Background
As a reminder, in compliance with the requirements imposed by the IORP II European Directive prior to the UK's exit from the European Union, domestic UK legislation was amended with effect from 13 January 2019 to impose new governance requirements on occupational pension schemes, principally to have in place an "effective system of governance, including internal controls". A lot of the onus to comply with these new obligations was put on the Pensions Regulator, which was tasked with introducing a new code of practice specifying expectations, including in relation to the new obligations on trustees to produce an "Own Risk Assessment" and a remuneration policy.
In March 2021, the Regulator issued a draft code of practice addressing these new governance requirements, which was presented as the "Single Code"; this was because the Regulator had also undertaken to consolidate 10 of its existing codes or practice, realising that many of them required updating. The Single Code draft and consultation attracted a lot of attention and the Regulator received 17,400 individual responses. Although the industry was promised (in an interim response to the consultation provided in August 2021) that the final draft of the Single Code would be available in the spring of 2022, various delays meant that the final code (by that point known as the "General" code of practice) was not published until last month. It must be laid in Parliament for 40 sitting days, and so is expected to come into force on 27 March 2024.
A code of practice issued by the Regulator does not set out statements of law and there is not usually a direct penalty for failing to comply with them. However, they do set out the Regulator's expectations of how trustees should comply with their legal duties. In addition, when determining whether the underlying legal requirements have been met, a court or tribunal must take any relevant terms of a code of practice into account.
The stated aim of the General Code is to be a "modern, succinct code of practice which should be more accessible and useful for the user".
Is the final form of the General Code different to the draft version?
The final form of the General Code is similar to the draft version, with the Regulator commenting that "mainly, the changes we have made are for clarity and have not affected the expectations we have set out". It still has 51 modules under 5 main "headings", covering 10 of the Regulator's codes of practice. The 5 main sections of the General Code cover: The Governing Body (broadly, in the context of an occupational pension scheme, this means the trustees), Funding and Investment, Administration, Communications and Disclosure and Reporting to the Regulator.
Perhaps the most significant change since the draft version of the General Code was published relates to the Regulator's expectations around the Own Risk Assessment (the ORA). As a reminder, the ORA is, broadly, a document where the trustees assess how well their system of governance is working. There are, however, a long list of matters in both the relevant legislation and the General Code which set out the matters that the ORA has to cover. Whilst the Regulator still expects the ORA to be produced, it has relaxed its expectations by confirming that:
- the ORA only has to be produced every 3 years (rather than annually, as was previously stated in the draft Code);
- the ORA may be a collation or index of other relevant documents recording assessments already undertaken by the trustees; and
- a scheme first's ORA no longer needs to be produced within a year; instead, it will have to be produced, at the earliest, within 12 months beginning with the last day of the first scheme year that begins following 27 March.
In terms of other key changes, trustees may be relieved to hear that the Regulator no longer expects trustees to publish either their remuneration policy or their trustee meeting minutes. Also on the remuneration policy, it is now clear that the policy only needs to cover expenses paid for by the trustees and does not need to set out service provider fee arrangements or the actual remuneration paid by trustees.
More generally, there are various additional references to diversity and inclusion matters in the new General Code, following on from other work being carried out by the Regulator in this space since the first draft was published (including its guidance in this area). In particular, the Regulator is encouraging trustees to consider diversity more often in their work. In particular, the Regulator has asked trustees to consider how they can better represent the demographics of their members and to consider diversity and inclusion in their investment decision-making.
What should trustees (and employers) be doing now?
Whilst the Regulator has commented that, for most "well-run" pension schemes, General Code compliance is really just a "re-badging" process, in our view, there will be some work for every set of trustees to do.
The Regulator has not formally commented on the period in which it would expect trustees to comply with the General Code's requirements. However, we understand that the Regulator intends to be proportionate (having previously mentioned 6-12 months as a reasonable period for compliance). We also understand that there are no current plans for a formal reporting requirement or monitoring process in relation to compliance.
Our recommendation is for trustees to begin considering, with their advisers, how it will address the Code's requirements in advance of 27 March 2024.
In particular, as many schemes have already been doing since the release of the draft Single Code, we would suggest that schemes carry out or complete a "gap analysis" to understand how compliant their existing current processes, procedures and policies are with the General Code's numerous requirements. Our expectation is that the policies that will require the most legal input will be the conflict of interest policy, the trustee/chair appointment and removal policy, the business continuity policy and, obviously, the new Own Risk Assessment. As a general comment, the Regulator is clear in the General Code that it expects all trustee procedures and processes to be documented, and so trustees may, working alongside their administrators and other advisers, simply have to codify existing practices that have not previously been formally written down.
There will also be General Code requirements in relation to which it would be helpful for trustees to engage with their employers, for example, in connection with trustee and chair appointment and removal arrangements. Also, to the extent that a group entity within the employer group can assist with an "internal audit" within the framework of the "assurance reporting" on internal controls obligation on trustees, this may be helpful to trustees. The scope of the assurance reporting requirement on trustees has been clarified in the final version of the General Code, with the Regulator confirming that this is a process through which the different processes, procedures, and operations of an entity are analysed. It goes onto comment that trustees may consider using assurance reports to assess whether the scheme or a service provider meets the relevant legislative requirements on internal controls.
What does the future hold?
The General Code has very much been presented as a living document that will require regular updates (it currently reflects the law as at October 2022). There had been some concerns from the industry, raised during the consultation, that the Regulator could bring in changes to the General Code "via the back door". However, the Regulator has clarified that any changes will have to be laid in Parliament for 40 days and so there should be sufficient visibility in this area. Changes that we can envisage needing to be made in the future include the amendments that we understand will be made to the regulations governing transfers (the so-called "transfer condition regulations") and any developments flowing from the Mansion House agenda proposals.
The Regulator has also confirmed that it is reviewing its guidance relating to matters covered by the General Code and so we should expect to see revised guidance "soon" after the General Code comes into effect in late March 2024.
Key takeaways
The Regulator is clear in the introduction to the General Code that it is the responsibility of trustees to comply with their legal duties, even where they delegate tasks to a third party, such as an administrator. It is therefore crucial that trustees not only understand those legal duties but also the expectations of the Regulator in terms of how to comply with those duties, as detailed in the General Code.
Against that background, trustees should prioritise working with their advisers to carry out a "gap analysis" of their governance procedures to compare them against the expectations set out in the General Code and then review and update relevant procedures and policies accordingly.
Please speak to your usual contact at Baker McKenzie if you would like to discuss this area further.