First of all thank you very much to Anne Rodriguez for inviting me to speak at your conference this afternoon.
Over the next 20 / 30 minutes I would like to run through:
- where we are up to with the IORP II Directive, and
- what the Directive means for you, and for the schemes you advise
We’ll get into the detail in a minute, but before we do that, I’d like to make three key points about the Directive. If I could ask for you to take away anything from my session, it’s these three points:
- Firstly, that we are still working out the details of how we will translate the regulations into our various codes of practice. It’s important that we get it right, so we’re in the process of determining the most effective way of implementing the new requirements into our current suite of codes. There is a clear process in place for updating codes and any changes are unlikely to be published before the end of 2019. So be assured you won’t have to overhaul the way you do things immediately.
- Secondly, as part of that process we intend to consult extensively with industry and key stakeholders on the changes. In our view, it’s vital that what is put in place is proportionate and workable - and we be seeking your input to help us achieve that. Currently we anticipate this consultation will most likely happen around late Spring 2019 and I would obviously strongly encourage you to get involved and respond to it when the time comes.
- Thirdly, our Government representatives, The Pensions Regulator (TPR) and other UK stakeholders worked together and negotiated a final text of IORP II which supports the UK’s direction of travel on pensions policy. While there will be some changes, we do expect that well-run schemes will already be doing a lot of what will be required. IORP II aligns closely with TPR’s 21st Century Trustee campaign which we ran earlier this year. I’m sure many of you saw it - it was aimed at trustees and set out clearly our expectations of good governance. This alignment is no coincidence. The UK was a strong and influential voice during the negotiations to produce IORP II.
Consequently, many of the key elements of IORP II are already required within UK law or our codes of practice. So schemes that are complying with our expectations already are unlikely to have to make drastic changes to the way they operate.
What does IORP II include?
The Directive includes provisions regarding:
- effective system of governance for trustees
- transparency and disclosure of information to scheme members
- rules governing investment practices including encouraging consideration of environmental, social and governance factors
- amendments to the cross-border regulatory framework
- encouragement of risk-based regulation and transparency by TPR
- protection of data and information held and used by TPR
Where are we with IORP II?
Despite Brexit, the Directive does apply to us. The Government position is that the UK should continue to implement EU law. Until the day we leave, the UK remains a full member of the EU and all the rights and obligations of EU membership remain in force. The transposition deadline of IORP II is 13 January 2019. As the UK will still be a member of the EU at this time, the government committed to implementing the Directive into UK law.
The good news is that because the UK was influential in drafting IORP II, and it therefore aligns with the direction of UK policy, DWP were able to transpose IORP II without lots of new legislation. The two areas that the new UK legislation covers relate to effective governance systems and the cross border regulatory framework.
These regulations were laid in Parliament on 23 October 2018. The changes introduced by these regulations do not apply to Master Trusts and Public Service Pension Schemes that fall under the 2017 and 2013 Act definitions, but do apply to all other occupational pension schemes - defined benefit (DB) and defined contribution (DC).
Pension schemes will not be expected to action any changes by January 2019, as this date is a deadline for the UK to transpose the Directive into UK law, not a deadline for schemes to comply with it. Any changes that pension schemes will need to make will be implemented within a feasible timescale. There will be phasing or implementation periods for schemes which will allow enough time for them to familiarise themselves with the requirements and to plan what they need to do.
We (TPR) will make sure that the expectations for different types of schemes are made clear. We know that you need clarity about what is expected of you and you need sufficient time to make any changes with minimum cost and disruption.
From our point of view, for those schemes that continue to operate poor systems we will be able to take more targeted and timely action against them as there will be clear and enforceable legal requirements in place.
So, the two areas that the new UK legislation will cover are cross border schemes and systems of governance:
Cross border schemes
The UK has around 25 pension schemes that are authorised to carry out ‘cross border activity’ with another EEA member state under rules that came into force out of IORP 1 in 2006.
Broadly speaking, cross-border activity is when an employer in one Member State selects to base their occupational pension scheme in another Member State. IORP II updates and amends some of these processes and introduces amended requirements for some types of transfers across EEA borders.
IORP II also introduces a new authorisation process for schemes who want to undertake bulk transfers with a separate scheme located in another EEA state. This includes ensuring that the cross-border transfer is approved by a majority of members and a majority of the beneficiaries concerned.
