News and Analysis:The Pensions Regulator’s new General Code of Practice

Background

The Occupational Pension Schemes (Governance) (Amendment) Regulations 2018 and the Pension Schemes Act 2021 introduced changes requiring The Pensions Regulator (TPR) to review and set out further measures to improve the existing Codes of Practice. TPR reviewed the standards of governance it expects pension schemes and trustee boards to meet and proposed a new Single Code of Practice. This Code has since been renamed the General Code of Practice.

TPR’s new General Code of Practice is now published

TPR began its consultation on the new Codes of Practice as far back as May 2021. It proposed the introduction of the Code by the end of 2022. However, following long delays, mainly due to the Covid pandemic, the new Code of Practice has only just been laid before Parliament (10 January). And now TPR has finally released the Code which is expected to come into force on 27 March 2024.

A quick reminder of the changes:

New Codes of Practice

The new Code is based largely on the existing Codes of Practice. However, the new Code consolidates 10 of the 15 existing Codes of Practice into 51 new web-based modules. It also introduces new governance responsibilities for trustees of both DB and DC schemes. Some of the Code that already exists for DC schemes will now include DB schemes.

The Codes will cover six key areas:

1. The Governing Body – (Trusteeship) – Structure and activities of Trustee/s Board, value for members, knowledge and understanding.

2. Advisers and managing service providers – remuneration, managing and assessing all advisers and service providers.

3. Risk management and compliance – identifying and assessing risks, internal controls, continuity planning, conflicts of interest, ORA, risk management and systems of governance.

4. Funding and investment – investment governance, decision making, monitoring investments and stewardship, climate change, SIPs, default arrangements costs and charges.

5. Scheme administration – monitoring admin procedures, financial transactions, transfers out, scheme records and data quality and improvement, monitoring contributions, general principals of communications, statutory financial statements, retirement warnings and scam mitigation, Chair’s statement, publishing information, Internal Disputes Resolution Procedure, audit requirements, reporting to TPR and reporting breaches of law.

6. Information Technology (IT) and Cyber Security – maintenance of systems software/hardware, IT devices and cyber security/vulnerability assessment.

What will trustees have to do?

Scheme Governance (ESOG) and Own Risk Assessment (ORA)

Trustees of schemes with more than 100 members will need to have:

  • an effective system of governance (‘ESOG’) in place that is proportionate to the complexity, scale and organisational structure of their scheme, and the nature of risk to which their scheme is exposed.
  • written policies demonstrating an effective system of governance should be reviewed regularly, at least every three years (or sooner if there is significant change to the scheme’s governance or key risks).
  • undertaken and documented their own risk assessment (‘ORA’) to examine how well their system of governance is working and how any potential risks are being mitigated.

The first ORA should be undertaken within 12 months of the last day of the first scheme year that begins after the Code comes into force. For example, if the Code comes into force on 27/3/2024 and the first scheme year after that date begins on 6/4/2024 and the last day of the first scheme year therefore ends on 5/4/2025, the first ORA must be prepared within the 12 month period 5/4/2025 - 6/4/2026, or, if later,

  • for Defined Benefit schemes - within 15 months beginning with the next actuarial valuation due;
  • for Defined Contribution schemes, within seven months of the end of the scheme year in which the next annual governance statement is required for default arrangements.

An ORA should be carried out once every three years (no longer 12 months as originally proposed). It should be reviewed whenever there is a material change in the risks facing the scheme or to its governance processes.

The ORA must be in writing and signed by the Chair of Trustees and made available to TPR on request. The findings of each ORA should be incorporated into the trustees’ decision-making and risk management processes.

The ORA will need to cover:

  • How the trustees have assessed – the effectiveness of each of the policies and procedures covered by their own risk assessment.
  • Policies for the governing body – how risk assessment and mitigation is integrated into management and decision-making processes, and policies relating to the role and knowledge of the governing body.
  • Risk management policies – internal controls policies, management of conflicts, and continuity and succession planning.
  • Administration – the risks associated with financial transactions, scheme records and receiving/monitoring contributions.
  • Payment of benefits – how the governing body assesses operational risks such as record keeping and payment of benefits.
  • IT and cyber security – the assessment should include the risks relating to potential IT issues and cyber attacks.

A quick reminder of what Cartwright can do to assist

Many pension schemes will already have robust governance frameworks in place and meet many of the requirements for an effective system of governance (‘ESOG’). However, changes to schemes’ existing policies and processes are likely to be required. Many schemes will require new policies to be written, and an ‘over-arching’ policy to be produced to encompass all the existing governance policies in place.

To assist trustees in carrying out a gap analysis of the existing policies and procedures they have in place and to determine exactly what new policies or upgraded policies are required, Cartwright can offer a bespoke solution called the Open Governance Solution that has been set up in collaboration with a team of specialist lawyers.

The Open Governance Solution will require information about a scheme’s profile and details; it will then provide a scheme specific gap analysis report summary. As well as advice on what amended or new policies will be required in order to comply with the new General Code of Practice.


If you would like to discuss this matter further, or are interested in the Open Governance Solution and require further information, please get in touch with your usual contact at Cartwright

Meet our team

Sam Roberts, Investment Director

Sam Roberts: Find out what keeps our Investment Director busy and meet some of the other members of the Cartwright team

Robin Pearce, Operations Director

Robin Pearce: Find out more about our Operations Director and other members of the Cartwright team

Martin Mercer, Senior Investment Consultant

Martin Mercer: Find out more about Martin's role at Cartwright and other members of the team

Jo Causer, Actuary

Jo Causer: Jo has been an actuary with Cartwright for more than 25 years, find out more about Jo and other members of the Cartwright team


"Cartwright are a hidden gem in terms of pension scheme providers."


Recent feedback from a former Chair of Trustees

 

Call now on 01252 894883 to speak to a member of our team or use the form below to send an enquiry.

Send a message

To discuss your specific requirements with a member of our team, please start by sending us a brief message or, if your enquiry is more urgent, call our Head Office on 01483 860 201 and we will be put you in contact with the right person.

Please tick to receive news and updates from Cartwright. Your personal details will NOT be shared with any third party organisations. Click here to view our Privacy Policy.


Please confirm you are not a robot and then click below to send your email.

Accreditations and Memberships

Bitcoin Policy Investor in Customers United Nations Paris Agreement Carbon Neutral Commitment UN Principals for Responsible Investing Quality Assurance Scheme and Actuaries Code