Set your privacy preferences

We use necessary cookies to make our website work. Cookies are small files stored on your device. We also use optional cookies to improve our services and tell us if you have seen our advertising. The data we collect is anonymised. Are you happy to accept these cookies?

View cookies

This website uses cookies. Your browser currently has cookies disabled.

Skip to main content

Making workplace pensions work

Pensions dashboards: guidance

Matching people with their pensions

When a person uses a pensions dashboard, you will receive certain personal data from the digital architecture. You will need to use the data to search your records and determine if you have a pension for them. This process is called ‘matching’.

Information included in the ‘find request’

The potential member will be verified by GOV.UK One Login before they can issue a ‘find request’. This means you can be confident the user is who they say they are.

Once a potential member has been successfully verified, their details are added to other information they have provided, to be used for ‘find requests’. This may include National Insurance number, previous names, addresses, email address(es) and mobile phone number(s).

Schemes will receive a ‘find request’ with all provided information, to match the user to their pensions. Once a user successfully proves their identity, the find request will include the following core identity information:

  • first name
  • last name
  • date of birth
  • email address
  • mobile number, if used for 2-factor authentication, but this may not be provided if the member chooses to use an authenticator app

GOV.UK One Login will also check that any UK address provided exists and has an association with the user, through credit records.

Dashboards users may also provide additional information. This is limited to National Insurance numbers, but in future it may also include previous or alternative surnames and contact details.

All data will be provided in accordance with the format set out in the data standards set by MaPS.

GOV.UK One Login has also confirmed how ‘special characters’ will be treated in names and addresses.

You can find more detail on the data that schemes will receive on the MaPS identity service page

Preparing your data for matching

You must match your members with their pensions and ensure that the quality of your scheme member data is good enough to enable you to do this effectively. You will need to assess the data you plan to use for matching. Many administrators or ISPs can provide you with bespoke reports if required. You should work with your administrator, connection provider or other advisers to identify and resolve any data quality issues. You should consider all relevant records in your schemes, including AVC benefits where they apply.

You should review our guidance on Assessing member data quality and interrogate your scheme member data to consider the extent to which it is:

  • complete and accurate
  • digitally searchable for dashboards purposes

If your data is not reliable, you risk returning data for the wrong person or not finding a pension record when you should. This may lead to enforcement action being taken against you by us or the Information Commissioner’s Office (ICO).

Where problems are identified with the quality of the data you plan to use for matching, you need to take targeted action to resolve them and document this in a data quality improvement plan. You may also want to consider any proactive actions you can take to resolve known data quality issues. For example, you could run scans to identify missing or temporary National Insurance numbers and ask employers to provide complete information. Additionally you could consider reducing data gaps by running tracing exercises or collecting additional data points such as email addresses and mobile phone numbers.

You should understand your obligations under data protection law and have processes in place for protecting scheme data. This includes being able to manage your data to comply with data protection legislation and to address any breaches. You can find out more about your duties in our code of practice

Matching, combining or comparing data from multiple sources requires a Data Protection Impact Assessment (DPIA) under UK General Data Protection Regulation (UK GDPR), so you may need to produce one. If you already have a DPIA, you may need to update this. You can find out more about DPIAs on the ICO website.

Setting the criteria for matching

You should decide what data to use to match members to their pensions (your ‘matching criteria’), based on your scheme’s data quality and availability. It is vital that your scheme’s matching criteria is in line with the level of confidence that you have in the quality of your data.

Your matching criteria may evolve over time. It’s anticipated that many schemes will use last name, date of birth and National Insurance numbers for matching. If you are not satisfied with the quality of the data items, you will need to decide how great this risk is and whether you want to use any of these items in your ‘matching criteria’. You could consider widening your matching criteria to include further data items such as first name, alternative names, personal email address or postcode. This should increase your confidence that you are matching to the right person, without increasing the risk that you fail to find someone when you should. The Pensions Administration Standards Association (PASA) has published guidance around data and matching. You may wish to consider this when deciding on your approach to matching.

