- Ensure that your clients’ defined benefit (DB) schemes have adequate internal controls that enable trustees and their advisers to manage risks relating to their scheme.
- Set up and maintain your own procedures and controls to ensure you provide a good service for clients.
- Help to ensure that schemes have a process that enables trustees to identify, evaluate and manage risks on an ongoing basis.
DB schemes need to have adequate internal controls that enable trustees and their advisers to manage their scheme according to the scheme rules and the law.
You should also set up and maintain your own controls and procedures to ensure you provide a good quality, accurate service for your clients.
Internal controls for trustees and their schemes are arrangements and procedures for:
- scheme administration and management
- monitoring that administration and management
- safe custody and security of scheme assets
Risk management process
DB schemes should have a process that enables trustees and their advisers to identify, evaluate and manage risks, and to monitor risk management controls. You may be asked to provide advice on this process.
You may be asked to help trustees to identify the risks that are critical to the scheme and which are likely to have a significant impact on the scheme’s ability to provide member benefits if they are not managed effectively.
Areas of risk that are likely to have a significant impact on your clients’ DB schemes include:
- existing controls not operating effectively
- strength of the employer covenant
- investment strategy
- corporate changes and transactions relevant to the scheme
- legal requirements
- operational procedures and technical systems
- scheme management (including costs) and delegated responsibilities
Your clients should record identified risks in a risk register.
You may be asked to help trustees to develop a process for evaluating risks. This should consider the impact and likelihood of a risk occurring.
The evaluation process should enable your clients to direct resources to priority areas. Start with risks that have a high impact and a high likelihood of occurring. Areas of risk that may need to be prioritised include:
- lack of trustee knowledge and understanding
- deterioration of the employer covenant
- poor investment governance
- poor record-keeping
- conflicts of interest
- ineffective relations with advisers
You may be asked to help trustees to assess which risks the scheme can absorb without the need to take further action, and which risks need to be managed.
You should work with your clients to ensure that internal controls are suitably designed and implemented. They need to enable trustees and their advisers to take appropriate action.
Monitoring risk management controls
You may be asked to advise trustees in relation to their need to continually review exposure to new and emerging risks. This includes significant changes in or affecting the scheme.
Trustees must make sure the risk register is reviewed at least annually and evaluate risk assessment arrangements, procedures and systems to ensure that they are still fit for purpose, taking account of any significant changes.