Your pension contribution and pension benefit have to be in safe hands. You should have no concerns. An effective and reliable pension fund organisation is essential for this. In this article you can read about how the pension fund ensures that your pension capital is safely managed. If you would like to read more about how the pension fund is organised then see the pages under ‘About the pension fund’.
Integral Risk Management (IRM)
The board is ultimately responsible for comprehensive risk management. Sufficient separation of functions, including through the use of the Three Lines model, should prevent any body of the fund from controlling itself. At the same time, proportionality plays a role. The division of labour within the fund must be practicable, given the size of the board, the presence of other fund bodies (mandatory or otherwise) and the required time commitment that can and may be linked to functions.
The fund uses three separate lines within the risk management system (Three Lines model):
- First-line risk management is vested in the board, individual portfolio holders and board committees, with the exception of the IRM committee. The board is ultimately responsible and the portfolio holders and committees have an executive risk management task. They are responsible for identifying the risks relevant to it and controlling these risks with measures;
- The risk management function constitutes the fund's second-line risk management. The purpose of the second line is to keep the fund's first line sharp, to advise and support and thereby strengthen it. The tasks of the risk management function are thus mainly initiating, advising and controlling in nature. The key risk management function holder is part of the second line. The key function holder is supported by the key function provider. This role is played by the Integrated Risk Management Committee (IRM Committee), of which the key function holder risk management is the chairman. In addition, one more board member sits on the IRM committee. The IRM committee is advised on non-financial risks by an external consultant from Willis Towers Watson (WTW). In addition, the fund has involved an independent (financial) risk manager (from Basispoint) in risk management. He attends meetings of the Investment and Control Committee (BCC) and supports this first-line committee in managing financial risks. It also has periodic meetings with the key risk management officer. The IRM committee has periodic meetings with both the Privacy Officer and the Compliance Officer, who also belong to the second line, as does the key actuarial function holder;
- The key function holder internal audit, supported by the key function provider, forms the third line. The internal audit function provides assurance on the design and operation of the entire risk management system, examining, among other things, the interaction between the first and second lines.
Statutory framework
The Board and the committees oversee the operation of the pension fund and the management of risks.
The Fund follows the Code of the Dutch Pension Funds, which checks whether a fund meets the minimum requirements for sound governance and risk management. The Board is also monitored in various ways:
The Accountability Body ensures sound decision-making by the Board and a reliable execution of pension fund tasks. This means that potential risks of gaps in performance are identified early and can be corrected in a timely manner if necessary.
Each year, the Visitation Committee undertakes an assessment of the fund’s performance as a whole. Potential underemphasised risks are discussed with the Board by the Visitation Committee. Where necessary, the Board implements additional measures in order to further minimise these risks.
The Compliance Officer ensures the pension fund meets the current compliance legislation applicable to the fund. For example, the Compliance Officer is responsible for supervising compliance with the provisions of the Code of Conduct that is applicable for the Board members.
The financial figures are audited annually for correctness by an independent auditor and a certifying actuary.
In addition, the activities of every pension fund are regularly assessed by De Nederlandsche Bank (DNB) and the Dutch Authority for the Financial Markets (AFM). By proactively meeting the conditions and the assessment criteria set by these bodies, the fund avoids the risk of being held liable for omissions.
Where is risk management documented?
Integral Risk Management is prescribed in Dutch law, especially in Articles 33 (Guarantee of sound management) and 143 of the Pensions Act (Control and integrity of business operations).
More rules regarding managed and ethical business operations are included in Articles 18 up to and including 22 of the ‘Financial Assessment Framework Decree’. These rules relate to the control of business processes and operational risks, integrity and soundness of the pension fund and the obligation to undertake a continuity analysis.
With regard to the control of outsourcing risks, rules are included in Article 34 of the Pensions Act and in Articles 12 up to and including 14 of the Pensions Act (Implementation) Decree.
Key Features
In 2022, new risk maps were set up by the key function holder (SFH) Risk Management and the IRM committee to further clarify the risk framework. For the coming year, the plan is to ensure that the first line takes full ownership of its own risk maps and capture/maintain the risks and controls, with follow-up and assurance of any mitigating actions. 38 The transfer of SFH Internal Audit from the external expert to the director who joined at the beginning of 2022 went well. The external expert has stayed on as a function filler. With this, the annual plan was continued and the internal audit Outsourcing Process was completed in 2022 and the Data Quality study will be completed in 2023.