You should review your matching criteria on a regular basis and refine them to reflect changes such as data quality improvements or learnings from your providers’ reports. You should have a clear mechanism for approving changes to your matching criteria. To ensure that you continue to effectively match over time, you must ensure you maintain the quality of your scheme member data on an ongoing basis. You can find out more in our guidance on scheme member data quality.

You must keep a record of your matching policy for at least six years from the end of the scheme year in which the decision is taken. You should record the matching criteria you are using for the scheme generally. You are not expected to record the criteria used for each individual search. Your records should include the key considerations you have made in setting your criteria, a record of any changes and the rationale for these. You may also want to include the following in your matching policy:

  • How you will manage and resolve possible matches and any resulting queries.
  • Details of how regularly you will receive and review reports on matching performance from your provider(s).
  • The governance process you will follow to monitor the effectiveness of your matching criteria and make any changes required.
  • How you will review your matching criteria, and how often.

See further record-keeping requirements on matching in ongoing connection and record-keeping requirements.

Match is found

If you are confident that you have found a member’s pension record using the information they provided, you have ‘made a match’.

You must create and register a unique identifier, also known as Pension Identifier (PeI), with the digital architecture, to meet MaPS’ technical standards. The PeI does not contain any pensions information but acknowledges that there is a match. The member can then ask to view their information and you should return the relevant data directly to the dashboard. For more information, see information to provide to members.

If someone leaves your scheme or retires, you need to remove their match from the digital architecture by ‘de-registering’ their PeI as soon as possible.

Possible match is found

In some cases, you might not be certain enough that you have ‘made a match’ to release a member’s pension data. For example, the National Insurance number and date of birth match, but the last name doesn’t. This could happen if a member has married but failed to notify the scheme of their new last name.

In these circumstances, you should return a ‘possible match’ to the member. You must create and register a PeI with a ‘possible’ match status. In this case you will only send a message to inform the member that they may have a pension, but that they need to provide more information via the given contact details to confirm this. You can do this by using an appropriate code, from the data standards.

The user has 30 days to contact you once you’ve returned a possible match. If they do, you must resolve the possible match promptly, including during user testing.

If they do not make contact within 30 days, or you are unable to resolve the match in a timely manner following contact, you must delete their personal information and deregister the PeI.

You should work with your administrator or connection provide to ensure they have the right processes and resources in place to resolve possible matches.

You should consider what actions you can take to improve your scheme member data and reduce the number of possible matches you receive. This may include the following:

  • Proactively scanning for missing or temporary National Insurance Number and contacting members or employers to resolve these.
  • Proactively contacting members to provide missing information.
  • Prompting members to review their personal information when they contact you for another reason or use another service such as an app or online portal.
  • Merging duplicate records.
  • Enriching your data, for example by capturing mobile telephone numbers or private email addresses.

The reports you receive from your providers on matching performance can also help you identify data to prioritise for improvement.

You also need to decide how you will manage and resolve possible matches ie how you will confirm whether the dashboard user is, or isn’t, a member of your scheme.

You need to consider which information you will use to verify the identity of the member contacting you, and put in place a route for possible match queries, such as providing an enquiry form, a dedicated contact team to resolve queries, or an AI-enabled web-based solution.

Match cannot be found

If you determine that you do not hold a pension for the user, including following the ‘possible match’ process, you must delete the personal information provided as there are no legal reasons to keep it and you will otherwise breach the GDPR requirements.

Schemes with multiple sections or administrators

If your scheme has multiple sections and there are different administrators for some of your sections, you need to work with all your administrators to agree the most suitable approach for your scheme in the following situations.

  • Where there are discrepancies in the data quality for each of the sections, you may want to have more than one set of ‘matching criteria’.
  • Where a member has multiple benefits across your scheme and has been successfully matched for one section, but a ‘possible match’ for another, you will need to consider the level of information to provide to the member.
  • Where you have multiple sections with different administrators, you must consider which contact information is provided to the member. This may depend on the approach of your connection routes.

If your scheme has a very complex benefit structure, you may also consider performing a data mapping exercise to understand where data is held, who is involved in providing it, as well as any gaps. Where necessary, you should consider updating contractual agreements with your providers.

You may wish to consider the toolkit that PASA has published, if your scheme has sections including AVCs.

View a printable version of the whole guide
Back to top