ADVERTISEMENT

PRAG updates guidance on cybercrime protection as 43 pension organisations report breaches to ICO over past two years

Jonathan Stapleton
Jonathan Stapleton
clock 08 October 2020 • 2 min read
Gee: Schemes need all round protection to reduce the impact of any cyber attack
Image:

Gee: Schemes need all round protection to reduce the impact of any cyber attack

The Pensions Research Accountants Group (PRAG) has published updated guidance to help trustees protect their schemes from cybercrime.

The guidance has been put together by PRAG's Cybercrime and Fraud Working Party and updates previous guidance published in 2018, to reflect what it says are considerable developments and increase in cybercrime since then.

PRAG cybercrime and fraud working party chairman Jim Gee said: "Cybercrime is one of the problems of our age, with pensions organisations reporting 43 cybercrime breaches to the Information Commissioners Office (ICO) since July 2018.

"Its prevalence had been growing significantly in the years before Covid-19 - together with fraud it represented 42% of all crime in 2019. However, it has surged since the lockdown as organised criminals have redirected resources from drug manufacture and distribution. This is the case in the pensions sector as much as any other."

Gee said the guidance describes the rapidly evolving nature of cybercrime and legal/regulatory expectations, and then focuses on the three main action areas which are key to schemes being properly protected. These are:

  • understanding the nature of the scheme's vulnerability to cybercrime
  • ensuring the scheme is resilient to cybercrime
  • ensuring that, if attacked, the scheme remains able to fulfil key functions.

The guidance also recommends that schemes should consider obtaining independent verification that these actions are being followed - just like an independent audit of financial accounts.

Gee added: "Every trustee should read and act on this advice. Pension schemes need holistic, all round protection to reduce the impact that an attack would have (and to be assured that their suppliers also have the required protection). The key is to be as secure as possible but to plan for a cybercrime attack happening and to be ready to manage and mitigate any damage."

Shona Harvie, chair of the PRAG executive, added: "This updated guidance will help trustees respond to the increasing and developing threat of cybercrime within the pensions industry. I would like to thank Jim Gee and the other members of the working group for pulling this important guidance together so quickly."

Harvie said the PRAG guidance is aimed at trustees and can be used in conjunction with the soon to be published Pensions Administration Standards Association (PASA) guidance for pensions administrators.

The guidance is available to PRAG members on its website: www.prag.org.uk

Related Topics

ADVERTISEMENT
Jonathan Stapleton
Author spotlight

Jonathan Stapleton

View profile
More from Jonathan Stapleton

AMNT updates Red Line voting guidance for trustees

Professional Pensions publisher embarks on unique charity royal tour

ADVERTISEMENT

More on Defined Benefit

XPS Pensions Group's Mark Barlow.
Defined Benefit

DB transfers hit five-year low amid scam concerns

Transfer take-up plummets as contingent charging ban has impact alongside scam-riddled backdrop

Hope William-Smith
Hope William-Smith
clock 14 June 2021 • 3 min read
Sponsor survival over the long-term could be better for schemes
Law and Regulation

Exclusive: 35% believe PPF must aim for sponsor survival

Lifeboat fund should first ensure equitable treatment of pension scheme.

James Phillips
James Phillips
clock 11 June 2021 • 3 min read
Frank Oldham is a professional trustee at ITS and a director of the Clara Pension Trust
Defined Benefit

Clara appoints Kempen as its fiduciary manager

Move come as consolidator prepares to conduct first transactions

Jonathan Stapleton
Jonathan Stapleton
clock 09 June 2021 • 2 min read
ADVERTISEMENT
Most read
01

'Perfect storm' brewing for public service pensions

11 June 2021 • 4 min read
02

TPR data reveals 60% rise in number of schemes using professional trustees

09 June 2021 • 2 min read
03

Industry Voice: Pandemic-led stewardship — the focus on executive pay

08 June 2021 • 1 min read
04

Half of trustee boards do not review themselves

08 June 2021 • 2 min read
05

Clara appoints Kempen as its fiduciary manager

09 June 2021 • 2 min read
06

UK becomes 'first major economy' to require TCFD reporting by pension schemes

08 June 2021 • 2 min read
15 Jun
United Kingdom
Website

Webinar: Pension Risk Transfer Solution: Tranches versus Big Bang

Register now
ADVERTISEMENT
Trustpilot