Earlier this year, we conducted a survey to assess how confident trustees and corporate sponsors felt about 10 fundamental areas of pensions risk. We focussed on areas not directly covered by the Integrated Risk Management Framework, and asked respondents to rank the risks in order of their "stay awake" factor. We have now produced a series of 10 factsheets, each one commenting on one of the survey risks. Our red risk flags highlight some key warning signs, and our mitigation tips are designed to supplement existing areas of risk mitigation. Each factsheet assumes there is an established risk management system on which additional measures can be built.
Risk 9: Lack of Supervision of Delegated Services
This risk ranked ninth in our survey. Administration audits and reports from service providers were commonly cited as examples of mitigating action.1
Pension trustees rely heavily on service providers to perform key tasks, but the trustees are still ultimately accountable for the scheme's performance. It is essential that trustees monitor their service providers effectively, ensuring that the frequency and content of performance reports fits with the trustees' requirements, the reason for any poor results is adequately explained and any necessary remedial action is taken. An independent assessment of performance can help to identify areas of concern or for improvement.
Trustees should understand key terms of service provider contracts, including the functions delegated, agreed service levels and performance reporting, costs and charges, data security obligations, the potential for any sub-contracting of services, contractual limits on the service provider's (and trustees') liabilities, complaints mechanism and means of redress, and the terms of exit.
Trustees' monitoring requirements are likely to change over time and should be reassessed periodically. For example, a surge in transfer activity may merit additional short-term monitoring; whilst changes in the membership demographic may increase trustees' focus on the defined contribution section or the retirement/decumulation process.
Red Risk Flags
- The service provider plans to outsource a function or significantly restructure the client team.
- Members have complained about the services they have received, or key performance indicators have been missed.
- The trustees have signed contracts (which may have been presented to them as "standard terms"), without seeking legal advice.
- Project activities that may put additional pressure on resources, such as guaranteed minimum pension equalisation or a liability management exercise (pension increase exchange or enhanced transfer value offer).
- Reassess the nature and frequency of service provider monitoring and reporting and the scope of any performance audit. If the scheme's membership profile or benefit structure has changed, does the focus of monitoring, reporting or audit also need to change?
- Allow sufficient time to review and negotiate service provider terms, and always seek legal advice before signing contracts.
- Do the trustees have a measure of what constitutes "poor performance" from a service provider, and do they have contingency plans to address this circumstance?
- Allow sufficient time for supervision at trustee meetings, perhaps involving a sub-committee. Attendance in person by the service provider at some or all meetings will help to develop the relationship and allow for greater scrutiny of reports.