Under MiFID II, advice must be suitable. A firm has to take reasonable steps to ensure that a personal recommendation fits the client's knowledge and experience, financial situation including the ability to bear losses, and investment objectives including risk tolerance. The principle is simple and entirely sensible. Meeting it consistently, across every client and every recommendation, is where firms struggle.
The difficulty is rarely the first conversation. It is everything after: keeping the assessment current as circumstances change, demonstrating that each recommendation followed from it, and being able to reconstruct, years later, why a particular decision was suitable at the time it was made. Memory fades, spreadsheets are overwritten, and the people involved move on.
From assertion to evidence
A suitability file that depends on recollection and a rebuilt spreadsheet is fragile. One built from reproducible figures and a complete, time-stamped record is not. The difference becomes visible on exactly the day a firm least wants surprises: when a regulator asks to see the basis for a recommendation made three years ago, or when a dissatisfied client, or an heir, questions a decision.
The shift is from asserting suitability to evidencing it. Instead of saying the advice was appropriate, the firm can show the policy it rested on, the scenarios that were modelled, the option the client chose, and the moment they approved it, each step recorded and unaltered. Suitability stops being a claim and becomes a by-product of having done the work properly.
Suitability is not paperwork generated to satisfy a rule. It is the natural residue of a process that was sound to begin with.
What a defensible record contains
A record that genuinely defends a recommendation has a few characteristics. It captures the client's documented policy, so the objectives and constraints behind the advice are explicit. It captures reproducible figures, so the numbers presented can be regenerated rather than merely remembered. It captures the client's decision and its timing. And it cannot be edited after the fact, so its integrity is not a matter of trust but of design.
| A fragile file | A defensible record |
|---|---|
| Relies on memory and notes | Captures the documented policy |
| Figures rebuilt by hand | Figures reproducible from an engine |
| Approvals informal or implied | Decision and timing recorded |
| Editable after the fact | Append-only, tamper-evident |
Why reproducibility is the linchpin
The quiet hero of a defensible suitability process is reproducibility. When the figures behind a recommendation come from a deterministic engine rather than a one-off spreadsheet or a generative model, they can be reproduced exactly, and traced back to the policy that drove them. That property is what lets a firm stand behind a recommendation with evidence rather than assurance, and it is what turns a complete audit trail from a storage cost into a genuine asset.
Suitability is not a one-time event
A point often missed is that suitability is a continuing obligation, not a box ticked at onboarding. A client's circumstances change: a business is sold, a horizon shortens, a risk appetite shifts after a market shock. Advice that was suitable two years ago may not be suitable today, and a firm has to be able to show that it noticed, and responded. This is far easier when the client's policy is a living, versioned document than when it is a form completed once and filed.
The same machinery that makes a single recommendation defensible makes the ongoing obligation manageable. If each review updates the documented policy, regenerates the figures from the same engine, and records the client's renewed agreement, then suitability is maintained as a matter of course rather than reconstructed in a panic before an inspection. The audit trail becomes a continuous record of a relationship that stayed appropriate, not a snapshot defended in isolation.
There is a competitive dimension too. As the next generation inherits and expects more transparency, the firms that can show their reasoning, on demand and in full, will hold relationships that others lose. The record that satisfies a regulator is the same record that reassures a sceptical heir. Built once, properly, it serves both.
None of this is about generating more paperwork. It is about making suitability a consequence of doing the job well, so that the evidence exists without anyone having to assemble it after the fact. The firms that treat the record as part of the advice, rather than an afterthought to it, are the ones that will find the next inspection, or the next difficult question, a great deal less stressful than their peers.
For the families on the other side of the relationship, this same discipline is reassuring rather than bureaucratic. A client who can see that every recommendation rests on a documented policy, reproducible figures and a complete record is a client who can trust the advice without having to take it on faith. Good compliance, done this way, is not a tax on the relationship. It is one of the things that earns it.
This article is general information about regulatory practice, not legal or compliance advice. Sources: MiFID II suitability requirements.