In January 2024, the Pensions Regulator (the Regulator) at long last published its General (formerly 'Single') Code of Practice (the Code) and consultation response. This fulfils the Regulator's obligation under regulations published back in 2018, to issue a Code of Practice to help pension scheme trustees establish and operate an effective system of governance (the ESOG). 

The Code, expected to come into force on 27 March 2024, combines and updates ten existing Codes of Practice to form the Regulator's 'single set of clear, consistent expectations' on Trustees in relation to five broad areas: Scheme governance; reporting to the Regulator; communications and disclosure; administration; funding and investment.

Trustees, take note:

  • The Code will apply to all occupational schemes (both DB and DC), all personal pension schemes and public sector schemes (with some sections differing in application)
  • A scheme's "governing body" (a new term introduced by the Code to capture all parties that run pension schemes) must familiarise themselves with the Code ahead of its implementation date and identify actions to be taken
  • The obligation rests with the governing body, even where some functions are delegated or outsourced
  • You still need to keep abreast of the areas not within the scope of the Code, and which have their own Codes of Practice, such as notifiable events and funding defined benefits.

The ESOG – a reminder

The legislative requirement for an ESOG has been around since January 2019, so most schemes will have one in place already. An ESOG consists of the policies and processes that the Trustees have in place in order to ensure the scheme is governed in an effective and efficient manner. The Regulator has emphasised how the ESOG must be proportionate to the size, scale and complexity of the scheme and to the nature of the risks that the scheme is exposed to. The Code does not prescribe what is needed in every case; this will vary for different schemes in terms of what is appropriate.

The new requirement under the Code is for governing bodies to carry out an assessment of their ESOG, known as the own risk assessment (ORA). The ORA is an internal assessment of the risks the scheme faces, how well the scheme's governance systems are working and how risks are managed. For schemes with 100 or more members, the first ORA should be completed and documented:

  1. Within 12 months of the end of the first scheme year beginning after the Code has been issued, or
  2. if later, the date the trustees are next required to produce an annual chair's statement, or within 15 months beginning with the date on which the trustees are required to obtain their next Scheme Specific Funding actuarial valuation.

Subsequent assessments should be completed at least once every three years.

The Regulator makes clear that Trustees should focus on maintaining an ESOG as the ORA cannot be conducted effectively without it. 

What should you be doing now?

Every Trustee should become familiar with the Code before it comes into force.

The Regulator says that the Code (which is web-based and split into easy-to-navigate modules in a 'more modern, flexible and user-friendly design') will make it easier for users to distinguish between legal duties and the Regulator's compliance expectations. This is an important distinction as a breach of a legal duty can have significant consequences, including fines and a prison sentence. In contrast, a breach of one of the Regulator's compliance expectations generally carries no specific penalty.

However, the Regulator has re-iterated that it may rely on its Codes in legal proceedings as evidence in support of a claim of non-compliance with a legal requirement. 

The Regulator's view is that, at the very least, schemes should be aware of where they fall short of expectations and have clear and realistic plans in place to address those shortcomings.

How can we help?

All schemes need to check whether their ESOG includes processes and procedures across all of the modules in the Code, review the existing policies for compliance and set a plan to address any gaps identified. 

We can assist with that gap analysis and a project plan to break the requirements down into a manageable process, prioritising key areas and ensuring that actions are proportionate to your scheme and the risks.

We can also assist with:

  • Any updates to your existing policies
  • Drafting policies for new areas included in the Code, such as remuneration, cyber security and outsourcing, as well as non-essential but advisable policies on matters such as succession planning
  • Ensuring that the scheme has made statements and policies available to members as set out in the Code, including online as required
  • Carry out a knowledge and understanding audit, and deliver training to ensure that all trustees have the requisite understanding and knowledge, as set out in the Code
  • Preparing the ORA (for relevant sized schemes). Whilst the deadlines for the first ORAs are more than two years away, it will involve a lot of work and is something that should be scoped out now so that it can be tackled in an orderly and efficient manner over time.

Get in touch with your regular Pensions team contact to get started with the process for your scheme.

This article was also authored by Sophia Eaton, Paralegal at Womble Bond Dickinson.

This article is for general information only and reflects the position at the date of publication. It does not constitute legal advice.