The Pension Regulator’s new Single Code of Practice is imminent, consolidating 10 of the existing Codes into one web-based Code. It also addresses the governance requirements arising from the UK’s implementation of IORP II which expects trustees to have an “effective system of governance” (“ESOG”), and for schemes with 100 members or more to complete an “own risk assessment” (“ORA”) to assess the ESOG.
The new Code will introduce new pension scheme governance responsibilities. Trustees/governing bodies will need to identify the required changes to their current processes, check current policies and procedures are fit for purpose, and implement changes where necessary.
We expect all scheme Trustees will need to take some action to be compliant with the new Code. The actions required will depend on what governance standards, policies and procedures are currently in place for the pension scheme and how they have been documented to date.
We suggest a three stage process to being compliant with the ESOG and ORA elements of the requirements:
Being compliant isn’t about “one and done”. TPR’s expectations are that the ESOG and ORA will form part of a continuous feedback loop, with governance evolving over time to improve standards and meet and tackle new challenges and emerging risks.
We'll be running a webinar as soon as the new Single Code of Practice is released to explain the requirements and what you can do to ensure you are compliant in a proportionate way.
Whilst the Code is still draft, Trustees can start taking steps on their journey to ensure they are compliant. These steps include:
When the final Code is published, trustees will have to complete the “substantial process” of an Own Risk Assessment which is an assessment of the ESOG and how any potential risks are being mitigated. Trustees should be speaking to their advisers about how they will meet the requirements of the ORA, taking a proportionate approach for their scheme. The ORA is expected to be an annual process. It is expected that the ORA will need to be carried out within 12 months from the date the new Code comes into force and annually thereafter.
Whilst the new Code puts a spotlight on good governance and sets out new requirements, don’t forget the activities and projects that can contribute to best practice and effective governance.
Mercer’s pension scheme governance and scheme management team can help with whatever you need to achieve your aims, including, but not limited to:
Trustee effectiveness reviews and Trustee Knowledge & Understanding (TKU) support
Trustee board and committee advice
Independent/professional trustee role profiles and selection exercises
Review and appointment of scheme advisers e.g., lawyers, auditors etc.
Establishment and review of policies and processes, risk register reviews and support with own risk assessments (ORA)
Scheme secretariat services
Diversity and inclusion considerations
How do we approach the requirements in a proportionate way?
It is important that the new requirements are dealt with proportionately, recognising that trustees have other competing requirements for their time and cost budget. For the smallest schemes we recommend a prioritisation approach, with the biggest risk areas tackled first.
How does the ORA interact with our existing risk register and an integrated risk management (IRM) approach?
The risk register should identify risks and categorise them according to probability and severity. Integrated Risk Management processes should tackle the interdependencies of those risks and mitigations. The ORA is the next step in this, which assesses how effective the procedural operation and policies are in tackling those risks.
What is the difference between a “must” and a “should”?
In the new code, TPR refers to legal duties using the word ‘must’. TPR’s expectations are referred to using ‘should’. TPR uses ‘need’ where there is no expectation or legal requirement in place, but that process is necessary to allow a scheme to operate. In some modules, TPR highlights expectations as a matter of best practice for certain schemes.
Are schemes compliant if they only adhere to what they “must” do rather than what they “should” do?
Compliance with the Code of Practice, whilst not mandatory, is a very strong and enforceable expectation of TPR, backed up by the legislation. Compliance is likely to be deemed necessary in order to discharge trustees’ statutory duties to have an effective system of governance. However, the legislation acknowledges that systems of governance should not be homogenous across pension schemes, stating that they must be “proportionate to the size, nature, scale and complexity of the activities of the pension scheme”. Therefore it is likely that for larger more sophisticated schemes, TPR would expect them to meet most of the ‘should’ expectations in the Code unless they can demonstrate they are meeting the expectations in an alternative way. For smaller schemes, some of the ‘should’ expectations may be disproportionate, although many are not new and so where they have been in place for some time in the existing codes, then TPR is likely to expect that most schemes will already be meeting those aspects.
Please complete the form below to get in touch with a consultant