The Pensions Regulator (TPR) has published a consultation on a new code of practice, which will combine 10 of the existing codes into 51 shorter topic-focused modules. Once the combined code is in force, the existing codes will be revoked.
The remaining five codes of practice will be revised where necessary and included in the combined code at a later date (these relate to notifiable events, modification of subsisting rights, funding defined benefits, the material detriment test and the authorisation and supervision of master trusts).
Who will the Code apply to?
The combined code will apply to "governing bodies" (that is, trustees and managers) of all occupational defined benefit and defined contribution schemes, personal and public sector pension schemes, although some of the obligations do not apply to all types of scheme.
Why is it being introduced?
TPR has stated that its existing codes of practice do not "meet the current needs of schemes", due to being out of date and there being duplication of content. Following feedback from the pensions industry, the combined code is designed to be easier to "access, understand and act upon" and aims to set out TPR's expectations more clearly. It will also be easier for TPR to maintain and update as the pensions landscape changes, which it proposes to do on a regular periodic basis subject to prior consultation.
The combined code includes additional material in some areas, for example, financial transactions and investments (stewardship and climate change). For trustees of occupational pension schemes, it is also the code of practice required by the Occupational Pension Schemes (Governance) (Amendment) Regulations 2018 (the governance regulations).
Effective system of governance
The governance regulations came into force in January 2019. They amended section 249A of the Pensions Act 2004 to take account of aspects of IORP II (the EU directive on the activities and supervision of institutions for occupational retirement provision), by replacing the requirement for pension scheme trustees to establish and operate "internal controls" with a requirement for them to establish and operate an "effective system of governance including internal controls" that is "proportionate to the size, nature, scale and complexity of the activities of" the scheme.
The regulations set a series of standards for trustees to meet. Schemes with less than 100 members will need to meet the seven requirements in regulation 3(2). These relate to sound and prudent management, an adequate and transparent organisational structure, effective internal controls and communications, consideration of environmental, social and governance factors, contingency and continuity planning and regular internal reviews.
Schemes with 100 or members must meet these standards plus the seven further requirements in regulation 3(3) to 3(7). These relate to key functions (risk management, actuarial and self-evaluation), outsourcing, having written policies on these topics plus a remuneration policy and the process for approving and reviewing these policies. In addition, trustees must regularly carry out and document an own-risk assessment (ORA) of their system of governance (Regulation 3(8)).
The combined code includes a scheme governance module to confirm what trustees need to do to achieve "a minimum effective system of governance", several modules on internal controls and a module confirming the detail for ORAs. The governance regulations set the tone for the approach by requiring trustees to set out how their effective system of governance achieves the standards – this is about actively pursuing and monitoring suitable measures in a way which can be evidenced.
TPR states that it has broadly the same expectations for each type of scheme, "but that the standard required to meet those expectations frequently differs according to scheme type and size. Where an expectation is different or applies differently in law for a specific type of scheme, this is made clear in this code." For example, the modules on remuneration and on the selection and appointment of advisers expressly state that they only apply to occupational pension schemes with 100 or more members.
This structure means that schemes with fewer than 100 members are required to filter the requirements applicable to them as they are not all in one place. This is no doubt by design, with TPR stating: "Where an expectation does not apply to a scheme because the law doesn’t apply, the governing body may wish to consider whether the principles should be adopted as best practice."
Reasonable and proportionate
The combined code reflects section 249A of the Pensions Act 2004 by confirming that "governing bodies need to use their judgement as to what is a reasonable and proportionate method of ensuring compliance for their scheme" and that "the systems and controls put in place by a scheme should be proportionate to its size, nature, scale and complexity. This proportionality is a feature of legislation for some schemes."
When reviewing their governance processes by reference to the combined code therefore, trustees will need to take a view on whether they are sufficient or should go that extra mile given the particular circumstances and characteristics of the scheme. The larger and more complex the scheme, the higher the bar will be.
Proportionality in this context should be considered in the same way as for other areas of law derived from EU law; this means assessing whether the measure is suitable to achieve a legitimate aim, necessary to achieve that aim (in that there is no less onerous way of doing it) and reasonable, considering the interests of the stakeholders.
It is not clear when the combined code will be adopted. However, the consultation document confirms that schemes with 100 or more members must complete and document their first ORA within 12 months from the date the combined code comes into force. Trustees must then complete an ORA each year, or whenever there is a material change in the risks facing the scheme or its governance processes.
The consultation document makes it clear that the ORA "should not be perceived as an item of tick-box compliance, or an unnecessary burden. … The ORA is a tool to focus governing bodies on their policies, processes and procedures in a way they may not have done before".
Actions for trustees
We recommend the following actions for trustees:
- Analyse the size, nature, scale and complexity of your scheme to identify which requirements of the combined code apply and particular areas for focus.
- Ask for training on the combined code and the requirements it will introduce for the scheme.
- Audit the scheme's existing governance policies, procedures and risk register – what do you have, when were they last reviewed and are they fit for purpose?
- Undertake an effectiveness and gap analysis of existing policies and procedures - what needs to be reviewed, updated or included?
- Update the scheme's governance policies, procedures and risk register in line with the combined code by reference to the scheme's particular characteristics and circumstances.
- Consider developing a governance manual which sets out the trustees' response to the combined code and includes the trustees' arrangements, procedures and systems for managing the scheme, including delegation of their responsibilities, terms of reference, trustee training, monitoring and review processes, investment matters, plus links to policies relating to e.g. conflicts of interest, dispute resolution, continuity plans etc.
- Discuss with advisers when the first ORA might be due (if applicable) and start to plan for this.
Our team of pensions specialists would be pleased to discuss the combined code with you and provide trustee training on its requirements.