On 10 January 2024, The Pensions Regulator (‘TPR’) introduced a new single code of practice ('code') for consideration by Parliament, with an anticipated implementation date of 27 March 2024. It will consolidate the 10 existing codes into one and also include the requirements of the Occupational Pension Schemes (Governance) (Amendment) Regulations 2018. The code has been long in the making, following an extensive consultation period.
TPR envisaged a single code of straightforward, clear and consistent expectations, predominantly focusing on scheme governance and administration. The code will apply to all occupational schemes (both defined benefit and defined contribution), personal pension schemes and public sector schemes (with some sections differing in application).
Whilst the code will not be legally binding or a statement of law, in reality the courts and TPR will view compliance as mandatory, as they will take into account compliance with the code when considering if a relevant statutory requirement has been breached. Moreover, a lack of compliance will increase scrutiny from TPR. As such, it is important that trustees and scheme administrators (‘governing bodies’) review the upcoming changes and familiarise themselves with the new code, making any necessary changes to remain compliant.
Whilst the code is largely a collation of existing codes, there will be new requirements introduced that governing bodies should review and implement. Scheme governing bodies will need to have in place both an effective system of governance (‘ESOG’) and undertake an own risk assessment (‘ORA’).
Effective system of governance
For the first time since the introduction of section 249A of the Pensions Act 2004, TPR has confirmed what ‘an effective system of governance, including internal controls’ (an ESOG) should look like. This requirement brings together many of the key aspects of running and managing a scheme, most importantly in terms of risk management. These considerations will also be dependent on the size, complexity, nature and scale of each individual scheme.
The code helpfully provides detail on how governing bodies will be expected to meet this obligation. An ESOG must:
- provide the governing body with assurances that its scheme is operating correctly and in accordance with the law and regulations;
- include any delegated activities for which the governing body remains accountable; and
- provide the governing body with oversight of the day-to-day operations of the scheme.
The ESOG should take into account the organisational structure of the scheme, the management of its activities (particularly scheme investments) and communication/disclosures. The code notes the process should be conducted at least every three years (or sooner, if there is a significant change to the scheme or key risks have been identified) to ensure scheme compliance.
This requirement should already be followed to a certain extent by schemes: in particular, it is highly likely schemes will already have in place policies such as conflict of interest and dispute resolution. To assist, TPR has provided a recommendation for schemes that, in determining where they are falling short of the requirement, they should conduct a ‘gap analysis’ exercise. This involves identifying and documenting the policies that are already in place and comparing them against the code requirements, in order to identify any areas in which they are falling short. It will be a beneficial exercise for governing bodies to and assist in ensuring that schemes are being managed with a lower level of risk and are functioning effectively.
Own Risk Assessment
Under the new code, any pension scheme that has 100 or more members will require to prepare and produce an ‘own risk assessment’ (ORA) within twelve months of the introduction of the code. Governing bodies will need to conduct a review of the current policies and procedures employed within the scheme and of how they assist in the scheme’s ESOG. After doing so, governing bodies will need to describe, in their ORA, how the policies in place satisfy the ESOG requirements and how they approach the management of any risk associated with the procedures. Some key elements for review that TPR has envisaged within the code’s 51 ‘modules’ include:
- the determination of key risks;
- internal controls;
- the management of effective of policies in reducing risk; and
- documenting processes in evaluating and reporting.
Once the ORA has been conducted, it must be presented to the chair of the trustees in writing, signed by the chair on behalf of the governing bodies, and made available to the members of the scheme. A record of the ORA must be kept, both generally and as TPR may require a copy.
During the consultation period, it was acknowledged that the introduction of the ORA requirement had the potential to create additional administrative burdens for schemes. In response, TPR confirmed that it will allow pension schemes to complete their ORA’s on their own timetable, at least every three years.
The introduction of the code highlights the importance of good scheme governance, functionality and risk management. Adhering to the principles of the code will ensure governing bodies carry out their roles as efficiently and effectively as possible, creating better outcomes for their members. Implemented properly, the introduction of the ESOG and ORA will strengthen and improve decision-making processes and enhance good governance.
How can we help?
If you believe you could benefit from expert advice relating to the upcoming changes, or Pension law generally, please do not hesitate to get in touch with our Pensions team.
This article was co-written by Christi Hannah.