General Code

A long time in the waiting


Personal financial planning


In the words of Monty Python “get on with it” has been the cry from the industry for over two years as we waited for the final version of the General Code.

We shall not waste time on why there was a delay, but the final code has now been laid before Parliament and will be in force from 27 March 2024.

Full compliance with the Code may take time for many schemes but we should note that the vast majority of what is included in it has been law for many years and recent changes will be things that Trustee boards, (referred to in the Code as governing bodies) will have addressed over time. It does bring some new requirements with it, and we cover this later in this update. For many schemes the General Code will be an opportunity to review governance processes and improve them. For others it may require a deeper exercise to bring them in line with the Pensions Regulator’s expectations. Wherever schemes sit on that spectrum we can help trustees achieve the right governance for their scheme and situation.

What is the General Code?

The General Code (formerly known as the Single Code) takes 10 of the Pensions Regulator’s 16 Codes of Practice and condenses them into modules. The modules detail the expectations the Pensions Regulator has for trustee boards when running their pension scheme. This can range from the more functional elements of when boards should meet through to more complex areas such as monitoring investments, handling complaints and reporting issues.

The final Code has been laid before Parliament (as of 10 January 2024) and will come into force on 27 March 2024.

We cover what is new a little later but at its heart the General Code brings into law the requirement for schemes to have an Effective System of Governance. For many schemes this will require the rebadging of existing policies and documenting practices that are already in place. They will already have policies in accordance with existing regulations and for the vast majority of these they will still comply with the law.

In some cases the Pensions Regulator has updated its expectations of best practice and trustees will need to consider the appropriateness of these in relation to their own circumstances.

Schemes who do not have existing policies and written processes will need to take action to bring their governance up to date. The Pensions Regulator is clear that this new modular methodology makes their expectations easier to understand and compliance is expected.

Louise Davey, the Pensions Regulator’s interim Director of Regulatory Policy, Analysis and Advice, confirms:

“Our new general code is an opportunity for governing bodies to make sure their schemes meet the standards of governance we expect, and savers deserve. It means there is no excuse for failing to know what TPR expects of them.”

What’s new in the Code?

As noted above much of what is in the Code is already in law but there are 3 new policies that will be required along with an overarching requirement for Trustee boards to undertake a regular assessment process.

Remuneration and fee policy – this has changed a little from the draft code but should record how the Trustees agree fees and pay for services. In a clarification it does not need to cover the amount of fees and does not cover services where the Trustees don’t have control over the fees e.g. in house pensions manager. In a further change the policy does not have to be published on a website.

Cyber Policy – a policy should be drafted to explain the Trustees’ policy on cyber controls and managing cyber risk. We know this has been a hot topic for Trustees over the past 12 months or so and indeed the Pensions Regulator’s cyber controls guidance was updated just before Christmas.

Climate Change Policy – Trustees should also be documenting how they assess the impact of climate change on the scheme’s investments and also more broadly as a risk factor for funding and operations.

Own Risk Assessment – This is an assessment of how the Effective System of Governance is working and how well the assessment and management of risks are handled. This only applies legally to schemes with 100 members or more, but those with fewer than 100 members should also consider doing this. Failure to conduct an Own Risk Assessment where required will be seen as evidence of poor governance and therefore falling foul of the requirements.

The first Own Risk Assessment will be required 12 months after the end of the first full scheme year after the code comes into force and every three years thereafter. This gives schemes at least two years to conduct their first Own Risk Assessment.

The Pensions Regulator does not want this to be an onerous task and not all risks need to be assessed each time, other work that’s relevant to the Own Risk Assessment can
be used. There will not be a standard template and so schemes will be able to do what is right for them.

Proportionality and small schemes

As noted above the Pensions Regulator has tried to emphasise that where possible, schemes should be assessing their own situation and acting accordingly. However, that is not to say that no action is necessary. Having an Effective System of Governance is at the core of the Code and having clear processes and procedures for activity and ways to assess and manage risk are at the heart of what a trustee board does. Schemes may have well established controls, but the General Code is the ideal time to undertake a review.

There are few areas where schemes with fewer than 100 members do not have to comply fully with the Code e.g. Preparation of a Statement of Investment Principles (and associated requirements such as the Implementation Statement), Remuneration Policy and the Own Risk Assessment. However, we do think that trustees of all schemes will want to ensure they are doing the right things for their members to protect the benefits they’ve earned.

Broadstone comment

This Code has been long awaited and we’re pleased that it’s here. The anticipation has perhaps created a slightly feverish reception to it as this is just part of the Pensions Regulator’s long-running journey to improve the operation of trustee boards so they can demonstrate they are taking the right steps at the right time to ensure the security of their members’ benefits, that boards operate effectively and efficiently, decisions are made appropriately and benefits are paid out to the right person, at the right amount at the right time.

Action needed.

Things to do.

  • Gap analysis – many schemes may have undertaken a gap analysis and updating this for some of the changes between the draft Code and the final Code, albeit many are minor, is appropriate.
  • Gap analysis – many other schemes were waiting for the full Code and now it is here this is the perfect opportunity to conduct a review of the System of Governance that currently exists and update this for best practice, the Pensions Regulator’s expectations and any changes to the law since it was last reviewed.
  • Trustee Training – If you’ve not had the opportunity to discuss the General Code in detail we can give some training on the Code with some more details on the new policies, establishing and demonstrating an Effective System of Governance and the Own Risk Assessment process.
  • Even the very best run schemes may not yet have one of the new policies and so drafting those will be an early priority.
  • The Own Risk Assessment is not a pressing issue at this stage. There will need to be some work to discuss with clients and within the industry the best ways to approach this and we will work on this over the coming year.

We can help.

We have gap analysis tools and templates as a starting point for all policies to be refined for your own circumstances and then adopted in due course.

Please speak to your usual Broadstone contact and we’ll be able to begin the journey with you to comply with the Code.

Need more help? Contact us today.