Over half, 52 per cent, of pension scheme trustees are aware that fraud presents a significant risk to their scheme, according to research by RSM.

This figure is up by 11 per cent from last year, when just 41 per cent of trustees recognised the risk. RSM highlighted that fraud has shot up the agenda, with 85 per cent of schemes now including fraud on their risk registers, up from just over a third last year.

Meanwhile, almost two thirds of trustees (64 per cent) reported that they had received fraud risk training within the last year, up from just one in five (22 per cent) last year. Despite this improvement, 18 per cent of trustees still did not recognise that they were responsible for the systems of fraud detection and prevention.

However, while trustees are becoming more aware of fraud risks, this isn’t necessarily being translated into action. According to the survey, one third of pension schemes are failing to carry out annual testing of their anti-fraud controls despite being expected to test internal controls at least annually by The Pensions Regulator.

Commenting, RSM head of pensions Ian Bell said: ‘While our survey shows an increasing awareness of the fraud risks facing pensions schemes, it also points to a persistent level of complacency among some trustees.”

Bell added that schemes must do much more to uncover ‘old school’ frauds such as relatives continuing to claim payments after a member’s death or tackling suspicious pensions transfer requests, while at the same time staying alert to new and evolving threats such as cybercrime.

“The fact is that pensions schemes hold a goldmine of personal and financial data so trustees must ensure that they are taking their data protection obligations seriously, particularly with the imminent General Data Protection Rules (GDPR) rules. Failure to comply might lead to reputational as well as financial risk for those who fall foul,” he said.

The survey suggested that many schemes are struggling to get ready for the new GDPR, which comes into force this May, with 13 per cent saying they have yet to take any action to prepare. Key problem areas include reviewing all contracts with data processors, complying with individuals’ rights to personal data deletion and dealing with tightening of consent requirements.

Share Story: