Set your privacy preferences

We use necessary cookies to make our website work. Cookies are small files stored on your device. We also use optional cookies to improve our services and tell us if you have seen our advertising. The data we collect is anonymised. Are you happy to accept these cookies?

View cookies

This website uses cookies. Your browser currently has cookies disabled.

Skip to main content

We’re currently upgrading our website. The search facility will be unavailable during this time.

Administration of a pension scheme

Good administration is the bedrock of a well-run scheme. As governing bodies (trustees and managers) of occupational pension schemes, you have the fundamental duty to administer your schemes in line with the scheme rules and law. This fundamental duty still exists even when the administration function is delegated.

This guidance sets out the practical steps you can take to meet the expectations set out in the administration module of our code of practice and it is applicable to the governing bodies of all pension schemes.

On this page 

Your responsibilities in scheme administration

As the governing body, you must have governance and internal controls in place to ensure that your members’ benefits are being properly administered, so that:

  • your scheme is being administered in accordance with the scheme rules
  • your scheme is being administered in accordance with the trustees’ and scheme managers’ legal obligations
  • your members are receiving good value from the administration service
  • you hold and maintain the records required by the Regulations.

Failure to properly carry out any aspect of scheme administration can seriously affect savers’ outcomes, and lead to additional costs to schemes and savers to put any errors right.

Administration covers a wide variety of activities, all of which are crucial to the successful running of a scheme. The administration function is likely to be the key link that members will have with a scheme, and the way they see the quality of service the scheme provides.

You are legally responsible for your scheme administration, even if in practice you delegate the daily administration functions to your administrator(s). Your administrator(s) may be a third-party provider, a dedicated in-house team with the employer, or the employer’s HR or finance departments. It may be a combination of these. Some governing bodies choose to put in place a sub-committee specifically to oversee the scheme’s administration, particularly for larger or more complex schemes.

As the governing body, you should hold and maintain sufficient knowledge and understanding in administration, and keep up to date with relevant developments and best practice. Also, you should understand the scope of the administrator’s responsibilities and tasks, as well as their suitability to perform them.

You should have a written administration policy (sometimes known as an administration strategy) that enables you to properly plan and maintain your scheme administration. Aligning the administration strategy with the wider scheme strategy will support you in effectively delivering the scheme objectives.

Administration matters must be considered and discussed routinely; not just when problems are identified. You should be inviting appropriate representatives from the administrator to attend relevant governing board meetings for the relevant agenda items, and allocating appropriate time at meetings to discuss administration matters. The representatives should also be able to deal with queries and concerns you have about the standards of administration. Where your scheme administration is part of the services offered in a wholly insured or bundled arrangement, a representative from the provider of the bundled arrangement should cover agenda items relating to administration.

It is critical that your administrator(s) can provide a continuous and consistent service to your members, so you need to ensure that your administrators have sufficient resources and capacity to administer your scheme effectively. If there is any ad-hoc project work required, such as regulatory and legislative changes, a specific data cleansing project or new bulk communications, you should understand whether additional resources and budget are required and allocate them accordingly.

You should monitor the performance of your administration services, have informed discussions around identified issues with your administrator(s), constructively challenge them where the expectations have not been met, and drive performance improvements.

Our expectations on how governing bodies should manage their service providers as part of an effective system of governance can be found here: Managing advisers and service providers. The last section of this guidance sets out further details on different ways to monitor and maintain the quality of the administration service.

Maintenance of administration IT systems

Your scheme should have appropriate IT systems to deliver the administration function. These systems usually handle large volumes of digital data and can support batch processing, as well as supporting data integrity and security. As the governing body, you should understand what IT systems your scheme is using and how data flows between these systems.

Increasingly, IT systems allow members to self-serve and enable member interactions to be more timely, secure, and personalised. Automation of administration tasks and processes can reduce the risk of manual error and deliver economies of scale. The latest developments in technology (eg Application Programming Interfaces, artificial intelligence) may also be considered to improve administration services and record-keeping. However, improper use of technology and inadequate controls can cause systemic errors, leading to significant harm for multiple savers. To fully realise the benefits of technology, you need to have a robust governance and control framework, supported by strategic data management.

As the governing body, you should seek evidence from your administrator, or your system provider, that these IT systems, available hardware, software and personnel resources are adequate to meet your scheme’s current and anticipated operational and legal requirements. Examples of such evidence could be the Audit and Assurance Faculty framework reports, reports about system availability and downtime, reports detailing the number of incidents or defects that result in fixes or patches.

These capabilities directly affect the security, reliability and effectiveness of administration, such as maintaining operational continuity and service quality, reducing risk of errors, delays and data breaches, and confidence that the scheme can handle peak workloads and unexpected events. You should challenge your administrator where expectations are not satisfactorily met and push for improvement where needed. This should include a review of whether the administrator’s existing contractual obligations are fit to meet your needs.

IT systems, including hardware and software, usually require periodic updating or replacement. The functionality of the administration system is critical to the operational effectiveness and resilience of your administrator, so you should ensure there is an appropriate level of governance of the administrator’s technology (such as change control processes), and regularly review the appropriateness of this governance. You should also be aware of, and understand the plans for, any major system changes that could directly impact on your scheme’s operational resilience, such as whether there is a rollback plan if updates fail, how you and other stakeholders are kept informed, and how members would be notified appropriately. This will enable you to quickly react to any potential issues caused by these changes.

IT systems - particularly those storing or interacting with the data underpinning administration services - must deliver a secure, accurate and continuous service. Frequent system backups help protect against data loss and enable scheme and member data to be restored quickly and accurately in such incidents. You should have a good overview of your scheme’s cyber resilience. Read our Cyber security guidance to find more information.

Example

The trustee for an open scheme is getting ready for a regular review with the in-house administrator about the resilience of its IT systems.

Long intervals between backups increase the risk that any data added or changed during that time could be permanently lost in the event of a cyber incident. Operational disruption would be significant, as all the lost data would need to be reconstructed and transactions reprocessed - delaying payments and eroding member trust.

The trustee therefore wants to check that the administrator continues to perform regular backups of all critical systems (eg monthly) and data (eg daily). In addition, they are seeking assurance that these are stored offsite at a separate location, in case a major incident like a flood or fire damages the main office. Storing backups offsite would also help mitigate the risk of a cyber incident targeting core systems and compromising the backup environment at the same time.

As where the backups are stored is not air-gapped (ie remains connected to a network), this could be vulnerable to a cyber incident. The trustee checks with the administrator that this site has necessary safeguards in place such as access controls, perimeter firewalls, encryption and intrusion detection and prevention systems.

You should ensure your business continuity plan and disaster recovery processes are in place and tested regularly. See below Disaster recovery and business continuity planning.

Key administration activities

The following section lists some common administration activities and some specific activities that concentrate on a certain type of scheme. However, it does not cover all the administration activities, and you should work with your administrators to identify the scope of administration that is specific to your scheme and documented in your administration policy.

Member communication

A good experience for members is fundamental to your administration service. A key element of the saver’s experience is that they can receive correct information about their pensions at the right time that is relevant to their life stage, such as annual benefit statements, preserved benefit statements, or retirement options.

Therefore, it is important that your administrator(s) have processes to obtain members’ latest information, communication preferences and feedback on the administration services, which enables your scheme to continuously improve the member experience where appropriate. A good understanding of members’ views and needs enables you to tailor communications and support, so that your members can engage with their benefits more easily, safely and effectively. Please note that you must have a formal procedure and process to investigate and resolve member complaints and disputes quickly and effectively. It is good practice to develop insight about potential systematic issues from the investigation and resolution of member disputes. Governing bodies should hold administrators to account to ensure this reflection process occurs.

Multiple communication routes, such as a member web portal, email newsletters and SMS alerts, can assist you in reaching your members more widely and quickly. While the communication route may be aiming to be digital by default, there must be support and alternatives for members that prefer other communication methods, eg telephone or postal contact; or members that have specific communication needs, eg large print, braille, translated documents.

