Pension trustees urged to prepare for cyber risks ahead of TPR code

UK pension scheme trustees have been urged to better prepare for cyber risk ahead of The Pensions Regulator’s (TPR) new singular code, after research from RSM UK revealed that there had been a “significant increase” in cyber-attacks over the past year.

The research showed that over a quarter (27 per cent) of businesses had experienced a cyber attack in the past year, up from 20 per cent the previous year.

RSM also flagged previous research from Aon, which showed that only two in five occupational pension schemes have a robust incident response plan in place, and only 2 per cent have a cyber insurance policy in place.

However, RSM UK head of pensions, Ian Bell, warned that pensions schemes are a particularly attractive target for cybercriminals, due to the value of funds they protect and the large amounts of sensitive member data they hold.

“Trustees need to have a full understanding of their cyber footprint, which third parties hold their data and what measures are in place to protect it,” he continued.

“Pensioners or elderly members can often fall victim to phishing attacks, as they may be less familiar with technology and the methods of deception deployed by fraudsters.

“Older people are also more likely to suffer from illnesses that impact their cognitive reasoning, such as dementia, making them potentially vulnerable to exploitation by cyber criminals, who seek to deceive them into transferring their funds - either with promises of higher returns, or claims that their pension fund needs to be moved to ‘protect’ it.”

In addition to this, RSM noted that whilst just 24 per cent of businesses in its survey felt that they were very likely to fall victim to a ransomware attack, figures from the Information Commissioner’s Office showed that such attacks have gone up 100 per cent since the pandemic.

Bell continued: “We’d urge all pensions scheme trustees to review their cyber security strategy now and ensure any areas that could be improved are addressed promptly, as the risk of ransomware attacks and other cyber security risks has increased in the current climate."

He also pointed out that TPR has outlined how how it expects trustees to behave in relation to cyber risks, suggesting that trustees who are unsure of their responsibilities should refer to this guidance and also the requirements of the new singular code, due this summer.

“Pensions providers should also do all they can to support older people and help them understand the risks and methods deployed by fraudsters so they can avoid falling victim," he added.

    Share Story:

Recent Stories

Are current roads into retirement delivering member value?
Laura Blows explores HSBC Master Trust’s recent report, Converting pension pots into incomes, with HSBC Retirement Services CEO, Alison Hatcher.

Savings and finance at retirement
Laura Blows is joined by Claire Felgate, Head of Global Consultant Relations, UK, at BlackRock, to discuss savings and finance at retirement. Please click here for an edited write-up of the video

Making pension engagement enjoyable through technology
Laura Blows speaks to Nick Hall, business development director and Chartered Financial Planner at UK-based Wealth Wizards about the opportunities that technology provides for increasing people’s engagement with pensions and increasing their retirement wealth. Please click here for an edited write-up of the video

Pension portfolios – the role of asset-backed securities
Laura Blows is joined by Royal London Asset Management (RLAM) head of sterling credit research, Martin Foden, and its Senior Fund Manager, Shalin Shah to discuss the role of asset-backed securities (ABS) within pension fund portfolios
Incorporating ESG into fixed income
Laura Blows is joined by TCW head of fixed income ESG, Jamie Franco, to discuss incorporating environmental, social and governance (ESG) strategies into fixed income portfolios