Latest News

Risk Management Survey 2025


Crowe is undertaking its fifth survey into the risk management of Trust-based pension schemes. Completion of this survey each year identifies trends in fraud and cyber resilience and risk facing pension schemes.

If you are actively involved in managing occupational Trust based pension arrangements, we would appreciate it if you could complete this short survey. It will take no longer than 10 minutes to complete. We will not publish any names of participants or their organisations in our report.

EVERYONE COMPLETING THE SURVEY WILL BE ENTERED INTO A DRAW FOR A FREE iWATCH!

If you are involved in several schemes (e.g. as a Consultant or Independent Trustee) please answer on behalf of the most relevant scheme.


Questions
1. What type of occupational Trust-based pension arrangement are you responsible for?
Trust-based DB
Trust-based DC
Hybrid (i.e. both DB and DC)
2. How large is the pension fund you are responsible for?
Less than 100m assets
100m 1bn assets
More than 1bn assets
3. How many members are in your pension arrangement?
Less than 1,000 members
1,000 9,999 members
More than 10,000 members
4. Have you completed a gap analysis covering the requirements of the Pension Regulator’s General Code of Practice?
Yes
No
5. Was the gap analysis completed internally or through external advisors?
Internal
External
N/A
6. What areas were highlighted that had gaps against the requirements of the Code of Practice?
Cyber
Policies
Documentation
Trustee training
Continuity planning
Formal reviews of advisors
Effectiveness of decision making
Establishing a process for risk assessment
ESG/sustainability
Other (please specify)
7. Do you consider that you fully understand the requirements of the’ Effective System of Governance’?
Yes
No
8. Have you started preparation of the ‘Own Risk Assessment’ (ORA)?
Yes
No
9. Are you confident you will have developed an appropriate ORA in time for the deadline?
Yes
No
10. Do you use a risk management software package to help manage and monitor the scheme’s risks?
Yes
No
11. Does your pension scheme have an Internal Auditor function? If yes, who fulfils this role?
Not sure / have not considered
Have considered and decided not necessary
Have considered necessary but no arrangement currently in place
Role undertaken by sponsors internal audit function
Role undertaken by independent audit firm or other third-party
12. Have the Trustees identified the key operations, IT systems and information flows vulnerable to cybercrime?
Yes
No
13. Have the Trustees assessed the resilience of their own IT systems, processes and procedures for cybercrime protection?
Yes
No
14. Have the Trustees assessed the cyber resilience of their third-party suppliers to cybercrime?
Yes
No
15. Have the Trustees received cyber awareness training?
Yes - annually
Yes one-off
No
16. Have the Trustees received cyber incident response scenario-based training?
Yes - annually
Yes one-off
No
17. Does the scheme/Trustee have a standalone cyber incident response policy?
Yes
No
18. Is the scheme covered by cyber insurance?
We are covered by the employers policy
The scheme has its own cyber policy
No
19. In your view, what are the biggest risks facing Trust-based DB pension arrangements in the UK? Please rank your top five risks (1 being most important):
Rank
Fraud/ scams
IT/ Cyber risk
Trustee capabilities/ governance
Meeting regulatory/ compliance requirements
Funding volatility
Inappropriate Investment strategy
Investment under-performance
Administration
Employer Covenant
Quality of risk management
Sponsor/ Trustee relationship
Liquidity
Poor communications
Inappropriate decision making by members
Data protection
Inadequate Controls
20. In your view, what are the biggest risks facing Trust-based DC pension arrangements in the UK? Please rank your top five risks (1 being most important):
Rank
Fraud/ scams
IT/ Cyber
Trustee capabilities/ governance
Meeting regulatory/ compliance requirements
Member administration & record-keeping
Investment performance monitoring
Data protection
Receiving contributions on time
Delivering 'Value for Members'
Poor communications
Design of default fund
Inadequate Controls
Inappropriate decision making by members at retirement
Please complete your details below. This will be used for the free iWatch draw. Your details will not be used in any published article, only anonymous and averaged results. Data: our guarantee, your details will only be used by Pensions Age and our survey partner Crowe, and will not be passed to third parties. Pensions Age will use your data in line with our Privacy Policy.

Advertisement
© 2019 Perspective Publishing     Privacy & Cookies