This is especially important for vulnerable members who may need additional support or receive information in alternative formats. You may also wish to engage with the Financial Conduct Authority (FCA)’s good practice in delivering good outcomes for savers in vulnerable circumstances.

For more information about member communication, please read our Communicate to members guidance and Communicating with Defined Contribution (DC) scheme members guidance.

Administrators regulated by the FCA need to comply with the FCA’s Consumer Duty in relation to communication with DC members. The FCA Duty promotes four good outcomes, with one of these being consumer understanding. While the Duty is primarily applicable to DC schemes, some FCA regulated administrators may choose to apply the Consumer Duty framework to all members, including those in defined benefit (DB) schemes. For more information, please read FG22/5: Final non-Handbook Guidance for firms on the Consumer Duty

Contributions

Schemes should have adequate processes to make sure the payment of contributions, from employers and members, are maintained and monitored, and for dealing with overdue contributions. This is an area where the processes in place with the employer are of particular importance. For DB benefits, there is a need to monitor employer contributions (eg deficit repair contributions, expense contributions) to ensure that appropriate notifications can take place. For DC benefits, you need to ensure you are comfortable with any sampling methods that are being used to monitor accuracy when processing contributions.

Where weaknesses in the process are identified (eg similar errors are routinely identified in the information or monies received from the employer), you should constructively challenge your administrators on this process and support them to improve wherever possible.

For more information about contributions, please read our Contributions for DB schemes guidance, and Maintaining contributions for DC schemes guidance.

If you believe that the administrator or the employer’s processes are inadequate, or the employer is not carrying out its duties in respect of the scheme to the extent that, even after engaging with them, they prevent you from meeting your legal obligations, you should decide whether to report a breach of law to us.

You should also ensure that there is a suitable data sharing process between your employers and administrators, to ensure correct benefit calculations and to minimise delays in contributions. For more information on working with employers, please refer to our scheme member data quality guidance.

Member transfers

There is a balance to be struck in relation to the processing of transfers, between prompt processing and adequate due diligence, to guard against the risk of transferring members’ funds to a scam arrangement.

In order to minimise the time spent gathering and exchanging information with the receiving or transferring scheme, the use of a platform that facilitates standardised information and the electronic processing of transfers should be explored. When the risk of a receiving scheme being a scam arrangement has been assessed and you’re satisfied that a transfer would be safe, funds should be disinvested and the transfer completed promptly.

Unnecessary delays in the time taken to process a request to transfer can have a significant impact on a member’s funds at retirement, which is amplified the closer they are to an age where they may wish to access their benefits or transfer to an arrangement offering their preferred decumulation option.

Examples of unnecessary delays

  • When all the information necessary for the transfer to proceed has been received, the administrator dealing with the request is on annual leave, so the transfer is not processed until three days later when the administrator returns. This is not considered to be an appropriate delay.
  • The scheme’s procedures are that transfers to be paid electronically must be authorised by a particular trustee. The administrator disinvests the member’s funds and draws up a request for authorisation. This particular trustee takes several days to authorise the request, so a week has passed before the payment is sent to the receiving scheme. This is not considered to be an appropriate delay.

For more information about member transfers, please read our guidance on dealing with transfer requests, and DB to DC transfers and conversions.

Payment methods

It is essential that the benefit payments to members and their beneficiaries, such as on retirement and death, are processed accurately and promptly, and that there are no undue delays. You should test the payment process with your administrators and ensure you are comfortable with the authorisation limits.

Digital payments are becoming the usual method. While cheques are still used in some exceptional circumstances, this is unlikely to be the most efficient method. As part of the requirement to process core financial transactions promptly, you will need to review the payment method used by your scheme, and if cheques are used as a payment method, consider whether it is necessary.

In all cases, payments out of the scheme should be clearly documented and authorised by a person of appropriate seniority promptly without unnecessary delays.

Investment of contributions – Defined Contribution (DC) focus

Each DC scheme must have agreed procedures and protocols to invest the contributions quickly and accurately. Our code of practice module on financial transactions sets out the timescales in which contributions and sums transferred to the scheme should be invested.

