Sarah Henderson is associate director at Sackers
As I write, we haven’t yet seen the final version of the general code of practice – the code that had formerly been known as the single code of practice – but we understand it will be published just as soon as the Department for Work and Pensions has signed it off. It will then be laid in parliament for 40 sitting days before coming into force.
The code's been a long time in the making. This has given us, as an industry, a long time to worry about the amount of work that will be needed to demonstrate compliance once it comes into force. However, based on what we know, for well-governed schemes the code should be an evolution - not a revolution - for governance.
This means that the real challenge for each scheme will be whether they can use the new code to drive genuinely good governance that will have a meaningful impact on member outcomes.
How did we get here? A brief recap
You'd be forgiven for forgetting how and why the code came into being. Here's a brief recap:
- March 2014 - the European Commission first published its draft of the Institutions for Occupational Retirement Provision Directive (IORP II). Its goal is to set "common standards ensuring the soundness of occupational pensions and adequately protecting pension scheme members and beneficiaries".
- January 2017 - IORP II came into force, requiring member states to implement its requirements into national law within two years.
- October 2018 - the UK published regulations (the governance regulations) to implement the key governance elements of IORP II.
- January 2019 - the governance regulations came into force, replacing the requirement for occupational pension schemes to have adequate internal controls with a requirement for "an effective system of governance including internal controls". The regulations also require the Pensions Regulator (TPR) to produce a code of practice covering the effective system of governance, and other prescribed matters.
- March 2021 - TPR published a draft single code of practice consolidating and updating 10 of its existing codes into a modular format designed to be more easily accessible, update-able and web-based. The code puts the capital letters into effective system of governance, giving us the so-called "ESOG".
- 2023 (Q1? Q2?) - the new code, which we understand will now be called the "general code of practice", is expected to come into force.
How to use the code to drive good governance
Under the code, schemes will continue to be able to consider their own circumstances and priorities and factor these into their governance. The legal underpin for this is the Pensions Act 2004 requirement that the "system of governance must be proportionate to the size, nature, scale and complexity of the activities of the occupational pension scheme".
But what does proportionality in this context look like in practice? Let's take a few examples:
Written policies and procedures
It is not necessary to have a standalone policy document for each element of the ESOG. The first job is to make a note of which existing documents cover which elements and gather these documents together. As schemes work through their gap analysis, even very well-governed schemes will identify elements of their ESOG that happen in practice but haven't been written down. In some cases, a scheme may consider a light-touch approach will work best for them - for example, documenting a process with some short bullet-point notes in an appropriate document so anyone standing in for the pensions manager would understand what they should do. Of course, this won't work for all schemes on all points, but for a governance framework to work well, key documents need to be accessible and user-friendly.
Internal audit
There's nothing prescriptive in the code on what an internal audit needs to look like. Schemes can set their own approach, which could be anything from an internal review to an assessment alongside or by external auditors (who are not the statutory auditors). Each audit can be used to focus on priorities (perhaps those identified in the scheme's ‘own risk assessment') and to support strategic objectives. There is no indication that every element of a scheme's ESOG should be covered, nor that schemes are required to bring in external (and expensive) resource to carry out this function.
So where does this leave us?
It can be tempting to think it would be easier if the requirements and TPR's expectations in the code were more prescriptive. However, this could lead to box ticking governance. Less prescription allows schemes to put their efforts into areas where it is really needed and would add value. Effective governance facilitates the running of the scheme and isn't done for its own sake. That's the real governance challenge facing schemes - just as it was before the code arrived!
Sarah Henderson is associate director at Sackers
Read more
Learn more about TPR's general code of practice on PP's general code hub
