Is pension risk management fit for purpose?
As UK pension arrangements continue to mature/evolve, the challenges and risks they face are changing and, in fact, increasing.
A risk management programme exists to provide assurance to key stakeholders (i.e. trustees, members, sponsor and regulator) that the pension arrangement is being managed professionally with appropriate checks and balances in place to manage both planned and unplanned risks. Many pension arrangements' risk management programmes (particularly those not reviewed for some time) can give the perception that risks are being managed effectively but in reality, this may not be the case.
Example reasons why risk management may not be working:
- Risk Registers are too cumbersome (too much information, too many risks, too complex, etc.), leading to focusing on the wrong areas.
- Culturally, trustees and advisers tend to focus on delivering risk solutions rather than managing the risk processes.
- Risks tend to be looked at individually/occasionally, usually with the existing advisers' support – there needs to be more independent, objective guidance made available to trustees when it comes to risk management.
Managing pension risks can be a value-added activity for trustees. However, to achieve this, their approach to managing pension risks must change going forward (as described in the table below).
The Pensions Regulator's Integrated Risk Management model goes someway to addressing some of the points listed earlier but it focuses almost exclusively on financial risks – we need to apply these principles to all risks including operational risks, fraud, data protection, communication and interaction with the sponsor.
In summary
Trustees will have an effective value-driven risk management programme if they are managing risks proactively, strategically, holistically and professionally.
Trustees need to ask themselves three questions:
- Can I name the top three risks facing my pension fund at this time?
- Is our approach to managing our risks working?
- How does our risk management programme add value?
If they cannot answer these questions comfortably, then they may not get the value they need from their pension risk management programme.
| Traditional approach to Risk Management | Future approach to Risk Management |
| Tends to focus on risk avoidance / compliance | Risk management programme supports controlled risktaking, leading to value creation |
| Focuses on standard industry ‘risks’ – little changes each year | Need to focus on meeting the pension fund’s long term strategy, its changing objectives and its attitude / tolerance for risk |
| Retrospective view, considers each element of risk in isolation (at a certain point in time) | A holistic approach which focuses on all risks in ‘real time’– a key part of managing the pension scheme |
| Assumes individual risks are not linked | Need to consider risk scenarios (i.e. situations which impact multiple single risk events) – focus on contingencies |
| Concentrate on likelihood and impact of specific risk events only – not enough focus on risk events which are high impact / low probability | Greater focus / weighting on high impact risk events and consideration of other risk measures |
| Tend to focus on ‘business as usual’ (BAU) risks which are ‘controllable’ | In addition to BAU risks, consider risks associated with change, external risks and potential future risks |
This article first appeared in Pensions Age in May 2017.