On occasions when it is not possible for these timescales to be met, you should work with your administrator to liaise with the relevant parties (such as the employer or investment manager) to understand the circumstances, and whether your scheme’s processes could be reviewed in order to limit the chance of recurrence.

Though the expected timescale for investment does not include time taken to reconcile the contributions received, the reconciliation process should not unduly delay investment.

Processing incentive queries - defined benefit (DB) focus

For schemes with DB benefits, employers may seek to reduce risk, or cost associated with such schemes by offering members the option to transfer out of a scheme or modify their benefits. It is important that your administrators carry out their core administrative responsibilities effectively. This includes processing data requests from the independent financial advisers, and acting on behalf of members in a timely and accurate manner to ensure the smooth running of these exercises and helping to support members in making informed decisions. Administrators should also inform trustees if there are increased data requests from third-party advisers as this may indicate potential incentive exercises.

For more information, please read our Incentive exercises guidance.

Key administration considerations

Keeping records

As the governing body, you are required to maintain complete and accurate records. Poor record-keeping can have a huge impact on members and can be very expensive for your scheme if things go wrong.

You should keep records relating to:

  • your governing body meetings and decisions
  • scheme documents including trust deed and rules, discretionary practices and any deeds of amendment or rule changes
  • member data
  • financial transactions

You’ll need to keep records for as long as they remain relevant and are needed for the scheme to operate, and for at least six years. Many of these records need to be kept much longer than this minimum requirement. You need to understand how long data needs to be retained, and make sure there are provisions to do so. You should also ensure that those provisions are documented. For more information around data management, please read below Data management section.

Your internal controls for measuring and mitigating risks to the scheme should include a risk register. You should record both known and potential risks. You should measure these and use them as indicators to make risk-based decisions.

For public service pension schemes (PSPS), there are certain records that schemes are legally required to keep:

  • Member and beneficiary information.
  • Additional payments (other than members and beneficiaries) records:
    • Payments made to any employer participating in the scheme.
    • Any amount due to the scheme that is written off in the scheme’s accounts.
    • Any other payment to the scheme including name and address of payee and where a payment relates to a member the name of the member.
  • Pension Board meeting:
    • Date, time and place of the meeting.
    • Names of all pension board members invited to the meeting.
    • Name of any person who attended the meeting and in what capacity.
    • Any decisions made at the meeting.
  • Decision made by a committee or sub-committee of the pension board not ratified by the pension board:
    • Date, time and place of the decision.
    • Names of pension board members who participated in making the decision.

Data management

Pension schemes hold significant amounts of valuable data, and large volumes are often transferred to and from the employer, advisers and other service providers. It’s vital that members’ benefits and personal data aren’t put at risk because of poor controls around scheme data.

Member data is a strategic data asset, and is vital for achieving your long-term goals. As a governing body, you should think of your member data strategically and holistically, and not just as an operational afterthought. You should take an active role in the oversight of the management of your member data.

It is good practice to formally capture your strategic approach to member data in a data management strategy (sometimes known as a data management plan). The strategy should cover quality and security considerations, clarify who is responsible for data quality and data security, and document your policies and processes for organising, receiving, storing, sharing and improving data.

Data quality

Read our scheme member data quality guidance to find out the steps you should take to maintain and improve the quality of your member data.

Data security

You should put controls in place to make sure member data is secure. This is needed so that you can meet your duties under data protection legislation.

You should work with your administrator to make sure that the right controls are in place. These may include the following:

  • You and your administrator are trained in the principles of data protection provided by Information Commissioner’s Office (ICO), and understand the lawful basis for your scheme to process personal data.
  • There is a process for identifying and reporting any data breaches, including when you, as the governing body, receive reports of breaches from your administrator.
  • There are appropriate security measures in place, such as staff who can access scheme and member records (including the ones who can access records in certain disaster events); a member online portal (if there is one); or use of social media. You can find out more in our cyber security guidance.

It is also a requirement for General Data Protection Regulation (GDPR) purposes to complete a data protection impact assessment (DPIA) and keep a record of it. This is an assessment of the impact of processing operations on the protection of member personal data, in the course of the administration of a scheme. More information about DPIA can be found at What is a DPIA? | ICO. ICO also offers information and updates on GDPR.

