Fighting pension scams

Given the amounts of money contained in pension pots, they will always attract the attention of scammers. Although in some individual cases the amounts may fall short of those required to provide the member with a comfortable retirement, they are nevertheless usually large enough to provide fraudsters with an outcome that rewards their efforts. It is well understood that many members struggle with pension matters and that can add to their vulnerability. This has been exacerbated since the rules around when and how defined contribution pension pots can be accessed were relaxed in 2015, combined with long-standing statutory rights for members with any type of pension to require transfers of their funds between schemes.

The pensions industry, jointly with regulators and the police, has been fighting scams on behalf of scheme members for a long time. The fight is conducted on many fronts, against wily and resourceful adversaries. Schemes themselves have an important but difficult role to play, having to identify and block scams, without unduly hampering legitimate traffic.

Trustees and others involved with running pension schemes are likely already to be aware of some of the more common scam methods employed, but this is a constantly developing area. One recent development, for example, involves “secondary scamming”, where someone who has been scammed is approached by a third party, often a claims management company which, for a fee, offers to attempt to recover the lost money. Where they fail to do so, the individual’s loss is even greater.

The scammers can exploit the data protection rules granting a right to all individuals to access information about themselves held on databases. They obtain a member’s written authority to seek this information from the scheme administrator on the member’s behalf and are then able to use the information in further frauds. Where the file that is released contains information which the administrator has obtained in respect of the first scam, it provides useful intelligence to the scammer.

Industry help

One body that seeks to marshal useful experience and intelligence in the pensions industry and to provide tools to assist those in the front line is the Pension Scams Industry Group (PSIG). It has published a non-statutory Code of Good Practice which is freely available on its website[1].  This helpful comprehensive document contains clear and relevant advice on how to identify and respond to likely pension transfer scam activity and includes specimen documents including letters for use by those who may be faced with responding to a scam. It is an important reference document for anyone likely to be affected by scams in the course of their work. Note however that it supplements but does not replace or override existing requirements or guidance issued by regulatory bodies on transfers and pension scams.

In a recent blog published on The Pensions Regulator website, PSIG’s Chair also outlined two important initiatives undertaken by the group to supplement the code, drawing attention to the work of the group: a consultation (now closed) to gather information on scams to help understanding of what is occurring, and a new industry-wide intelligence-sharing arrangement for the future.

The Code of Good Practice

The code is built around 3 core principles:

  • Trustees, providers and administrators should raise awareness of pension scams for members and beneficiaries of their scheme. The ScamSmart warnings developed jointly by The Pensions Regulator and the Financial Conduct Authority (TPR/FCA) should be provided in transfer packs and, where possible, retirement packs and statements sent directly to members rather than through their advisers, as well as on websites where applicable. Administration staff and employers should also be made aware of scam risks.
  • Trustees, providers and administrators should have robust, but proportionate, processes for assessing whether a proposed receiving scheme may be operating as part of a pension scam, and for responding to that risk. In dealing with a transfer request, trustees, providers and administrators should conduct due diligence on the receiving scheme. The code highlights areas where due diligence would be appropriate, depending upon the type of scheme in question. Trustees, providers and administrators should use their own judgment on whether or not to allow the transfer, take appropriate advice if necessary, and record their decisions.
  • Trustees, providers and administrators should generally be aware of the known current strategies of the perpetrators of pension scams in order to inform the due diligence they need to undertake and should refer to the warning flags as indicated in TPR Guidance, FCA alerts and by Action Fraud (the medium through which businesses generally can report fraudulent activity). The code highlights a number of classic examples, including:
    • using documents that look like legitimate scheme documents.
    • imitating the normal transfer process
    • typically making the first contact with scheme members via cold calling, unsolicited text messages or emails – this could still occur notwithstanding the recent implementation of a ban on cold calling in respect of pension offers
    • schemes established for pension scams imitating or cloning legitimate scheme names
    • pressure applied to members to force a transfer through, sometimes in tight timescales
    • promising high or guaranteed returns to attract investors
    • scammers coaching scheme members to answer basic due diligence questions posed by trustees, providers and administrators
    • the use of what have been termed “international SIPPs” (Self-Invested Personal Pensions). A trend for employing international SIPPs (and other transfers) is where an adviser always transfers customers’ pensions to the same SIPP irrespective of the customer’s profile, size of pension fund or investment history. The funds also end up in the same investment fund.

Further initiatives

As highlighted in the PSIG Chair’s blog, two further initiatives should make the group’s efforts even more effective. The consultation they undertook should gather a new tranche of information on the breadth of the scams problem, and on the latest examples. The fraudsters are adept at inventing new approaches, and so the industry must be constantly vigilant. The information gathered will be useful in keeping knowledge up to date.

The second initiative promises to be particularly useful. It is an intelligence-sharing network involving the authorities, but also the wider pensions community. The aim is to build a shared network of open-source information on potentially questionable arrangements, gathered by as many practitioners as possible as part of their due diligence.

The planned arrangement would allow PSIG members to see intelligence from other members, helping them avoid duplication of effort. PSIG recognises the challenges presented by the need to comply with the General Data Protection Regulation (GDPR) particularly in respect of sharing identifiable personal data but is hopeful that these can be overcome. If so, the tool should help:

  • better protect members
  • reduce the huge cost of checking whether something that appears suspicious is likely to be a scam
  • streamline reporting of suspicious players to Action Fraud.

Anyone who has experienced the frustrations and cost of having to investigate a possible scam will recognise the potential benefits of shared intelligence. This should be of particular benefit to those running smaller schemes, where the smaller number of members usually means a smaller number of scam experiences, leaving them more exposed to scams that the larger schemes might have already identified.

Looking forward

Pension fraud, in whatever form, will always be a problem. Inevitably the industry will always be behind the curve as fraudsters constantly develop new ways to ply their trade. Those involved with running schemes will no doubt over time continue to improve the effectiveness of their response through improved understanding of the principles involved, and the rigid application of strong processes. However, they will be better placed to respond to new specific threats if they have early access to the latest intelligence drawn from the experiences of other schemes.

The war will still need to be fought on multiple fronts, but as with any conflict, intelligence will be key to success. A brief look at the examples of scams mentioned above clearly demonstrates this. The more parties that are involved in any intelligence sharing, the more effective will be the protection given to members’ valuable pensions.


Need help setting up or optimising your workplace pensions scheme?