In the latest RSM survey, respondents were asked to state their administration position – whether in-house, third party or a combination of the two. This allowed us to look in more depth at the results and the reported incidence of fraud. It is interesting to note that there are significant variances in the level of fraud depending on the administration set up.
Of those schemes that reported a fraud in the survey:
- 53 per cent were administered by third parties;
- 35 per cent were managed in-house; and
- 12 per cent were managed by a combination of the two.
In our experience, third party administrators have identified that the detection and prevention of fraud is a key part of their operations. Significant and widely reported control failures could result in wider business issues, including potential customer losses, so internal resources are dedicated to the design, implementation and testing of internal controls and these are regularly monitored and revisited.
For in-house administered schemes, as auditors, we often observe that similar levels of resources are not dedicated to the control environment for the pension scheme administration team.
For schemes where there is a combination of the two, there is a real risk that controls for the prevention and detection of fraud are omitted or fall between the two camps, leaving gaps in the control environment.
To mitigate the risk of fraud in all scenarios, we recommend trustees:
- enter into regular dialogue with the administrator (whatever the administration set up);
- consider asking for reports on fraud and control failings within quarterly administration reports;
- ensure fraud risk is on the risk register;
- obtain and review the internal controls report for the administrator where one is prepared; and
- consider whether sufficient testing is performed for in-house administered schemes and whether controls are absent that might prevent and detect fraud.
To read more, click here to download the 2015 RSM pensions’ fraud risk report.