You may also wish to engage with the data management plan guidance from the Pensions Administration Standards Association (PASA) which provides practical considerations and examples of content for a data management strategy.

Disaster recovery and business continuity planning

It is important that your scheme has arrangements in place to manage risks that would have a significant impact on scheme administration and member data (see code of practice information about managing risk). This includes having a business continuity plan (BCP) in place, which sets out what actions would be taken if certain events took place that would impact on the running of the administration operation. These events could be:

  • physical damage to the property or premises of the administrator
  • IT system failure resulting from a cyber incident
  • staffing disruption such as industrial action
  • employer insolvency
  • service provider insolvency
  • internet outage for extended periods of time for parts of the country due to service provider failures
  • severe liquidity shortages due to financial market distortion
  • local armed conflicts breaking-down ability to process payments in certain countries

You need to have your own disaster recovery plan, which can be stand-alone or part of your BCP, to ensure that:

  • data will continue to be available and accurate at all times
  • core scheme financial transactions can continue to be processed accurately and promptly at all times. In the situation of disruption, you need to resume these processes as soon as it is safe to do so, and ideally within 24 hours
  • computer hardware and software will be maintained
  • records are secure and retrievable
  • data will be regularly backed up and tested
  • you can identify where the liability lies if processes are interrupted or a breach takes place

Where a scheme is very small and the administration operation is not complex, for example where it is run by a small in-house team within the HR department, the BCP may not need to be very sophisticated and can be part of the scheme employer’s BCP, though this part of the plan must specifically cover scheme data, systems and administration functions.

It is important to consider key person risk as part of staff disruption, especially if you rely on one individual to deliver some key administration services. It is important that administration process manuals are clearly documented and kept up to date, to maintain continuity and consistency of service, even where there is change or disruption in administration personnel. You should also check that there are succession plans in place, so knowledge is not lost, and it is easier for new staff to maintain service standards or resolve complex issues.

Both your BCP and disaster recovery plan should be regularly reviewed (no less than annually) to reflect any changes in key staff, scheme strategy, or the system, and to cover any emerging types of incidents.

You also need to test your plans periodically, through internal exercises and by looking at a range of scenarios appropriate to your schemes, to ensure they are working in practice.

If you have third-party administrators, you should seek assurance from the administrator that they have a BCP in place and work collaboratively with them to ensure that:

  • their plan covers the services provided to your scheme appropriately
  • the plan is reviewed on a regular basis (no less than annually)
  • the plan is periodically tested and test results are reported to you

Administrators often rely on external suppliers, such as third-party technology platforms, cloud hosting services, and subcontractors. A cyber incident or operational outage affecting one of these suppliers could compromise scheme data and disrupt member services, data access and payment processing.

You should understand and evaluate the risks to the full supply chain involved in the scheme’s administration, including whether key suppliers are covered in the administrator’s recovery and continuity planning. This planning should ideally include assessment of supplier recovery capabilities, clear protocols for managing supplier unavailability, and testing of contingency arrangements.

For schemes that offer defined benefits, employer insolvency can interrupt the trustee and administrator(s) ability to carry out essential functions. You may wish to engage with the Pension Protection Fund guidance on practical tips to help trustees manage risk.

Report a breach of the law

If someone hasn’t complied with legislation relating to the administration of a pension scheme, this is a breach of the law.

You may need to report the breach to us. See the reporting breaches of the law section of our code of practice.

