Skip to main content

Your browser is out of date, and unable to use many of the features of this website

Please upgrade your browser.


This website requires cookies. Your browser currently has cookies disabled.

Risk management

Identifying and mitigating risks facing a pension scheme, using internal controls and handling conflicts of interest.


Early draft of the code of practice

This code is not in force yet. It is an early version for the new code of practice consultation.

To give us feedback on issues such as the design, usability and navigation of this code, email us at

You can also read more information about the consultation.

Identifying and assessing risks

What governing bodies should do to identify and assess risks to the scheme, including having a risk management function.

Managing risk using internal controls

Using systems, procedures and arrangements to manage risks to a pension scheme.

Assurance of governance and internal controls

Using assurance frameworks to monitor the administration and management of the pension scheme.

Continuity planning

The steps that governing bodies and service providers should take to make sure scheme activities continue to happen on a regular basis.

Conflicts of interest

What governing bodies should do to effectively identify, manage and record conflicts of interest.

Own risk assessment

The areas that governing bodies must cover and document in their own risk assessment.