Pensions: what's new this week - 2 October 2023

Welcome to your weekly update from the Allen & Overy Pensions team, covering all the latest legal and regulatory developments in the world of workplace pensions. This week we cover topics including: GMP equalisation communication toolkit; TPR issues first climate change reporting fine; UK-US data sharing adequacy regulations.

GMP equalisation communication toolkit

A toolkit has been published aimed at helping schemes to communicate with members about GMP equalisation (GMPE). Developed in collaboration with a number of large pension schemes, the toolkit sets out high-level wording suggested as a starting point for developing scheme-specific communications on GMPE, along with an animation giving an overview of GMPE that can be shared with members.

Read more.

TPR issues first climate change reporting fine

The Pensions Regulator has announced that it has imposed its first mandatory fine for failure to publish a pension scheme climate change report. The regulations require that these reports must be published within seven months of the scheme’s most recent year-end date, on a publicly available website. In this case, although the report had been produced and uploaded, it had not been properly published due to a faulty web address.

The minimum penalty under the regulations is £2,500; in this case a fine of £5,000 was imposed in line with TPR’s monetary penalties policy. TPR has also stated that schemes receiving these penalties will be named on its penalty notices page (linked from its regular compliance and enforcement bulletins).

Read the regulatory intervention report and the penalty notices page.

UK-US data sharing adequacy regulations

Regulations will come into force on 12 October 2023 establishing the UK-US ‘data bridge’. Under UK GDPR, one way that personal data can be transferred overseas is where regulations specify that there is an adequate level of protection. The new regulations provide that there will be an adequate level of protection where data is transferred to certain US entities included on a publicly available list (the Data Privacy Framework List) and subject to the EU-US Data Privacy Framework Principles.

This means that data protected under the GDPR can be transferred to US entities on this list without needing other appropriate safeguards. Privacy policies and GDPR policies may need to be updated if schemes or administrators wish to rely on these provisions. The government has also published a factsheet and ‘explainer’ giving more information on how data can be transferred under the new arrangements.

Read the regulations, factsheet and explainer.

Content Disclaimer
This content was originally published by Allen & Overy before the A&O Shearman merger