
The report provides a useful insight into the FMA's thinking, signalling both where it believes the biggest conduct risks exist and where it intends to focus its supervisory efforts.
Much of the report seemed familiar, but from my perspective, several areas stood out as particularly noteworthy.
In addition to identifying focus areas for each of the six regulated sectors, the FMA highlighted four themes that cut across multiple industries and are considered to pose significant risks to customer and market outcomes:
While none of these themes are surprising, their continued prominence suggests the FMA is taking a long-term, phased approach to driving improvement. Organisations should expect these areas to remain under regulatory scrutiny for some time.
One of the strongest messages emerging from the report is the risk posed by legacy systems and an overreliance on manual controls.
The FMA expressed growing concern that outdated technology platforms, manual workarounds, weak controls and dependency on key individuals continue to be common contributors to poor customer outcomes. In many cases, products and services fail to perform as intended not because of poor product design, but because of weaknesses in underlying systems, processes or controls (and sometimes all three).
Having worked with both large and small financial services providers, I think this is a fair observation. Most organisations regularly review their products and customer offerings, but fewer undertake a deep assessment of the systems, processes and controls that support them. Yet time and again, it is weaknesses in these operational foundations that drive customer harm, errors and remediation activity.
The FCR suggests that the FMA's tolerance for these issues is diminishing. It sends a clear signal that firms are expected to understand both the capabilities and limitations of their systems and to assess the effectiveness of their processes and controls when undertaking reviews. Organisations that fail to do so are likely to face heightened regulatory scrutiny.
I was also interested to see two specific service lines receive particular attention in the report.
Consistent with the FMA's expanded responsibilities for the regulation of consumer credit, vehicle finance has been identified as a key focus area.
The report highlights conduct risks associated with commission-based remuneration arrangements, conflicts of interest, excessive fees and interest rates, and weak affordability and suitability assessments. Importantly, while many vehicle dealers sit outside the FMA's direct regulatory perimeter, the report makes it clear that the regulator will instead be closely assessing the robustness of lender governance, oversight arrangements, contractual agreements, processes and controls.
Travel insurance was also singled out as an area of concern.
According to dispute resolution scheme data, travel insurance remains one of the most complained-about products. The FMA plans to undertake targeted work to better understand customer complaints, claims experiences and product design challenges within the sector.
This aligns with a broader regulatory expectation that firms use complaints data more effectively to identify systemic issues, address root causes and drive meaningful service improvements.
For organisations operating in the motor vehicle lending or travel insurance sectors, the message is clear: now is the time to proactively assess whether your systems, processes and controls support the fair treatment of customers, rather than waiting for the regulator to knock on the door.
There is much more to unpack in this year's FCR. If you've read it and have a different perspective – or simply want to compare notes – I'd be interested to hear your views, so please reach out.

The report provides a useful insight into the FMA's thinking, signalling both where it believes the biggest conduct risks exist and where it intends to focus its supervisory efforts.
Much of the report seemed familiar, but from my perspective, several areas stood out as particularly noteworthy.
In addition to identifying focus areas for each of the six regulated sectors, the FMA highlighted four themes that cut across multiple industries and are considered to pose significant risks to customer and market outcomes:
While none of these themes are surprising, their continued prominence suggests the FMA is taking a long-term, phased approach to driving improvement. Organisations should expect these areas to remain under regulatory scrutiny for some time.
One of the strongest messages emerging from the report is the risk posed by legacy systems and an overreliance on manual controls.
The FMA expressed growing concern that outdated technology platforms, manual workarounds, weak controls and dependency on key individuals continue to be common contributors to poor customer outcomes. In many cases, products and services fail to perform as intended not because of poor product design, but because of weaknesses in underlying systems, processes or controls (and sometimes all three).
Having worked with both large and small financial services providers, I think this is a fair observation. Most organisations regularly review their products and customer offerings, but fewer undertake a deep assessment of the systems, processes and controls that support them. Yet time and again, it is weaknesses in these operational foundations that drive customer harm, errors and remediation activity.
The FCR suggests that the FMA's tolerance for these issues is diminishing. It sends a clear signal that firms are expected to understand both the capabilities and limitations of their systems and to assess the effectiveness of their processes and controls when undertaking reviews. Organisations that fail to do so are likely to face heightened regulatory scrutiny.
I was also interested to see two specific service lines receive particular attention in the report.
Consistent with the FMA's expanded responsibilities for the regulation of consumer credit, vehicle finance has been identified as a key focus area.
The report highlights conduct risks associated with commission-based remuneration arrangements, conflicts of interest, excessive fees and interest rates, and weak affordability and suitability assessments. Importantly, while many vehicle dealers sit outside the FMA's direct regulatory perimeter, the report makes it clear that the regulator will instead be closely assessing the robustness of lender governance, oversight arrangements, contractual agreements, processes and controls.
Travel insurance was also singled out as an area of concern.
According to dispute resolution scheme data, travel insurance remains one of the most complained-about products. The FMA plans to undertake targeted work to better understand customer complaints, claims experiences and product design challenges within the sector.
This aligns with a broader regulatory expectation that firms use complaints data more effectively to identify systemic issues, address root causes and drive meaningful service improvements.
For organisations operating in the motor vehicle lending or travel insurance sectors, the message is clear: now is the time to proactively assess whether your systems, processes and controls support the fair treatment of customers, rather than waiting for the regulator to knock on the door.
There is much more to unpack in this year's FCR. If you've read it and have a different perspective – or simply want to compare notes – I'd be interested to hear your views, so please reach out.