Welcome to your weekly update from the Allen & Overy Pensions team, covering all the latest legal and regulatory developments in the world of workplace pensions.
This week we cover the following topics: TPR blog post on climate scenario analysis; ICO guidance on bulk emails.
TPR blog post on climate scenario analysis
The Pensions Regulator (TPR) has published a blog post discussing what trustees can do to make climate scenario analysis more ‘decision-useful’. This follows recent criticism of some analysis used by trustees for their annual climate reports which appears to ‘seriously underestimate the financial risk from climate change’.
TPR expects trustees to take more than a tick-box compliance approach and to:
- have an appropriate level of knowledge and understanding of climate issues, and to undertake regular training and to be able to question and challenge their advisers and the output from scenario analysis;
- regularly review the climate-related capabilities of service providers and consider the need for additional advisers or specialist input;
- be able to understand the narratives underlying their climate scenarios, the limitations of those scenarios and the assumptions made in their construction;
- broadly rationalise the outputs from those scenarios for their scheme; and
- consider with advisers the use of stress testing and tail risk analysis to complement their climate scenario input to investment strategy decision making.
In years in which trustees are not formally required to undertake scenario analysis, TPR expects them to review their most recent analysis and consider whether new analysis is required, for example due to the availability of new or improved scenarios or modelling capabilities or a change in practice or trends. Where trustees do not undertake new analysis, they should explain why in their TCFD report.
The blog post suggests that where trustees have not finalised their report, it would be useful for members if they included additional commentary on the analysis they carried out and how they expect it to develop, in view of the recent criticisms made of climate scenario analysis. Where they have finalised their report, TPR suggests trustees record additional comments in their board minutes and make them available to members. In both instances, trustees should consider whether additional analysis or action is needed to address a ‘fuller range of real-world risks and uncertainties’.
ICO guidance on bulk emails
The Information Commissioner’s Office (ICO) has published new guidance for organisations on email security, in particular when sending emails to multiple recipients. This will be relevant to schemes when sending out mass emails.
The guidance sets out legal requirements in relation to keeping information secure, as well as the ICO’s expectations of organisations in demonstrating compliance and some optional good practice points. Key actions include:
- assessing what technical and organisational security measures are appropriate to protect personal information when sending bulk emails (the guidance gives detail on possible measures and how to decide which are appropriate);
- training staff about security measures when sending bulk communications by email (the guidance includes potential topics that this training could cover); and
- considering whether using secure methods, such as bulk email services or mail merge services, is more appropriate, rather than just relying on a process that uses Blind Carbon Copy (BCC).