Client feedback


Appointing Kevin as KBC professional trustee was one of the best decisions the bank took. He complements the other two trustees and also appreciates the position of the employer too. The experience a professional trustee adds is invaluable and they can share their knowledge and market practice within the KBC plan. Kevin manages the budget in consultation with the bank, fully debriefs all parties and maintains a constant dialogue with myself (as HR Manager) and trustees. Since we have worked together for a number of years, Kevin also appreciates some of the limitations we face ie budgets, and always comes up with a proactive approach and solution. His input is particularly valued by the bank trustee who is an actuary in our pensions department in Belgium Head Office.
Sharron King,
KBC Bank
Ann is very proactive and ensures we address all issues well ahead of time and extremely efficiently.
Ian Edwards,
Comet
Clare Owen has been a really excellent scheme secretary
Gillian and Curtis provide an excellent service to the trustees. They are approachable and possess a huge amount of knowledge. Everything appears to work smoothly which I am sure is due to the immense amount of work they do in the background to ensure all paperwork is available and up to date.
Ian Woods,
KGPT trustees
Good, helpful guidance.
Christine Morris,
Twyford Bathrooms
Kat & Jason are very good at making it happen – they just take care of it.
Stephen Allaker ,
Bristol Myers-Squibb

Why protecting against cyber crime must be high on the agenda for UK pension schemes

Cyber crime and the importance of pension scheme trustees understanding and preparing for cyber risks was a hot topic of debate at the recent Professional Pensions Live in May. At the event, I chaired the Administration & Data Stream which covered the theme of how a data-focused digital future could deliver better retirement outcomes. For me, the standout talk was given by Jim Gee of Crowe UK who is also Chair of the Pensions Administration Standards Association (PASA) Cybercrime & Fraud Working Group.

Jim shared rather alarming facts, saying cyber crime now accounts for over half of crime committed in the UK and has increased significantly over the last two years. In 2019, 42% of all crime was cyber and fraud but, post Covid-19, this figure is now 55% as criminals looked for new ways to boost their income during lockdowns and found out how lucrative this can be. One study revealed UK residents and businesses saw financial losses of £2.5bn from fraud and cyber crime in 2021.

This is supported by recent research from RSM UK, a provider of tax and auditing services, who note a “significant increase” in cyber attacks over the past year. They found over a quarter (27%) of businesses had experienced a cyber attack in the past year, up from 20% the previous year. Other research from Aon found only two in five occupational pension schemes have a robust incident response plan in place and only 2% have a cyber insurance policy.

Pension schemes are particularly attractive targets to cybercriminals because of the ‘rich’ personal data they hold and the need to pay pensions uninterrupted, which means pension schemes are vulnerable to ransomware attacks. The key message is for pension trustees is to:

  • be aware of the risks;
  • stay on top of the issues; and
  • have a robust strategy in place.

To help pension trustees, PASA recently launched a Cyber Crime Protection checklist which we think is worthwhile reading.

Jim added pension trustees could only aim to be as secure as possible because it is nigh on impossible to be completely secure in a situation that is always changing. He recommended pension schemes can be cyber crime resilient by being:

  • as well protected as possible;
  • able to manage the problems when they occur; and
  • able to investigate what has happened and recover and mitigate any damage.

Jim felt trustee boards should review cyber risks on the risk register very regularly. This is a good example of why there’s a need for a new start in the whole approach to governance.

Another recommendation was for pension trustees to have an incident response plan, which will be needed for The Pensions Regulator’s proposed single code of governance. As this code is likely to come into force this summer, pension trustees should be preparing this now. We’ve drafted a Cyber Incident Response Plan as part of our single code governance package. It is designed to help trustees plan their processes and procedures for dealing with a cyber threat, including ensuring everyone understands their role and the actions to be taken.

If you’d find a Cyber Incident Response Plan template helpful, or have other questions about cyber crime governance or other aspects of the single code of governance, please get in touch. We’d be happy to help.

 

 

Back to opinions

 

Hot topics


PSGS & 20-20 Trustees merge to form Vidett
Hot Topic

Punter Southall Governance Services (PSGS) & 20-20 Trustees (20-20) have today announced they...

Read more »


Don’t be surprised that your gilt funds are being treated like an emerging market
Image of Hot Topic author Sophia Harrison, Client Director

You may have seen or heard about the article in the Financial Times about how Insight...

Read more »


More opinions »


Call: 0118 207 2900

online enquiry