- You are here:
-
- Home >
- Codes of practice >
- Internal controls >
- Limitations .
The Pensions Regulator
- Reporting breaches of the law
- Notifiable events
- Funding defined benefits
- Early leavers
- Reporting late payment - money purchase
- Reporting late payment - personal pensions
- Trustee knowledge and understanding
- MNT / MND
- Internal controls
- Modification of subsisting rights
- Dispute resolution
| Keep up to date | ||
| News-by-email | ||
| RSS news feed |
|
|
Codes of practice
Code of practice 09
Internal controls
 .
|
 .
|
 .
|
 .
|
Limitations
- Trustees should be aware that an internal controls framework is not infallible and will not eliminate error or fraud from pension schemes. At any stage in a process where judgement is involved, the possibility of error remains. Similarly, the failure to understand how or why a particular control is operating, or more seriously, collusion to circumvent a control, will always be a risk that cannot be eradicated entirely.
Governance
- In both the corporate and not-for-profit sectors, the assessment of risk and the attention given to internal controls are seen as important features of good governance. Trustees may wish to demonstrate their own good practice in this area by making a positive statement (in their Trustees’ Annual Report, for example), confirming that they have considered the key risks affecting their scheme together with the effectiveness of controls implemented to mitigate these risks.
- The extent to which internal controls are documented will be a matter for the trustees to consider. The regulator would recommend that arrangements and procedures in respect of key internal control systems are documented as part of the routine business processes of the scheme but recognises that the formalisation of controls will vary from scheme to scheme.
- A number of third party administrators are obtaining independent reviews of their internal controls and are actively providing their clients with copies of the assurance reports. Trustees should read and understand these reports to establish the adequacy of controls used by the organisations to whom they outsource various functions. This will also include assurance reports produced by the scheme’s investment manager and custodian.
|
.
|
.
|
.
|
| Related documents |
|---|
| Code of practice 09: Internal controls (PDF) |
| Related pages |
|---|
| Supporting guidance to be read in conjunction with the code: Internal controls guidance |