Maintaining the quality of administration service

Administration policy and administration contract

An administration policy (sometimes known as administration strategy) is the essential guideline that governs your scheme administration operations. The appropriate level of detail will depend on the circumstances of the scheme, but the policy needs to cover the following:

  • The objectives for administration, including long-term strategy.
  • Scope of administration function, such as clarifying the extent of coverage, including documenting the administration activities, and any other administrative considerations (ie member communications, data management, reporting).
  • Roles and responsibilities, outlining the responsibilities of
    • the administrator(s), including the situations where administrator(s) can exercise discretions
    • the scheme’s governing body
    • the employer
    • any other service provider relevant to the administration function (ie actuary, legal adviser, investment manager)
  • Information requirements, specifying the types of information the administrator needs to receive, who provides that information, and the frequency and format of delivery.
  • Reporting requirements across the administration functions, what needs to be provided by the administrator, who they need to report to (eg trustee board, data sub-committees), and the frequency of those reports.
  • Monitoring and review procedures for administration performance and processes, and frequency of this monitoring, including an escalation and resolution path for under-performance and a periodic full review of the adequacy of the contractual arrangements between the trustees and the administrators.
  • Disaster recovery and BCP for your key administration functions. This would usually be a separate document, referenced in your administration policy.
  • Policy review procedure, including how often, who is responsible, and any circumstances that may trigger an ad-hoc review (ie recurring service issues, change of administrator, regulatory change)

If your scheme outsources some or all administration functions to a third-party administrator, you should also include the procedure for appointing or re-tendering a contract for an administrator in your administration policy. You should consider the quality of the service as well as the cost when choosing them.

You should have robust documented arrangements with your administrators, and should regularly review the suitability and performance against these arrangements. With third-party administrators, this will be in the form of a contract. Standard items in such arrangements can include the following aspects, and some of them need to be aligned with your administration policy:

  • Commencement, end dates and roll-forward provisions.
  • Descriptions of the obligations of the administrator.
  • Description of your obligations.
  • Framework to evaluate the delivery of the obligations, with an escalation path to agree the framework for resolution if obligations are unmet (eg performance review meetings, independent assurance auditing).
  • Intellectual property and ownership of scheme materials (such as benefit specifications).
  • Description of the service to be provided and the expected performance levels, continuous improvement measures, and what happens if performance levels are not met (eg financial compensation).
  • Description of information and reports to be provided to you on a regular basis, although the administrator(s) may have discretion over the report formats and content.
  • Data protection procedures (eg GDPR compliance, data sharing agreements).
  • Fee schedule.
  • Liability limitations.
  • Regulatory breach and data security incident reporting. Where appropriate, details regarding obligations for submitting reports to regulators.
  • Requirement to engage with any third-party service providers or sub-contractors that are used by the schemes.
  • Business continuity and disaster recovery arrangements.
  • Complaint resolution process.
  • Process for agreeing scope and budget of any additional work, such as responding to regulatory and legislative changes.
  • Provisions for review, termination and operational handover of the contract, including exit and transfer terms, costs and timescales.

Where necessary, you should have access to appropriate advice and assistance to negotiate contractual terms. For more information on appointing, reviewing and working with your administrators, see our code of practice on working with advisers.

Transferring administration services to a new provider is a significant and complex process, and sometimes it can be time consuming with challenging situations. It can also yield benefits in terms of auditing data, improving member services and allowing objective scrutiny from another expert in administration. You need to ensure that your contract covers this process and relevant terms adequately. This helps with a smooth handover of responsibilities, avoiding disruption of service, data loss and delays and sets expectations to enforce standards during any transition. For existing contracts which are silent on this issue, it is important to have sight of and understand the administrator’s policy on how transfers will be managed, and you may need to negotiate a separate contract on exit.

You may also wish to engage with the Code of Conduct on Administration Provider Transfers from the Pensions Administration Standards Association (PASA) for industry good practice.

Administration reporting

The reports you receive from your administrator(s) should contain information that enables you, as the governing body, to assess the performance of your administrator and monitor progress against your administration strategy. The administration reports and the risk register (see code of practice information on risk management) are key documents that will inform the governing body.

Administration reports should reflect the specific characteristics and benefit structure of the scheme and enable you to hold the administrator to account for their obligations in the contract. You should also check that the administration reports are specific to your individual scheme. Reporting at an aggregate level by an insurer or third-party administrator is unlikely to be sufficient for you.

