TPR’s General Code — governance burden or opportunity to refocus? 

We are excited to see that the regulator’s new (and rebranded) General Code is set for 2024.

Much has been written and discussed about the Pensions Regulator’s (TPR) enhanced requirements and, in particular, the additional governance challenges they might present for trustee boards (Read more about the new General Code). 

Trustees have never had such a tough job to do. In a world where they are already busy with guaranteed minimum pension equalisation, market volatility, Pensions Dashboard requirements and the imminent new Funding Code, it’s easy to see how some might view the General Code as simply more work to do. But the opportunity is there to get real value out of the new requirements, beyond basic compliance. We see the introduction of the code as a chance for trustees to focus on new and growing risk and opportunity areas.

Cyber threats are a growing area of interest for many trustee boards. Pension schemes are vulnerable to cyberattacks due to the large amount of assets and personal data they hold, as well as frequent financial transactions between stakeholders. Because of this, cyber risk for pension schemes is a rapidly evolving area and is one of the growing threats to the security of members’ benefits. Unsurprisingly, TPR is increasingly concerned. The code sets out new expectations for trustees in this area — and there is a quite a bit to do for boards who haven’t looked at this yet. We are encouraging trustees to take this opportunity to open their eyes to the level of risk that cyber threats pose and start on a journey of education. We discuss these threats here.

Climate change is an increasingly important aspect of pension risk, and it is widely recognised that pension schemes face material risks from rising global temperatures. These potential threats range from the physical effects on members and sponsors to the second-hand impacts of climate policies and a changing investment market. But are boards really addressing climate risk systematically for their pension schemes? 

There is a lot to think about here: for example, understanding how to account for climate risk in your risk register, how and what to communicate to members and other stakeholders beyond the requirements of TCFD (Task Force on Climate-Related Disclosures) and more. Let’s not forget that corporates are also tackling this issue and trustees should be mindful of how the pension scheme’s climate strategy fits with that of the corporate sponsor.

Diversity, equity and inclusion (DEI) didn’t appear much in the draft Single Code (as it was then) but we expect it to feature in its own right in the General Code. Even without this, we believe trustees should already have DEI on the agenda. We know that embracing diversity will lead to better decision-making, member engagement and ultimately member outcomes. There are many facets to this topic — from ensuring member communications are suitable for your scheme membership to having a robust DEI policy and understanding your advisors’ approach. You can read about the increasing importance of DEI here.

Defined benefit schemes should also take the opportunity to ensure pension scheme governance dovetails with the requirements of the new Funding Code. Trustees and companies will be gearing up to set the long-term target and journey plan to achieve the target. The General Code deals with the risk management process for achieving the target, and this encompasses so much more than investment risk. We held a webinar at which David Fairs, TPR’s Executive Director of Policy, Advice and Analysis, discussed the proposed new funding regime. 

There is a great deal for trustees to do — and an opportunity to achieve real value. We would encourage every group of trustees to start thinking about these issues even before the final General Code lands.