recognises that customers may experience vulnerability due to a range of factors, including: health; life events; financial resilience; and capability. The Bank will seek to: identify vulnerable customers where appropriate; provide appropriate support arrangements; consider vulnerability within product and service design; train relevant employees on vulnerability considerations; and monitor outcomes for vulnerable customer groups. The Bank recognises that vulnerability may be temporary, permanent or episodic. 8. Monitoring, Management Information and Outcomes Testing The Bank will maintain monitoring arrangements intended to support identification of poor customer outcomes or foreseeable harm. Monitoring may include: complaints analysis; customer feedback; quality assurance activities; call monitoring; customer journey analysis; operational incident analysis; arrears and forbearance data; vulnerability indicators; customer behaviour analysis; customer attrition; digital analytics; and product performance data. Management Information should be reviewed regularly by appropriate governance forums. The Bank recognises that no single metric is likely to demonstrate good customer outcomes in isolation. 9. Third Parties and Distribution Where third parties are involved in the distribution, servicing or operation of products and services, the Bank will maintain appropriate oversight arrangements. The Bank will seek to ensure that third parties: understand relevant customer outcome expectations; provide appropriate information to support oversight; escalate material customer concerns appropriately; and support compliance with applicable regulatory requirements. Appropriate due diligence and monitoring should be undertaken for material outsourcing and distribution arrangements. 10. Training and Culture The Bank expects employees to consider customer outcomes as part of day-to-day decision-making. Relevant employees should receive training relating to: Consumer Duty requirements; conduct expectations; vulnerability considerations; escalation expectations; and customer outcome considerations relevant to their role. The Bank will seek to promote a culture in which: customer interests are appropriately considered; employees feel able to raise concerns; challenge is encouraged; and foreseeable harm is identified and escalated appropriately. 11. Escalation and Remediation Material concerns relating to customer outcomes should be escalated promptly through appropriate governance channels. Where poor outcomes or customer harm are identified, the Bank will seek to: investigate root causes; assess customer impact; implement remediation actions; consider whether customer redress is appropriate; assess whether broader systemic issues exist; and consider regulatory notification obligations where appropriate. Remediation actions should be tracked to completion. 12. Record Keeping Appropriate records should be maintained in relation to: governance decisions; customer outcome assessments; fair value assessments; monitoring activities; remediation actions; customer research and testing; committee reporting; and escalation activities. Records should be retained in accordance with the Bank’s Records Management Policy. 13. Annual Assessment The Bank will undertake an annual assessment of whether it is delivering good outcomes for retail customers. The assessment should consider: customer outcome monitoring; complaints and incidents; product and service reviews; vulnerability considerations; remediation activities; governance effectiveness; and emerging risks and regulatory developments. The results of the assessment will be reviewed by the Board. 14. Policy Ownership and Review This Policy is owned by the Chief Compliance Officer. The Policy will be reviewed at least annually or earlier where required due to: regulatory developments; material customer outcome concerns; significant governance changes; or changes to the Bank’s operating model or product portfolio. Material amendments to this Policy require approval by the Board.