Financial services is the sector where TPS exposure compounds the fastest. The buyer in front of you is sensitive about FCA conduct rules and at the same time governed by PECR for every outbound call. Most heads of compliance I speak to know the FCA rulebook inside out and know almost nothing about how the ICO actually enforces regulation 21. The two regimes overlap in awkward places, and the gap between them is where wealth firms, IFAs and consumer-finance teams get caught.
The compliance double bind: FCA and PECR
FCA conduct rules tell you what you can say on a phone call, whether the activity is regulated, what disclosures are required and how the call has to be recorded and retained. PECR tells you whether you were allowed to make the call at all. The two regimes are independent. An FCA-compliant call to a TPS-registered number is still a PECR breach. An ICO-clean dial to a number you should never have engaged on a regulated topic is still an FCA finding. Treat them as two separate checks, run in series, before any outbound activity reaches a dialler.
The deeper problem is that FCA visits and ICO investigations ask for different evidence. The FCA wants the call recording, the suitability report and the file note. The ICO wants the screening regime, the timestamps and the consent record. A firm built only for FCA evidence will fail an ICO request, and the gap usually only surfaces when the second regulator turns up.
Why TPS and CTPS matter specifically for IFAs and wealth firms
Wealth and advice firms rely on direct dials. Centre-of-influence introductions, professional-connection follow-ups and inherited client books all produce numbers that look corporate but very often sit on the TPS, particularly where the prospect is a senior executive paying for their own mobile, a retired partner, or a sole-trader contractor. The default assumption that a "business" number is a CTPS candidate is wrong roughly as often as it is right. Single-register screening misses the half that hurts.
Consumer-finance teams face a sharper version of the same problem: every prospect is an individual subscriber, and almost every concentrated outbound list will have a meaningful TPS overlap by the time it reaches the dialler. See TPS vs CTPS for the register split, and the TPS compliance guide for the workflow end to end.
The cold-calling pensions risk
The ban on cold-calling about pensions is the worked example every COO should keep in mind. It is enforced under PECR, sits on top of the existing TPS regime, and the public reputational cost of a finding in this area is heavier than the fine itself. A single complaint to the ICO about a pension cold call typically triggers a request for the firm's screening regime across all outbound activity, not just pensions. Firms that cannot produce timestamped TPS status against every dialled number end up rebuilding their compliance posture in public.
The same logic applies to claims, debt, mortgage refinance and any product the FCA treats as high-harm. The PECR layer does not recognise product categories; it recognises whether the subscriber is on the register at the moment of the call. See the public enforcement record in ICO PECR fines and enforcement cases.
Direct dials to high-net-worth prospects
High-net-worth prospects are over-represented on the TPS. The register is roughly 20 million numbers strong, and the people who most want to be on it are the people who get the most marketing attention: senior professionals, retired executives, business owners. A wealth firm running tens of HNW dials a week is almost certainly hitting registered numbers without screening. The cost is not only PECR exposure; it is the conversion drag of irritated first impressions on the exact prospect profile that takes twelve months to mature.
What the FCA visit and the ICO investigation each ask for
These are different conversations and most firms only prepare for the first.
| FCA supervisory visit | ICO PECR investigation |
|---|---|
| Call recordings retained for the regulated period. | Per-number TPS and CTPS status at the moment of the call. |
| Suitability reports and advice file notes. | Screening cadence and the system that enforces it. |
| Conflicts log and inducements register. | Consent records: who, when, channel, specific purpose. |
| Training records for client-facing staff. | Six-year audit trail of screen results against each contact. |
How TPSClear fits a regulated firm
TPSClear screens every UK number against TPS and CTPS in real time, writes a per-property status against each phone field on the contact record, and retains the full screening history for six years. The CRM becomes the source of truth: the dialler, the cadence tool and the call-recording platform all read from the same status, refreshed continuously rather than overnight. When the ICO asks for the regime, the answer is the CRM property and its history, not a CSV pulled from a vendor portal.
The native CRM integrations handle that wiring without a project; for firms with bespoke advice systems or custodian platforms, the developer documentation covers the API pattern. The legal background to the consent question sits in calling a TPS number with consent, which is the exception every wealth firm needs to get right before relying on it.