The problem we keep seeing
We are continually seeing firms that have invested time and budget into vulnerability. Training has been delivered. Policies have been written. A manager has accountability. Measures are being reported on.
But when we look at what is happening in customer journeys, the picture is different. Complaints from vulnerable customers have not shifted. Frontline teams know what to listen for, but do not have the processes and support options the customer needs to back them up. Leadership cannot see where the real risks lie because the data tells a different story to the colleagues.
Often, firms come to us with a specific ask. “We need training for our frontline teams to recognise and record vulnerability.” Or, “Help us improve how we identify and support vulnerable customers.”
These are reasonable requests. But in our experience, they are rarely the whole answer. The firm that thinks it needs training usually needs vulnerable customer journey redesign. The firm that wants better identification usually needs to ask why identification is not leading to better outcomes.
The Vulnerability Review meets you where you are. Even when the brief needs reframing.
What this is
A focused, independent review of how vulnerability sits across your organisation. We look at your vulnerable customer policies, processes, customer journeys, complaint data, frontline practices, and governance. We talk to people across the business, not just the vulnerability lead. We challenge assumptions.
The output is a vulnerability review findings report with prioritised recommendations. Not a list of everything that is wrong, but a clear view of where the biggest risks sit and what to tackle first.
The 4 stages
How we move from vulnerability insight to lasting operational change.
-
Stage 1: Insight Gathering
We provide a checklist covering policies, journey maps, data, training, and board reporting from the past two years. You share as much as you can.
-
Stage 2: Interviews
We interview the right people at all levels, from board to frontline, and from customer-facing teams through to marketing and support functions.
-
Stage 3: Analysis
We bring together everything from the documentation and the interviews to build a clear picture of where vulnerability risk sits, where good practice exists, and where the gaps are between intent and experience.
-
Stage 4: Playback
We present the findings in a written report, followed by a 60-minute debrief call to talk through the priorities, answer questions, and agree what comes next.
Who this is for
- Risk and compliance leads who need an independent view of where vulnerability creates conduct and operational risk.
- Customer experience leaders who are expected to identify and prevent foreseeable harm in their customer journeys.
- Senior leaders who have received regulatory feedback or know they need to act but are unsure what to prioritise.
- Any firm that has done internal work on vulnerability and would value an external, expert assessment of its position
How it works
We start with what you already have: your policies, your data, your processes. We review documentation, listen to calls, walk through journeys, and speak with people at every level of the organisation.
Every review is shaped by your sector, your size, and the specific risks vulnerability creates for your business.
Typical duration: 4 to 6 weeks from kick-off to final report.
What you get: A written findings report with prioritised recommendations planned on a roadmap presented to your leadership team.
In practice
An insurer had invested significantly in improving outcomes for customers in vulnerable circumstances. Identification rates had improved, and quality measures suggested customers were being treated with care. But support take-up remained low, and vulnerable customers were still experiencing longer, harder journeys.
The Review revealed the issue was not lack of intent. Teams understood the importance of vulnerability and were trying to respond well. The problem was that the processes behind them had not been designed to adapt when vulnerability was identified.
A vulnerability flag existed in the system, but it did not reliably trigger a different route, relevant support, a change in communication, or faster resolution.
The recommendations focused on three process changes: making vulnerability flags actionable, embedding support at the right journey points, and measuring whether vulnerable customers were getting better outcomes — not just whether they had been identified.
Within six months, the firm had increased support take-up, reduced customer effort, and improved the end-to-end experience for all customers.
“We thought we had an identification problem. It turned out we had a journey design problem.”
Head of Vulnerability, Insurance
Your questions answered
Some of the practical points organisations often ask us about.
-
Most of our engagements fall between £20,000 and £80,000, depending on scope, duration and the number of services involved. A Vulnerability Review sits at the lower end, while a full Inclusive Design sprint with Vulnerability Strategy sits at the higher end. We scope every engagement individually, so the investment reflects what you need. Let’s talk about where you are, and we can give you a clear picture of what’s involved.
-
From one month for a focused Vulnerability Review to six months or longer for engagements that include an Inclusive Design sprint and Operational Embedding. Most engagements run for two to four months. The timeline depends on the scope of the work, the number of customer journeys involved, and how quickly your teams can engage with the process.
-
No. A Vulnerability Review is designed to meet you where you are, whether you have an established vulnerability framework or are starting from scratch. What helps is access to the right people: someone who can open doors to vulnerable customers, frontline colleagues, and the data across your systems. We will guide you on what we need.
-
Yes. Every service is designed to deliver standalone value. Many clients start with a Vulnerability Review to understand where they are, then decide what comes next based on what the review surfaces. The pathway is the ambition, not a requirement.
-
Training builds awareness. Our work builds capability and changes outcomes. An Inclusive Design sprint works directly with your vulnerable customers, the colleagues who serve them and others who enable the journey, such as product designers or digital teams, to redesign how your services actually work. The result is not a training module but embedded changes to journeys, processes and ways of working that deliver measurably better outcomes for vulnerable customers.