A risk management programme exists to provide assurance to key stakeholders (i.e. trustees, members, sponsor and regulator) that the pension arrangement is being managed professionally with appropriate checks and balances in place to manage both planned and unplanned risks. Many pension arrangements' risk management programmes (particularly those not reviewed for some time) can give the perception that risks are being managed effectively but in reality, this may not be the case.
Example reasons why risk management may not be working:
Managing pension risks can be a value-added activity for trustees. However, to achieve this, their approach to managing pension risks must change going forward (as described in the table below).
The Pensions Regulator's Integrated Risk Management model goes someway to addressing some of the points listed earlier but it focuses almost exclusively on financial risks – we need to apply these principles to all risks including operational risks, fraud, data protection, communication and interaction with the sponsor.
Trustees will have an effective value-driven risk management programme if they are managing risks proactively, strategically, holistically and professionally.
If they cannot answer these questions comfortably, then they may not get the value they need from their pension risk management programme.
|Traditional approach to Risk Management||Future approach to Risk Management|
|Tends to focus on risk avoidance / compliance||Risk management programme supports controlled risktaking, leading to value creation|
|Focuses on standard industry ‘risks’ – little changes each year||Need to focus on meeting the pension fund’s long term strategy, its changing objectives and its attitude / tolerance for risk|
|Retrospective view, considers each element of risk in isolation (at a certain point in time)||A holistic approach which focuses on all risks in ‘real time’– a key part of managing the pension scheme|
|Assumes individual risks are not linked||Need to consider risk scenarios (i.e. situations which impact multiple single risk events) – focus on contingencies|
|Concentrate on likelihood and impact of specific risk events only – not enough focus on risk events which are high impact / low probability||Greater focus / weighting on high impact risk events and consideration of other risk measures|
|Tend to focus on ‘business as usual’ (BAU) risks which are ‘controllable’||In addition to BAU risks, consider risks associated with change, external risks and potential future risks|
This article first appeared in Pensions Age in May 2017.