The level of detail and frequency of reporting that is appropriate will depend on the circumstances of the scheme. Your administrator may also provide multiple reports for different purposes. For schemes with a large number of active members, high transaction volumes, or complex membership structures, a monthly report can help identify any risk trends or issues. This can be complemented by a quarterly summary report, which is reviewed by the governing body. A small scheme with relatively stable members may only need a semi-annual report. However, if you have concerns about the performance of certain administration services, you may wish to increase the frequency and detail of reporting to enable closer monitoring of the situation. You may also ask your administrator to bring different data sources into a single report to provide meaningful analysis.

As a minimum, your administration reports should cover the following:

  • Membership movement statistics.
  • Reporting against service performance measures, in particular on tasks related to the processing of core financial transactions including:
    • contribution reconciliation and investment
    • details of any discrepancies and problems encountered
    • details of any undesignated assets
    • payment of benefits (retirement and death)
    • investment switches (DC benefits only)
    • transfers in and out of the scheme
  • Summary of the discretion exercised by the administrator if applicable.
  • Summary of member feedback, complaints and the progress of dispute resolution activities over a defined reporting period. You may also wish to include additional information that will provide an insight into your members’ experience with the scheme.
  • Quality assurance reporting, errors and breach reporting – volume, type of error, severity, action taken to resolve.
  • Cash flow reporting.
  • Data quality and issue reporting.
  • Risk management reporting with reference to the scheme’s and the administrator’s (where separate registers are kept) risk register.
  • Reporting on annual tasks, eg annual benefit statements.
  • Where member web access is offered, details of any periods where web access was not available, eg server problems, maintenance.
  • Progress on scheduled updates to other elements of the service.

Some administrators commission Audit and Assurance Faculty framework reports on internal controls (AAF reports) for independent assurance of reliable internal controls, such as benefit calculations, data quality and cyber security. Where available, these reports, which are often commissioned annually, should be incorporated into your administrator reporting.

Performance measures

All administrators – whether outsourced or in-house – should have metrics in place to measure the delivery of key administration activities. Performance measures are often captured formally in service level agreements (SLAs) or key performance indicators (KPIs).

While performance measures typically focus on the time taken to complete certain tasks, you should also include metrics relating to the quality and accuracy of the administration. For example, this might include metrics relating to the number of errors identified during quality assurance, volumes of rework required, or member satisfaction ratings. It is also helpful to consider the performance measures from a member’s perspective, for example what timescales they would consider to be reasonable and prompt.

The administrator may not meet agreed performance targets in relation to all the tasks. Therefore, when you agree and construct performance measures with your administrators, you need to ensure they include any performance-related consequences where the performance is not met and working in partnership with your administrator(s) to understand the underlying issue. It is important to put clear procedures in place for when this happens. For example, will affected members be contacted and provided with a revised timeframe, and will tasks remain open as live cases within the workflow system until they are resolved?

Performance against those metrics should be part of the administration reporting. The monitoring of errors and complaints, their root causes, and the progress made towards resolution, is also a useful tool for the governing body to understand how administrators are performing. Where performance measures are not being met, you should make enquiries about the reasons for this.

You should ensure the metrics are appropriate for your scheme and the member experience you wish to provide.

You should also be aware that there may be other information that is not immediately visible via the administration reports, which you need to probe with your administrator. For example, your administrator may categorise some work as ‘pending’, or ‘brought forward’, for situations where further information is required before a transaction can be completed. Where this is the case, you should ask your administrator to provide further information about the type of work that falls into that category, and why.

If you use a third-party administrator or a professional trustee, they may be able to provide you with anonymised data to illustrate typical transaction times across other similar schemes, or, if you are going through a tender process, you might ask for this information to be included as part of the tender. If you include certain performance measures in your contract, you need to ensure that there is flexibility to adjust them where appropriate without having to renegotiate the contract.

Example of setting and reviewing performance measures

  • Your current contract may include an SLA that contributions will be invested within three working days following receipt. When reviewing the performance against this SLA, you may want to ask your administrator the following questions:
    • When does the clock start? Is it from the time the contributions reach the bank account or when the administrator receives the contribution file from the employer’s payroll department?
    • What happens if there are queries that need to be raised with the employer? Does the clock stop while the queries are raised, or does it continue?
    • Does the clock stop when the monies and instructions are sent to the investment manager, or when the investment manager confirms that the contributions have been invested?
    • If the clock stops and starts throughout the process, what are the overall timescales that are reported to trustees in the administration report? Is it the true end-to-end time taken to complete the transaction, or are the periods taken to resolve queries discounted?

