In April of this year, the UK Competition and Markets Authority (CMA) gained direct enforcement powers in consumer protection law under the Digital Markets, Competition and Consumers Act 2024 (DMCC Act). However, the CMA is not the only regulator who has responsibility for consumer protection. The Financial Conduct Authority (FCA) was granted its consumer duty (the Consumer Duty) in July 2023 – the largest shift in how retail banking customers are treated in a decade. In this blog we consider how compliance and direct enforcement under the DMCC Act compares with the Consumer Duty, and what lessons the CMA might draw from the FCA’s approach when getting to grips with its new consumer powers.

A similar start

Both the DMCC Act and Consumer Duty were introduced with a view to remedying perceived weaknesses in existing consumer protection enforcement. The CMA lacked the ability to find firms in breach of consumer law without first going to a court, and could not issue administrative penalties for non-compliance, whilst the FCA’s “treating customers fairly” (TCF) rules and guidance had been insufficient to prevent several cases of widespread consumer harm, including PPI mis-selling. The reasons for this have been much debated, but centre around the fact that much of TCF framework was contained in guidance (against which the FCA could not directly enforce). It was also too easy for compliance to become a ‘tick-box’ exercise with insufficient real ownership for delivery developing outside of (and sometimes within) compliance teams – two problems the FCA was keen to fix when designing the Consumer Duty.

The implementation of both regimes has focused on compliance rather than deterrence, prioritising regulator engagement with businesses who are “looking to do the right thing”. The FCA is actively engaging with firms on ways to use the Consumer Duty to reduce regulatory burdens in other areas of its Handbook and the CMA has been proactive in business-engagement through consultations, roundtables and webinars.

Differentiated scope and roles

Both regimes apply to players whose practices impact end-consumers. The Consumer Duty applies to all firms in a distribution chain for a product intended for retail customers and the DMCC Act applies to wholesalers to the extent that their actions form part of retailers’ consumer law breach.

As one would expect, the scope of the Consumer Duty is limited to firms regulated by the FCA who are performing “retail market business”, unlike the DMCC, which is not sector-limited.

Perhaps the biggest contrast is the role of the regulator under the different regimes. The FCA is effectively judge, jury and executioner of the firms it regulates. It decides whether to authorise a firm to conduct regulated financial services activity, supervises its day-to-day activities, investigates it when things go wrong, decides whether there has been a breach of its requirements and sets any resulting penalty. There is a referral process up to the Upper Tribunal, but this is rarely used by firms. For most regulated organisations, the FCA holds the power of life and death over their activities in a way that the CMA simply does not – especially given the ability to appeal to the High Court for a full merits review of CMA infringement decisions. This imbues all firms’ interactions with the FCA with particular significance. Firms are cautious about challenging a regulator with whom they have an ongoing relationship.

Similar aims and areas of focus

The Consumer Duty consists of a new regulatory principle – a firm must act to deliver good outcomes for retail customers. This is supported by three cross cutting rules (acting in good faith, avoiding causing foreseeable harm, and enabling customers to achieve their financial objectives) and a further, more detailed, suite of rules and guidance covering products and services, price and value, customer understanding/communications, and customer support. These areas of focus align with much of the DMCC Act.

Enforcement priorities are also closely linked. The below table provides a snapshot of how the parallel regimes address these priorities in practice.

A technical overlap in competences?

Retail banking contracts are explicitly carved out of Schedule 22 of the DMCC Act, which relates to subscription contracts, and there is a specific exclusion in Schedule 24 DMCC Act for consumer savings schemes, where the trader entering into the contract with the customer does so in the course of a regulated financial service activity for which they have an authorisation. However, some commercial practices could technically fall in scope of both the Consumer Duty and DMCC regimes.

The CMA has not identified regulated sectors as an enforcement priority, and consistent with its broader enforcement tools will be mindful of overlap, in particular with its concurrent competition regulators such as the FCA. Indeed, the CMA has highlighted not only its commitment to work with regulators, but also that businesses should refer to the relevant regulators for sector-specific queries on sectoral guidance (for example, the price transparency consultation document refers to Ofcom’s statement on new sector-specific price information requirements in July 2024, which set out new rules and guidance that took effect in January 2025).

Practically, it seems highly unlikely that businesses will be subject to consumer enforcement under both the DMCC Act and Consumer Duty regime, even though there is a technical increment in enforcement risk for financial services businesses following the introduction of the DMCC Act.

The future of consumer enforcement

Both regulators have sought to take a pro-business, example-based approach to regulation, as businesses get to grips with these new rules. Since the Consumer Duty came into force, the FCA has frequently surveyed consumer-facing practices in retail banking and published feedback on “good and poor” practice as a means of educating firms and improving industry behaviour. We have yet to see a published enforcement case. Similarly, the CMA’s guidance on OCA and more recent consumer guidance includes an array of examples to help businesses consider their approach to compliance and to date the CMA has not publicly announced any active enforcement case under the new rules.

Lessons for businesses

The CMA is clear in its approach document that it intends to work closely with the FCA when it comes to tackling consumer harm. Given the parallels between the two consumer regimes, it’s worth considering what firms in scope of the DMCC Act can learn from best practice around financial services firms’ implementation of the FCA’s Consumer Duty:

• Understand your customers. Compliance with the Consumer Duty requires detailed understanding of the needs, characteristics and challenges of target customers, as will be the case under the DMCC Act.

• Engage with customer vulnerability and tailor behaviour accordingly. The FCA has placed considerable emphasis on firms’ obligations to support vulnerable customers, reviewing compliance with its Vulnerable Customer Guidance and publishing feedback last year. Vulnerability is interpreted widely (as is the case under the DMCC Act), and firms are encouraged to be proactive in meeting the needs of vulnerable customers. Some, such as Revolut, have partnered with organisations like the Samaritans to better understand how to meet the needs of customers suffering from mental health issues.
• Get up the compliance curve. Firms in scope of the Consumer Duty are expected to demonstrate that the Consumer Duty has been embedded into firm culture/strategy and is impacting how firms do business at all seniority levels and across all teams. Monitoring is mandatory, and firms must report annually on the extent to which they are delivering good outcomes for retail customers, with a significant focus on continual improvement. The FCA’s role as supervisor gives it a means to monitor this that the CMA does not enjoy. Firms outside of the financial services sector may still benefit from taking a similarly pro-active approach to compliance with the DMCC. Improving compliance requires investment, direction from the top and promotion of the relevant culture and values by the middle. Compliance works best when regimes like the DMCC Act move from being something firms discuss to something they act upon. There are many tips the broader retail sector in scope of the DMCC could learn from the approaches of financial services firms to complying with their Consumer Duty. Given the level of potential fines for firms who breach the DMCC Act, this may also make good business sense.