The new regulations amend the existing cross border regulations to ensure that the regulatory framework for cross border activity, including bulk transfers, is in line with the requirements of IORP II.
Systems of governance
IORP II will require trustees to have an effective system of governance that is proportionate to the complexity and risk profile of their scheme. This system needs to include:
- an adequate and transparent organisational structure with a clear allocation and appropriate segregation of responsibilities; and
- an effective system for ensuring the transmission of information
The new Governance Regulations amend the Pensions Act 2004 to refer to this requirement and to set out the details that TPR must include in its code of practice.
For example, as part of looking at their system of governance, schemes will be required to carry out and document an own risk assessment, and the updated code of practice will include guidance on this.
There is also an expansion of the requirement to have an adequate internal control system. The requirement in the Directive states that it should include ‘administrative and accounting procedures, an internal control framework, and appropriate reporting arrangements at all levels’. In addition, schemes are required to have contingency plans to ensure continuity and at least two persons who effectively run the scheme. Again, these will be addressed in the relevant code of practice (COP).
The majority of the requirements apply to schemes with more than 100 members however schemes with less than 100 members are required to have an effective system of governance.
As I mentioned earlier, we are not expecting many schemes to have to make drastic changes. Many schemes already have effective governance systems in place - and those which do may only need to begin formally documenting their existing practices in order to comply with the new legislation.
Those schemes that don’t already have an effective system of governance will need to put one in place - one that is not unduly burdensome, but that does reflect the risks to the running of that particular scheme.
Current governance expectations are outlined in our codes of practice.
- 9 (Internal Controls)
- 13 (DC schemes)
- 15 (Master Trusts)
- 3 (DB scheme funding)
- 7 (Trustee knowledge and understanding)
We are in the process of reviewing all of the relevant codes so that they accurately reflect the IORP II requirements. Our expectation is that changes will need to be made primarily to code 9 relating to Internal Controls but there is also likely to be an impact on other codes such as COP 1 (reporting breaches), COP 2 (notifiable event), COP 3 (DB Funding), COP 5 (reporting late payment of contributions to DC schemes) and COP 7 (Trustee Knowledge and Understanding), COP 13 (DC).
The updated code(s) will give practical guidance to trustees and advisers to explain how they need to comply with the new system of governance, and how to carry out an own risk assessment and document it.
Let’s look at a few areas that larger schemes will need to address in more detail:
Risk assessment is an important element of the Directive’s governance focus, and it introduces a requirement for an “own risk assessment.” This means schemes will need to identify long and short-term risks that could affect the scheme’s ability to meet its obligations.
Schemes will need to perform an own-risk evaluation at least once in every three years and again immediately following any significant change in the scheme’s risk profile. So schemes will need to consider, among other things:
- a description of how the own-risk assessment is integrated into the management process and the decision-making processes
- assessments of the effectiveness of the risk-management system
- the overall funding needs of the IORP and the risks to members in relation to benefit payments
- operational risk management
- if environmental, social and governance factors are taken into consideration in investment decision, how the trustees assess new or emerging risks, such as risks relating to climate change
Schemes will need to identify and report on risks both at an individual and aggregated level to which they are or could be exposed, and their interdependencies.
The updated codes will explain how schemes should carry out their own risk assessment and document it.
Internal audit function
Schemes will be required to have an effective internal audit function. This function should include an evaluation of the adequacy and effectiveness of the internal control system and other elements of the system governance (including outsourced activities). The Directive requires that this must be assumed by a person (or entity) that is independent of the risk management and actuarial functions. This will be reflected in the relevant COP.
The government believes the UK already has a well-developed and effective disclosure regime in place. Therefore it does not intend to introduce any new disclosure regulations at this time in relation to IORP II disclosure requirements. However it intends to keep this under review.
In particular, they are keen to avoid putting new IORP II disclosure requirements on schemes unless they align with existing domestic policy proposals, such as the Dashboard.
We want to ensure these are taken into account as part of a co-ordinated approach across the disclosure landscape which helps maximise benefits to members, and where possible, minimise burdens on business.
Any future plans to legislate in this area would include transitional or phasing arrangements as appropriate to ensure schemes have adequate time to make any system changes.
That gives you an overview of where we are with IORP II and what it means for schemes and for those of you who advise them. As you can see, there is still plenty of the detail to be worked out.
But the fact that you are thinking about it and talking about it is a great sign. I encourage you to keep up your interest and get involved with the consultation on the new code when it’s published next year.