JEG or ALAPBAMAN? How Much is Enough for Pensions Single Code Compliance?
From memory, the term “good governance” started to be widely used in the pensions industry at around the same time that the Pensions Act 2004 came into force. At first, it was a bit of a nebulous concept that could have been loosely described as 1. Complying with the requirements and expectations of The (then new) Pensions Regulator (TPR) and 2. A dollop of good practice on top.
Immediately post Pensions Act 2004, clients commonly asked what other clients were doing, as they wanted to benchmark themselves – i.e. they wanted to “do enough governance” without the scheme budget running away. The acronyms “JEG” and “ALAPBAMAN” were used (“Just Enough Governance” and “As Little As Possible But As Much As Necessary”).
As a concept, “good governance” has evolved and is now synonymous with how pension schemes are managed, encompassing all aspects from legal compliance to the behaviours and dynamics of the trustee board. However, the question: “how much governance is enough?” has reared its head again in recent months in connection with the draft single code of practice.
TPR’s consultation on the single code closed on 26 May 2021 and the short interim response on 24 August 2021 confirmed a few points of change (for example, that the proposed limit on unregulated investments would not proceed as drafted), but TPR has not yet commented on some of the other concerns expressed by the industry, such as remuneration policies. We await a full response from TPR before the final code is laid before parliament. In the meantime, one of the key issues facing trustees is how much work they should undertake on the basis of a draft code of practice.
Many trustees have put a compliance programme in place and are cracking on with implementation; for those who are hesitating, here are the options.
Do nothing until the code comes into force. Unless there is good reason to delay (e.g. other critical scheme activity), this has to be a dangerous path. The sheer volume of policies and procedures to work through and the deadline to complete the first Own Risk Assessment (by reference to many of those policies) within 12 months of the code coming into force, will apply real time pressure to late starters. It is unlikely that the final code will be significantly different to the draft code, as much of it stems from legal requirements. Will TPR be sympathetic towards trustees of schemes that come to its attention (for whatever reason) where nothing has been done to prepare for the single code?
JEG/ALAPBAMAN. As a minimum, trustees could undertake a gap analysis of how their existing policies, practices and procedures stack up against the draft code of practice and have plans in place to address those gaps as soon as the code comes into force. We hear many voices suggesting that this is sufficient for now. But is it really enough? If the gap analysis were to reveal that there is very little to do, then trustees may be comfortable that they are well placed. However, with around 50% of the code’s policy and procedure documents being new requirements, most schemes have many gaps to fill. Once the size of the task is recognised, it rarely makes sense to press the pause button here.
Work In Progress. For most schemes, it would be sensible to start making real strides towards compliance. Following the gap analysis stage, trustees could establish a sub-committee to work with key advisers on the policies, practices and procedures that require updating or drafting afresh. A well thought out timetable could ensure compliance within 12 months without disrupting business as usual activity. The timetable could prioritise a mixture of high risk areas and “quick wins” so that momentum is quickly built and tangible progress made.
Is your scheme doing enough? There is a window of opportunity before the code is finalised and comes into force, where early strides towards compliance with the code can be made. The chance of a smooth and orderly compliance programme might be lost when this window closes.