  • You agreed with your administrator that one of the KPIs should be around the member experience. To monitor the performance in a rounded way, you asked your administrator to report on the following information:
    • Member satisfaction surveys segmented by transaction type.
    • Analysis summary of member contact experience, including average turnaround time for member queries by query types (with any significant out performance) and contact centre performance (such as average wait times, first time resolution rates, sentiment analysis and abandonment rates).
    • Vulnerability handling statistics, including members identified, and a summary of support provided.
    • Member web portal usage statistics (such as login rate, member activity analysis and portal uptime).
    • Complaint volumes and resolution times, plus error and breach reporting, with categorisation by root cause and member impact.

Administrator’s experience and qualifications

You should establish that your administrators are sufficiently experienced and qualified in administering your type of scheme, and that this will continue to be the case.

Some schemes may have a dedicated team working solely on their administration, or have in-house administration arrangements. In these cases, it is likely more straightforward to establish whether the administration staff have adequate experience and qualifications, for example those awarded by the Pensions Management Institute, to administer the scheme to a high standard.

Independent accreditation can assist you in being confident that a high standard of administration, whether in-house or third party, is being provided. We encourage you to establish whether your administrator(s) have obtained independent voluntary accreditation, such as the accreditation standard offered by the Pension Administration Standards Association (PASA).

You should seek assurance from your administrator(s) that they have adequate policies and practices in place for staff training and development, including procedures to upskill administration staff and maintain professional standards. Regular training on new regulatory or legal requirements, as well as examples of good and poor practice (e.g. Case studies | The Pensions Ombudsman), will help ensure your scheme continues to deliver high-quality administration services to members.

If your scheme is a bundled arrangement, and the provider outsources administration services to a third party, you should seek assurance on how the provider has assessed the training, qualifications and experience of the administrators within that third party.

Where you don’t feel confident that adequate expertise is continuously in place, you will need to consider whether this might impact on the quality of administration services you receive, and challenge this with your administrator(s).

Procedure manual and quality assurance

As well as having appropriate expertise, it is important to have a clear and well-documented administration procedure manual, which incorporates quality assurance.

You should obtain assurance from your administrator that the procedure manual exists, is kept up to date and is relevant to the needs of the scheme. This is particularly important for schemes using a third party administrator, where similar procedures may be applied across a number of schemes. Some administrators may also maintain a summary of the scheme rules to assist in the running of the scheme. If such a summary is in place for your scheme, you should be satisfied that it accurately reflects the scheme rules.

Quality assurance is essential because it underpins accuracy, reliability, and trust in pension operations. Adequate checking and peer reviews should be incorporated into the procedures, and you should be content that these are sufficient to minimise the risk of errors, such as the checker being the right level of seniority for a type of task and that there is also a “check the checker” process. It is likely to be appropriate for all tasks carried out manually to be checked, with regular peer reviews carried out on a sample of cases.

Checking procedures should not only apply to tasks that are carried out manually. Regular checks and tests should also be built into automated procedures, such as system generated calculations (factor reviews), automated workflows (especially those supported by artificial intelligence), and system and software updates.

You should ensure your scheme transactions are subject to the appropriate amount of quality assurance, which may need revising if errors and omissions materialise.

Some administrators routinely undertake trend analysis using data collected from complaints, incoming calls, and member interactions on their self-serve web portals. This is considered good practice as this analysis forms a key part of their internal feedback loop and drives their service improvements such as updated procedures, enhanced system functionality, or targeted staff training. If you haven’t done so, you can engage with your administrator to understand whether they are operating such feedback loops and if this type of analysis should be included in the regular reporting to support more informed oversight.

Back to top
Is this page useful?

Thanks for your feedback.

Page not useful?

Problems with this page?

Your email address will only be used to reply to your comment. Read our privacy notice.