Under the Pensions Act of 2008, employers need to be able to demonstrate that their record keeping is accurate and thorough.
In our latest insight we look at the measures workplace pension providers are taking to ensure data accuracy and what record keeping they offer.
Record keeping was set out by The Pension Regulator as one of its six pillars for workplace pension schemes following the introduction of automatic enrolment in the Pensions Act 2008. Employers need to be able to demonstrate to the regulator that record keeping is accurate.
The regulator views accurate record keeping as being of paramount important so that simple and efficient reference can be made to past events. With the regulator carrying out spot checks to ensure employers are complying with their pension duties, employers who cannot demonstrate their pension schemes have accurate record keeping processes that are adhered to without exception find themselves potentially at risk of enforcement action.
According to our data providers have provided the following explanations:
Aegon – Overall control within AEGON lies with the Chief Risk Officer.
Aviva Designer – Aviva Operations Executive Director.
Aviva My Money – A record keeping team was established within our Customer services function in July 2010.
Fidelity – Fidelity’s administration function is designed as an event based structure. This allows our teams to build specialist experience and expertise. The event based teams include Withdrawals, Transfers, New Joiners, and Contributions. For each team, data accuracy and efficient data transfer processes are of upmost importance. For example, we have developed a B2B file transfer process whereby files are securely “pushed” to Fidelity via FFTS (Fidelity File Transfer Service)from the participating employer. This is a fully automated process which employs straight through processing for maximum accuracy and efficiency. We work with each client to build a file template that meets their requirements and to ensure data can be uploaded and validated in the most efficient manner. In addition, we provide relevant representatives from the client with training on data requirements and payroll during the implementation project.
Hargreaves Lansdown – No single person is responsible for data accuracy. Data accuracy would be the scheme managers responsibility for the specific scheme.
Legal & General – part of the Trust Deck
Mercer – A record keeping team was established within our Customer services function in July 2010. There is a Group Data Protection Officer who has overall responsibility for the Data Privacy framework, including the creation and maintenance of the Groups Policy, supporting manuals, standards and guidance. The Group DPO also provides functional leadership for Data Privacy Management activities throughout the Group, e.g. the management of DP incidents, co-ordination of DP governance committees, provision of specialist advice and guidance to business areas and training materials for mandatory Data Privacy awareness activities. Day to day responsibility for data privacy compliance is delegated at business unit level. Key stakeholders have been established to take responsibility for compliance at a more granular level.
Royal London – We have had a dedicated Data Manager since 2009 and Data Management Teams in place since 2007. Prior to 2007 the quality of the data was maintained across the Customer Servicing Teams responsible for servicing those contracts.
Scottish Widows – There is a Group Data Protection Officer who has overall responsibility for the Data Privacy framework, including the creation and maintenance of the Groups Policy, supporting manuals, standards and guidance. The Group DPO also provides functional leadership for Data Privacy Management activities throughout the Group, e.g. the management of DP incidents, co-ordination of DP governance committees, provision of specialist advice and guidance to business areas and training materials for mandatory Data Privacy awareness activities. Day to day responsibility for data privacy compliance is delegated at business unit level. Key stakeholders have been established to take responsibility for compliance at a more granular level.
Standard Life – Our second line function review is responsible for oversight of data accuracy and for the assessment of the quality in processing, which is managed by automated controls at the data capture stage. Data maintenance is managed by a combination of automation and documented process, together with robust quality checking, staff training and continual assessment.
True Potential – This is a shared responsibility throughout the Auto Enrolment department
It should come as no surprise that our data also shows that all workplace pension providers measure the accuracy of their scheme data.
In areas where data is poor, such as for older legacy schemes, all workplace pension providers have made plans to improve the quality and have started on the implementation of these plans.
All providers have also identified the common data items and the conditional data items.
Our data also shows that all providers have developed tools to held with identifying gaps in data accuracy. For example, Fidelity introduced DC Datamart to further improve the efficiency of their administration processes and to comply with The Pension Regulators Record-keeping good practice guidance. Key member data will be validated on a daily basis as it passes to the mart and any incorrect record will be output on a daily error report for clean-up. Contact will then be made with the employer to obtain the correct information. The failure will appear on the report every day until it has been updated with valid data.
Other than Fidelity, Fidelity Master Trust and Scottish Widows, all workplace pension providers carry out their record keeping services in the UK. Fidelity and Fidelity Master Trust use offshore staff which are employed directly by them. Scottish Widows uses offshore outsourced staff.
Our data shows that when it comes to the methods of record keeping, most workplace pension providers offer a fairly consistent picture.
All providers are able to keep records on email, on email with attachments, and online. Other than True Potential, they are also all capable of keeping hard/paper copies.
Less providers are able to offer record keeping via an adviser client management system. Those who can are Aegon Master Trust, Aegon Workplace ARC, Aviva Designer, Aviva My Money, Aviva My Money Master Trust, Fidelity, Fidelity Master Trust, Mercer Master Trust Aviva, Royal London and True Potential.
The Pension Regulator views accurate record keeping when it comes to monitoring all automatic enrolment activities as particularly important. Our data shows that all workplace pension provider systems are capable of keeping automatic enrolment records in order for employers to be compliant with auto-enrolment legislation.
It is worth noting that the system for Mercer Master Trust Scottish Widows is not capable of recording opt-in notices.
However, only Aegon Master Trust, Aegon Workplace ARC, Fidelity, Fidelity Master Trust, Legal & General Master Trust, Royal London, Standard Life and Standard Life DC Master Trust are able to record the confirmation of registration with the regulator.
Under the 2018 Data Protection Act, everyone responsible for the storage and/or use of personal data has to follow strict rules to make sure the information is used fairly, lawfully and transparently, used for specified, explicit purposes, used in a way that is adequate, relevant and limited to only what is necessary, accurate and, where necessary, kept up to date, kept for no longer than is necessary, and handled in a way that ensures appropriate security, including protection against unlawful or unauthorised processing, access, loss, destruction or damage.
Under the act, individuals also have the right to find out what information organisations have stored about you, including having control over how their data is used and having access to that data on request.
The act has changed how many companies handle data, including workplace pension providers. Our data shows that all workplace pension providers’ record keeping duties comply with the 2018 Data Protection Act.