Report to:


Pension Committee


Date of meeting:


16 November 2023



Chief Finance Officer



Pension Fund Risk Register



To consider the Pension Fund Risk Register



The Pension Committee is recommended to review and note the Pension Fund Risk Register.

1          Background

1.1       Risk management is the practice of identifying, analysing and controlling in the most effective manner all threats to the achievement of the strategic objectives and operational activities of the Pension Fund.  It is not a process for avoiding or eliminating risks.  A certain level of risk is inevitable in achieving the Fund objectives, but it must be controlled.

1.2       Effective risk management is an essential part of any governance framework as it identifies risks and actions required to mitigate their potential impact.  For a pension fund, those risks will come from a range of sources, including the funding position, Local Government Pension Scheme (LGPS) Pooling, General Data Protection Regulation (GDPR), investment performance, membership changes, benefits administration, costs, communications and financial systems. Good information is important to help ensure the complete and effective identification of significant risks and the ability to monitor those risks.

1.3       Since the last meeting of the Pension Board and Pension Committee, officers have continued to review the Risk Register to ensure all appropriate risks and mitigations have been identified.

1.4       It is accepted that whilst mitigations are put in place for identified risks, it will not always be possible for all risk to be eliminated. In these cases, a level of risk is tolerated and kept under review.

2          Supporting Information

2.1       The Risk Register is included at Appendix 1.


3          Changes to the Risk Register


3.1       Risk G3 – Cyber security risk has been heightened to a red risk post mitigation. This is to ensure the Pension Fund reporting is aligned to the wider Council. The National Cyber Security Centre (NCSC) has highlighted the substantial risk to British web infrastructure, with elevated levels of Cyber Crime being reported against all areas of government, particularly in light of the current Ukrainian situation. Cyber attacks are growing more frequent, sophisticated, and damaging when they succeed. The risk mitigation commentary has also been updated to reflect the findings of an extensive review of the systems used by the Pension Team. No material weaknesses were identified with some minor suggestions on improvements that can be made. These recommendations are being acted upon.


3.2       Risks G2 and G4 – Committee and Board members; and Governance and Compliance - have been reduced in their severity. In February 2023 the risk scores were increased due to the uncertainty caused by a significant number of expected vacancies on the Pension Board. As these positions are now filled it is recommended the risk levels be returned to previous levels.


3.3       Risk I4 – Investment Pooling - Officers recommended the risk level be reduced to an amber risk. There has been progress in relation to ACCESS pool operator provision and the governments future of pooling consultation has been released.



4.         Conclusion


4.1       The Pension Committee is recommended to review and note the Pension Fund Risk Register.



Chief Finance Officer




Contact Officer:

Sian Kunert, Head of Pensions